nyaa-pantsu/vendor/github.com/dgrijalva/jwt-go/hmac.go

package jwt

import (
	"crypto"
	"crypto/hmac"
	"errors"
)

// Implements the HMAC-SHA family of signing methods signing methods
type SigningMethodHMAC struct {
	Name string
	Hash crypto.Hash
}

// Specific instances for HS256 and company
var (
	SigningMethodHS256  *SigningMethodHMAC
	SigningMethodHS384  *SigningMethodHMAC
	SigningMethodHS512  *SigningMethodHMAC
	ErrSignatureInvalid = errors.New("signature is invalid")
)

func init() {
	// HS256
	SigningMethodHS256 = &SigningMethodHMAC{"HS256", crypto.SHA256}
	RegisterSigningMethod(SigningMethodHS256.Alg(), func() SigningMethod {
		return SigningMethodHS256
	})

	// HS384
	SigningMethodHS384 = &SigningMethodHMAC{"HS384", crypto.SHA384}
	RegisterSigningMethod(SigningMethodHS384.Alg(), func() SigningMethod {
		return SigningMethodHS384
	})

	// HS512
	SigningMethodHS512 = &SigningMethodHMAC{"HS512", crypto.SHA512}
	RegisterSigningMethod(SigningMethodHS512.Alg(), func() SigningMethod {
		return SigningMethodHS512
	})
}

func (m *SigningMethodHMAC) Alg() string {
	return m.Name
}

// Verify the signature of HSXXX tokens.  Returns nil if the signature is valid.
func (m *SigningMethodHMAC) Verify(signingString, signature string, key interface{}) error {
	// Verify the key is the right type
	keyBytes, ok := key.([]byte)
	if !ok {
		return ErrInvalidKeyType
	}

	// Decode signature, for comparison
	sig, err := DecodeSegment(signature)
	if err != nil {
		return err
	}

	// Can we use the specified hashing method?
	if !m.Hash.Available() {
		return ErrHashUnavailable
	}

	// This signing method is symmetric, so we validate the signature
	// by reproducing the signature from the signing string and key, then
	// comparing that against the provided signature.
	hasher := hmac.New(m.Hash.New, keyBytes)
	hasher.Write([]byte(signingString))
	if !hmac.Equal(sig, hasher.Sum(nil)) {
		return ErrSignatureInvalid
	}

	// No validation errors.  Signature is good.
	return nil
}

// Implements the Sign method from SigningMethod for this signing method.
// Key must be []byte
func (m *SigningMethodHMAC) Sign(signingString string, key interface{}) (string, error) {
	if keyBytes, ok := key.([]byte); ok {
		if !m.Hash.Available() {
			return "", ErrHashUnavailable
		}

		hasher := hmac.New(m.Hash.New, keyBytes)
		hasher.Write([]byte(signingString))

		return EncodeSegment(hasher.Sum(nil)), nil
	}

	return "", ErrInvalidKey
}
OAuth API [done] (#1275) * Initial Commit for OAuth API This builds and run and return the right error. Need to test it and then adding all users as possible client * Added mising dependency * just compile already... * Fixing template test * Imrpovements Moved db stuff in models Added some tests Added form in modpanel to add/update a client Added controllers for add/update of client * Added Forms + speed improvements Controller oauth client listing + html Controller oauth client delete + messages Messages on comment delete New ES config that disable ES if set to false. Improve load speed on local development Fix a load config bug Fix index admin & translation string sign_out broken by @ewhal * Sanitize empty strig in form array + css Multiple empty array of strings are sanitized for the oauth client create form Added some css for the form display * Upload and Create form works * Fix splitting response types * Removing required on secret when updating * fix travis error * Fix travis template test * Update dependency * Moved to jinzhu instead of azhao * randomizen secret on creation * Final touch on oath api improved display name fix grant form csrf fix login csrf on oauth * Fix gorm test * fix template test * Fixing deleted dependency issue * Make travis faster * Fix typo * Fix csrf for api calls * This shouldn't be exempt * Removing hard coded hash @ewhal Don't forget to replace the hash in tokens.go with another one * Added an example on how to use OAuth middleware * Renamed fosite utils to oauth2 utils 2017-07-28 05:46:40 +02:00			`package jwt`

			`import (`
			`"crypto"`
			`"crypto/hmac"`
			`"errors"`
			`)`

			`// Implements the HMAC-SHA family of signing methods signing methods`
			`type SigningMethodHMAC struct {`
			`Name string`
			`Hash crypto.Hash`
			`}`

			`// Specific instances for HS256 and company`
			`var (`
			`SigningMethodHS256 *SigningMethodHMAC`
			`SigningMethodHS384 *SigningMethodHMAC`
			`SigningMethodHS512 *SigningMethodHMAC`
			`ErrSignatureInvalid = errors.New("signature is invalid")`
			`)`

			`func init() {`
			`// HS256`
			`SigningMethodHS256 = &SigningMethodHMAC{"HS256", crypto.SHA256}`
			`RegisterSigningMethod(SigningMethodHS256.Alg(), func() SigningMethod {`
			`return SigningMethodHS256`
			`})`

			`// HS384`
			`SigningMethodHS384 = &SigningMethodHMAC{"HS384", crypto.SHA384}`
			`RegisterSigningMethod(SigningMethodHS384.Alg(), func() SigningMethod {`
			`return SigningMethodHS384`
			`})`

			`// HS512`
			`SigningMethodHS512 = &SigningMethodHMAC{"HS512", crypto.SHA512}`
			`RegisterSigningMethod(SigningMethodHS512.Alg(), func() SigningMethod {`
			`return SigningMethodHS512`
			`})`
			`}`

			`func (m *SigningMethodHMAC) Alg() string {`
			`return m.Name`
			`}`

			`// Verify the signature of HSXXX tokens. Returns nil if the signature is valid.`
			`func (m *SigningMethodHMAC) Verify(signingString, signature string, key interface{}) error {`
			`// Verify the key is the right type`
			`keyBytes, ok := key.([]byte)`
			`if !ok {`
			`return ErrInvalidKeyType`
			`}`

			`// Decode signature, for comparison`
			`sig, err := DecodeSegment(signature)`
			`if err != nil {`
			`return err`
			`}`

			`// Can we use the specified hashing method?`
			`if !m.Hash.Available() {`
			`return ErrHashUnavailable`
			`}`

			`// This signing method is symmetric, so we validate the signature`
			`// by reproducing the signature from the signing string and key, then`
			`// comparing that against the provided signature.`
			`hasher := hmac.New(m.Hash.New, keyBytes)`
			`hasher.Write([]byte(signingString))`
			`if !hmac.Equal(sig, hasher.Sum(nil)) {`
			`return ErrSignatureInvalid`
			`}`

			`// No validation errors. Signature is good.`
			`return nil`
			`}`

			`// Implements the Sign method from SigningMethod for this signing method.`
			`// Key must be []byte`
			`func (m *SigningMethodHMAC) Sign(signingString string, key interface{}) (string, error) {`
			`if keyBytes, ok := key.([]byte); ok {`
			`if !m.Hash.Available() {`
			`return "", ErrHashUnavailable`
			`}`

			`hasher := hmac.New(m.Hash.New, keyBytes)`
			`hasher.Write([]byte(signingString))`

			`return EncodeSegment(hasher.Sum(nil)), nil`
			`}`

			`return "", ErrInvalidKey`
			`}`