File: hmac.scm

package info (click to toggle)
guile-gcrypt 0.3.0-3
  • links: PTS, VCS
  • area: main
  • in suites: bullseye
  • size: 320 kB
  • sloc: lisp: 2,101; makefile: 68; sh: 11
file content (62 lines) | stat: -rw-r--r-- 2,446 bytes parent folder | download | duplicates (3) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
 
;;; guile-gcrypt --- crypto tooling for guile
;;; Copyright © 2019 Ludovic Courtès <ludo@gnu.org>
;;;
;;; This file is part of guile-gcrypt.
;;;
;;; guile-gcrypt is free software; you can redistribute it and/or modify it
;;; under the terms of the GNU General Public License as published by
;;; the Free Software Foundation; either version 3 of the License, or
;;; (at your option) any later version.
;;;
;;; guile-gcrypt is distributed in the hope that it will be useful, but
;;; WITHOUT ANY WARRANTY; without even the implied warranty of
;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
;;; General Public License for more details.
;;;
;;; You should have received a copy of the GNU General Public License
;;; along with guile-gcrypt.  If not, see <http://www.gnu.org/licenses/>.

(define-module (gcrypt hmac)
  #:use-module ((gcrypt mac) #:prefix mac:)
  #:export (sign-data
            sign-data-base64
            verify-sig
            verify-sig-base64
            gen-signing-key))

;;; Code:
;;;
;;; This module is deprecated and provided for compatibility with
;;; Guile-Gcrypt 0.1.0.  Use (gcrypt mac) instead.
;;;
;;; Commentary:

(define (symbol->algorithm symbol)
  "Convert SYMBOL (e.g., 'sha256) to the corresponding MAC algorithm."
  ;; Note: In 0.1.0, only a few hmac algorithms were supported, without the
  ;; 'hmac-' prefix.
  (mac:lookup-mac-algorithm (symbol-append 'hmac- symbol)))

(define* (sign-data key data #:key (algorithm 'sha512))
  "Signs DATA with KEY for ALGORITHM.  Returns a bytevector."
  (mac:sign-data key data
                 #:algorithm (symbol->algorithm algorithm)))

(define* (sign-data-base64 key data #:key (algorithm 'sha512))
  "Signs DATA with KEY for ALGORITHM.  Returns a bytevector."
  (mac:sign-data-base64 key data
                        #:algorithm
                        (symbol->algorithm algorithm)))

(define* (verify-sig key data sig #:key (algorithm 'sha512))
  "Verify that DATA with KEY matches previous signature SIG for ALGORITHM."
  (mac:valid-signature? key data sig
                        #:algorithm (symbol->algorithm algorithm)))

(define* (verify-sig-base64 key data sig #:key (algorithm 'sha512))
  "Verify that DATA with KEY matches previous signature SIG for ALGORITHM."
  (mac:valid-base64-signature? key data sig
                               #:algorithm (symbol->algorithm algorithm)))

(define gen-signing-key
  mac:generate-signing-key)