1/* This Source Code Form is subject to the terms of the Mozilla Public
2 * License, v. 2.0. If a copy of the MPL was not distributed with this
3 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
4
5#include "nsISupports.idl"
6interface nsIInputStream;
7interface nsIKeyObject;
8
9/**
10 * nsICryptoHMAC
11 * This interface provides HMAC signature algorithms.
12 */
13
14[scriptable, uuid(8FEB4C7C-1641-4a7b-BC6D-1964E2099497)]
15interface nsICryptoHMAC : nsISupports
16{
17    /**
18     * Hashing Algorithms.  These values are to be used by the
19     * |init| method to indicate which hashing function to
20     * use.  These values map onto the values defined in
21     * mozilla/security/nss/lib/softoken/pkcs11t.h and are
22     * switched to CKM_*_HMAC constant.
23     */
24    const short MD2    = 1;
25    const short MD5    = 2;
26    const short SHA1   = 3;
27    const short SHA256 = 4;
28    const short SHA384 = 5;
29    const short SHA512 = 6;
30
31    /**
32     * Initialize the hashing object. This method may be
33     * called multiple times with different algorithm types.
34     *
35     * @param aAlgorithm the algorithm type to be used.
36     *        This value must be one of the above valid
37     *        algorithm types.
38     *
39     * @param aKeyObject
40     *        Object holding a key. To create the key object use for instance:
41     *        var keyObject = Components.classes["@mozilla.org/security/keyobjectfactory;1"]
42     *            .getService(Components.interfaces.nsIKeyObjectFactory)
43     *              .keyFromString(Components.interfaces.nsIKeyObject.HMAC, rawKeyData);
44     *
45     * WARNING: This approach is not FIPS compliant.
46     *
47     * @throws NS_ERROR_INVALID_ARG if an unsupported algorithm
48     *        type is passed.
49     *
50     * NOTE: This method must be called before any other method
51     *        on this interface is called.
52     */
53    void init(in unsigned long aAlgorithm, in nsIKeyObject aKeyObject);
54
55    /**
56     * @param aData a buffer to calculate the hash over
57     *
58     * @param aLen the length of the buffer |aData|
59     *
60     * @throws NS_ERROR_NOT_INITIALIZED if |init| has not been
61     *         called.
62     */
63    void update([const, array, size_is(aLen)] in octet aData, in unsigned long aLen);
64
65    /**
66     * Calculates and updates a new hash based on a given data stream.
67     *
68     * @param aStream an input stream to read from.
69     *
70     * @param aLen how much to read from the given |aStream|.  Passing
71     *        UINT32_MAX indicates that all data available will be used
72     *        to update the hash.
73     *
74     * @throws NS_ERROR_NOT_INITIALIZED if |init| has not been
75     *         called.
76     *
77     * @throws NS_ERROR_NOT_AVAILABLE if the requested amount of
78     *         data to be calculated into the hash is not available.
79     *
80     */
81    void updateFromStream(in nsIInputStream aStream, in unsigned long aLen);
82
83    /**
84     * Completes this HMAC object and produces the actual HMAC diegest data.
85     *
86     * @param aASCII if true then the returned value is a base-64
87     *        encoded string.  if false, then the returned value is
88     *        binary data.
89     *
90     * @return a hash of the data that was read by this object.  This can
91     *         be either binary data or base 64 encoded.
92     *
93     * @throws NS_ERROR_NOT_INITIALIZED if |init| has not been
94     *         called.
95     *
96     * NOTE: This method may be called any time after |init|
97     *       is called.  This call resets the object to its
98     *       pre-init state.
99     */
100    ACString finish(in boolean aASCII);
101
102    /**
103     * Reinitialize HMAC context to be reused with the same
104     * settings (the key and hash algorithm) but on different
105     * set of data.
106     */
107    void reset();
108};
109