1berry/qtbase
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Doc: Improve documentation for QMessageAuthenticationCode

Browse Source 
* Mention 'HMAC' as something people will search for
* Change description to actually reflect code snippet
  (where the key is passed to the constructor)
* At least mention that the security of the HMAC depends
  also on the length of the key, as the code snippet
  uses an artificial/short key. Not sure whether we
  should further expand on this, or link to some other source?

Pick-to: 6.5
Fixes: QTBUG-119499
Change-Id: I2768d9a9d553957e1a778c798d82a73468bee16f
Reviewed-by: Mårten Nordheim <marten.nordheim@qt.io>
(cherry picked from commit 21eeef83f642d8c34f7ab3bbcd3171c267cff09f)
Reviewed-by: Qt Cherry-pick Bot <cherrypick_bot@qt-project.org>
This commit is contained in:
Kai Köhne 2023-11-27 15:48:36 +01:00 committed by Qt Cherry-pick Bot
parent daedbdbba7
commit ac0e037f90
1 changed files with 19 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

27
src/corelib/tools/qcryptographichash.cpp
View File

@ -1417,21 +1417,32 @@ void QMessageAuthenticationCodePrivate::initMessageHash() noexcept
\ingroup tools
\reentrant
QMessageAuthenticationCode supports all cryptographic hashes which are supported by
QCryptographicHash.
Use the QMessageAuthenticationCode class to generate hash-based message
authentication codes (HMACs). The class supports all cryptographic
hash algorithms from \l QCryptographicHash (see also
\l{QCryptographicHash::Algorithms}).
To generate a message authentication code, pass a suitable hash
algorithm and secret key to the constructor. Then process the message
data by calling \l addData() one or more times. After the full
message has been processed, get the final authentication code
via the \l result() function:
To generate message authentication code, pass hash algorithm QCryptographicHash::Algorithm
to constructor, then set key and message by setKey() and addData() functions. Result
can be acquired by result() function.
\snippet qmessageauthenticationcode/main.cpp 0
\dots
\snippet qmessageauthenticationcode/main.cpp 1
Alternatively, this effect can be achieved by providing message,
key and method to hash() method.
For simple cases like above, you can also use the static
\l hash() function:
\snippet qmessageauthenticationcode/main.cpp 2
\sa QCryptographicHash
\note The cryptographic strength of the HMAC depends upon the
size of the secret key, and the security of the
underlying hash function.
\sa QCryptographicHash, QCryptographicHash::Algorithms
*/
/*!