Cryptography HMAC实现-伪代码
我必须实现自己的HMAC-SHA256,以便在嵌入式项目中使用。我很难让它工作。我甚至不能得到伪代码,手工计算的工作,所以我知道我做错了什么 我的psedoocode计算。遵循维基百科中的图表Cryptography HMAC实现-伪代码,cryptography,pseudocode,sha256,hmac,Cryptography,Pseudocode,Sha256,Hmac,我必须实现自己的HMAC-SHA256,以便在嵌入式项目中使用。我很难让它工作。我甚至不能得到伪代码,手工计算的工作,所以我知道我做错了什么 我的psedoocode计算。遵循维基百科中的图表 1 function hmac (key, message) 2 if (length(key) > blocksize) then 3 // keys longer than blocksize are shortened 4 key = hash(
1 function hmac (key, message)
2 if (length(key) > blocksize) then
3 // keys longer than blocksize are shortened
4 key = hash(key)
5 end if
6 if (length(key) < blocksize) then
7 // keys shorter than blocksize are zero-padded
8 key = key ∥ zeroes(blocksize - length(key))
9 end if
10
11 // Where blocksize is that of the underlying hash function
12 o_key_pad = [0x5c * blocksize] ⊕ key
13 i_key_pad = [0x36 * blocksize] ⊕ key // Where ⊕ is exclusive or (XOR)
14 // Where ∥ is concatenation
15 return hash(o_key_pad ∥ hash(i_key_pad ∥ message))
16 end function
1功能hmac(按键、信息)
2如果(长度(键)>块大小),则
3//比块大小长的键会缩短
4键=散列(键)
5如果结束
6如果(长度(键)<块大小),则
7//小于块大小的键为零填充
8键=键∥ 零(块大小-长度(键))
9如果结束
10
11//其中blocksize是底层散列函数的大小
12 o_键盘=[0x5c*块大小]⊕ 钥匙
13 i_键盘=[0x36*块大小]⊕ 钥匙//在哪里⊕ 是异或(XOR)
14//在哪里∥ 是串联
15返回哈希(o_键\u键盘∥ 散列(i\u键盘∥ 信息(
16端功能
当我手工计算key=“mykey”和message=“helloworld”时,我得到以下结果:
key=0x6D796B6579000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000
o_key_pad=0x31253739255c5c5c5c
i_key_pad=0x5B4F5D534F363636
hash(i\u键盘)∥ 消息)=6fb2e91de7b8b5ec6283846ff7245cd6eb4a4fd26056b529bd42d99fcf3314d2
而
0d76a16089f85cd2169bb64b6f2c818e6a404a218896483fcd97fee5cce185ae的整体hmac
在固定密钥长度和计算内部和外部填充时,需要使用底层哈希函数的块大小,这与其输出大小不同。这是函数操作的输入块的大小。对于SHA256,块大小为512位(64字节),输出大小为256位(32字节)
如果使用32作为块大小,则得到的结果就是结果
使用正确的长度块大小,键
、o键
和i键
基本相同,尾随00
、5c
或36
字节的长度仅为原来的两倍
内部散列(即散列(i_key_pad))的结果∥ 消息)
是:
8bf029764919f9e35249d0d55ffb8fd6c62fe23a85c1515e0120c5005aa813d5
7fdfaa9c9c0931f52d9ebf2538bc99700f2e771f3af1c1d93945c2256c11aedd
和最终值(hash(o_key_pad∥ 散列(i\u键盘∥ 消息)是:
这与我从OpenSSL的HMAC实现中得到的结果相匹配。这是我得到的代码:
/**
* This function takes in a key, the length of that key, a message (null terminated) and a pointer to a char[32] or greater array
* It calculates the HMAC-SHA256 of the given key message combo and returns the resulting code in binary form, 32 hex pairs
1 @example ???? todo function hmac (key, message)
2 if (length(key) > blocksize) then
3 // keys longer than blocksize are shortened
4 key = hash(key)
5 end if
6 if (length(key) < blocksize) then
7 // keys shorter than blocksize are zero-padded
8 key = key ∥ zeroes(blocksize - length(key))
9 end if
10
11 // Where blocksize is that of the underlying hash function
12 o_key_pad = [0x5c * blocksize] ⊕ key
13 i_key_pad = [0x36 * blocksize] ⊕ key // Where ⊕ is exclusive or (XOR)
14 // Where ∥ is concatenation
15 return hash(o_key_pad ∥ hash(i_key_pad ∥ message))
16 end function
* @param key todo
* @param length todo
* @param message todo
* @param hmac todo
*/
void hmac(char key[], int length, char message[], char *hmac){
int msgLen = strlen(message); //get the length of the message to be encrypted
char keyFinal[BLOCK_SIZE] = {0}; //setup array for the data to go into
if(length > BLOCK_SIZE){ //if the given data is too long, hash it
shaHash(key, keyFinal);
}
if(length < BLOCK_SIZE){ //if the given data is too short, pad it with 0x00
int i;
for(i = 0; i < BLOCK_SIZE; i++){
if(i < length){ //read in the data
keyFinal[i] = key[i];
}else{ //if there is no more data to read, read in zeros
keyFinal[i] = 0x00;
}
}
}
if(length == BLOCK_SIZE){ //if the given data is the right size, transfer it to keyFinal
int i;
for(i = 0; i < BLOCK_SIZE; i++){
keyFinal[i] = key[i];
}
}
char oKeyPad[BLOCK_SIZE] = {0}; //setup the oKeyPad
char iKeyPad[BLOCK_SIZE] = {0}; //setup the ikeypad
int i;
for(i = 0; i < BLOCK_SIZE; i++){ //for each item in key final, xor it with O_KEY_PAD and I_KEY_PAD
oKeyPad[i] = keyFinal[i] ^ O_KEY_PAD;
iKeyPad[i] = keyFinal[i] ^ I_KEY_PAD;
}
char iandmesg[BLOCK_SIZE+MAX_SHA]; //setup the inner hash ikeypad concat with message
char hash_iandmesg[HASH_LEN] = {0}; //get ready to get bytes back from the hashing function
//make the message to be hashed, ikeypad concatinated with message
for(i = 0; i < BLOCK_SIZE; i++){ //read in ikeypad
iandmesg[i] = iKeyPad[i];
}
for(i = BLOCK_SIZE; i < (msgLen + BLOCK_SIZE); i++){ //read in message
iandmesg[i] = message[i-BLOCK_SIZE];
}
shaHash_len(iandmesg, (msgLen+BLOCK_SIZE), hash_iandmesg); //create the inner hash (ikeypad + message)
char oandihash[(BLOCK_SIZE + HASH_LEN)]; //setup the outter hash, okeypad + (hash of ikeypad + message)
//make the message to be hashed, okeypad concatinated with the hash of (ikeypad + message)
for(i = 0; i < BLOCK_SIZE; i++){ //read in okeypad
oandihash[i] = oKeyPad[i];
}
for(i = BLOCK_SIZE; i < (BLOCK_SIZE + HASH_LEN); i++){ //read in hash of ikeypad + message
oandihash[i] = hash_iandmesg[i-BLOCK_SIZE];
}
//return the result of the hash of (okeypad + hash(ikeypad + message))
shaHash_len(oandihash, (BLOCK_SIZE + HASH_LEN), hmac);
}
/**
*此函数接受一个键、该键的长度、一条消息(以null结尾)以及指向char[32]或更大数组的指针
*它计算给定密钥消息组合的HMAC-SHA256,并以二进制形式返回结果代码,即32个十六进制对
1@示例???todo函数hmac(键、消息)
2如果(长度(键)>块大小),则
3//比块大小长的键会缩短
4键=散列(键)
5如果结束
6如果(长度(键)<块大小),则
7//小于块大小的键为零填充
8键=键∥ 零(块大小-长度(键))
9如果结束
10
11//其中blocksize是底层散列函数的大小
12 o_键盘=[0x5c*块大小]⊕ 钥匙
13 i_键盘=[0x36*块大小]⊕ 钥匙//在哪里⊕ 是异或(XOR)
14//在哪里∥ 是串联
15返回哈希(o_键\u键盘∥ 散列(i\u键盘∥ 信息(
16端功能
*@param key todo
*@param-length-todo
*@param消息待办事项
*@param hmac todo
*/
void hmac(字符键[],整数长度,字符消息[],字符*hmac){
int msgLen=strlen(message);//获取要加密的消息的长度
char keyFinal[BLOCK_SIZE]={0};//设置要进入的数据的数组
如果(长度>块大小){//如果给定的数据太长,则对其进行散列
沙哈什(关键,关键最终);
}
如果(长度<块大小){//如果给定的数据太短,则用0x00填充它
int i;
对于(i=0;i