C++ HMAC函数代码示例

	std::string eval(const std::string& key, const std::string& data)
	{
		std::string out(evp_->md_size + 1, 0);
		unsigned int outLen = 0;
		if (HMAC(evp_, key.c_str(), static_cast<int>(key.size()),
			cybozu::cast<const uint8_t *>(data.c_str()), data.size(), cybozu::cast<uint8_t *>(&out[0]), &outLen)) {
			out.resize(outLen);
			return out;
		}
		throw cybozu::Exception("crypto::Hamc::eval");
	}

char *hmacSha1(char *key, char *data)
/* Calculate a openssl SHA1 keyed-hash message authentication code (HMAC) */
{
unsigned char* digest;
digest=HMAC(EVP_sha1(), key, strlen(key), (unsigned char*)data, strlen(data), NULL, NULL);
char hmacStr[40];
int i;
for(i = 0; i < 20; i++)
    sprintf(&hmacStr[i*2], "%02x", (unsigned int)digest[i]);
return cloneStringZ(hmacStr, sizeof(hmacStr));
}

/*
 * --tls-auth is read in do_init_crypto_tls_c1() in src/vpn/init.c
 * by calling get_tls_handshake_key()
 * init_key_ctx()
 */
openvpn_encrypt(ovStruct_t *ovP, uchar *ptr, int length, int hmac_index) {
	uchar tmpPtr[5000];
	int tmpLen, i;
	uchar *hash;

	// 5th line for outgoing from server
	//uchar key[] = "\x25\x21\x1f\x2f\x4e\x2a\x50\x0d\x13\x3f\x19\xe2\x4c\xd5\xf5\x06\xc0\xa7\xe6\xf0";
	// 13th line for incoming into server
	uchar key[] = "\xac\x3c\x20\xbb\xb7\x54\x8d\x9a\x8d\x9c\x9f\xdd\x76\xde\x22\x14\x25\xfc\xcc\x07";

	memcpy(tmpPtr, ptr, length);
	memcpy(&tmpPtr[28], &tmpPtr[0], 9);
	tmpLen = length-28;
	// Copy pkt id + timestamp to the start of the pkt
	memcpy(&tmpPtr[20], &ptr[29], 8);
	tmpLen += 8;
	log_info(fp, "openvpn_encrypt: HMAC at:%d in pkt of len:%d, newlen:%d",
			hmac_index, length, tmpLen);
	fflush(fp);
	// Note that both the following HMAC versions work. Either way can be used.
	// Both have been tested with the openvpn_as server.
	{
	hash = HMAC(EVP_sha1(), key, strlen(key), &tmpPtr[20], tmpLen, NULL, NULL);
	}
	/*
	{
	unsigned char hash[SHA_DIGEST_LENGTH];
	uchar *output = NULL;
    HMAC_CTX hmac;
    unsigned int in_hmac_len = 0;
	ENGINE_load_builtin_engines();
	ENGINE_register_all_complete();

	HMAC_CTX_init(&hmac);
    HMAC_Init_ex(&hmac, key, 20, EVP_sha1(), NULL);
    HMAC_Update(&hmac,  &tmpPtr[20], tmpLen);
    HMAC_Final(&hmac, hash, &in_hmac_len);
    HMAC_CTX_cleanup(&hmac);
	}*/
	
	// hash now contains the 20-byte SHA-1 hash
	memcpy(&ptr[hmac_index], hash, SHA_DIGEST_LENGTH);
#if DEBUG
	printf("\n HMAC KEY: ");
	for (i=0;i<20;i++)
		printf("%2x ",key[i]);
	printf("\n HMAC ON DATA: ");
	for (i=0;i<tmpLen;i++)
		printf("%2x ",tmpPtr[20+i]);
	printf("\n HMAC SHA1: ");
	for (i=0;i<20;i++)
		printf("%2x ",hash[i]);
#endif
}

static int nr_ice_crypto_openssl_hmac_sha1(UCHAR *key, int key_l, UCHAR *buf, int buf_l, UCHAR digest[20]) {
  unsigned int rl;

  HMAC(EVP_sha1(),
    key, key_l, buf, buf_l, digest, &rl);

  if (rl != 20)
    ERETURN(R_INTERNAL);

  return 0;
}

char *s3_sign_string(const S3 *s3,const char *string)
{
	unsigned char md[EVP_MAX_MD_SIZE];
	unsigned int md_len;

	if(!s3) return NULL;

	HMAC(EVP_sha1(),s3->secret_key,strlen(s3->secret_key),
		(unsigned char *)string,strlen(string),md,&md_len);
	return ne_base64(md,md_len);
}

int32 DeriveKey(const void *key, int32 keyLen, const uchar *magic, int32 magicLen, uchar **result) {
	uchar hash1[EVP_MAX_MD_SIZE];
	uchar hash2[EVP_MAX_MD_SIZE];
	uchar hash3[EVP_MAX_MD_SIZE];
	uchar hash4[EVP_MAX_MD_SIZE];
	unsigned int hash1Len = 0;
	unsigned int hash2Len = 0;
	unsigned int hash3Len = 0;
	unsigned int hash4Len = 0;
	int32 length = B_ERROR;
	BMallocIO temp;
	
	// HMAC-SHA1(magic)
	HMAC(EVP_sha1(), key, keyLen, magic, magicLen, hash1, &hash1Len);

	// Key 2 is HMAC-SHA1(HMAC-SHA1(magic) + magic)
	temp.Write(hash1, hash1Len);
	temp.Write(magic, magicLen);
	HMAC(EVP_sha1(), key, keyLen, (uchar *)temp.Buffer(), temp.BufferLength(), hash2, &hash2Len);

	// HMAC-SHA1(HMAC-SHA1(magic))
	HMAC(EVP_sha1(), key, keyLen, hash1, hash1Len, hash3, &hash3Len);
			
	// Clear the BMallocIO and reset the position to 0
	temp.SetSize(0);
	temp.Seek(0, SEEK_SET);

	// Key 4 is HMAC-SHA1(HMAC-SHA1(HMAC-SHA1(magic)) + magic)
	temp.Write(hash3, hash3Len);
	temp.Write(magic, magicLen);
	HMAC(EVP_sha1(), key, keyLen, (uchar *)temp.Buffer(), temp.BufferLength(), hash4, &hash4Len);

	// The key is Hash2 followed by the first four bytes of Hash4
	length = hash2Len + 4;
	*result = (uchar *)calloc(length, sizeof(uchar));

	memcpy(*result, hash2, hash2Len);
	memcpy(*result + hash2Len, hash4, 4);
	
	return length;
};

/* Anonymize a buffer of given length. Places the resulting digest into the
 * provided digest buffer, which must be at least ANONYMIZATION_DIGEST_LENGTH
 * bytes long. */
static int anonymization_process(const uint8_t* const data,
                                 const int len,
                                 unsigned char* const digest) {
#ifndef NDEBUG
  assert(initialized);
#endif

  if (!HMAC(EVP_sha1(), seed, ANONYMIZATION_SEED_LEN, data, len, digest, NULL)) {
    return -1;
  }
  return 0;
}

char * zauthToken(unsigned long int gid, unsigned long int zid,time_t exp_time)
{
        char str[MAX],str_final[MAX],temp[MAX],str_sig[MAX];
         int len,len1;
        char *ret = (char *) malloc(1024 * sizeof(char *));
        sprintf(str, "%lu:%lu.%lu.AAAAAA==",gid,zid,(unsigned long int)exp_time);
        unsigned char *ptr = HMAC(EVP_sha256(),my.secret,strlen(my.secret),str,strlen(str),str_final,&len); // hmac--sha256 before base64 encoding....

        base64_enc(str_final,len,1,str_sig);                                                                    //base64 encoding to get signature
        sprintf(ret, "%s|%s\n",str,str_sig);
	return ret;
}

rdpBlob* crypto_kdcmsg_cksum_hmacmd5(rdpBlob* msg, uint8* key, uint32 msgtype)
{
	rdpBlob* cksum;
	uint8* Ksign;
	uint8* tmpdata;
	uint8* tmp;
	CryptoMd5 md5;
	Ksign = xzalloc(16);
	tmp = xzalloc(16);
	cksum = xnew(rdpBlob);
	freerdp_blob_alloc(cksum, 16);
	tmpdata = xzalloc(msg->length + 4);
	HMAC(EVP_md5(), (void*) key, 16, (uint8*)"signaturekey\0", 13, (void*) Ksign, NULL);
	memcpy(tmpdata, (void*)&msgtype, 4);
	memcpy(tmpdata + 4, msg->data, msg->length);
	md5 = crypto_md5_init();
	crypto_md5_update(md5, tmpdata, msg->length + 4);
	crypto_md5_final(md5, tmp);
	HMAC(EVP_md5(), (void*) Ksign, 16, (uint8*)tmp, 16, (void*) cksum->data, NULL);
	return cksum;
}

int decrypt_and_verify_secrets(CPOR_key *key, unsigned char *input, size_t input_len, unsigned char *plaintext, size_t *plaintext_len, unsigned char *authenticator, size_t authenticator_len) {

    EVP_CIPHER_CTX ctx;
    EVP_CIPHER *cipher = NULL;
    unsigned char mac[EVP_MAX_MD_SIZE];
    size_t mac_size = EVP_MAX_MD_SIZE;
    int len;

    if(!key || !key->k_enc || !key->k_mac || !input || !input_len || !plaintext || !plaintext_len || !authenticator || !authenticator_len) return 0;

    OpenSSL_add_all_algorithms();
    memset(mac, 0, mac_size);

    /* Verify the HMAC-SHA1 */
    if(!HMAC(EVP_sha1(), key->k_mac, key->k_mac_size, input, input_len, mac, (unsigned int *)&mac_size)) goto cleanup;
    if(authenticator_len != mac_size) goto cleanup;
    if(memcmp(mac, authenticator, mac_size) != 0) goto cleanup;


    EVP_CIPHER_CTX_init(&ctx);
    switch(key->k_enc_size) {
    case 16:
        cipher = (EVP_CIPHER *)EVP_aes_128_cbc();
        break;
    case 24:
        cipher = (EVP_CIPHER *)EVP_aes_192_cbc();
        break;
    case 32:
        cipher = (EVP_CIPHER *)EVP_aes_256_cbc();
        break;
    default:
        return 0;
    }
    if(!EVP_DecryptInit(&ctx, cipher, key->k_enc, NULL)) goto cleanup;

    *plaintext_len = 0;

    if(!EVP_DecryptUpdate(&ctx, plaintext, (int *)plaintext_len, input, input_len)) goto cleanup;
    EVP_DecryptFinal(&ctx, plaintext + *plaintext_len, &len);

    *plaintext_len += len;

    EVP_CIPHER_CTX_cleanup(&ctx);

    return 1;

cleanup:
    *plaintext_len = 0;

    return 0;

}

int main(int argc, char **argv)
{
    Octstr *data, *filename, *mac, *key;
    unsigned char macbuf[EVP_MAX_MD_SIZE], *p;
    int mac_len;
#ifdef HAVE_LIBSSL
    HMAC_CTX ctx;
#endif

    gwlib_init();

    get_and_set_debugs(argc, argv, NULL);

    if (argc < 3)
        panic(0, "Syntax: %s <key> <file>\n", argv[0]);
  
    key = octstr_create(argv[1]);    
    filename = octstr_create(argv[2]);
    data = octstr_read_file(octstr_get_cstr(filename));

    if (data == NULL)
        panic(0, "Cannot read file.");

    debug("",0,"Dumping file `%s':", octstr_get_cstr(filename));
    octstr_dump(data, 0);

#ifdef HAVE_LIBSSL
    HMAC_Init(&ctx, octstr_get_cstr(key), octstr_len(key), EVP_sha1());
    p = HMAC(EVP_sha1(), octstr_get_cstr(key), octstr_len(key), 
         octstr_get_cstr(data), octstr_len(data), 
         macbuf, &mac_len);
    HMAC_cleanup(&ctx);
#else
    macbuf[0] = 0;
    mac_len = 0;
    p = macbuf;
    warning(0, "No SSL support. Can't calculate HMAC value.");
#endif
    
    mac = octstr_create_from_data(p, mac_len);
    octstr_binary_to_hex(mac, 0);
    
    debug("",0,"HMAC of file `%s' and key `%s' is:", 
          octstr_get_cstr(filename), octstr_get_cstr(key));
    octstr_dump(mac, 0);      

    octstr_destroy(data);
    octstr_destroy(mac);
    octstr_destroy(key);
    gwlib_shutdown();
    return 0;
}

void
rdssl_hmac_md5(const void *key, int key_len, const unsigned char *msg, int msg_len,
	       unsigned char *md)
{
#if OPENSSL_VERSION_NUMBER < 0x10100000 || defined(LIBRESSL_VERSION_NUMBER)
	HMAC_CTX ctx;
	HMAC_CTX_init(&ctx);
#endif
	HMAC(EVP_md5(), key, key_len, msg, msg_len, md, NULL);
#if OPENSSL_VERSION_NUMBER < 0x10100000 || defined(LIBRESSL_VERSION_NUMBER)
	HMAC_CTX_cleanup(&ctx);
#endif
}

static unsigned char *HKDF_Extract(const EVP_MD *evp_md,
                                   const unsigned char *salt, size_t salt_len,
                                   const unsigned char *key, size_t key_len,
                                   unsigned char *prk, size_t *prk_len)
{
    unsigned int tmp_len;

    if (!HMAC(evp_md, salt, salt_len, key, key_len, prk, &tmp_len))
        return NULL;

    *prk_len = tmp_len;
    return prk;
}

std::string computeHMAC(const std::string& input, const std::string& key) 
{	
    //DebugL << "Compute HMAC: input='" << util::dumpbin(input.c_str(), input.length()) 
	//	<< "', inputLength=" << input.length() << ", key='" << key << "', keyLength=" << key.length() << std::endl;
	unsigned int len = 0;
	char buf[20];	
	HMAC(EVP_sha1(), 
		key.c_str(), key.length(), 
        reinterpret_cast<const unsigned char*>(input.c_str()), input.length(), 
        reinterpret_cast<unsigned char*>(&buf), &len);
	assert(len == 20);
	return std::string(buf, len);
}

 /*
  * Computes a HMAC SHA-1 keyed hash of 'input' using the key 'key'
  */
 bool hmacSha1(const unsigned char* key,
               const size_t keyLen,
               const unsigned char* input,
               const size_t inputLen,
               unsigned char* output,
               unsigned int* outputLen) {
     return HMAC(EVP_sha1(),
                 key,
                 keyLen,
                 input,
                 inputLen,
                 output,
                 outputLen);
 }