Java HMac類代碼示例

import org.bouncycastle.crypto.macs.HMac; //導入依賴的package包/類
public TestResult perform()
{
    HMac hmac = new HMac(new RIPEMD160Digest());
    byte[] resBuf = new byte[hmac.getMacSize()];

    for (int i = 0; i < messages.length; i++)
    {
        byte[] m = messages[i].getBytes();
        if (messages[i].startsWith("0x"))
        {
            m = Hex.decode(messages[i].substring(2));
        }
        hmac.init(new KeyParameter(Hex.decode(keys[i])));
        hmac.update(m, 0, m.length);
        hmac.doFinal(resBuf, 0);

        if (!Arrays.areEqual(resBuf, Hex.decode(digests[i])))
        {
            return new SimpleTestResult(false, getName() + ": Vector " + i + " failed");
        }
    }

    return new SimpleTestResult(true, getName() + ": Okay");
}
 

import org.bouncycastle.crypto.macs.HMac; //導入依賴的package包/類
static void hmac_hash(Digest digest, byte[] secret, byte[] seed, byte[] out)
{
    HMac mac = new HMac(digest);
    KeyParameter param = new KeyParameter(secret);
    byte[] a = seed;
    int size = digest.getDigestSize();
    int iterations = (out.length + size - 1) / size;
    byte[] buf = new byte[mac.getMacSize()];
    byte[] buf2 = new byte[mac.getMacSize()];
    for (int i = 0; i < iterations; i++)
    {
        mac.init(param);
        mac.update(a, 0, a.length);
        mac.doFinal(buf, 0);
        a = buf;
        mac.init(param);
        mac.update(a, 0, a.length);
        mac.update(seed, 0, seed.length);
        mac.doFinal(buf2, 0);
        System.arraycopy(buf2, 0, out, (size * i), Math.min(size, out.length - (size * i)));
    }
}
 

import org.bouncycastle.crypto.macs.HMac; //導入依賴的package包/類
public HmacContentSigner(HashAlgoType hashAlgo, AlgorithmIdentifier algorithmIdentifier,
        SecretKey signingKey) throws XiSecurityException {
    this.algorithmIdentifier = ParamUtil.requireNonNull("algorithmIdentifier",
            algorithmIdentifier);
    try {
        this.encodedAlgorithmIdentifier = algorithmIdentifier.getEncoded();
    } catch (IOException ex) {
        throw new XiSecurityException("could not encode AlgorithmIdentifier", ex);
    }
    ParamUtil.requireNonNull("signingKey", signingKey);
    if (hashAlgo == null) {
        hashAlgo = AlgorithmUtil.extractHashAlgoFromMacAlg(algorithmIdentifier);
    }

    this.hmac = new HMac(hashAlgo.createDigest());
    byte[] keyBytes = signingKey.getEncoded();
    this.hmac.init(new KeyParameter(keyBytes, 0, keyBytes.length));
    this.outLen = hmac.getMacSize();
    this.outputStream = new HmacOutputStream();
}
 

import org.bouncycastle.crypto.macs.HMac; //導入依賴的package包/類
static void hmac_hash(Digest digest, byte[] secret, byte[] seed, byte[] out)
{
    HMac mac = new HMac(digest);
    mac.init(new KeyParameter(secret));
    byte[] a = seed;
    int size = digest.getDigestSize();
    int iterations = (out.length + size - 1) / size;
    byte[] buf = new byte[mac.getMacSize()];
    byte[] buf2 = new byte[mac.getMacSize()];
    for (int i = 0; i < iterations; i++)
    {
        mac.update(a, 0, a.length);
        mac.doFinal(buf, 0);
        a = buf;
        mac.update(a, 0, a.length);
        mac.update(seed, 0, seed.length);
        mac.doFinal(buf2, 0);
        System.arraycopy(buf2, 0, out, (size * i), Math.min(size, out.length - (size * i)));
    }
}
 

import org.bouncycastle.crypto.macs.HMac; //導入依賴的package包/類
public TestResult perform()
{
    HMac hmac = new HMac(new RIPEMD128Digest());
    byte[] resBuf = new byte[hmac.getMacSize()];

    for (int i = 0; i < messages.length; i++)
    {
        byte[] m = messages[i].getBytes();
        if (messages[i].startsWith("0x"))
        {
            m = Hex.decode(messages[i].substring(2));
        }
        hmac.init(new KeyParameter(Hex.decode(keys[i])));
        hmac.update(m, 0, m.length);
        hmac.doFinal(resBuf, 0);

        if (!Arrays.areEqual(resBuf, Hex.decode(digests[i])))
        {
            return new SimpleTestResult(false, getName() + ": Vector " + i + " failed");
        }
    }

    return new SimpleTestResult(true, getName() + ": Okay");
}
 

import org.bouncycastle.crypto.macs.HMac; //導入依賴的package包/類
public static int calculateRounds(int milliseconds)
{
    Logging.info("Calculating how many SHA1 rounds we can do in %d millis.", milliseconds);
    HMac mac = new HMac(new SHA256Digest());
    byte[] state = new byte[mac.getMacSize()];
    long startTime = System.currentTimeMillis();
    int pbkdf2Iterations = 0;
    while((System.currentTimeMillis() - startTime) < milliseconds)
    {
        mac.update(state, 0, state.length);
        mac.doFinal(state, 0);
        pbkdf2Iterations++;
    }
    pbkdf2Iterations = Math.max(pbkdf2Iterations, PBKDF2Descriptor.MINIMUM_PBKD2_ITERS);
    Logging.info("Got %d", pbkdf2Iterations);
    return pbkdf2Iterations;
}
 

import org.bouncycastle.crypto.macs.HMac; //導入依賴的package包/類
public static byte[]
        ctrHMac(byte[] keyDerivationKey, byte[] label, Supplier<Digest> digestSupplier, int keyLengthBytes) {

    logger.trace("<< ctrHMac() - keyDerivationKey: 0x{} label: {} digestSupplier: {} length: {}",
            Hex.toHexString(keyDerivationKey), Hex.toHexString(label), digestSupplier, keyLengthBytes);

    byte[] derivedKey = new byte[keyLengthBytes];

    // fixedInputData = label || 0x00 || dkLen in bits as 4 bytes big endian
    ByteBuffer buffer = ByteBuffer.allocate(label.length + 5);
    buffer.put(label);
    buffer.put((byte) 0);
    buffer.putInt(keyLengthBytes * 8);
    byte[] fixedInputData = buffer.array();
    logger.debug("-- ctrHMac() - fixed input data: 0x{}", Hex.toHexString(fixedInputData));

    HMac hMac = new HMac(digestSupplier.get());
    KDFCounterBytesGenerator generator = new KDFCounterBytesGenerator(hMac);
    generator.init(new KDFCounterParameters(keyDerivationKey, fixedInputData, R));
    generator.generateBytes(derivedKey, 0, derivedKey.length);

    logger.trace(">> ctrHMac() - derivedKey: 0x{}", Hex.toHexString(derivedKey));
    return derivedKey;
}
 

import org.bouncycastle.crypto.macs.HMac; //導入依賴的package包/類
/**
 * Generate HMAC-SHA1 for message
 * 
 * @param key
 * @param message
 * @return
 * @throws Exception
 */
private static String generateHmac(String key, String message) throws Exception {
	Log.d(LOG_TAG, "generateHmac: " + key + "=" + message);
	byte[] keyBytes = key.getBytes(ShapewaysClient.ENCODING);
	byte[] data = message.getBytes(ShapewaysClient.ENCODING);

	HMac macProvider = new HMac(new SHA1Digest());
	macProvider.init(new KeyParameter(keyBytes));
	macProvider.reset();

	macProvider.update(data, 0, data.length);
	byte[] output = new byte[macProvider.getMacSize()];
	macProvider.doFinal(output, 0);

	byte[] hmac = Base64.encode(output);
	return new String(hmac).replaceAll("\r\n", "");
}
 

import org.bouncycastle.crypto.macs.HMac; //導入依賴的package包/類
private static void hmac_hash(Digest digest, byte[] secret, byte[] seed, byte[] out)
{
    HMac mac = new HMac(digest);
    KeyParameter param = new KeyParameter(secret);
    byte[] a = seed;
    int size = digest.getDigestSize();
    int iterations = (out.length + size - 1) / size;
    byte[] buf = new byte[mac.getMacSize()];
    byte[] buf2 = new byte[mac.getMacSize()];
    for (int i = 0; i < iterations; i++)
    {
        mac.init(param);
        mac.update(a, 0, a.length);
        mac.doFinal(buf, 0);
        a = buf;
        mac.init(param);
        mac.update(a, 0, a.length);
        mac.update(seed, 0, seed.length);
        mac.doFinal(buf2, 0);
        System.arraycopy(buf2, 0, out, (size * i), Math.min(size, out.length - (size * i)));
    }
}
 

import org.bouncycastle.crypto.macs.HMac; //導入依賴的package包/類
static MacCalculator createMacCalculator(final ASN1ObjectIdentifier digestAlgorithm, ExtendedDigest digest, final PKCS12PBEParams pbeParams, final char[] password)
{
    PKCS12ParametersGenerator pGen = new PKCS12ParametersGenerator(digest);

    pGen.init(PKCS12ParametersGenerator.PKCS12PasswordToBytes(password), pbeParams.getIV(), pbeParams.getIterations().intValue());

    final KeyParameter keyParam = (KeyParameter)pGen.generateDerivedMacParameters(digest.getDigestSize() * 8);

    final HMac hMac = new HMac(digest);

    hMac.init(keyParam);

    return new MacCalculator()
    {
        public AlgorithmIdentifier getAlgorithmIdentifier()
        {
            return new AlgorithmIdentifier(digestAlgorithm, pbeParams);
        }

        public OutputStream getOutputStream()
        {
            return new MacOutputStream(hMac);
        }

        public byte[] getMac()
        {
            byte[] res = new byte[hMac.getMacSize()];

            hMac.doFinal(res, 0);

            return res;
        }

        public GenericKey getKey()
        {
            return new GenericKey(getAlgorithmIdentifier(), PKCS12ParametersGenerator.PKCS12PasswordToBytes(password));
        }
    };
}
 

import org.bouncycastle.crypto.macs.HMac; //導入依賴的package包/類
/**
 * Calculates the MacTag (to be used for key confirmation), as defined by
 * <a href="http://csrc.nist.gov/publications/nistpubs/800-56A/SP800-56A_Revision1_Mar08-2007.pdf">NIST SP 800-56A Revision 1</a>,
 * Section 8.2 Unilateral Key Confirmation for Key Agreement Schemes.
 * <p/>
 * <p/>
 * <pre>
 * MacTag = HMAC(MacKey, MacLen, MacData)
 *
 * MacKey = H(K || "JPAKE_KC")
 *
 * MacData = "KC_1_U" || participantId || partnerParticipantId || gx1 || gx2 || gx3 || gx4
 *
 * Note that both participants use "KC_1_U" because the sender of the round 3 message
 * is always the initiator for key confirmation.
 *
 * HMAC = {@link HMac} used with the given {@link Digest}
 * H = The given {@link Digest}</li>
 * MacLen = length of MacTag
 * </pre>
 * <p/>
 */
public static BigInteger calculateMacTag(
    String participantId,
    String partnerParticipantId,
    BigInteger gx1,
    BigInteger gx2,
    BigInteger gx3,
    BigInteger gx4,
    BigInteger keyingMaterial,
    Digest digest)
{
    byte[] macKey = calculateMacKey(
        keyingMaterial,
        digest);

    HMac mac = new HMac(digest);
    byte[] macOutput = new byte[mac.getMacSize()];
    mac.init(new KeyParameter(macKey));
    
    /*
     * MacData = "KC_1_U" || participantId_Alice || participantId_Bob || gx1 || gx2 || gx3 || gx4.
     */
    updateMac(mac, "KC_1_U");
    updateMac(mac, participantId);
    updateMac(mac, partnerParticipantId);
    updateMac(mac, gx1);
    updateMac(mac, gx2);
    updateMac(mac, gx3);
    updateMac(mac, gx4);

    mac.doFinal(macOutput, 0);

    Arrays.fill(macKey, (byte)0);

    return new BigInteger(macOutput);

}
 

import org.bouncycastle.crypto.macs.HMac; //導入依賴的package包/類
public IESwithDESede()
{
    super(new IESEngine(new DHBasicAgreement(),
        new KDF2BytesGenerator(new SHA1Digest()),
        new HMac(new SHA1Digest()),
        new PaddedBufferedBlockCipher(new DESedeEngine())));
}
 

import org.bouncycastle.crypto.macs.HMac; //導入依賴的package包/類
public IESwithAES()
{
    super(new IESEngine(new DHBasicAgreement(),
        new KDF2BytesGenerator(new SHA1Digest()),
        new HMac(new SHA1Digest()),
        new PaddedBufferedBlockCipher(new AESEngine())));
}
 

import org.bouncycastle.crypto.macs.HMac; //導入依賴的package包/類
public ECIESwithDESede()
{
    super(new IESEngine(new ECDHBasicAgreement(),
        new KDF2BytesGenerator(new SHA1Digest()),
        new HMac(new SHA1Digest()),
        new PaddedBufferedBlockCipher(new DESedeEngine())));
}
 

import org.bouncycastle.crypto.macs.HMac; //導入依賴的package包/類
public ECIESwithAES()
{
    super(new IESEngine(new ECDHBasicAgreement(),
        new KDF2BytesGenerator(new SHA1Digest()),
        new HMac(new SHA1Digest()),
        new PaddedBufferedBlockCipher(new AESEngine())));
}