Click here to Skip to main content
Click here to Skip to main content

C++ Class Implementation of HMAC-SHA

, 2 May 2010
Rate this:
Please Sign up or sign in to vote.
C++ class of HMAC-SHA1

Introduction

This is my first article on CodeProject. Sorry for my poor English.

The reason I think it might be helpful that I share this HMAC-SHA1 class is because I found no related source I could refer to. This is a simple C++ class of HMAC-SHA1 with only single byte character support. You could add double bytes character support if needed. You will find this class contains only a function HMAC_SHA1 that accept test input and hash key, then generates a digest.

Background

Thanks to Dominik Reichl, the SHA1 class I wrapped is from his amazing class. I simply implemented the HMAC algorithm on it. For MD5, you could refer to RFC. There is a detailed programming flow of it.

Using the Code

The usage of this class is extremely simple. Declare CHMAC_SHA1, call its HMAC_SHA1 function. That's it!

You may use HMAC-SHA1 in RFC 2202 test case to verify your implementation.

Following is test case 1 in RFC 2202.

#include "HMAC_SHA1.h"
 
BYTE Key[20] ;
BYTE digest[20] ; 

unsigned char *test = "Hi There" ; 
memset(Key, 0x0b, 20) ;
CHMAC_SHA1 HMAC_SHA1 ;
HMAC_SHA1.HMAC_SHA1(test, strlen(test), Key, sizeof(Key), digest) ;
 
// Check with digest equal to 0xb617318655057264e28bc0b6fb378c8ef146be00
// or not

History

  • 2007/12/17: Updated sample code with RFC 2202 test case 1

License

This article, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

About the Author

Chien-Chung, Chung
Software Developer (Senior)
Taiwan Taiwan
Life is nothing but choices.

Comments and Discussions

 
GeneralMy vote of 5 Pinmembernicklin026-Mar-13 3:57 
QuestionCode Segfaults with messages longer than buffersize minus digestsize PinmemberMember 932791917-Sep-12 6:16 
The code in method HMAC_SHA1 is copying the ipad and the input text into a buffer of fixed size, without checking the length of the input. This will segfault and crash with input text larger than 4076 bytes (I am trying to sign files and executable which are larger than the buffer size).
 
The buffer copy is also not necessary as you can as well call CSHA1::Update several times with each chunk of data, first with the ipad and then with the text.
// old: CSHA1::Update( (UINT_8 *) AppendBuf1, sizeof( m_ipad ) + text_len );
CSHA1::Update( (UINT_8 *) m_ipad, sizeof( m_ipad ) );
CSHA1::Update( (UINT_8 *) text, text_len );
You can do the same with the opad buffer.
// old: CSHA1::Update( (UINT_8 *) AppendBuf2, sizeof( m_opad ) + SHA1_DIGEST_LENGTH );
CSHA1::Update( (UINT_8 *) m_opad, sizeof( m_opad ) );
CSHA1::Update( (UINT_8 *) szReport, SHA1_DIGEST_LENGTH );
Now you can completely remove AppendBuf1 and AppendBuf2, as they are not used anymore. I tested the change and it produces the same result on my (smaller) files and on the test example "Hi There".
 
Btw: a different layout like the one used in CSHA1 would be nice, where I can call a method several times with chunks of data from a file and finally call a function to get the hash code. With the current implementation I need to load the whole file into a flat array first.
 
I also modified HMAC_SHA1, Update and Transform to take 'const' arguments whenever applicable. That way you can use 'char' or 'const char' as arguments for key and text without any compiler errors.
 
Additionally, although it is common in optimized algorithms to use unions like SHA1_WORKSPACE_BLOCK, the resulting behavior (e.g. after writing uint32 and then reading uint8) is unspecified in any C++ compiler and should therefor be avoided. It is unspecified how those two arrays are exactly padded and aligned in memory and it violates strict aliasing causing the optimizer to do unintended things. Endianness seems to be taken care of explicitly, but would also be a huge problem in general.
QuestionIs the digest same as the one computed by C# code ? PinmemberBeckDai12-Apr-12 17:55 
AnswerRe: Is the digest same as the one computed by C# code ? PinmemberChien-Chung, Chung7-May-12 22:49 
Questionthe result is not right Pinmemberhaolifengwang1-Jan-12 18:49 
AnswerRe: the result is not right PinmemberChien-Chung, Chung7-May-12 22:47 
Generalhelp me Pinmemberkalyan41927-Aug-09 18:41 
QuestionError message PinmemberGodwin Ansa5-Aug-08 3:05 
AnswerRe: Error message PinmemberChien-Chung, Chung2-May-10 16:38 
Generalmemset used wrongly PinmemberDante Shamest21-Jul-08 21:06 
GeneralRe: memset used wrongly Pinmemberhetcorp1-Apr-09 4:41 
GeneralRe: memset used wrongly PinmemberJim Chung2-May-10 16:10 
Questionreceiver processing for HMAC-SHA? PinmemberAdam Harding3-Jun-08 12:49 
GeneralBugfix for long key's [modified] Pinmemberbruno19996-Mar-08 3:31 
GeneralThanks Pinmemberbruno19995-Mar-08 9:37 
GeneralRe: Thanks PinmemberGodwin Ansa27-Aug-08 3:01 

General General    News News    Suggestion Suggestion    Question Question    Bug Bug    Answer Answer    Joke Joke    Rant Rant    Admin Admin   

Use Ctrl+Left/Right to switch messages, Ctrl+Up/Down to switch threads, Ctrl+Shift+Left/Right to switch pages.

| Advertise | Privacy | Mobile
Web04 | 2.8.140721.1 | Last Updated 2 May 2010
Article Copyright 2007 by Chien-Chung, Chung
Everything else Copyright © CodeProject, 1999-2014
Terms of Service
Layout: fixed | fluid