HMAC-SHA1: Difference between revisions

From Qt Wiki
Jump to navigation Jump to search
No edit summary
m (Added language indicator to code-tags)
 
(3 intermediate revisions by 2 users not shown)
Line 1: Line 1:
Function which returns HMAC-SHA1 encrypted signature composed of public key and secret base string:
Function which returns HMAC-SHA1 encrypted signature composed of public key and secret base string:


<code>
<code lang="cpp">
QString hmacSha1(QByteArray key, QByteArray baseString)
QString hmacSha1(QByteArray key, QByteArray baseString)
{
{
Line 31: Line 32:
You may use this code with any license you prefer :)
You may use this code with any license you prefer :)


'''Note''' that Qt 5.1 introduces a new class "QMessageAuthenticationCode":http://doc-snapshot.qt.io/qt5-stable/qtcore/qmessageauthenticationcode.html which provides a standard API for HMACs.
'''Note''' that Qt 5.1 introduces a new class [http://doc.qt.io/qt-5/qmessageauthenticationcode.html QMessageAuthenticationCode] which provides a standard API for HMACs.

Latest revision as of 13:23, 7 July 2015

Function which returns HMAC-SHA1 encrypted signature composed of public key and secret base string:

QString hmacSha1(QByteArray key, QByteArray baseString)
{
 int blockSize = 64; // HMAC-SHA-1 block size, defined in SHA-1 standard
 if (key.length() > blockSize) { // if key is longer than block size (64), reduce key length with SHA-1 compression
 key = QCryptographicHash::hash(key, QCryptographicHash::Sha1);
 }

QByteArray innerPadding(blockSize, char(0x36)); // initialize inner padding with char "6"
 QByteArray outerPadding(blockSize, char(0x5c)); // initialize outer padding with char "quot;
 // ascii characters 0x36 ("6") and 0x5c ("quot;) are selected because they have large
 // Hamming distance (http://en.wikipedia.org/wiki/Hamming_distance)

for (int i = 0; i < key.length(); i++) {
 innerPadding[i] = innerPadding[i] ^ key.at(i); // XOR operation between every byte in key and innerpadding, of key length
 outerPadding[i] = outerPadding[i] ^ key.at(i); // XOR operation between every byte in key and outerpadding, of key length
 }

// result = hash ( outerPadding CONCAT hash ( innerPadding CONCAT baseString ) ).toBase64
 QByteArray total = outerPadding;
 QByteArray part = innerPadding;
 part.append(baseString);
 total.append(QCryptographicHash::hash(part, QCryptographicHash::Sha1));
 QByteArray hashed = QCryptographicHash::hash(total, QCryptographicHash::Sha1);
 return hashed.toBase64();
}

You may use this code with any license you prefer :)

Note that Qt 5.1 introduces a new class QMessageAuthenticationCode which provides a standard API for HMACs.