HMAC-SHA1: Difference between revisions
Jump to navigation
Jump to search
No edit summary |
No edit summary |
||
| Line 1: | Line 1: | ||
Function which returns HMAC-SHA1 encrypted signature composed of public key and secret base string: | Function which returns HMAC-SHA1 encrypted signature composed of public key and secret base string: | ||
<code> | <code> | ||
QString hmacSha1(QByteArray key, QByteArray baseString) | |||
{ | |||
int blockSize = 64; // HMAC-SHA-1 block size, defined in SHA-1 standard | |||
if (key.length() > blockSize) { // if key is longer than block size (64), reduce key length with SHA-1 compression | |||
key = QCryptographicHash::hash(key, QCryptographicHash::Sha1); | |||
} | |||
QByteArray innerPadding(blockSize, char(0x36)); // initialize inner padding with char | QByteArray innerPadding(blockSize, char(0x36)); // initialize inner padding with char "6" | ||
QByteArray outerPadding(blockSize, char(0x5c)); // initialize outer padding with char "quot; | |||
// ascii characters 0x36 ("6") and 0x5c ("quot;) are selected because they have large | |||
// Hamming distance (http://en.wikipedia.org/wiki/Hamming_distance) | |||
for (int i = 0; i | for (int i = 0; i < key.length(); i++) { | ||
innerPadding[i] = innerPadding[i] ^ key.at(i); // XOR operation between every byte in key and innerpadding, of key length | |||
outerPadding[i] = outerPadding[i] ^ key.at(i); // XOR operation between every byte in key and outerpadding, of key length | |||
} | |||
// result = hash ( outerPadding CONCAT hash ( innerPadding CONCAT baseString ) ).toBase64 | // result = hash ( outerPadding CONCAT hash ( innerPadding CONCAT baseString ) ).toBase64 | ||
QByteArray total = outerPadding; | |||
QByteArray part = innerPadding; | |||
part.append(baseString); | |||
total.append(QCryptographicHash::hash(part, QCryptographicHash::Sha1)); | |||
QByteArray hashed = QCryptographicHash::hash(total, QCryptographicHash::Sha1); | |||
return hashed.toBase64(); | |||
} | |||
</code> | |||
You may use this code with any license you prefer :) | You may use this code with any license you prefer :) | ||
'''Note''' that Qt 5.1 introduces a new class | '''Note''' that Qt 5.1 introduces a new class "QMessageAuthenticationCode":http://doc-snapshot.qt.io/qt5-stable/qtcore/qmessageauthenticationcode.html which provides a standard API for HMACs. | ||
Revision as of 09:40, 25 February 2015
Function which returns HMAC-SHA1 encrypted signature composed of public key and secret base string:
QString hmacSha1(QByteArray key, QByteArray baseString)
{
int blockSize = 64; // HMAC-SHA-1 block size, defined in SHA-1 standard
if (key.length() > blockSize) { // if key is longer than block size (64), reduce key length with SHA-1 compression
key = QCryptographicHash::hash(key, QCryptographicHash::Sha1);
}
QByteArray innerPadding(blockSize, char(0x36)); // initialize inner padding with char "6"
QByteArray outerPadding(blockSize, char(0x5c)); // initialize outer padding with char "quot;
// ascii characters 0x36 ("6") and 0x5c ("quot;) are selected because they have large
// Hamming distance (http://en.wikipedia.org/wiki/Hamming_distance)
for (int i = 0; i < key.length(); i++) {
innerPadding[i] = innerPadding[i] ^ key.at(i); // XOR operation between every byte in key and innerpadding, of key length
outerPadding[i] = outerPadding[i] ^ key.at(i); // XOR operation between every byte in key and outerpadding, of key length
}
// result = hash ( outerPadding CONCAT hash ( innerPadding CONCAT baseString ) ).toBase64
QByteArray total = outerPadding;
QByteArray part = innerPadding;
part.append(baseString);
total.append(QCryptographicHash::hash(part, QCryptographicHash::Sha1));
QByteArray hashed = QCryptographicHash::hash(total, QCryptographicHash::Sha1);
return hashed.toBase64();
}
You may use this code with any license you prefer :)
Note that Qt 5.1 introduces a new class "QMessageAuthenticationCode":http://doc-snapshot.qt.io/qt5-stable/qtcore/qmessageauthenticationcode.html which provides a standard API for HMACs.