HMAC-SHA1: Difference between revisions

From Qt Wiki
Jump to navigation Jump to search
No edit summary
 
No edit summary
Line 1: Line 1:
Function which returns <span class="caps">HMAC</span>-SHA1 encrypted signature composed of public key and secret base string:
Function which returns HMAC-SHA1 encrypted signature composed of public key and secret base string:


You may use this code with any license you prefer <span class="smiley">:)</span>
<code><br />QString hmacSha1(QByteArray key, QByteArray baseString)<br />{<br /> int blockSize = 64; // HMAC-SHA-1 block size, defined in SHA-1 standard<br /> if (key.length() &gt; blockSize) { // if key is longer than block size (64), reduce key length with SHA-1 compression<br /> key = QCryptographicHash::hash(key, QCryptographicHash::Sha1);<br /> }


'''Note''' that Qt 5.1 introduces a new class [http://doc-snapshot.qt.io/qt5-stable/qtcore/qmessageauthenticationcode.html QMessageAuthenticationCode] ''[doc-snapshot.qt.io]'' which provides a standard <span class="caps">API</span> for <span class="caps">HMAC</span>s.
QByteArray innerPadding(blockSize, char(0x36)); // initialize inner padding with char &quot;6&amp;quot;<br /> QByteArray outerPadding(blockSize, char(0x5c)); // initialize outer padding with char &quot;quot;<br /> // ascii characters 0x36 (&quot;6&amp;quot;) and 0x5c (&quot;quot;) are selected because they have large<br /> // Hamming distance (http://en.wikipedia.org/wiki/Hamming_distance)


===Categories:===
for (int i = 0; i &lt; key.length(); i++) {<br /> innerPadding[i] = innerPadding[i] ^ key.at(i); // XOR operation between every byte in key and innerpadding, of key length<br /> outerPadding[i] = outerPadding[i] ^ key.at(i); // XOR operation between every byte in key and outerpadding, of key length<br /> }


* [[:Category:snippets|snippets]]
// result = hash ( outerPadding CONCAT hash ( innerPadding CONCAT baseString ) ).toBase64<br /> QByteArray total = outerPadding;<br /> QByteArray part = innerPadding;<br /> part.append(baseString);<br /> total.append(QCryptographicHash::hash(part, QCryptographicHash::Sha1));<br /> QByteArray hashed = QCryptographicHash::hash(total, QCryptographicHash::Sha1);<br /> return hashed.toBase64();<br />}<br /></code>
 
You may use this code with any license you prefer :)
 
'''Note''' that Qt 5.1 introduces a new class &quot;QMessageAuthenticationCode&amp;quot;:http://doc-snapshot.qt.io/qt5-stable/qtcore/qmessageauthenticationcode.html which provides a standard API for HMACs.

Revision as of 09:19, 24 February 2015

Function which returns HMAC-SHA1 encrypted signature composed of public key and secret base string:

<br />QString hmacSha1(QByteArray key, QByteArray baseString)<br />{<br /> int blockSize = 64; // HMAC-SHA-1 block size, defined in SHA-1 standard<br /> if (key.length() &gt; blockSize) { // if key is longer than block size (64), reduce key length with SHA-1 compression<br /> key = QCryptographicHash::hash(key, QCryptographicHash::Sha1);<br /> }

QByteArray innerPadding(blockSize, char(0x36)); // initialize inner padding with char &quot;6&amp;quot;<br /> QByteArray outerPadding(blockSize, char(0x5c)); // initialize outer padding with char &quot;quot;<br /> // ascii characters 0x36 (&quot;6&amp;quot;) and 0x5c (&quot;quot;) are selected because they have large<br /> // Hamming distance (http://en.wikipedia.org/wiki/Hamming_distance)

for (int i = 0; i &lt; key.length(); i++) {<br /> innerPadding[i] = innerPadding[i] ^ key.at(i); // XOR operation between every byte in key and innerpadding, of key length<br /> outerPadding[i] = outerPadding[i] ^ key.at(i); // XOR operation between every byte in key and outerpadding, of key length<br /> }

// result = hash ( outerPadding CONCAT hash ( innerPadding CONCAT baseString ) ).toBase64<br /> QByteArray total = outerPadding;<br /> QByteArray part = innerPadding;<br /> part.append(baseString);<br /> total.append(QCryptographicHash::hash(part, QCryptographicHash::Sha1));<br /> QByteArray hashed = QCryptographicHash::hash(total, QCryptographicHash::Sha1);<br /> return hashed.toBase64();<br />}<br />

You may use this code with any license you prefer :)

Note that Qt 5.1 introduces a new class "QMessageAuthenticationCode&quot;:http://doc-snapshot.qt.io/qt5-stable/qtcore/qmessageauthenticationcode.html which provides a standard API for HMACs.