HMAC: Hash-based Message Authentication Code,即基于Hash的消息鉴别码
在各大开放平台大行其道的互联网开发潮流中,调用各平台的API接口过程中,无一例外都会用到计算签名值(sig值)。而在各种计算签名的方法中,经常被采用的就是HMAC-SHA1,现对HMAC-SHA1做一个简单的介绍:
HMAC,散列消息鉴别码,基于密钥的Hash算法认证协议。
实现原理为:
利用已经公开的Hash函数和私有的密钥,来生成固定长度的消息鉴别码;
SHA1、MD5等Hash算法是比较常用的不可逆Hash签名计算方法;
BASE64,将任意序列的8字节字符转换为人眼无法直接识别的符号编码的一种方法;
相关依赖库是openssl,安装方法如下:
apt-get install openssl //Ubuntu 14.04
yum -y install openssl-devel //centos
下面提供两个源码示例:
例子一:
- //gcc -g hmac_sha1_demo3.c -o hmac_sha1_demo3 -lcrypto -std=c99
- #include <stdio.h>
- #include <string.h>
- #include <openssl/hmac.h>
- int main()
- {
- // The key to hash
- char key[] = "012345678";
- // The data that we're going to hash using HMAC
- char data[] = "hello world";
- unsigned char digest[EVP_MAX_MD_SIZE] = {'\0'};
- unsigned int digest_len = 0;
- // Using sha1 hash engine here.
- // You may use other hash engines. e.g EVP_md5(), EVP_sha224, EVP_sha512, etc
- HMAC(EVP_sha1(), key, strlen(key), (unsigned char*)data, strlen(data), digest, &digest_len);
- printf("%s, len %u\n", digest, digest_len);
- // Be careful of the length of string with the choosen hash engine. SHA1 produces a 20-byte hash value which rendered as 40 characters.
- // Change the length accordingly with your choosen hash engine
- char mdString[41] = {'\0'};
- for(int i = 0; i < 20; i++)
- sprintf(&mdString[i*2], "%02x", (unsigned int)digest[i]);
- printf("HMAC digest: %s\n", mdString);
- return 0;
- }
例子二:
- //gcc -g hmac_sha1_demo2.c -o hmac_sha1_demo2 -lcrypto --std=c99
- #include <stdio.h>
- #include <string.h>
- #include <openssl/hmac.h>
- int main() {
- // The secret key for hashing
- const char key[] = "012345678";
- // The data that we're going to hash
- char data[] = "hello world";
- // Be careful of the length of string with the choosen hash engine. SHA1 needed 20 characters.
- // Change the length accordingly with your choosen hash engine.
- unsigned char* result;
- unsigned int len = 20;
- result = (unsigned char*)malloc(sizeof(char) * len);
- HMAC_CTX ctx;
- HMAC_CTX_init(&ctx);
- // Using sha1 hash engine here.
- // You may use other hash engines. e.g EVP_md5(), EVP_sha224, EVP_sha512, etc
- HMAC_Init_ex(&ctx, key, strlen(key), EVP_sha1(), NULL);
- HMAC_Update(&ctx, (unsigned char*)&data, strlen(data));
- HMAC_Final(&ctx, result, &len);
- HMAC_CTX_cleanup(&ctx);
- printf("HMAC digest: ");
- for (int i = 0; i != len; i++)
- printf("%02x", (unsigned int)result[i]);
- printf("\n");
- free(result);
- return 0;
- }
参考文献:
[1].http://www.askyb.com/cpp/openssl-hmac-hasing-example-in-cpp/