1. PBKDF2 key and HMAC hash
generation using OpenSSL and C++
In this Presentation we will see how we can generate a key using
PBKDF2 algorithm and then using that key, we will see how to
generate HMAC hash for any data using OpenSSL library and
some C++.
Compiled By:
HEM DUTT

2. Introduction
On Mac OS X, Cocoa applications are not the only choice. You
might need to create a application in a cross platform framework
such as QT Framework. In this case there could be a need to
encrypt or create hash of some data.
In this blog we will see how we can generate a key using PBKDF2
algorithm and then using that key, we will see how to generate
HMAC hash for any data.
I have used OpenSSL library and some C++ code to accomplish
this.

3. Class Declaration
First, add libssl.dylib in your project. On Mac OS X OpenSSl is by default
installed so no need to download from anywhere.
Let’s declare a class to accomplish our task at hand.
class CHashGenerator
{
public:
std::string calculateHMACHash(const char* password, const char*
salt, const char* data, int iterations);
private:
char* generateKey(const char* password , const unsigned char* salt,
int iterations);
char pbkdf2Key[64];
char hash[41];
};

4. Headers And Macros
Include following headers in the implementation file
#include “openssl/evp.h”
#include <openssl/sha.h>
#include <openssl/hmac.h>
#define KEY_LEN 32

5. Generate PBKDF2 Key
Implementation of function to generate key using PBKDF2
algorithm
char* CHashGenerator::generateKey(const char* password ,
const unsigned char* salt, int iterations)
{
size_t size;
unsigned char *out;
out = (unsigned char *) malloc(sizeof(unsigned char) *
KEY_LEN);

6. Generate PBKDF2 Key cont..
if( PKCS5_PBKDF2_HMAC_SHA1(password, strlen(password),
salt, strlen((char*)salt), iterations, KEY_LEN, out) != 0 )
{
for(size=0;size<KEY_LEN;size++)
{
sprintf(&pbkdf2Key[size*2], “%02x”, (unsigned int)out[size]);
}
}
else
{
fprintf(stderr, “PKCS5_PBKDF2_HMAC_SHA1 failedn”);
}
free(out);
return pbkdf2Key;
}

7. Generate HMAC hash
Implementation of function to calculate HMAC of data
std::string CHashGenerator::calculateHMACHash(const char*
password, const char* salt, const char* data, int iterations)
{
// The key to hash
std::string saltStr(salt);
const unsigned char* unsignedSalt = (unsigned
char*)saltStr.c_str();
char* key = generateKey(password,unsignedSalt,iterations);
// The data that we’re going to hash using HMAC
std::string dataVal(data);
const unsigned char* unsignedData = (unsigned
char*)dataVal.c_str();
unsigned char* digest;

8. Generate HMAC hash cont..
// I have used sha1 hash engine here.
digest = HMAC(EVP_sha1(), key, strlen(key), unsignedData,
strlen((char *)unsignedData), NULL, NULL);
// Length of string depends on the chosen hash engine for
example with the chosen hash engine i.e SHA1 it produces a
20-byte hash value which rendered as 40 characters.
// Length of the string need to be changed as per hash engine
used.
for(int i = 0; i < 20; i++)
{
sprintf(&hash[i*2], “%02x”, (unsigned int)digest[i]);
}
return std::string(hash);
}

9. Done
If you liked this presentation , please visit my blog TechKnowMore
for more interesting tips.
Thanks..

10. Done
If you liked this presentation , please visit my blog TechKnowMore
for more interesting tips.
Thanks..