Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Generate PBKDF2 and HMAC using OpenSSL and C++

2,809 views

Published on

Published in: Software
  • Be the first to comment

  • Be the first to like this

Generate PBKDF2 and HMAC using OpenSSL and C++

  1. 1. PBKDF2 key and HMAC hash generation using OpenSSL and C++ In this Presentation we will see how we can generate a key using PBKDF2 algorithm and then using that key, we will see how to generate HMAC hash for any data using OpenSSL library and some C++. Compiled By: HEM DUTT
  2. 2. Introduction On Mac OS X, Cocoa applications are not the only choice. You might need to create a application in a cross platform framework such as QT Framework. In this case there could be a need to encrypt or create hash of some data. In this blog we will see how we can generate a key using PBKDF2 algorithm and then using that key, we will see how to generate HMAC hash for any data. I have used OpenSSL library and some C++ code to accomplish this.
  3. 3. Class Declaration First, add libssl.dylib in your project. On Mac OS X OpenSSl is by default installed so no need to download from anywhere. Let’s declare a class to accomplish our task at hand. class CHashGenerator { public: std::string calculateHMACHash(const char* password, const char* salt, const char* data, int iterations); private: char* generateKey(const char* password , const unsigned char* salt, int iterations); char pbkdf2Key[64]; char hash[41]; };
  4. 4. Headers And Macros Include following headers in the implementation file #include “openssl/evp.h” #include <openssl/sha.h> #include <openssl/hmac.h> #define KEY_LEN 32
  5. 5. Generate PBKDF2 Key Implementation of function to generate key using PBKDF2 algorithm char* CHashGenerator::generateKey(const char* password , const unsigned char* salt, int iterations) { size_t size; unsigned char *out; out = (unsigned char *) malloc(sizeof(unsigned char) * KEY_LEN);
  6. 6. Generate PBKDF2 Key cont.. if( PKCS5_PBKDF2_HMAC_SHA1(password, strlen(password), salt, strlen((char*)salt), iterations, KEY_LEN, out) != 0 ) { for(size=0;size<KEY_LEN;size++) { sprintf(&pbkdf2Key[size*2], “%02x”, (unsigned int)out[size]); } } else { fprintf(stderr, “PKCS5_PBKDF2_HMAC_SHA1 failedn”); } free(out); return pbkdf2Key; }
  7. 7. Generate HMAC hash Implementation of function to calculate HMAC of data std::string CHashGenerator::calculateHMACHash(const char* password, const char* salt, const char* data, int iterations) { // The key to hash std::string saltStr(salt); const unsigned char* unsignedSalt = (unsigned char*)saltStr.c_str(); char* key = generateKey(password,unsignedSalt,iterations); // The data that we’re going to hash using HMAC std::string dataVal(data); const unsigned char* unsignedData = (unsigned char*)dataVal.c_str(); unsigned char* digest;
  8. 8. Generate HMAC hash cont.. // I have used sha1 hash engine here. digest = HMAC(EVP_sha1(), key, strlen(key), unsignedData, strlen((char *)unsignedData), NULL, NULL); // Length of string depends on the chosen hash engine for example with the chosen hash engine i.e SHA1 it produces a 20-byte hash value which rendered as 40 characters. // Length of the string need to be changed as per hash engine used. for(int i = 0; i < 20; i++) { sprintf(&hash[i*2], “%02x”, (unsigned int)digest[i]); } return std::string(hash); }
  9. 9. Done If you liked this presentation , please visit my blog TechKnowMore for more interesting tips. Thanks..
  10. 10. Done If you liked this presentation , please visit my blog TechKnowMore for more interesting tips. Thanks..

×