HMAC: Hash-based Message Authentication Code,即基于Hash的消息鉴别码
在各大开放平台大行其道的互联网开发潮流中,调用各平台的API接口过程中,无一例外都会用到计算签名值(sig值)。而在各种计算签名的方法中,经常被采用的就是HMAC-SHA1,现对HMAC-SHA1做一个简单的介绍:
HMAC,散列消息鉴别码,基于密钥的Hash算法认证协议。
实现原理为:
利用已经公开的Hash函数和私有的密钥,来生成固定长度的消息鉴别码;
SHA1、MD5等Hash算法是比较常用的不可逆Hash签名计算方法;
BASE64,将任意序列的8字节字符转换为人眼无法直接识别的符号编码的一种方法;
相关依赖库是openssl,安装方法如下:apt-get install openssl //Ubuntu 14.04yum -y install openssl-devel //centos下面提供两个源码示例:
例子一:
//gcc -g hmac_sha1_demo3.c -o hmac_sha1_demo3 -lcrypto -std=c99 #include <stdio.h> #include <string.h> #include <openssl/hmac.h> int main() { // The key to hash char key[] = "012345678"; // The data that we're going to hash using HMAC char data[] = "hello world"; unsigned char digest[EVP_MAX_MD_SIZE] = {'\0'}; unsigned int digest_len = 0; // Using sha1 hash engine here. // You may use other hash engines. e.g EVP_md5(), EVP_sha224, EVP_sha512, etc HMAC(EVP_sha1(), key, strlen(key), (unsigned char*)data, strlen(data), digest, &digest_len); printf("%s, len %u\n", digest, digest_len); // Be careful of the length of string with the choosen hash engine. SHA1 produces a 20-byte hash value which rendered as 40 characters. // Change the length accordingly with your choosen hash engine char mdString[41] = {'\0'}; for(int i = 0; i < 20; i++) sprintf(&mdString[i*2], "%02x", (unsigned int)digest[i]); printf("HMAC digest: %s\n", mdString); return 0; }
例子二:运行截图://gcc -g hmac_sha1_demo2.c -o hmac_sha1_demo2 -lcrypto --std=c99 #include <stdio.h> #include <string.h> #include <openssl/hmac.h> int main() { // The secret key for hashing const char key[] = "012345678"; // The data that we're going to hash char data[] = "hello world"; // Be careful of the length of string with the choosen hash engine. SHA1 needed 20 characters. // Change the length accordingly with your choosen hash engine. unsigned char* result; unsigned int len = 20; result = (unsigned char*)malloc(sizeof(char) * len); HMAC_CTX ctx; HMAC_CTX_init(&ctx); // Using sha1 hash engine here. // You may use other hash engines. e.g EVP_md5(), EVP_sha224, EVP_sha512, etc HMAC_Init_ex(&ctx, key, strlen(key), EVP_sha1(), NULL); HMAC_Update(&ctx, (unsigned char*)&data, strlen(data)); HMAC_Final(&ctx, result, &len); HMAC_CTX_cleanup(&ctx); printf("HMAC digest: "); for (int i = 0; i != len; i++) printf("%02x", (unsigned int)result[i]); printf("\n"); free(result); return 0; }
参考文献:[1].http://www.askyb.com/cpp/openssl-hmac-hasing-example-in-cpp/