SHA-256-based HMAC File Checker
Author: Gamsn
Download source code
HMAC is a HASH function with a key. The Packet Authentication Code (MAC) generated by HMAC can be used for Packet Authentication. Here I made it into a software for verifying the validity of the file. Below I will first briefly introduce the background of the software and then introduce its code implementation.
I. background knowledge
Sometimes, the communication parties need to verify the messages sent by the other party based on security considerations to ensure that the messages have not been modified by a third party. This verification can be performed as follows:
Both parties agree on a key (a password), which is kept confidential to a third party;
The sender of the message uses this key pair to generate a verification code for the sent message and attaches the verification code to the message for sending;
After receiving a message with a verification code, the Message Receiver separates the message from the verification code and generates a verification code for the message with the key;
Then compare the two verification codes. If they are the same, the message is not modified by a third party, if the message is different, it is likely that the message has been modified illegally (or because the message has changed for another reason). The message is untrusted and needs to be resending by the other party;
* Generally, HMAC is used to generate verification codes. It ensures that a third party cannot modify the verification code to match the modified message without knowing the key.
* The message is public (unencrypted) throughout the process. The algorithm only provides message integrity verification, but not confidentiality. The confidentiality can be implemented by the public key encryption algorithm, which is not discussed here.
2. Software Implementation
This software can generate a verification file for any file on the computer disk. vri (the key is entered by the user). Based on this verification file, you can verify the corresponding file as needed. The specific method will be provided in the following example.
The HMAC algorithm HASH function in the program I use SHA-256 algorithm, it is safer than MD5 and SHA-1. (In fact, because it is not a formal security product, it is hard to use MD5 or SHA-1 in this program ).
* The HMAC structure is shown in:
Figure 1 HMAC Structure
The symbols in the figure are defined as follows:
IV = as HASH function input Initial Value M = HMAC message input Yi = M of the I group, 0 <= I <= (L-1) B = the number of digits n in each group = the HASH code length generated by the embedded HASH function K = key K + = after filling 0 on the left of K to make K a B-Bit Length result: ipad = 0x36 repeated B/8 Results opad = 0x5c repeated B/8 Results
For specific HASH functions, B and n are fixed. Therefore, in the HMAC class of the program, n is defined as macro Mn, B is defined as Mb, and the values are 32 and 64 respectively. This structure is inefficient and is not conducive to practical use. So someone proposed an efficient HMAC implementation scheme.
* The effective implementation scheme of HMAC is as follows:
Figure 2 Effective implementation scheme of HMAC
Where HASH is the SHA-256.
Pre-calculation is shown on the left and calculation of each message is performed on the right. If the key remains unchanged, only one pre-calculation is required. In the future, only the right calculation will be used when the verification code is generated. In this way, the efficiency can be improved.
It should be noted that when you read the HMAC class I wrote, you may find that the calculation is performed on both sides of each calculation (regardless of the key ). This is because I have considered that individual users may change keys from time to time, and there are no special requirements for efficiency in application scenarios. Of course, this does not reflect the advantages of the Effective implementation scheme of HMAC.
Another point is that the filling of the key is the low filling level, that is, the right side of the key, which is different from the above Scheme (the Scheme is to fill in the high position, that is, the left side, so that you will not be confused when viewing the source code.
The above effective implementation scheme is realistic in the HMac class, And the HASH function SHA-256 is implemented in the Sha256 class. Since here we mainly talk about HMAC, The SHA-256 is just as a black box, so not much to explain.
The Mac class in the program has nothing to do with HAMC and HASH functions. It is just a medium for storing the results. It does not even have a member function. I am also considering whether it can be made into a class.
To facilitate readers to read the variables in the HMac class, the identifiers in Figure 2 are used.
For the following code readers may have doubts, clearly is the result of the first pre-calculation, m_dwA1-m_dwH1 is what?
for(i=0;i<Mb;i++) S[i]=sKeyplus[i]^ipad[i];m_sha256.Init(Mb);m_sha256.GenW(S,Mb);m_sha256.Steps();m_dwA1=m_sha256.OA;m_dwB1=m_sha256.OB;m_dwC1=m_sha256.OC;m_dwD1=m_sha256.OD;m_dwE1=m_sha256.OE;m_dwF1=m_sha256.OF;m_dwG1=m_sha256.OG;m_dwH1=m_sha256.OH;
In fact, m_dwA1-m_dwH1 is the first pre-calculation output. Here, because the output has 256 bits, I split it into eight 32 bits. Likewise, the output of the second pre-calculation is a m_dwA2-m_dwH2.
In addition, the drag and drop of files in the program and the open part of file storage (including serialization) are a good reference for beginners, of course, the experts do not need to care about it. The following is an example to make the reader's understanding more emotional.
Iii. Example
I have a very important image for you, as shown below:
Figure 3. VeriFileimg3
The verification file "important. vri" is attached to the image ". (This verification file is in the source code compressed package)
The image you received is as follows: (it was modified by an invalid third party at during transmission)
Figure 4. VeriFileimg4
You can use this software to verify it as follows:
- Run the software and open important. vri. (You can open important. vri in two ways. You can open important from the menu 'file-open', or drag the file directly into the program window .)
(After the software is run for the first time, the program creates an association for the vri file. After opening the vri file, you can double-click the vri file to open it .);
- Drag the file to be verified into the program window, select "no" in the pop-up dialog box, or open it from the menu "verify file-verify source file;
- Then the program requires entering the verification key. Here you and I agree that the key is gamsn, that is, enter gamsn;
- The program calculates the verification code value of the source file and tells you the result;
It is also easy to generate a verification file from the source file. Select your source file from the 'verify file-generate verification file' menu, and then enter the key in the pop-up dialog box. Note: The maximum valid length of a key is 16 bytes, Which is unlimited in Chinese and English. All generated verification files are automatically suffixed with vri.
Iv. Conclusion
This is probably the case. If you have any questions or are correct, please contact me. Thank you!
If you are interested in the HASH function, you can refer to the Cryptography and Network Security Principles and Practices book of William Stallings. This book is not a guide to programming, but a Professional Tutorial on password and network security. Its Chinese version is also a good book.