Home Explore Help
Sign In
221V
/
vibed_test
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Tree: ab537d9e7d
Branches Tags
vibed_test
/
vtest
/
source
/
secured
/
mac.d

mac.d 4.2 KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110 
  1. module secured.mac;
    2. 

  2. 

  3. import std.stdio;
    4. 

  4. import std.format;
    5. 

  5. 

  6. import secured.openssl;
    7. 

  7. import deimos.openssl.evp;
    8. 

  8. import secured.hash;
    9. 

  9. import secured.util;
    10. 

  10. 

  11. 

  12. @safe public ubyte[] hmac(const ubyte[] key, const ubyte[] data) {
    13. 

  13.     return hmac_ex(key, data, HashAlgorithm.Default);
    14. 

  14. }
    15. 

  15. 

  16. @safe public bool hmac_verify(const ubyte[] test, const ubyte[] key, const ubyte[] data) {
    17. 

  17.     ubyte[] hash = hmac_ex(key, data, HashAlgorithm.Default);
    18. 

  18.     return constantTimeEquality(test, hash);
    19. 

  19. }
    20. 

  20. 

  21. @trusted public ubyte[] hmac_ex(const ubyte[] key, const ubyte[] data, HashAlgorithm func)
    22. 

  22. {
    23. 

  23.     if (key.length > getHashLength(func)) {
    24. 

  24.         throw new CryptographicException(format("HMAC key must be less than or equal to %s bytes in length.", getHashLength(func)));
    25. 

  25.     }
    26. 

  26. 

  27.     //Create the OpenSSL context
    28. 

  28.     EVP_MD_CTX *mdctx = EVP_MD_CTX_new();
    29. 

  29.     if (mdctx == null) {
    30. 

  30.         throw new CryptographicException("Unable to create OpenSSL context.");
    31. 

  31.     }
    32. 

  32.     scope(exit) {
    33. 

  33.         if(mdctx !is null) {
    34. 

  34.             EVP_MD_CTX_free(mdctx);
    35. 

  35.         }
    36. 

  36.     }
    37. 

  37. 

  38.     //Initialize the hash algorithm
    39. 

  39.     auto md = getOpenSSLHashAlgorithm(func);
    40. 

  40.     if (EVP_DigestInit_ex(mdctx, md, null) != 1) {
    41. 

  41.         throw new CryptographicException("Unable to create hash context.");
    42. 

  42.     }
    43. 

  43. 

  44.     //Create the HMAC key context
    45. 

  45.     auto pkey = EVP_PKEY_new_mac_key(EVP_PKEY_HMAC, null, key.ptr, cast(int)key.length);
    46. 

  46.     scope(exit) {
    47. 

  47.         if(pkey !is null) {
    48. 

  48.             EVP_PKEY_free(pkey);
    49. 

  49.         }
    50. 

  50.     }
    51. 

  51.     if (EVP_DigestSignInit(mdctx, null, md, null, pkey) != 1) {
    52. 

  52.         throw new CryptographicException("Unable to create HMAC key context.");
    53. 

  53.     }
    54. 

  54. 

  55.     //Run the provided data through the digest algorithm
    56. 

  56.     if (EVP_DigestSignUpdate(mdctx, data.ptr, data.length) != 1) {
    57. 

  57.         throw new CryptographicException("Error while updating digest.");
    58. 

  58.     }
    59. 

  59. 

  60.     //Copy the OpenSSL digest to our D buffer.
    61. 

  61.     size_t digestlen = getHashLength(func);
    62. 

  62.     ubyte[] digest = new ubyte[getHashLength(func)];
    63. 

  63.     if (EVP_DigestSignFinal(mdctx, digest.ptr, &digestlen) < 0) {
    64. 

  64.         throw new CryptographicException("Error while retrieving the digest.");
    65. 

  65.     }
    66. 

  66. 

  67.     return digest;
    68. 

  68. }
    69. 

  69. 

  70. @safe public bool hmac_verify_ex(const ubyte[] test, const ubyte[] key, const ubyte[] data, HashAlgorithm func){
    71. 

  71.     ubyte[] hash = hmac_ex(key, data, func);
    72. 

  72.     return constantTimeEquality(test, hash);
    73. 

  73. }
    74. 

  74. 

  75. unittest {
    76. 

  76.     import std.digest;
    77. 

  77. 

  78.     ubyte[48] key = [ 0x0, 0x1, 0x2, 0x3, 0x4, 0x5, 0x6, 0x7, 0x8, 0x9, 0xA, 0xB, 0xC, 0xD, 0xE, 0xF,
    79. 

  79.                       0x0, 0x1, 0x2, 0x3, 0x4, 0x5, 0x6, 0x7, 0x8, 0x9, 0xA, 0xB, 0xC, 0xD, 0xE, 0xF,
    80. 

  80.                       0x0, 0x1, 0x2, 0x3, 0x4, 0x5, 0x6, 0x7, 0x8, 0x9, 0xA, 0xB, 0xC, 0xD, 0xE, 0xF ];
    81. 

  81. 

  82.     writeln("Testing HMAC Basic:");
    83. 

  83. 

  84.     ubyte[] verify_basic_hash = hmac(key, cast(ubyte[])"");
    85. 

  85.     assert(hmac_verify(verify_basic_hash, key, cast(ubyte[])""));
    86. 

  86. 

  87.     writeln(toHexString!(LetterCase.lower)(verify_basic_hash));
    88. 

  88. 

  89.     writeln("Testing HMAC Extended:");
    90. 

  90. 

  91.     ubyte[] vec1 = hmac_ex(key, cast(ubyte[])"", HashAlgorithm.SHA2_384);
    92. 

  92.     ubyte[] vec2 = hmac_ex(key, cast(ubyte[])"abc", HashAlgorithm.SHA2_384);
    93. 

  93.     ubyte[] vec3 = hmac_ex(key, cast(ubyte[])"abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq", HashAlgorithm.SHA2_384);
    94. 

  94. 

  95.     writeln(toHexString!(LetterCase.lower)(vec1));
    96. 

  96.     writeln(toHexString!(LetterCase.lower)(vec2));
    97. 

  97.     writeln(toHexString!(LetterCase.lower)(vec3));
    98. 

  98. 

  99.     assert(toHexString!(LetterCase.lower)(vec1) == "440b0d5f59c32cbee090c3d9f524b81a9b9708e9b65a46bbc189842b0ab0759d3bf118acca58eda0813fd346e8ccfde4");
    100. 

  100.     assert(toHexString!(LetterCase.lower)(vec2) == "cb5da1048feb76fd75752dc1b699caba124090feac21adb5b4c0f6600e7b626e08d7415660aa0ee79ca5b83e56669a60");
    101. 

  101.     assert(toHexString!(LetterCase.lower)(vec3) == "460b59c0bd8ae48133431185a4583376738be3116cafce47aff7696bd19501b0cf1f1850c3e5fa2992882997493d1c99");
    102. 

  102. 

  103.     ubyte[32] keyshort = [ 0x0, 0x1, 0x2, 0x3, 0x4, 0x5, 0x6, 0x7, 0x8, 0x9, 0xA, 0xB, 0xC, 0xD, 0xE, 0xF,
    104. 

  104.                       0x0, 0x1, 0x2, 0x3, 0x4, 0x5, 0x6, 0x7, 0x8, 0x9, 0xA, 0xB, 0xC, 0xD, 0xE, 0xF ];
    105. 

  105. 

  106.     ubyte[] verify_hash = hmac_ex(keyshort, cast(ubyte[])"", HashAlgorithm.SHA2_256);
    107. 

  107.     assert(hmac_verify_ex(verify_hash, keyshort, cast(ubyte[])"", HashAlgorithm.SHA2_256));
    108. 

  108. 

  109.     writeln(toHexString!(LetterCase.lower)(verify_hash));
    110. 

  110. }
    111.