为什么 HMAC+EVP_sha256 对于某些哈希返回的值与 openssl 不同

Question

在尝试生成 HMAC+SHA256 签名时，对于某些有效负载，我从 openssl 命令行得到的结果与 openssl lib 不同。

这是为了尝试为 AWS 生成 v4 签名。 我可以用 bash/curl 成功地做到这一点。 代码显示了每一步的每个签名，除了服务（s3）的签名之外，所有匹配的签名都与通过openssl命令行生成的不同

    int i;
    char data[1024] = "";
    char hashString[SHA256_DIGEST_LENGTH*2];
    unsigned char *bytearray=malloc(SHA256_DIGEST_LENGTH);
    unsigned char *digest=malloc(SHA256_DIGEST_LENGTH);

    printf("echo -n us-east-1|openssl dgst -sha256 -mac HMAC -macopt hexkey:b098ff9a24e0573d9e0f952963d0725c4e9c7566ebb3713bf8e0707d43146822\n");
    strcpy(hashString,"b098ff9a24e0573d9e0f952963d0725c4e9c7566ebb3713bf8e0707d43146822\0");
    strcpy(data, "us-east-1");
//This works
    for (i = 0; i < strlen(hashString)/2 ; i++)
        sscanf(hashString + 2*i, "%02x", (unsigned int *) &bytearray[i]);
    digest = HMAC(EVP_sha256(), bytearray, strlen((const char *)bytearray), (unsigned char*)data, strlen(data), NULL, NULL);
    printf("  should be: e811cc78009ad7918504aca1ff987199285352a6fabd1063d6d1a938ac673dbf\n");
    printf("HMAC digest: ");
    for(i = 0; i < SHA256_DIGEST_LENGTH; i++)
         printf("%02x",(unsigned int)digest[i]);
    printf("\n");
//This doesn't
    printf("echo -n s3|openssl dgst -sha256 -mac HMAC -macopt hexkey:e811cc78009ad7918504aca1ff987199285352a6fabd1063d6d1a938ac673dbf\n");
    strcpy(hashString,"e811cc78009ad7918504aca1ff987199285352a6fabd1063d6d1a938ac673dbf");
    strcpy(data, "s3");
    for (i = 0; i < strlen(hashString)/2 ; i++)
        sscanf(hashString + 2*i, "%02x", (unsigned int *) &bytearray[i]);
    digest = HMAC(EVP_sha256(), bytearray, strlen((const char *)bytearray), (unsigned char*)data, strlen(data), NULL, NULL);
    printf("  should be: f405cc5d87cd57f8130decb58108ac0ae5a0bccb97e40729f9ace287d4ee054d\n");
    printf("HMAC digest: ");
    for(i = 0; i < SHA256_DIGEST_LENGTH; i++)
         printf("%02x",(unsigned int)digest[i]);
    printf("\n");

Answer 1

这是一个清理后的版本，可以避免原始版本中的所有未定义行为和内存泄漏，从而生成预期的哈希：

#include <assert.h>
#include <openssl/evp.h>
#include <openssl/hmac.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>

void print_hmac(const char *hexkey, const char *data) {
  unsigned char digest[EVP_MAX_MD_SIZE];
  unsigned int digest_len;

  int hexkey_len = strlen(hexkey);
  assert(hexkey_len % 2 == 0); // Must be even

  int key_len = hexkey_len / 2;
  unsigned char *key = malloc(key_len);
  assert(key != NULL);

  for (int i = 0; i < key_len; i++) {
    int n = sscanf(hexkey + 2 * i, "%2hhx", key + i);
    assert(n == 1);
  }

  HMAC(EVP_sha256(), key, key_len, (const unsigned char *)data, strlen(data),
       digest, &digest_len);

  fputs("HMAC digest: ", stdout);
  for (unsigned int i = 0; i < digest_len; i++) {
    printf("%02hhx", digest[i]);
  }
  putchar('\n');
  free(key);
}

int main(void) {
  char hashString[100];

  puts("echo -n us-east-1|openssl dgst -sha256 -mac HMAC -macopt "
       "hexkey:"
       "b098ff9a24e0573d9e0f952963d0725c4e9c7566ebb3713bf8e0707d43146822");
  puts("  should be: "
       "e811cc78009ad7918504aca1ff987199285352a6fabd1063d6d1a938ac673dbf");
  strcpy(hashString,
         "b098ff9a24e0573d9e0f952963d0725c4e9c7566ebb3713bf8e0707d43146822");
  print_hmac(hashString, "us-east-1");

  puts("echo -n s3|openssl dgst -sha256 -mac HMAC -macopt "
       "hexkey:"
       "e811cc78009ad7918504aca1ff987199285352a6fabd1063d6d1a938ac673dbf");
  puts("  should be: "
       "f405cc5d87cd57f8130decb58108ac0ae5a0bccb97e40729f9ace287d4ee054d");
  strcpy(hashString,
         "e811cc78009ad7918504aca1ff987199285352a6fabd1063d6d1a938ac673dbf");
  print_hmac(hashString, "s3");

  return 0;
}