如何通过 PKCS5_PBKDF2_HMAC 和 hash_hmac 在 C 和 php 中获得相同的输出

【问题标题】:How to get the same output in C and php via PKCS5_PBKDF2_HMAC and hash_hmac如何通过 PKCS5_PBKDF2_HMAC 和 hash_hmac 在 C 和 php 中获得相同的输出
【发布时间】:2015-06-27 15:34:03
【问题描述】:

我正在尝试在 C 中复制一个散列函数以用于现有的散列和盐数据库。但是,一旦我减少了 PHP 获取 sha256 哈希的方式以及 c 获取哈希的方式,我就无法获得相同的哈希值。

我已经查看了很多在 C 中获取相同哈希的方法,但我无法完全弄清楚 C 代码有什么问题。 C 代码有效,但输出不一样。

这是我的 PHP 代码的基础,它需要密码并使用单个空格作为盐,其余代码只是可视化并查看输出:

<?php
$salt = ' ';
$password = 'password';
$temp1 = hash_hmac('sha256', $salt, $password, true);


echo "======================\r\n<br>";
echo "password  [${password}]\r\n<br>";
echo "salt          [${salt}]\r\n<br>";
echo "======================\r\n<br>";
    echo gettype($temp1) . "\r\n<br>";
    echo "each char as dechex(ord(x))\r\n<br>";
    for ($i = 0; $i < strlen($temp1); ++$i) {
        $x = dechex(ord($temp1[$i]));
        echo "[$x] ";
    }

echo "-------------------------\r\n<br>";
    echo "base64_encode\r\n<br>";
echo base64_encode($temp1)."\r\n<br>"; ?>

和输出

====================== 
password    [password] 
salt    [ ] 
====================== 
string 
each char as dechex(ord(x)) 
[52] [33] [c] [6b] [2f] [b6] [22] [cd] [bb] [73] [93] [c2] [5c] [be] [6c] [f4] [d3] [a6] [26] [cc] [ef] [aa] [9] [5e] [e0] [93] [33] [8] [83] [8d] [9] [63] ------------------------- 
base64_encode 
UjMMay+2Is27c5PCXL5s9NOmJszvqgle4JMzCIONCWM=

我正在使用的 C,这是我能找到的最简单的示例。我只是想获得相同的哈希输出。它不必使用这种方法。我还包括了我正在使用的 base64 包含函数以防万一:

    #include <string.h>
#include <stdio.h>
#include <openssl/evp.h>
#include <openssl/sha.h>
#include <openssl/pem.h>
#include <openssl/hmac.h>
#define PBKDF2_DIGEST_LENGTH        SHA256_DIGEST_LENGTH
#define PBKDF2_SALT_PREFIX          ""
#define PBKDF2_SALT_PREFIX_LENGTH   strlen(PBKDF2_SALT_PREFIX)
#define PBKDF2_PRF_ALGORITHM_OLD        EVP_sha512()
#define PBKDF2_DIGEST_LENGTH_OLD       SHA512_DIGEST_LENGTH
#define PBKDF2_SALT_LENGTH          32
#define PBKDF2_RESULT_LENGTH        PBKDF2_SALT_PREFIX_LENGTH + (2 * PBKDF2_DIGEST_LENGTH) + PBKDF2_SALT_LENGTH + 2
#define PBKDF2_ROUNDS               1000


#define PBKDF2_PRF_ALGORITHM        EVP_sha256()


char *base64encode (const void *b64_encode_this, int encode_this_many_bytes){
    BIO *b64_bio, *mem_bio;      //Declares two OpenSSL BIOs: a base64 filter and a memory BIO.
    BUF_MEM *mem_bio_mem_ptr;    //Pointer to a "memory BIO" structure holding our base64 data.
    b64_bio = BIO_new(BIO_f_base64());                      //Initialize our base64 filter BIO.
    mem_bio = BIO_new(BIO_s_mem());                           //Initialize our memory sink BIO.
    BIO_push(b64_bio, mem_bio);            //Link the BIOs by creating a filter-sink BIO chain.
    BIO_set_flags(b64_bio, BIO_FLAGS_BASE64_NO_NL);  //No newlines every 64 characters or less.
    BIO_write(b64_bio, b64_encode_this, encode_this_many_bytes); //Records base64 encoded data.
    BIO_flush(b64_bio);   //Flush data.  Necessary for b64 encoding, because of pad characters.
    BIO_get_mem_ptr(mem_bio, &mem_bio_mem_ptr);  //Store address of mem_bio's memory structure.
    BIO_set_close(mem_bio, BIO_NOCLOSE);   //Permit access to mem_ptr after BIOs are destroyed.
    BIO_free_all(b64_bio);  //Destroys all BIOs in chain, starting with b64 (i.e. the 1st one).
    BUF_MEM_grow(mem_bio_mem_ptr, (*mem_bio_mem_ptr).length + 1);   //Makes space for end null.
    (*mem_bio_mem_ptr).data[(*mem_bio_mem_ptr).length] = '\0';  //Adds null-terminator to tail.
    return (*mem_bio_mem_ptr).data; //Returns base-64 encoded data. (See: "buf_mem_st" struct).
}

int main(void)
{
    static unsigned char hb[PBKDF2_DIGEST_LENGTH];
    static unsigned char hashBlock[PBKDF2_DIGEST_LENGTH];

    char *password = "password";
    char *salt = " ";
    int passes = 1;


    PKCS5_PBKDF2_HMAC(password, strlen(password), salt, strlen(salt) , passes, PBKDF2_PRF_ALGORITHM, PBKDF2_DIGEST_LENGTH, hb);

    unsigned int i = 0;
    printf("printf hex\n");
    while(i<32)
    {
        printf("[%x] ",  hb[i]);
        ++i;
    }
    printf("\n\n");
    printf("base-64 encode\n");
    printf("%s \n", base64encode(hb, 32));

    return 0;
}

C产生的输出,基本上是为了可视化输出:

    ./pbkdf2_hack
printf hex
[f8] [8b] [fe] [58] [64] [f8] [a] [ef] [c0] [da] [b2] [97] [42] [ce] [b3] [83] [67] [85] [a5] [f2] [c8] [94] [7b] [2d] [82] [5d] [8a] [a5] [c0] [46] [9a] [24]

base-64 encode
+Iv+WGT4Cu/A2rKXQs6zg2eFpfLIlHstgl2KpcBGmiQ=

编译,以防这里需要有所不同:

gcc pbkdf2_example.c -lcrypto -o pbkdf2_example

【问题讨论】:

    标签: php c hash sha256


    【解决方案1】:

    通过尝试各种组合,我找到了更新哈希的正确方法。 我并没有真正搜索文档,所以这可能是我的错。 我发布此内容是希望有人不会像我一样感到沮丧。

    #include <string.h>
#include <stdio.h>
#include <openssl/evp.h>
#include <openssl/sha.h>
#include <openssl/pem.h>
#include <openssl/hmac.h>
#define PBKDF2_DIGEST_LENGTH        SHA256_DIGEST_LENGTH
#define PBKDF2_DIGEST_LENGTH_OLD       SHA512_DIGEST_LENGTH
#define PBKDF2_ROUNDS               1000
#define PBKDF2_PRF_ALGORITHM        EVP_sha256()

void PBKDF2_HMAC_SHA_256(const char* pass, const unsigned char* salt, int iterations, unsigned char outputbytes, char* HexResult)
{
    unsigned int i;
    unsigned char digest[outputbytes];
    PKCS5_PBKDF2_HMAC(pass, strlen(pass), salt, strlen(salt), 1, EVP_sha256(), outputbytes, digest);
    for (i = 0; i < sizeof(digest); i++)
       sprintf(HexResult + (i * 2), "%02x", 255 & digest[i]);
}

char *base64encode (const void *b64_encode_this, int encode_this_many_bytes){
    BIO *b64_bio, *mem_bio;      //Declares two OpenSSL BIOs: a base64 filter and a memory BIO.
    BUF_MEM *mem_bio_mem_ptr;    //Pointer to a "memory BIO" structure holding our base64 data.
    b64_bio = BIO_new(BIO_f_base64());                      //Initialize our base64 filter BIO.
    mem_bio = BIO_new(BIO_s_mem());                           //Initialize our memory sink BIO.
    BIO_push(b64_bio, mem_bio);            //Link the BIOs by creating a filter-sink BIO chain.
    BIO_set_flags(b64_bio, BIO_FLAGS_BASE64_NO_NL);  //No newlines every 64 characters or less.
    BIO_write(b64_bio, b64_encode_this, encode_this_many_bytes); //Records base64 encoded data.
    BIO_flush(b64_bio);   //Flush data.  Necessary for b64 encoding, because of pad characters.
    BIO_get_mem_ptr(mem_bio, &mem_bio_mem_ptr);  //Store address of mem_bio's memory structure.
    BIO_set_close(mem_bio, BIO_NOCLOSE);   //Permit access to mem_ptr after BIOs are destroyed.
    BIO_free_all(b64_bio);  //Destroys all BIOs in chain, starting with b64 (i.e. the 1st one).
    BUF_MEM_grow(mem_bio_mem_ptr, (*mem_bio_mem_ptr).length + 1);   //Makes space for end null.
    (*mem_bio_mem_ptr).data[(*mem_bio_mem_ptr).length] = '\0';  //Adds null-terminator to tail.
    return (*mem_bio_mem_ptr).data; //Returns base-64 encoded data. (See: "buf_mem_st" struct).
}

/*
    const * , not changing the value or pointer

*/
void DisplayItem(const unsigned char *hb, const char *title) {

    unsigned int i = 0;
    printf("printf hex\n");
    while(i<32)
    {
        printf("[%x] ",  hb[i]);
        ++i;
    }
    printf("base-64 encode %s\n", title);
    printf("%s \n", base64encode(hb, 32));
    printf("\n\n");

}

int main(void)
{
    static unsigned char hb[PBKDF2_DIGEST_LENGTH];
    static unsigned char hashBlock[PBKDF2_DIGEST_LENGTH];
    unsigned char finalBlock[PBKDF2_DIGEST_LENGTH];
    SHA256_CTX ctx;
    HMAC_CTX hmac_ctx;

    char* title = "";
    unsigned char *password = "password";
    unsigned char *salt = " ";
    int passes = 1;

    memset(hb, 0, PBKDF2_DIGEST_LENGTH);
    HMAC_Init(&hmac_ctx, password, strlen(password), PBKDF2_PRF_ALGORITHM);
    HMAC_Update(&hmac_ctx, salt, strlen(salt));
    HMAC_Final(&hmac_ctx, hb, NULL);
    DisplayItem(hb, "HMAC_CTX pass salt - correct working setup");

    memset(hb, 0, PBKDF2_DIGEST_LENGTH);
    SHA256_Init(&ctx);
    SHA256_Update(&ctx, salt, strlen(salt));
    SHA256_Update(&ctx, password, strlen(password));
    SHA256_Final(hb, &ctx);
    DisplayItem(hb, "SHA256_CTX salt pass");


    memset(hb, 0, PBKDF2_DIGEST_LENGTH);
    SHA256_Init(&ctx);
    SHA256_Update(&ctx, password, strlen(password));
    SHA256_Update(&ctx, salt, strlen(salt));
    SHA256_Final(hb, &ctx);
    DisplayItem(hb, "SHA256_CTX  pass salt");

    memset(hb, 0, PBKDF2_DIGEST_LENGTH);
    HMAC_Init(&hmac_ctx, salt, strlen(salt), PBKDF2_PRF_ALGORITHM);
    HMAC_Update(&hmac_ctx, password, strlen(password));
    HMAC_Final(&hmac_ctx, hb, NULL);
    DisplayItem(hb, "HMAC_CTX salt pass");


    memset(hb, 0, PBKDF2_DIGEST_LENGTH);
    PKCS5_PBKDF2_HMAC(password, strlen(password), salt, strlen(salt), 1, PBKDF2_PRF_ALGORITHM, PBKDF2_DIGEST_LENGTH, hb);
    DisplayItem(hb, "PKCS5_PBKDF2_HMAC pass salt");

    memset(hb, 0, PBKDF2_DIGEST_LENGTH);
    PKCS5_PBKDF2_HMAC(salt, strlen(salt), password, strlen(password), 1, PBKDF2_PRF_ALGORITHM, PBKDF2_DIGEST_LENGTH, hb);
    DisplayItem(hb, "PKCS5_PBKDF2_HMAC salt pass");
    /*
    char *outputfoo[PBKDF2_DIGEST_LENGTH];
    memset(outputfoo, 0, PBKDF2_DIGEST_LENGTH);
    PBKDF2_HMAC_SHA_256(password, salt, 1, hb, outputfoo);
    printf("xxxxxx    %s \n", outputfoo);
    */



    return 0;
}

    【讨论】:

      猜你喜欢
      • 1970-01-01
      • 2014-01-11
      • 2017-10-03
      • 1970-01-01
      • 1970-01-01
      • 1970-01-01
      • 1970-01-01
      • 1970-01-01
      • 1970-01-01
      相关资源
      最近更新 更多
      热门标签
      Java Python linux javascript Mysql C# Docker 算法 前端 SpringBoot Redis Vue spring 设计模式 .net core .net kubernetes c++ 数据库 数据结构 大数据 js 机器学习 微服务 Android Go 程序员 面试 JVM ASP.net core 云原生 人工智能 后端 PHP git CSS golang k8s Nginx Django mybatis 深度学习 多线程 React 架构 devops 爬虫 云计算 Spring Boot LeetCode