Forum Discussion
Kai_Wilke
Feb 04, 2016MVP
Here is the quick coding...
when RULE_INIT {
set sharedkey "1234"
set crypto_sign [call crypto_sign "hallo world" $sharedkey]
log -noname local0. "HMAC Code is = $crypto_sign"
set crypto_verify [call crypto_verify "hallo world" $sharedkey $crypto_sign]
log -noname local0. "HMAC Code verified = $crypto_verify"
}
proc crypto_sign { message prekey } {
set bsize 64
if { [string length $prekey] > $bsize } {
set key [sha256 $prekey]
} else {
set key $prekey
}
set ipad ""
set opad ""
for { set j 0 }{ $j < [string length $key] }{ incr j }{
binary scan $key @${j}H2 k
set o [expr 0x$k ^ 0x5c]
set i [expr 0x$k ^ 0x36]
append ipad [format %c $i]
append opad [format %c $o]
}
for { }{ $j < $bsize }{ incr j }{
append ipad 6
append opad \\
}
set token [sha256 $opad[sha256 "${ipad}${message}"]]
binary scan $token H* hextoken
return $hextoken
}
proc crypto_verify { message prekey hmac } {
set bsize 64
if { [string length $prekey] > $bsize } {
set key [sha256 $prekey]
} else {
set key $prekey
}
set ipad ""
set opad ""
for { set j 0 }{ $j < [string length $key] }{ incr j }{
binary scan $key @${j}H2 k
set o [expr 0x$k ^ 0x5c]
set i [expr 0x$k ^ 0x36]
append ipad [format %c $i]
append opad [format %c $o]
}
for { }{ $j < $bsize }{ incr j }{
append ipad 6
append opad \\
}
set token [sha256 $opad[sha256 "${ipad}${message}"]]
binary scan $token H* hextoken
if { $hextoken eq $hmac } then {
return 1
} else {
return 0
}
}
Cheers, Kai