how to use message authentication code with Crypto++ as described in FAQ?

Hey there,

I am trying to figure out how to use the message authentication code
for cryptopp.

Based on reading the FAQ I have come up with this code to try and
produce a digest for this test vector:

test_case =     1
key =           0x0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b
key_len =       16
data =          "Hi There"
data_len =      8
digest =        0x9294727a3638bb1c13f48ef8158bfc9d


However I have some errors.

It looks simple enough to implement but my programming is pretty
rubbish so if you could help me out with what needs to be done to get
an output for a digest that would be great.

Am confused that the digest is needed to be declared as I thought that
was the result not an input.

Thanks for any help!


Here is my code implementing HMAC-SHA1 (similar to the code in the
FAQ)

#include "sha.h"
#include "hmac.h"


int main()
{


HMAC<SHA >(const byte* key = 0x0b, size_t length= 20)).CalculateDigest
(byte *digest, const byte *input = "Hi there", size_t length= 64)


}

Here is my makefile:

CC=g++

authentication:auth.o hmac.o sha.o

        $(CC) auth.o hmac1.o sha.o -o authentication

auth.o: auth.cpp hmac.h sha.h

        $(CC) -c auth.cpp

sha.o: sha.cpp sha.h

        $(CC) -c sha.cpp

hmac.o: hmac.cpp hmac.h

        $(CC) -c hmac.cpp

And here is my error message:

g++ -c auth.cpp
In file included from sha.h:4,
                 from auth.cpp:1:
iterhash.h: In member function ‘void
CryptoPP::IteratedHashWithStaticTransform<T, B, S,
M>::vTransform(const T*)’:
iterhash.h:84: error: ‘m_digest’ was not declared in this scope
iterhash.h: In member function ‘void CryptoPP::IteratedHashBase2<T, B,
BASE>::TruncatedFinal(byte*, unsigned int)’:
iterhash.h:92: error: there are no arguments to
‘ThrowIfInvalidTruncatedSize’ that depend on a template parameter, so
a declaration of ‘ThrowIfInvalidTruncatedSize’ must be available
iterhash.h:92: error: (if you use ‘-fpermissive’, G++ will accept your
code, but allowing the use of an undeclared name is deprecated)
iterhash.h:94: error: there are no arguments to ‘BlockSize’ that
depend on a template parameter, so a declaration of ‘BlockSize’ must
be available
iterhash.h:95: error: ‘m_data’ was not declared in this scope
iterhash.h:95: error: there are no arguments to ‘BlockSize’ that
depend on a template parameter, so a declaration of ‘BlockSize’ must
be available
iterhash.h:97: error: there are no arguments to ‘GetBitCountHi’ that
depend on a template parameter, so a declaration of ‘GetBitCountHi’
must be available
iterhash.h:97: error: there are no arguments to ‘GetBitCountLo’ that
depend on a template parameter, so a declaration of ‘GetBitCountLo’
must be available
iterhash.h:98: error: there are no arguments to ‘GetBitCountLo’ that
depend on a template parameter, so a declaration of ‘GetBitCountLo’
must be available
iterhash.h:98: error: there are no arguments to ‘GetBitCountHi’ that
depend on a template parameter, so a declaration of ‘GetBitCountHi’
must be available
iterhash.h:101: error: ‘m_digest’ was not declared in this scope
iterhash.h:101: error: there are no arguments to ‘DigestSize’ that
depend on a template parameter, so a declaration of ‘DigestSize’ must
be available
iterhash.h:104: error: there are no arguments to ‘Restart’ that depend
on a template parameter, so a declaration of ‘Restart’ must be
available
iterhash.h: In member function ‘void CryptoPP::IteratedHashBase2<T, B,
BASE>::HashBlock(const typename CryptoPP::IteratedHashBase<T,
BASE>::HashWordType*)’:
iterhash.h:113: error: ‘m_data’ was not declared in this scope
iterhash.h:113: error: there are no arguments to ‘BlockSize’ that
depend on a template parameter, so a declaration of ‘BlockSize’ must
be available
In file included from seckey.h:10,
                 from hmac.h:6,
                 from auth.cpp:2:
simple.h: In member function ‘bool
CryptoPP::Unflushable<T>::Flush(bool, int, bool)’:
simple.h:71: error: ‘NULL_CHANNEL’ was not declared in this scope
simple.h: In member function ‘bool
CryptoPP::Unflushable<T>::ChannelFlush(const std::string&, bool, int,
bool)’:
simple.h:80: error: there are no arguments to ‘AttachedTransformation’
that depend on a template parameter, so a declaration of
‘AttachedTransformation’ must be available
simple.h: In member function ‘void
CryptoPP::Multichannel<T>::Initialize(const CryptoPP::NameValuePairs&,
int)’:
simple.h:134: error: ‘NULL_CHANNEL’ was not declared in this scope
simple.h: In member function ‘bool
CryptoPP::Multichannel<T>::Flush(bool, int, bool)’:
simple.h:136: error: ‘NULL_CHANNEL’ was not declared in this scope
simple.h: In member function ‘void
CryptoPP::Multichannel<T>::MessageSeriesEnd(int)’:
simple.h:138: error: ‘NULL_CHANNEL’ was not declared in this scope
simple.h:138: error: there are no arguments to
‘ChannelMessageSeriesEnd’ that depend on a template parameter, so a
declaration of ‘ChannelMessageSeriesEnd’ must be available
simple.h: In member function ‘byte*
CryptoPP::Multichannel<T>::CreatePutSpace(unsigned int&)’:
simple.h:140: error: ‘NULL_CHANNEL’ was not declared in this scope
simple.h: In member function ‘unsigned int
CryptoPP::Multichannel<T>::Put2(const byte*, unsigned int, int,
bool)’:
simple.h:142: error: ‘NULL_CHANNEL’ was not declared in this scope
simple.h: In member function ‘unsigned int
CryptoPP::Multichannel<T>::PutModifiable2(byte*, byte*, int, bool)’:
simple.h:144: error: ‘NULL_CHANNEL’ was not declared in this scope
simple.h:144: error: there are no arguments to ‘ChannelPutModifiable2’
that depend on a template parameter, so a declaration of
‘ChannelPutModifiable2’ must be available
simple.h: In member function ‘bool
CryptoPP::Multichannel<T>::ChannelPutModifiable(const std::string&,
byte*, unsigned int)’:
simple.h:151: error: there are no arguments to ‘ChannelPut’ that
depend on a template parameter, so a declaration of ‘ChannelPut’ must
be available
In file included from hmac.h:6,
                 from auth.cpp:2:
seckey.h: In member function ‘unsigned int
CryptoPP::BlockCipherBaseTemplate<INFO, INTERFACE>::BlockSize()
const’:
seckey.h:159: error: ‘BLOCKSIZE’ was not declared in this scope
seckey.h: In constructor ‘CryptoPP::BlockCipherTemplate<DIR,
BASE>::BlockCipherTemplate(const byte*)’:
seckey.h:169: error: ‘DEFAULT_KEYLENGTH’ was not declared in this
scope
seckey.h: In constructor ‘CryptoPP::BlockCipherTemplate<DIR,
BASE>::BlockCipherTemplate(const byte*, unsigned int, unsigned int)’:
seckey.h:173: error: there are no arguments to ‘SetKeyWithRounds’ that
depend on a template parameter, so a declaration of ‘SetKeyWithRounds’
must be available
seckey.h: In constructor
‘CryptoPP::MessageAuthenticationCodeTemplate<BASE>::MessageAuthenticationCodeTemplate(const
byte*)’:
seckey.h:197: error: ‘DEFAULT_KEYLENGTH’ was not declared in this
scope
seckey.h: In member function ‘std::string
CryptoPP::MessageAuthenticationCodeTemplate<BASE>::AlgorithmName()
const’:
seckey.h:201: error: there are no arguments to ‘StaticAlgorithmName’
that depend on a template parameter, so a declaration of
‘StaticAlgorithmName’ must be available
In file included from auth.cpp:2:
hmac.h: In constructor ‘CryptoPP::HMAC<T>::HMAC(const byte*, unsigned
int)’:
hmac.h:47: error: there are no arguments to ‘SetKey’ that depend on a
template parameter, so a declaration of ‘SetKey’ must be available
auth.cpp: In function ‘int main()’:
auth.cpp:9: error: ‘HMAC’ was not declared in this scope
auth.cpp:9: error: ‘SHA’ was not declared in this scope
auth.cpp:9: error: expected primary-expression before ‘const’
auth.cpp:9: error: expected `)' before ‘const’
auth.cpp:13: error: expected `;' before ‘}’ token
make: *** [auth.o] Error 1



--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the "Crypto++ Users" Google Group.
To unsubscribe, send an email to cryptopp-users-unsubscribe@....
More information about Crypto++ and this group is available at http://www.cryptopp.com.
-~----------~----~----~----~------~----~------~--~---

Hi Adam,

Wei calcualtes a HMAC in test.cpp. Take a quick look at function
HmacFile(...) at line 485. Since you are using a string ('Hi There'),
declare it as a std::string instead of a byte[]. Then use a
StringSource rather than a FileSource.

Jeff

On Thu, Jun 5, 2008 at 7:16 PM, Adam Harding <adam.harding2@...> wrote:
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the "Crypto++ Users" Google Group.
To unsubscribe, send an email to cryptopp-users-unsubscribe@....
More information about Crypto++ and this group is available at http://www.cryptopp.com.
-~----------~----~----~----~------~----~------~--~---

Thanks for reply.

I have been looking at the HMAC-SHA test function in .cpp. But how do
I go about actually using this piece of code to compute and then print
a digest? Cant seem to figure it out.

Many thanks.

On Jun 6, 12:42 am, "Jeffrey Walton" <noloa...@...> wrote: --~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the "Crypto++ Users" Google Group.
To unsubscribe, send an email to cryptopp-users-unsubscribe@....
More information about Crypto++ and this group is available at http://www.cryptopp.com.
-~----------~----~----~----~------~----~------~--~---

Hi Adam,

A MAC is a keyed digest. It does not offer confidentiality - only
authentication.

Jeff

#include "sha.h"
using CryptoPP::SHA1;
#include "hmac.h"
using CryptoPP::HMAC;

#include <string>
using std::string;

int main(int argc, char* argv[])
{
    byte key [ HMAC<SHA1>::DIGESTSIZE ];
    byte digest [ HMAC<SHA1>::DIGESTSIZE ];
    memset( key, 0, sizeof(key) );

    HMAC<SHA1> hmac( key, sizeof(key ) );
    string plain = "Hello World", mac;

    hmac.Update( (byte*)plain.c_str(), plain.size() );
    hmac.Final( digest );

    // Wrap in a string for convenience
    mac = string( (char*)digest, sizeof(digest ) );

    /* ======================================== *\
    \* ======================================== */

    HMAC<SHA1> verifier( key, sizeof(key) );
    bool b = false;

    // b: true
    b = verifier.VerifyDigest( digest,
        (byte*)plain.c_str(), plain.size() );

    // b: true
    verifier.Restart();
    b = verifier.VerifyDigest( (byte*)mac.c_str(),
        (byte*)plain.c_str(), plain.size() );

    // b: false
    verifier.Restart();
    plain = "hello world";
    b = verifier.VerifyDigest( (byte*)mac.c_str(),
        (byte*)plain.c_str(), plain.size() );

    return 0;
}


On Mon, Jun 9, 2008 at 5:57 PM, Adam Harding <adam.harding2@...> wrote:
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the "Crypto++ Users" Google Group.
To unsubscribe, send an email to cryptopp-users-unsubscribe@....
More information about Crypto++ and this group is available at http://www.cryptopp.com.
-~----------~----~----~----~------~----~------~--~---

Hey,

Basically am just trying to implement the MAC field in a packet header
for authentication. Is the digest the result of the calculation on the
data? I am just trying to find a way of calculating the MAC and then
printing it so I can see I have a result...and then getting the
receiver to do the same calculation and see if they match up in order
to authenticate the data (ie it has not been changed)...is that the
way to go?

Since my programming is not great am just trying to find some example
code that I can use HMAC-SHA for to perform the calculation on some
test data, see it works by a printf and then adapt this to implement
by code.

I tried implementing the code you gave me in a file called auth.cpp
and used this makefile to try and put it all together:

CC=g++

authentication: auth.o   hmac.o  sha.o

        $(CC) auth.o hmac.o sha.o -o authentication

auth.o: auth.cpp hmac.h sha.h

        $(CC) -c auth.cpp

sha.o: sha.cpp sha.h

        $(CC) -c sha.cpp

hmac.o: hmac.cpp hmac.h

        $(CC) -c hmac.cpp


 but got this error:

auth.cpp:
(.text._ZN8CryptoPP21SimpleKeyingInterfaceC2Ev[CryptoPP::SimpleKeyingInterface::SimpleKeyingInterface()]
+0x4): undefined reference to `vtable for
CryptoPP::SimpleKeyingInterface'
auth.o: In function `CryptoPP::SecBlock<unsigned char,
CryptoPP::AllocatorWithCleanup<unsigned char, false>
>::SecBlock(unsigned int)':
auth.cpp:
(.text._ZN8CryptoPP8SecBlockIhNS_20AllocatorWithCleanupIhLb0EEEEC1Ej[CryptoPP::SecBlock<unsigned
char, CryptoPP::AllocatorWithCleanup<unsigned char, false>
>::SecBlock(unsigned int)]+0x25): undefined reference to
`CryptoPP::AllocatorWithCleanup<unsigned char,
false>::allocate(unsigned int, void const*)'
auth.o: In function `CryptoPP::SecBlock<unsigned char,
CryptoPP::AllocatorWithCleanup<unsigned char, false> >::~SecBlock()':
auth.cpp:
(.text._ZN8CryptoPP8SecBlockIhNS_20AllocatorWithCleanupIhLb0EEEED1Ev[CryptoPP::SecBlock<unsigned
char, CryptoPP::AllocatorWithCleanup<unsigned char, false>
>::~SecBlock()]+0x21): undefined reference to
`CryptoPP::AllocatorWithCleanup<unsigned char,
false>::deallocate(void*, unsigned int)'
auth.o: In function
`CryptoPP::HashTransformation::HashTransformation(CryptoPP::HashTransformation
const&)':
auth.cpp:
(.text._ZN8CryptoPP18HashTransformationC2ERKS0_[CryptoPP::HashTransformation::HashTransformation(CryptoPP::HashTransformation
const&)]+0x19): undefined reference to `vtable for
CryptoPP::HashTransformation'
auth.o: In function `CryptoPP::IteratedHashBase<unsigned int,
CryptoPP::HashTransformation>::IteratedHashBase(CryptoPP::IteratedHashBase<unsigned
int, CryptoPP::HashTransformation> const&)':
auth.cpp:
(.text._ZN8CryptoPP16IteratedHashBaseIjNS_18HashTransformationEEC2ERKS2_[CryptoPP::IteratedHashBase<unsigned
int, CryptoPP::HashTransformation>::Iterat
....etc.....

Thanks for your help.

--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the "Crypto++ Users" Google Group.
To unsubscribe, send an email to cryptopp-users-unsubscribe@....
More information about Crypto++ and this group is available at http://www.cryptopp.com.
-~----------~----~----~----~------~----~------~--~---

Hi Adam,

> Basically am just trying to implement the MAC field in a packet header
> for authentication. Is the digest the result of the calculation on the
> data?
What to MAC and how to MAC it depends on your protocol. I presume it
is TLS or IPSec? Unfortunately, I have not looked at the standard(s)
lately, so I can't say what you should do.

> I am just trying to find a way of calculating the MAC
You now have the code.

> and then printing it so I can see I have a result
Add the following after including "hex.h":

string encoded;
StringSource( mac, true,
    new HexEncoder(  new StringSink( encoded ),
        true,   // uppercase
        2       // grouping size
    )
);

> I tried implementing the code you gave me in a file called auth.cpp
> and used this makefile to try and put it all together:
I haven't seen Tux in quite some time, but I believe you need to
include the library as an arument to gcc. I think it is -lcryptlib.a

Jeff

On Mon, Jun 9, 2008 at 8:24 PM, Adam Harding <adam.harding2@...> wrote:
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the "Crypto++ Users" Google Group.
To unsubscribe, send an email to cryptopp-users-unsubscribe@....
More information about Crypto++ and this group is available at http://www.cryptopp.com.
-~----------~----~----~----~------~----~------~--~---

Hi Jeff,

Thanks alot for your help. Really appreciate it.

Yeah I think the actual code is fine but just think I have compiled
the cryptopp library incorrectly or using the wrong gcc command when
it comes to running it on my computer. Hopefully will get it working
in the lab though.

Could you please quickly explain a few things about the code you gave
me to make sure I understand it?

Does the key need to be entered into the code before a calculation can
be made? How would I go about that if i wanted to hard code it in?
Is the string "hello world" the data to be hashed?
Where abouts should I add that code to print the result?
Is the variable mac the variable that holds the result of the mac
calculation? And therefore it is mac that is compared at the receiver
to verify for authentication?
What do the verifier pieces of code do and how do they work?

Cheers,

Adam.

On Jun 10, 1:45 am, "Jeffrey Walton" <noloa...@...> wrote: --~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the "Crypto++ Users" Google Group.
To unsubscribe, send an email to cryptopp-users-unsubscribe@....
More information about Crypto++ and this group is available at http://www.cryptopp.com.
-~----------~----~----~----~------~----~------~--~---

Hi Adam,

> Yeah I think the actual code is fine
It is. I ran it. Every now and agian I get lazy and shoot from the
hip, but not this time.

> Does the key need to be entered into the code before a calculation can
> be made?
Yes. It is a keyed hash. See [1] and [2].

> How would I go about that if i wanted to hard code it in?
Initialize the byte array key[] to the agreed upon value.

> Is the string "hello world" the data to be hashed?
Yes. It can be any data. Crypto++ is bytes/bytes out. Just present
your data as a byte*.

> Where abouts should I add that code to print the result?
It can be dumped after the mac is calculated. It would not make sense
to dump it before the mac is calculated.

string encoded;
StringSource( mac, true,
    new HexEncoder(  new StringSink( encoded ),
        true,   // uppercase
        2       // grouping size
    )
);

cout << encoded << endl;

Or, you could use a printf string:

printf("%02X %02X ... %02X %02X", digest[0], digest[1]...);

> Is the variable mac the variable that holds the result of
> the mac calculation?
Yes.

> And therefore it is mac that is compared at the receiver
> to verify for authentication?
Yes.

> What do the verifier pieces of code do and how do they work?
The concept is the same as a digital signature. One side generates a
signature on the message, the other verifies the signature. I placed
it in one program separating the roles with the comment/equal signs.

Jeff

[1] http://en.wikipedia.org/wiki/HMAC
[2] http://www.codeproject.com/KB/security/BlockCiphers.aspx
On Tue, Jun 10, 2008 at 11:20 AM, Adam Harding
<adam.harding2@...> wrote:
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the "Crypto++ Users" Google Group.
To unsubscribe, send an email to cryptopp-users-unsubscribe@....
More information about Crypto++ and this group is available at http://www.cryptopp.com.
-~----------~----~----~----~------~----~------~--~---

Got it working now and printing out the result with the printf
function so really happy with that! Thankyou.

I could not get it working with the String Source bit though. I
included #include "hex.h but got these errors:

auth.cpp: In function ‘int main(int, char**)’:
auth.cpp:32: error: expected type-specifier before ‘HexEncoder’
auth.cpp:32: error: expected `)' before ‘HexEncoder’
auth.cpp:32: error: ‘StringSource’ was not declared in this scope


And lastly just want to just use some of the RFC test cases, so just a
few question on that and that should be it really!

Here are  two test cases:

test_case =     1
key =           0x0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b
key_len =       20
data =          "Hi There"
data_len =      8
digest =        0xb617318655057264e28bc0b6fb378c8ef146be00

test_case =     2
key =           "Jefe"
key_len =       4
data =          "what do ya want for nothing?"
data_len =      28
digest =        0xeffcdf6ae5eb2fa2d27416d5f184df9c259a7c79


So is the "digest =" the result I should also be getting from my mac
print out if I use the same key and data?

With the first test case I copied in the full key

byte key [ HMAC<SHA1>::DIGESTSIZE ] =
{0x0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b}; and changed the string
to "Hi There", but it said the key was too long.

On the 2nd test case I did:   byte key [ HMAC<SHA1>::DIGESTSIZE ] =
{"Jefe"};
and changed the string  "what do ya want for nothing?". It compiled
and I got a result but it did not match the digest listed on the test
case.

What other changes would I need to do to use those test cases etc?

Thanks alot.
Adam.

On Jun 10, 5:00 pm, "Jeffrey Walton" <noloa...@...> wrote: --~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the "Crypto++ Users" Google Group.
To unsubscribe, send an email to cryptopp-users-unsubscribe@....
More information about Crypto++ and this group is available at http://www.cryptopp.com.
-~----------~----~----~----~------~----~------~--~---

Hi Adam,

> auth.cpp:32: error: expected type-specifier before 'HexEncoder'
CryptoPP::HexEncoder

> byte key [ HMAC<SHA1>::DIGESTSIZE ] =
> {0x0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b}; and changed the string
> to "Hi There", but it said the key was too long.

You have four choices:
1) You can keep guessing
2) You can examine the Crypto++ source code and retrieve the value
2) You can visit a site that discusses SHA1 and read the length of the digest
4) You can try a sample such as below:
int length = HMAC<SHA1>::DIGESTSIZE;
printf("%d", length);

> What other changes would I need to do to use those test cases etc?
Work on the digest size issue first.

Jeff

On Wed, Jun 11, 2008 at 10:11 AM, Adam Harding
<adam.harding2@...> wrote:
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the "Crypto++ Users" Google Group.
To unsubscribe, send an email to cryptopp-users-unsubscribe@....
More information about Crypto++ and this group is available at http://www.cryptopp.com.
-~----------~----~----~----~------~----~------~--~---