OpenSSL的PRF功能 [英] openssl PRF function
本文介绍了OpenSSL的PRF功能的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!
问题描述
JKJS
我有以下值:
1)客户端随机字节
2)服务器随机字节
3)pre-主密钥
我如何计算使用OpenSSL在C万能钥匙?
有没有在RFC中指定OpenSSL中C库函数的任何PRF为?
我不想使用的功能,如SSL,SSL_CTX等。
我要的是,只要我有三个数字,我想从他们的计算主号码。
感谢你。
解决方案
JKJS
INT master_secret(无符号字符* DEST,INT LEN,unsigned char型* pre_master_secret,INT pms_len,unsigned char型*标签,无符号字符*种子,诠释seed_len)
{/ * DEST:其中主密钥将被保存
LEN:主密钥的所需长度
pre_master_secret:给予pre-主密钥
pms_len:给予pre-主密钥长度
标签:给定的标签被送入PRF
种子:给定的种子要被馈送到PRF
seed_len:给定的种子的长度 最后,我们的功能是analogus到RFC-2246 PRF定义:PRF(秘密,标签,种子)
在这里,秘密= pre-主密钥
标签=标签
种子=种子
* /
EVP_MD * MD5,SHA *;
MD5 = EVP_md5();
沙= EVP_sha(); INT I = 0,J,位置; INT half_secret_len = pms_len / 2 + pms_len%2; unsigned char型md5_secret [half_secret_len] //将pre-主密钥上半年,analogus到S1在RFC-2246
对于(i = 0; I< pms_len / 2 + pms_len%2;我++)
md5_secret [I] = pre_master_secret [I] unsigned char型sha_secret [half_secret_len] //将pre-主密钥的下半年,analogus到S2在RFC-2246 为(ⅰ= pms_len / 2,J =; I&下; pms_len;我+ +)
sha_secret [I-J] = pre_master_secret [I] INT iter_md5 = len个/ 16 +(LEN%16?1:0);
INT iter_sha = len个/ 20 +(LEN%20?1:0);
unsigned char型h_md5 [iter_md5 * 16]。 P_MD5(S1,标签+种子)的RFC-2246 //输出
unsigned char型h_sha [iter_sha * 20]。 P_MD5(S1,标签+种子)的RFC-2246 //输出 INT actual_seed_len = strlen的(标签)+ seed_len;
unsigned char型actual_seed [actual_seed_len] //标签+种子级联 对于(i = 0; I<的strlen(标签);我++)
actual_seed [I] =标签[I]
为(J =; I<的sizeof(actual_seed);我++)
actual_seed [I] =种子[I-J]。 unsigned char型temp_md5 [16]; // A(0),A(1),(2),...在RFC-2246
unsigned char型temp_sha [20]; HMAC(MD5,md5_secret,half_secret_len,actual_seed,actual_seed_len,temp_md5,NULL); //计算A(0),MD5
HMAC(SHA,sha_secret,half_secret_len,actual_seed,actual_seed_len,temp_sha,NULL); //计算A(0),SHA INT temp_md5_seed_len = 16 + actual_seed_len;
unsigned char型md5_seed [temp_md5_seed_len] //一个(ⅰ)+种子根据RFC-2246被馈送到HMAC功能
为(ⅰ= 16,J =; I&下; temp_md5_seed_len;我+ +)
md5_seed [I] = actual_seed [I-J]。 //计算P_MD5()
对于(i = 0; I< iter_md5;我++)
{
位置= I * 16;
为(J = 0; J< 16; J ++)
md5_seed [J] = temp_md5 [J]。
HMAC(MD5,md5_secret,half_secret_len,md5_seed,temp_md5_seed_len,temp_md5,NULL);
为(J = 0; J< 16; J ++)
h_md5 [位置+ J] = temp_md5 [J]。
} INT temp_sha_seed_len = 20 + actual_seed_len;
unsigned char型sha_seed [temp_sha_seed_len] //一个(ⅰ)+种子根据RFC-2246被馈送到HMAC功能
为(ⅰ= 20,J =; I&下; temp_sha_seed_len;我+ +)
sha_seed [I] = actual_seed [I-J]。 //计算P_SHA()
对于(i = 0; I< iter_sha;我++)
{
位置= I * 20;
为(J = 0; J&小于20; J ++)
sha_seed [J] = temp_sha [J]。
HMAC(SHA,sha_secret,half_secret_len,sha_seed,temp_sha_seed_len,temp_sha,NULL);
为(J = 0; J&小于20; J ++)
h_sha [位置+ J] = temp_sha [J]。
} // PRF()= P_MD5()XOR P_SHA()
对于(i = 0; I< LEN,我++)
DEST [I] = h_md5 [I] ^ h_sha [I] 返回1;
}
JKJS
I have following values: 1)client-random bytes 2)server-random bytes 3)pre-master secret
How do I calculate master-key in c using OpenSSL? Is there any function in OpenSSL C library for PRF specified in RFCs?
I don't want to use features like SSL , SSL_CTX etc. What I want is , Just I have three numbers, I want to calculate master-number from them.
Thank You.
解决方案
JKJS
int master_secret(unsigned char *dest,int len,unsigned char *pre_master_secret,int pms_len,unsigned char *label,unsigned char *seed,int seed_len)
{/*dest :where master secret will be stored
len :desired length of master secret
pre_master_secret :given pre-master secret
pms_len :length of given pre-master secret
label :given label to be fed to PRF
seed :given seed to be fed to PRF
seed_len :length of given seed
finally,our function is analogus to RFC-2246 PRF definition:PRF(secret,label,seed)
where, secret=pre-master secret
label=label
seed=seed
*/
EVP_MD *md5,*sha;
md5=EVP_md5();
sha=EVP_sha();
int i=0,j,position;
int half_secret_len=pms_len/2+pms_len%2;
unsigned char md5_secret[half_secret_len]; //first half of the pre-master secret, analogus to S1 in RFC-2246
for(i=0;i<pms_len/2+pms_len%2;i++)
md5_secret[i]=pre_master_secret[i];
unsigned char sha_secret[half_secret_len]; //second half of the pre-master secret, analogus to S2 in RFC-2246
for(i=pms_len/2,j=i;i<pms_len;i++)
sha_secret[i-j]=pre_master_secret[i];
int iter_md5=len/16+(len%16?1:0);
int iter_sha=len/20+(len%20?1:0);
unsigned char h_md5[iter_md5*16]; //output of P_MD5(S1, label + seed) in RFC-2246
unsigned char h_sha[iter_sha*20]; //output of P_MD5(S1, label + seed) in RFC-2246
int actual_seed_len=strlen(label)+seed_len;
unsigned char actual_seed[actual_seed_len]; //label+seed concatenation
for(i=0;i<strlen(label);i++)
actual_seed[i]=label[i];
for(j=i;i<sizeof(actual_seed);i++)
actual_seed[i]=seed[i-j];
unsigned char temp_md5[16]; //A(0),A(1),A(2),... in RFC-2246
unsigned char temp_sha[20];
HMAC(md5,md5_secret,half_secret_len,actual_seed,actual_seed_len,temp_md5,NULL); //calculating A(0) for md5
HMAC(sha,sha_secret,half_secret_len,actual_seed,actual_seed_len,temp_sha,NULL); //calculating A(0) for sha
int temp_md5_seed_len=16+actual_seed_len;
unsigned char md5_seed[temp_md5_seed_len]; //A(i)+seed to be fed to HMAC function according to RFC-2246
for(i=16,j=i;i<temp_md5_seed_len;i++)
md5_seed[i]=actual_seed[i-j];
//calculating P_MD5()
for(i=0;i<iter_md5;i++)
{
position=i*16;
for(j=0;j<16;j++)
md5_seed[j]=temp_md5[j];
HMAC(md5,md5_secret,half_secret_len,md5_seed,temp_md5_seed_len,temp_md5,NULL);
for(j=0;j<16;j++)
h_md5[position+j]=temp_md5[j];
}
int temp_sha_seed_len=20+actual_seed_len;
unsigned char sha_seed[temp_sha_seed_len]; //A(i)+seed to be fed to HMAC function according to RFC-2246
for(i=20,j=i;i<temp_sha_seed_len;i++)
sha_seed[i]=actual_seed[i-j];
//calculating P_SHA()
for(i=0;i<iter_sha;i++)
{
position=i*20;
for(j=0;j<20;j++)
sha_seed[j]=temp_sha[j];
HMAC(sha,sha_secret,half_secret_len,sha_seed,temp_sha_seed_len,temp_sha,NULL);
for(j=0;j<20;j++)
h_sha[position+j]=temp_sha[j];
}
//PRF()=P_MD5() XOR P_SHA()
for(i=0;i<len;i++)
dest[i]=h_md5[i]^h_sha[i];
return 1;
}
这篇关于OpenSSL的PRF功能的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
查看全文