Generate HMAC SHA256 hash using key in C++

c++ sha256 hmac

18,088

Solution 1

Sample code:

class SHA256Engine : public Poco::Crypto::DigestEngine
{
public:
    enum
    {
        BLOCK_SIZE = 64,
        DIGEST_SIZE = 32
    };

    SHA256Engine()
            : DigestEngine("SHA256")
    {
    }

};


Poco::HMACEngine<SHA256Engine> hmac{secretKey};
hmac.update(string);

std::cout << "HMACE hex:" << Poco::DigestEngine::digestToHex(hmac.digest()) << std::endl;// lookout difest() calls reset ;)

Sample integration with POCO using cmake install:

mkdir build_poco/
cd build_poco/ && cmake -DCMAKE_BUILD_TYPE=Release -DCMAKE_INSTALL_PREFIX=./install ../poco/

CMakeLists.txt

CMAKE_MINIMUM_REQUIRED(VERSION 3.8)
PROJECT(SamplePoco)

SET(CMAKE_CXX_STANDARD 14)

SET(SOURCE_FILES
        src/main.cpp
        )

SET(_IMPORT_PREFIX lib/build_poco/install)

INCLUDE(lib/build_poco/install/lib/cmake/Poco/PocoFoundationTargets.cmake)
INCLUDE(lib/build_poco/install/lib/cmake/Poco/PocoNetTargets.cmake)
INCLUDE(lib/build_poco/install/lib/cmake/Poco/PocoJSONTargets.cmake)
INCLUDE(lib/build_poco/install/lib/cmake/Poco/PocoXMLTargets.cmake)
INCLUDE(lib/build_poco/install/lib/cmake/Poco/PocoCryptoTargets.cmake)
INCLUDE(lib/build_poco/install/lib/cmake/Poco/PocoUtilTargets.cmake)
INCLUDE(lib/build_poco/install/lib/cmake/Poco/PocoNetSSLTargets.cmake)


ADD_EXECUTABLE(SamplePoco ${SOURCE_FILES})
TARGET_LINK_LIBRARIES(SamplePoco
        Poco::Foundation
        Poco::Crypto
        Poco::Util
        Poco::JSON
        Poco::NetSSL
        )
TARGET_INCLUDE_DIRECTORIES(SamplePoco PUBLIC src/)

Sample implementation used here: https://github.com/gelldur/abucoins-api-cpp

Solution 2

Following is a sample of function to generate SHA256-HMAC using Crypto++

#include <string>
#include <string_view>

#include <cryptopp/filters.h>
using CryptoPP::StringSink;
using CryptoPP::StringSource;
using CryptoPP::HashFilter;

#include <cryptopp/hmac.h>
using CryptoPP::HMAC;

#include <cryptopp/sha.h>
using CryptoPP::SHA256;

std::string CalcHmacSHA256(std::string_view decodedSecretKey, std::string_view request)
{
    // Calculate HMAC
    HMAC<SHA256> hmac(reinterpret_cast<CryptoPP::byte const*>(decodedSecretKey.data()), decodedSecretKey.size());

    std::string calculated_hmac;
    auto sink = std::make_unique<StringSink>(calculated_hmac);

    auto filter = std::make_unique<HashFilter>(hmac, sink.get());
    sink.release();

    StringSource(reinterpret_cast<CryptoPP::byte const*>(request.data()), request.size(), true, filter.get()); // StringSource
    filter.release();

    return calculated_hmac;
}

#include <iostream>

int main() {
    std::cout << CalcHmacSHA256("key", "data");
}

The source is CME iLink2 specification

Solution 3

For consistency, following is a sample of function to generate SHA256-HMAC using OpenSSL

#include <openssl/sha.h>
#include <openssl/hmac.h>

#include <string>
#include <string_view>
#include <array>

std::string CalcHmacSHA256(std::string_view decodedKey, std::string_view msg)
{
    std::array<unsigned char, EVP_MAX_MD_SIZE> hash;
    unsigned int hashLen;

    HMAC(
        EVP_sha256(),
        decodedKey.data(),
        static_cast<int>(decodedKey.size()),
        reinterpret_cast<unsigned char const*>(msg.data()),
        static_cast<int>(msg.size()),
        hash.data(),
        &hashLen
    );

    return std::string{reinterpret_cast<char const*>(hash.data()), hashLen};
}

For the record, I like Crypto++ better as in case of Crypto++ generated binary is smaller. The drawback is that Crypto++ does not have a CMake module.

18,088

Author by

RDoonds

Updated on June 13, 2022

Comments

RDoonds about 2 years

I am looking for some function or a way that would return HMAC SHA256 hash in C++ using secret key. I have seen documentation of Crypto++ and OpenSSL but it does not accept an extra parameter of secret key for computation. Can someone help me by providing some info, code snippets or links.
M.M over 3 years

The page you link to doesn't seem to use make_unique
Dmytro Ovdiienko over 3 years

Once HashFilter object is created I call std::unique_ptr::release member function to release ownership from unique_ptr to HashFilter.
Dmytro Ovdiienko over 3 years

Right, the CME version of this function does not use std::unique_ptr
M.M over 3 years

OK, that makes sense
Dmytro Ovdiienko over 3 years

It depends on boost library. It is neither good nor bad. Just it is.
Vincent Guyard about 2 years

On MacOS, I am getting error: Undefined symbols for architecture x86_64, "_EVP_sha256", "_HMAC", referenced from ...
Dmytro Ovdiienko about 2 years

@VincentGuyard Did you pass -lssl -lcrypto keys to g++?
Vincent Guyard about 2 years

I could deal with this adding theses lines in my CMakeLists.txt: include_directories(/usr/local/opt/openssl@3/include) target_link_libraries(fillerchecker /usr/local/opt/openssl@3/lib/libcrypto.a)
Dmytro Ovdiienko about 2 years

In order to use openssl in the CMake project, you should use find_package(OpenSSL REQUIRED) and then TARGET_LINK_LIBRARIES (${PROJECT_NAME} OpenSSL::Crypto)