自学教程：C++ HMAC_Final函数代码示例

int main(int argc, char *argv[]) {    if(argc != 2) {        printf("Usage: ./test_app <file_name>/n");        return -1;    }    ENGINE *e = load_engine(ENGINE_MODULE, "test_engine");    if(e == 0) {        printf("Unable to load engine/n");        return -1;    }    ENGINE_ctrl_cmd_string(e, "username", "user", 0);    ENGINE_ctrl_cmd_string(e, "password", "password", 0);    ENGINE_init(e);        HMAC_CTX ctx;    HMAC_CTX_init(&ctx);    HMAC_Init_ex(&ctx, "test_key/0", 9, EVP_sha1(), e);    FILE *f = fopen(argv[1], "r");    char buf[BUF_SIZE];    while(!feof(f)) {        size_t ln = fread(buf, sizeof(char), BUF_SIZE, f);        if(ln == 0) continue;        HMAC_Update(&ctx, buf, ln);    }    fclose(f);        unsigned int siglen;    unsigned char md[20];    HMAC_Final(&ctx, md, &siglen);    ENGINE_finish(e);    printf("HMAC-SHA1: ");    for(size_t i = 0; i < siglen; i++) printf("%02x", md[i]);    printf("/n");    return 0;}

/* {{{ libssh2_mac_method_hmac_md5_hash * Calculate hash using full md5 value */static int libssh2_mac_method_hmac_md5_hash(LIBSSH2_SESSION *session, unsigned char *buf, unsigned long seqno,																	  const unsigned char *packet, unsigned long packet_len, 																	  const unsigned char *addtl, unsigned long addtl_len, void **abstract){	HMAC_CTX ctx;	unsigned char seqno_buf[4];	libssh2_htonu32(seqno_buf, seqno);	HMAC_Init(&ctx, *abstract, 16, EVP_md5());	HMAC_Update(&ctx, seqno_buf, 4);	HMAC_Update(&ctx, packet, packet_len);	if (addtl && addtl_len) {		HMAC_Update(&ctx, addtl, addtl_len);	}	HMAC_Final(&ctx, buf, NULL);	HMAC_cleanup(&ctx);	return 0;}

/* a counter-based KDF based on NIST SP800-108 */static void eap_pwd_kdf(uint8_t *key, int keylen, char const *label,			int label_len, uint8_t *retult, int retult_bit_len){	HMAC_CTX	*hmac_ctx;	uint8_t		digest[SHA256_DIGEST_LENGTH];	uint16_t	i, ctr, L;	int		retult_byte_len, len = 0;	unsigned int	mdlen = SHA256_DIGEST_LENGTH;	uint8_t		mask = 0xff;	MEM(hmac_ctx = HMAC_CTX_new());	retult_byte_len = (retult_bit_len + 7) / 8;	ctr = 0;	L = htons(retult_bit_len);	while (len < retult_byte_len) {		ctr++; i = htons(ctr);		HMAC_Init_ex(hmac_ctx, key, keylen, EVP_sha256(), NULL);		if (ctr > 1) HMAC_Update(hmac_ctx, digest, mdlen);		HMAC_Update(hmac_ctx, (uint8_t *) &i, sizeof(uint16_t));		HMAC_Update(hmac_ctx, (uint8_t const *)label, label_len);		HMAC_Update(hmac_ctx, (uint8_t *) &L, sizeof(uint16_t));		HMAC_Final(hmac_ctx, digest, &mdlen);		if ((len + (int) mdlen) > retult_byte_len) {			memcpy(retult + len, digest, retult_byte_len - len);		} else {			memcpy(retult + len, digest, mdlen);		}		len += mdlen;		HMAC_CTX_reset(hmac_ctx);	}	/* since we're expanding to a bit length, mask off the excess */	if (retult_bit_len % 8) {		mask <<= (8 - (retult_bit_len % 8));		retult[retult_byte_len - 1] &= mask;	}	HMAC_CTX_free(hmac_ctx);}

char * Crypto_Digest_HMAC (int count, char * algoName,                           char * data, char * key) {  count = count;  HMAC_CTX ctx;  const EVP_MD *md;  unsigned char hmac_value [EVP_MAX_MD_SIZE];  unsigned int hmac_len;  OpenSSL_add_all_digests ();  md = EVP_get_digestbyname (algoName);  if (!md) return "";  HMAC_CTX_init (&ctx);  HMAC_Init_ex (&ctx, key, strlen (key), md, NULL);  HMAC_Update (&ctx, (unsigned char *) data, strlen (data));  HMAC_Final (&ctx, hmac_value, &hmac_len);  HMAC_CTX_cleanup (&ctx);  return Crypto_Digest_MakeHexDigest (hmac_value, hmac_len);;}

int cmeHMACFinal(HMAC_CTX **ctx, unsigned char *out, unsigned int *outl){    int result;    result=HMAC_Final(*ctx,out,outl);    cmeFree(*ctx);    if (result==0)  //1= success, 0=failure    {#ifdef ERROR_LOG        fprintf(stderr,"CaumeDSE Error: cmeHMACFinal(), HMAC_Final() failure!/n");#endif        return (1);    }    else    {#ifdef DEBUG        fprintf(stdout,"CaumeDSE Debug: cmeHMACFinal(), HMAC_Final() success./n");#endif       return (0);    }

int hmac::digest(lua_State * L){    target_type * self = lua::to<hmac>(L, 1);        unsigned char * md = new unsigned char[EVP_MAX_MD_SIZE];    unsigned int md_len = EVP_MAX_MD_SIZE;        HMAC_Final(self, md, &md_len);        std::size_t output_len = md_len * 2 + 1;    char * output = new char[output_len];    char * output_end = hex_encode(md, md + md_len, output, output + output_len);    *output_end = '/0';        lua_pushstring(L, output);        delete [] md;    delete [] output;        return 1;}

int por_verify_block(char *filepath, size_t filepath_len, unsigned char *block, size_t block_len, unsigned int index, unsigned char *tag, size_t tag_len){		HMAC_CTX ctx;	POR_key *key = NULL;	unsigned char digest[SHA_DIGEST_LENGTH];	unsigned int digest_len = 0;	int ret = 0;		if(!filepath || !block || !block_len || !tag || !tag_len) return 0;	if(filepath_len >= MAXPATHLEN) return 0;		key = por_get_keys();	if(!key) goto cleanup;		HMAC_CTX_init(&ctx);	HMAC_Init(&ctx, key->prf_key, key->prf_key_size, EVP_sha1());	HMAC_Update(&ctx, (const unsigned char *)&index, sizeof(unsigned int));	HMAC_Update(&ctx, (unsigned char *)filepath, (int)filepath_len);	HMAC_Update(&ctx, block, block_len);			HMAC_Final(&ctx, digest, &digest_len);			HMAC_cleanup(&ctx);				ret = memcmp(digest, tag, tag_len);/*	printf("Tag: ");	printhex(tag, tag_len);	printf("Verify: ");	printhex(digest, digest_len);*/	if(key) destroy_por_key(key);	if(ret == 0) return 1;	cleanup:	return 0;	}

static intverify(const ocra_suite * ocra, const uint8_t *key, size_t key_l,    const uint8_t *buf, size_t buf_l, const char *resp){	int ret;	unsigned int md_l = 20;	uint8_t *md = NULL;	char *tmp;	HMAC_CTX *ctx = NULL;	if (0 != (ret = hmac_new(&ctx)))		return ret;	if (NULL == ((md = (uint8_t *)malloc(mdlen(ocra->hotp_alg)))))		return RFC6287_ERR_POSIX;	if ((1 != HMAC_Init_ex(ctx, key, key_l, evp_md(ocra->hotp_alg), NULL)) ||	    (1 != HMAC_Update(ctx, buf, (int)buf_l)) ||	    (1 != HMAC_Final(ctx, md, &md_l)) ||	    (md_l != mdlen(ocra->hotp_alg))) {		hmac_destroy(ctx);		free(md);		return RFC6287_ERR_OPENSSL;	}	hmac_destroy(ctx);	if (ocra->hotp_trunc) {		ret = truncate_md(md, md_l, ocra->hotp_trunc, &tmp);		free(md);		if (0 != ret)			return ret;	} else		tmp = (char *)md;	if (0 != memcmp(resp, tmp,	    (ocra->hotp_trunc) ? (unsigned int)ocra->hotp_trunc : md_l))		ret = RFC6287_VERIFY_FAILED;	else		ret = RFC6287_SUCCESS;	free(tmp);	return ret;}

static void kderive_update(struct kderive_context *ctx){	uint32_t i;#if (OPENSSL_VERSION_NUMBER < 0x1010002f)	HMAC_CTX hctx;#endif        HMAC_CTX *phctx = NULL;	unsigned char *pos = ctx->out;	uint32_t *p_iter = (uint32_t *)ctx->fid;	uint32_t num_iters = ctx->out_len / PRF_OUTPUT_SIZE;	check_prf_iters(num_iters);#if (OPENSSL_VERSION_NUMBER < 0x1010002f)	HMAC_CTX_init(&hctx);        phctx = &hctx;#else        phctx = HMAC_CTX_new();        /* I guess we presume it was successful? */#endif	for (i = 0; i < num_iters; i++) {		/*		 * update the iteration number in the fid		 */		*p_iter = htobe32(i);		HMAC_Init_ex(phctx,			     ctx->pkey, ctx->pkey_len >> 3,			     EVP_sha256(),			     NULL);		HMAC_Update(phctx, ctx->fid, ctx->fid_len);		HMAC_Final(phctx, pos, NULL);		pos += PRF_OUTPUT_SIZE;	}#if (OPENSSL_VERSION_NUMBER < 0x1010002f)	HMAC_CTX_cleanup(phctx);#else        HMAC_CTX_free(phctx);#endif}

// Other 'common' functions for this format:void encfs_common_setIVec(encfs_common_custom_salt *cur_salt, unsigned char *ivec, uint64_t seed, unsigned char *key){	unsigned char md[EVP_MAX_MD_SIZE];	unsigned int mdLen = EVP_MAX_MD_SIZE;	int i;	HMAC_CTX mac_ctx;	memcpy( ivec, &key[cur_salt->keySize], cur_salt->ivLength );	for(i=0; i<8; ++i) {		md[i] = (unsigned char)(seed & 0xff);		seed >>= 8;	}	// combine ivec and seed with HMAC	HMAC_CTX_init(&mac_ctx);	HMAC_Init_ex( &mac_ctx, key, cur_salt->keySize, EVP_sha1(), 0 );	HMAC_Init_ex( &mac_ctx, 0, 0, 0, 0 );	HMAC_Update( &mac_ctx, ivec, cur_salt->ivLength );	HMAC_Update( &mac_ctx, md, 8 );	HMAC_Final( &mac_ctx, md, &mdLen );	HMAC_CTX_cleanup(&mac_ctx);	memcpy( ivec, md, cur_salt->ivLength );}

		void init(RC4_KEY* rc4, const unsigned char* session_key, const unsigned char* peer_key)		{			HMAC_CTX hmac_ctx;			HMAC_CTX_init(&hmac_ctx);			HMAC_Init_ex(&hmac_ctx, (void*)peer_key, peer_key_size, EVP_sha1(), NULL);			HMAC_Update(&hmac_ctx, session_key, session_key_size);			unsigned char rc4_keystring[SHA_DIGEST_LENGTH];			unsigned int rc4_keystring_size = SHA_DIGEST_LENGTH;						HMAC_Final(&hmac_ctx, rc4_keystring, &rc4_keystring_size);						HMAC_CTX_cleanup(&hmac_ctx);			RC4_set_key(rc4, rc4_keystring_size, rc4_keystring);						const unsigned char rc4_key_init[rc4_init_size] = { 0x00 };			unsigned char rc4_key_init_output[rc4_init_size];			RC4(rc4, sizeof(rc4_key_init), rc4_key_init, rc4_key_init_output);		}

/* a counter-based KDF based on NIST SP800-108 */static voideap_pwd_kdf(uint8_t *key, int keylen, const char *label, int labellen,	    uint8_t *result, int resultbitlen){    HMAC_CTX hctx;    uint8_t digest[SHA256_DIGEST_LENGTH];    uint16_t i, ctr, L;    int resultbytelen, len = 0;    unsigned int mdlen = SHA256_DIGEST_LENGTH;    uint8_t mask = 0xff;    resultbytelen = (resultbitlen + 7)/8;    ctr = 0;    L = htons(resultbitlen);    while (len < resultbytelen) {	ctr++; i = htons(ctr);	HMAC_Init(&hctx, key, keylen, EVP_sha256());	if (ctr > 1) {	    HMAC_Update(&hctx, digest, mdlen);	}	HMAC_Update(&hctx, (uint8_t *) &i, sizeof(uint16_t));	HMAC_Update(&hctx, (const uint8_t *)label, labellen);	HMAC_Update(&hctx, (uint8_t *) &L, sizeof(uint16_t));	HMAC_Final(&hctx, digest, &mdlen);	if ((len + (int) mdlen) > resultbytelen) {	    memcpy(result + len, digest, resultbytelen - len);	} else {	    memcpy(result + len, digest, mdlen);	}	len += mdlen;	HMAC_CTX_cleanup(&hctx);    }    /* since we're expanding to a bit length, mask off the excess */    if (resultbitlen % 8) {	mask <<= (8 - (resultbitlen % 8));	result[resultbytelen - 1] &= mask;    }}

ByteArray Hmac::doFinal() throw (HmacException, InvalidStateException) {	if (this->state == Hmac::NO_INIT || this->state == Hmac::INIT)	{		throw InvalidStateException("Hmac::doFinal");	}	unsigned int size;	unsigned char *md = new unsigned char[EVP_MAX_MD_SIZE + 1];	int rc = HMAC_Final( &this->ctx, md, &size );	HMAC_CTX_cleanup( &this->ctx );	this->state = Hmac::NO_INIT;	if (!rc)	{		delete( md );		throw HmacException(HmacException::CTX_FINISH, "Hmac::doFinal");	}	ByteArray content;	content.setDataPointer( md, size );	return content;}

void l4l_rest() {			__l4l.data.l_trz=snprintf(__l4l.data.s_trz,L4L_MAX_TRZ_LEN-1,__l4l.data.s_trz_aux2,__l4l.data.s_trz_aux);			__l4l.data.s_trz[__l4l.data.l_trz++]='/n';__l4l.data.s_trz[__l4l.data.l_trz]='/0';			__l4l.size+=fwrite(__l4l.data.s_trz,1,__l4l.data.l_trz,__l4l.data.logFile);			strcpy(__l4l.data.s_trz_aux,__l4l.data.s_trz);			if(__l4l.data.currMask & __l4l.cfg.flush_mask) {				fflush (__l4l.data.logFile);/				fsync (fileno (__l4l.data.logFile));			}#ifdef L4L_HASH_METHOD			if (__l4l.data.currMask & __l4l.cfg.hash_mask) {				int i=0;				HMAC_Update(&__l4l.data.ctx, (unsigned char*)&__l4l.data.s_trz, (size_t)(__l4l.data.l_trz-1));				HMAC_Final(&__l4l.data.ctx, __l4l.data.hash_bin, &__l4l.data.len);				for(i=0;i < L4L_MAX_HASH_LEN;i+=2) {					__l4l.data.hash_str[i]=lut[(int)(__l4l.data.hash_bin[i] >>4)];					__l4l.data.hash_str[i+1]=lut[(int)(__l4l.data.hash_bin[i] & 0x0f)]; 				}				__l4l.data.hash_str[i]='/0';			}

unsigned int FIPS_incore_fingerprint(unsigned char *sig,unsigned int len)    {    const unsigned char *p1 = FIPS_text_start();    const unsigned char *p2 = FIPS_text_end();    const unsigned char *p3 = FIPS_rodata_start;    const unsigned char *p4 = FIPS_rodata_end;    HMAC_CTX c;    HMAC_CTX_init(&c);    HMAC_Init(&c,FIPS_hmac_key,strlen(FIPS_hmac_key),EVP_sha1());    /* detect overlapping regions */    if (p1<=p3 && p2>=p3)	p3=p1, p4=p2>p4?p2:p4, p1=NULL, p2=NULL;    else if (p3<=p1 && p4>=p1)	p3=p3, p4=p2>p4?p2:p4, p1=NULL, p2=NULL;    if (p1)	HMAC_Update(&c,p1,(size_t)p2-(size_t)p1);    if (FIPS_signature>=p3 && FIPS_signature<p4)	{	/* "punch" hole */	HMAC_Update(&c,p3,(size_t)FIPS_signature-(size_t)p3);	p3 = FIPS_signature+sizeof(FIPS_signature);	if (p3<p4)	    HMAC_Update(&c,p3,(size_t)p4-(size_t)p3);	}    else	HMAC_Update(&c,p3,(size_t)p4-(size_t)p3);    if (!fips_post_corrupt(FIPS_TEST_INTEGRITY, 0, NULL))	HMAC_Update(&c, (unsigned char *)FIPS_hmac_key, 1);    HMAC_Final(&c,sig,&len);    HMAC_CTX_cleanup(&c);    return len;    }

static int hmac_fdigest(lua_State *L){  const char *t = luaL_checkstring(L, 1);  const EVP_MD *type = EVP_get_digestbyname(t);  const char *s;  const char *k;  unsigned char digest[EVP_MAX_MD_SIZE];  unsigned int written = 0;  unsigned int i;  char *hex;  HMAC_CTX c;  if (type == NULL) {    luaL_argerror(L, 1, "invalid digest type");    return 0;  }  s = luaL_checkstring(L, 2);  k = luaL_checkstring(L, 3);  HMAC_CTX_init(&c);  HMAC_Init_ex(&c, k, (int)lua_strlen(L, 3), type, NULL);  HMAC_Update(&c, (unsigned char *)s, lua_strlen(L, 2));  HMAC_Final(&c, digest, &written);  HMAC_CTX_cleanup(&c);  if (lua_toboolean(L, 4))    lua_pushlstring(L, (char *)digest, written);  else {    hex = (char*)calloc(sizeof(char), written*2 + 1);    for (i = 0; i < written; i++)      sprintf(hex + 2*i, "%02x", digest[i]);    lua_pushlstring(L, hex, written*2);    free(hex);  }  return 1;}

static int calculate_auth_data(const struct iovec *iov, int iovlen,			       const struct in6_addr *coa,			       const struct in6_addr *cn,			       const uint8_t *key, uint8_t *digest){	uint8_t buf[HMAC_SHA1_HASH_LEN];	int i;#ifdef HAVE_LIBCRYPTO	unsigned int len = HMAC_SHA1_HASH_LEN;	HMAC_CTX ctx;	const EVP_MD *evp_md = EVP_sha1();	HMAC_CTX_init(&ctx);	HMAC_Init_ex(&ctx, key, HMAC_SHA1_KEY_SIZE, evp_md, NULL);	HMAC_Update(&ctx, (uint8_t *)coa, sizeof(*coa));	HMAC_Update(&ctx, (uint8_t *)cn, sizeof(*coa));	for (i = 0; i < iovlen; i++) {		HMAC_Update(&ctx, (uint8_t *)iov[i].iov_base, iov[i].iov_len);	}	HMAC_Final(&ctx, buf, &len);	HMAC_CTX_cleanup(&ctx);#else	HMAC_SHA1_CTX ctx;	HMAC_SHA1_init(&ctx, key, HMAC_SHA1_KEY_SIZE);	HMAC_SHA1_update(&ctx, (uint8_t *)coa, sizeof(*coa));	HMAC_SHA1_update(&ctx, (uint8_t *)cn, sizeof(*coa));	for (i = 0; i < iovlen; i++) {		HMAC_SHA1_update(&ctx, (uint8_t *)iov[i].iov_base,				 iov[i].iov_len);	}	HMAC_SHA1_final(&ctx, buf);#endif	memcpy(digest, buf, MIPV6_DIGEST_LEN);	return 0;}

bool HMAC_Create(COSE_MacMessage * pcose, int HSize, int TSize, const byte * pbKey, size_t cbKey, const byte * pbAuthData, size_t cbAuthData, cose_errback * perr){	HMAC_CTX ctx;	const EVP_MD * pmd = NULL;	byte * rgbOut = NULL;	unsigned int cbOut;#ifdef USE_CBOR_CONTEXT	cn_cbor_context * context = &pcose->m_message.m_allocContext;#endif	HMAC_CTX_init(&ctx);	if (0) {	errorReturn:		COSE_FREE(rgbOut, context);		HMAC_cleanup(&ctx);		return false;	}	switch (HSize) {	case 256: pmd = EVP_sha256(); break;	case 384: pmd = EVP_sha384(); break;	case 512: pmd = EVP_sha512(); break;	default: FAIL_CONDITION(COSE_ERR_INVALID_PARAMETER); break;	}	rgbOut = COSE_CALLOC(EVP_MAX_MD_SIZE, 1, context);	CHECK_CONDITION(rgbOut != NULL, COSE_ERR_OUT_OF_MEMORY);	CHECK_CONDITION(HMAC_Init(&ctx, pbKey, (int) cbKey, pmd), COSE_ERR_CRYPTO_FAIL);	CHECK_CONDITION(HMAC_Update(&ctx, pbAuthData, cbAuthData), COSE_ERR_CRYPTO_FAIL);	CHECK_CONDITION(HMAC_Final(&ctx, rgbOut, &cbOut), COSE_ERR_CRYPTO_FAIL);	CHECK_CONDITION(_COSE_array_replace(&pcose->m_message, cn_cbor_data_create(rgbOut, TSize / 8, CBOR_CONTEXT_PARAM_COMMA NULL), INDEX_MAC_TAG, CBOR_CONTEXT_PARAM_COMMA NULL), COSE_ERR_CBOR);	HMAC_cleanup(&ctx);	return true;}

unsigned char *HMAC(const EVP_MD *evp_md, const void *key, int key_len,                    const unsigned char *d, size_t n, unsigned char *md,                    unsigned int *md_len){    HMAC_CTX *c = NULL;    static unsigned char m[EVP_MAX_MD_SIZE];    if (md == NULL)        md = m;    if ((c = HMAC_CTX_new()) == NULL)        goto err;    if (!HMAC_Init_ex(c, key, key_len, evp_md, NULL))        goto err;    if (!HMAC_Update(c, d, n))        goto err;    if (!HMAC_Final(c, md, md_len))        goto err;    HMAC_CTX_free(c);    return md;err:    HMAC_CTX_free(c);    return NULL;}

char* CryptoHandler::hmac_sha512(char* datain, char* keyin, const bool& base64){	unsigned char* key = (unsigned char*) keyin;	unsigned char* data = (unsigned char*) datain;	unsigned char* result;	unsigned int result_len = 64;	HMAC_CTX ctx;	result = (unsigned char*) malloc(sizeof(char) * result_len);	ENGINE_load_builtin_engines();	ENGINE_register_all_complete();	HMAC_CTX_init(&ctx);	HMAC_Init_ex(&ctx, key, strlen(keyin), EVP_sha512(), NULL);	HMAC_Update(&ctx, data, strlen(datain));	HMAC_Final(&ctx, result, &result_len);	HMAC_CTX_cleanup(&ctx);	if(base64)		return base64encode(result,result_len);	return (char*)result;}

/** Calculate HMAC using OpenSSL's MD5 implementation * * @param digest Caller digest to be filled in. * @param in Pointer to data stream. * @param inlen length of data stream. * @param key Pointer to authentication key. * @param key_len Length of authentication key. * */void fr_hmac_md5(uint8_t digest[MD5_DIGEST_LENGTH], uint8_t const *in, size_t inlen,		 uint8_t const *key, size_t key_len){	HMAC_CTX *ctx;	if (unlikely(!md5_hmac_ctx)) {		ctx = HMAC_CTX_new();		if (unlikely(!ctx)) return;		fr_thread_local_set_destructor(md5_hmac_ctx, _hmac_md5_ctx_free_on_exit, ctx);	} else {		ctx = md5_hmac_ctx;	}#ifdef EVP_MD_CTX_FLAG_NON_FIPS_ALLOW	/* Since MD5 is not allowed by FIPS, explicitly allow it. */	HMAC_CTX_set_flags(ctx, EVP_MD_CTX_FLAG_NON_FIPS_ALLOW);#endif /* EVP_MD_CTX_FLAG_NON_FIPS_ALLOW */	HMAC_Init_ex(ctx, key, key_len, EVP_md5(), NULL);	HMAC_Update(ctx, in, inlen);	HMAC_Final(ctx, digest, NULL);	HMAC_CTX_reset(ctx);}

uint8_t *HMAC(const EVP_MD *evp_md, const void *key, size_t key_len,              const uint8_t *data, size_t data_len, uint8_t *out,              unsigned int *out_len) {  HMAC_CTX ctx;  static uint8_t static_out_buffer[EVP_MAX_MD_SIZE];  /* OpenSSL has traditionally supported using a static buffer if |out| is   * NULL. We maintain that but don't document it. This behaviour should be   * considered to be deprecated. */  if (out == NULL) {    out = static_out_buffer;  }  HMAC_CTX_init(&ctx);  if (!HMAC_Init(&ctx, key, key_len, evp_md) ||      !HMAC_Update(&ctx, data, data_len) ||      !HMAC_Final(&ctx, out, out_len)) {    out = NULL;  }  HMAC_CTX_cleanup(&ctx);  return out;}

char *host_hash(const char *host, const char *name_from_hostfile, u_int src_len){	const EVP_MD *md = EVP_sha1();	HMAC_CTX mac_ctx;	u_char salt[256], result[256];	char uu_salt[512], uu_result[512];	static char encoded[1024];	u_int i, len;	len = EVP_MD_size(md);	if (name_from_hostfile == NULL) {		/* Create new salt */		for (i = 0; i < len; i++)			salt[i] = arc4random();	} else {		/* Extract salt from known host entry */		if (extract_salt(name_from_hostfile, src_len, salt,		    sizeof(salt)) == -1)			return (NULL);	}	HMAC_Init(&mac_ctx, salt, len, md);	HMAC_Update(&mac_ctx, __UNCONST(host), strlen(host));	HMAC_Final(&mac_ctx, result, NULL);	HMAC_cleanup(&mac_ctx);	if (__b64_ntop(salt, len, uu_salt, sizeof(uu_salt)) == -1 ||	    __b64_ntop(result, len, uu_result, sizeof(uu_result)) == -1)		fatal("host_hash: __b64_ntop failed");	snprintf(encoded, sizeof(encoded), "%s%s%c%s", HASH_MAGIC, uu_salt,	    HASH_DELIM, uu_result);	return (encoded);}

u_char *mac_compute(Mac *mac, u_int32_t seqno, u_char *data, int datalen){	static union {		u_char m[EVP_MAX_MD_SIZE];		u_int64_t for_align;	} u;	u_char b[4], nonce[8];	if (mac->mac_len > sizeof(u))		fatal("mac_compute: mac too long %u %lu",		    mac->mac_len, (u_long)sizeof(u));	switch (mac->type) {	case SSH_EVP:		put_u32(b, seqno);		/* reset HMAC context */		HMAC_Init(&mac->evp_ctx, NULL, 0, NULL);		HMAC_Update(&mac->evp_ctx, b, sizeof(b));		HMAC_Update(&mac->evp_ctx, data, datalen);		HMAC_Final(&mac->evp_ctx, u.m, NULL);		break;	case SSH_UMAC:		put_u64(nonce, seqno);		umac_update(mac->umac_ctx, data, datalen);		umac_final(mac->umac_ctx, u.m, nonce);		break;	case SSH_UMAC128:		put_u64(nonce, seqno);		umac128_update(mac->umac_ctx, data, datalen);		umac128_final(mac->umac_ctx, u.m, nonce);		break;	default:		fatal("mac_compute: unknown MAC type");	}	return (u.m);}

static int sqlcipher_openssl_hmac(void *ctx, int algorithm, unsigned char *hmac_key, int key_sz, unsigned char *in, int in_sz, unsigned char *in2, int in2_sz, unsigned char *out) {  unsigned int outlen;  int rc = SQLITE_OK;  HMAC_CTX* hctx = NULL;  if(in == NULL) goto error;  hctx = HMAC_CTX_new();  if(hctx == NULL) goto error;  switch(algorithm) {    case SQLCIPHER_HMAC_SHA1:      if(!HMAC_Init_ex(hctx, hmac_key, key_sz, EVP_sha1(), NULL)) goto error;      break;    case SQLCIPHER_HMAC_SHA256:      if(!HMAC_Init_ex(hctx, hmac_key, key_sz, EVP_sha256(), NULL)) goto error;      break;    case SQLCIPHER_HMAC_SHA512:      if(!HMAC_Init_ex(hctx, hmac_key, key_sz, EVP_sha512(), NULL)) goto error;      break;    default:      goto error;  }  if(!HMAC_Update(hctx, in, in_sz)) goto error;  if(in2 != NULL) {    if(!HMAC_Update(hctx, in2, in2_sz)) goto error;  }  if(!HMAC_Final(hctx, out, &outlen)) goto error;    goto cleanup;error:  rc = SQLITE_ERROR;cleanup:  if(hctx) HMAC_CTX_free(hctx);  return rc;}

/**  Completes computation of the HMAC-MD5 digest value.  This function completes HMAC-MD5 digest computation and retrieves the digest value into  the specified memory. After this function has been called, the HMAC-MD5 context cannot  be used again.  HMAC-MD5 context should be already correctly intialized by HmacMd5Init(), and should not be  finalized by HmacMd5Final(). Behavior with invalid HMAC-MD5 context is undefined.  If HmacMd5Context is NULL, then return FALSE.  If HmacValue is NULL, then return FALSE.  @param[in, out]  HmacMd5Context  Pointer to the HMAC-MD5 context.  @param[out]      HmacValue       Pointer to a buffer that receives the HMAC-MD5 digest                                   value (16 bytes).  @retval TRUE   HMAC-MD5 digest computation succeeded.  @retval FALSE  HMAC-MD5 digest computation failed.**/BOOLEANEFIAPIHmacMd5Final (  IN OUT  VOID   *HmacMd5Context,  OUT     UINT8  *HmacValue  ){  UINT32  Length;  //  // Check input parameters.  //  if (HmacMd5Context == NULL || HmacValue == NULL) {    return FALSE;  }  //  // OpenSSL HMAC-MD5 digest finalization  //  HMAC_Final (HmacMd5Context, HmacValue, &Length);  HMAC_CTX_cleanup (HmacMd5Context);  return TRUE;}

ssize_tdsa_sign_final(struct iked_dsa *dsa, void *buf, size_t len){	unsigned int	 siglen;	size_t		 off = 0;	uint8_t		*ptr = buf;	if (len < dsa_length(dsa))		return (-1);	if (dsa->dsa_hmac) {		if (!HMAC_Final(dsa->dsa_ctx, buf, &siglen))			return (-1);	} else {		if (_dsa_sign_encode(dsa, ptr, &off) < 0)			return (-1);		if (!EVP_SignFinal(dsa->dsa_ctx, ptr + off, &siglen,		    dsa->dsa_key))			return (-1);		siglen += off;	}	return (siglen);}

void hash(char data[]) {    // The secret key for hashing    const char key[] = "12345678";     // The data that we're going to hash    //char data[] = "hello world";        // Be careful of the length of string with the choosen hash engine. SHA1 needed 20 characters.    // Change the length accordingly with your choosen hash engine.         unsigned char* result;    unsigned int len = 20;     result = (unsigned char*)malloc(sizeof(char) * len);     HMAC_CTX ctx;    HMAC_CTX_init(&ctx);     // Using sha1 hash engine here.    // You may use other hash engines. e.g EVP_md5(), EVP_sha224, EVP_sha512, etc    HMAC_Init_ex(&ctx, key, strlen(key), EVP_sha1(), NULL);   	        // HMAC_Update(&ctx, (unsigned char*)&data, strlen(data));    HMAC_Final(&ctx, result, &len);    HMAC_CTX_cleanup(&ctx);     printf("HMAC digest: ");     for (int i = 0; i != len; i++)        printf("%02x", (unsigned int)result[i]);     printf("/n");     //free(result); }

/* Generate a MAC */int PKCS12_gen_mac(PKCS12 *p12, const char *pass, int passlen,       unsigned char *mac, unsigned int *maclen){  const EVP_MD *md_type;  HMAC_CTX hmac;  unsigned char key[PKCS12_MAC_KEY_LENGTH], *salt;  int saltlen, iter;  if (!PKCS7_type_is_data(p12->authsafes))    {    PKCS12err(PKCS12_F_PKCS12_GEN_MAC,PKCS12_R_CONTENT_TYPE_NOT_DATA);    return 0;    }  salt = p12->mac->salt->data;  saltlen = p12->mac->salt->length;  if (!p12->mac->iter) iter = 1;  else iter = ASN1_INTEGER_get (p12->mac->iter);      if(!(md_type =     EVP_get_digestbyobj (p12->mac->dinfo->algor->algorithm))) {    PKCS12err(PKCS12_F_PKCS12_GEN_MAC,PKCS12_R_UNKNOWN_DIGEST_ALGORITHM);    return 0;  }  if(!PKCS12_key_gen (pass, passlen, salt, saltlen, PKCS12_MAC_ID, iter,         PKCS12_MAC_KEY_LENGTH, key, md_type)) {    PKCS12err(PKCS12_F_PKCS12_GEN_MAC,PKCS12_R_KEY_GEN_ERROR);    return 0;  }  HMAC_CTX_init(&hmac);  HMAC_Init_ex(&hmac, key, PKCS12_MAC_KEY_LENGTH, md_type, NULL);      HMAC_Update(&hmac, p12->authsafes->d.data->data,           p12->authsafes->d.data->length);      HMAC_Final(&hmac, mac, maclen);      HMAC_CTX_cleanup(&hmac);  return 1;}