// hkdfExpand implements HKDF-Expand from RFC 5869. func hkdfExpand(hash func() hash.Hash, prk, info []byte, length int) []byte { hashSize := hash().Size() if length > 255*hashSize { panic("hkdfExpand: length too long") } if len(prk) < hashSize { panic("hkdfExpand: prk too short") } var lastBlock []byte counter := byte(0) okm := make([]byte, length) hmac := hmac.New(hash, prk) for length > 0 { hmac.Reset() counter++ hmac.Write(lastBlock) hmac.Write(info) hmac.Write([]byte{counter}) block := hmac.Sum(nil) lastBlock = block copy(okm[(int(counter)-1)*hashSize:], block) length -= hashSize } return okm }
// MakePermSignature returns a string representing the signed permission // hint for the blob identified by blob_hash, api_token and expiration timestamp. func MakePermSignature(blob_hash string, api_token string, expiry string) string { hmac := hmac.New(sha1.New, PermissionSecret) hmac.Write([]byte(blob_hash)) hmac.Write([]byte("@")) hmac.Write([]byte(api_token)) hmac.Write([]byte("@")) hmac.Write([]byte(expiry)) digest := hmac.Sum(nil) return fmt.Sprintf("%x", digest) }
// makePermSignature generates a SHA-1 HMAC digest for the given blob, // token, expiry, and site secret. func makePermSignature(blobHash, apiToken, expiry string, permissionSecret []byte) string { hmac := hmac.New(sha1.New, permissionSecret) hmac.Write([]byte(blobHash)) hmac.Write([]byte("@")) hmac.Write([]byte(apiToken)) hmac.Write([]byte("@")) hmac.Write([]byte(expiry)) digest := hmac.Sum(nil) return fmt.Sprintf("%x", digest) }
func (sk *SKEME) mkmac(masterkey, Xb1, Xb2 []byte) (cipher.Stream, []byte) { keylen := sk.ms.KeySize() hmac := hmac.New(sk.suite.Hash, masterkey) hmac.Write(Xb1) hmac.Write(Xb2) key := hmac.Sum(nil)[:keylen] stream := sk.suite.Cipher(key) mac := random.Bytes(keylen, stream) return stream, mac }
func GetIronValue(name, value string, key []byte, timestamped bool) (val string, ok bool) { split := strings.SplitN(value, ":", 2) if len(split) != 2 { return } expected, value := []byte(split[0]), split[1] message := fmt.Sprintf("%s|%s", strings.Replace(name, "|", `\|`, -1), value) hmac := ironHMAC(key) hmac.Write([]byte(message)) digest := hmac.Sum() mac := make([]byte, base64.URLEncoding.EncodedLen(len(digest))) base64.URLEncoding.Encode(mac, digest) if subtle.ConstantTimeCompare(mac, expected) != 1 { return } if timestamped { split = strings.SplitN(value, ":", 2) if len(split) != 2 { return } timestring, val := split[0], split[1] timestamp, err := strconv.Atoi64(timestring) if err != nil { return } if time.Seconds() > timestamp { return } return val, true } return value, true }
func GetHMAC(hashType int, input, key []byte) []byte { var hash func() hash.Hash switch hashType { case HASH_SHA1: { hash = sha1.New } case HASH_SHA256: { hash = sha256.New } case HASH_SHA512: { hash = sha512.New } case HASH_SHA512_384: { hash = sha512.New384 } } hmac := hmac.New(hash, []byte(key)) hmac.Write(input) return hmac.Sum(nil) }
// Generates an OAuth signature using signatureBase // and secret keys func (t *Twitter) generateOAuthSignature(signatureBase string) string { signingKey := fmt.Sprintf("%s&%s", t.ConsumerSecret, t.OAuthTokenSecret) hmac := hmac.New(sha1.New, []byte(signingKey)) hmac.Write([]byte(signatureBase)) return base64.StdEncoding.EncodeToString(hmac.Sum(nil)) }
// Derives a child key from a given parent as outlined by bip32 func (key *Key) NewChildKey(childIdx uint32) (*Key, error) { hardenedChild := childIdx >= FirstHardenedChild childIndexBytes := uint32Bytes(childIdx) // Fail early if trying to create hardned child from public key if !key.IsPrivate && hardenedChild { return nil, errors.New("Can't create hardened child for public key") } // Get intermediary to create key and chaincode from // Hardened children are based on the private key // NonHardened children are based on the public key var data []byte if hardenedChild { data = append([]byte{0x0}, key.Key...) } else { data = publicKeyForPrivateKey(key.Key) } data = append(data, childIndexBytes...) hmac := hmac.New(sha512.New, key.ChainCode) hmac.Write(data) intermediary := hmac.Sum(nil) // Create child Key with data common to all both scenarios childKey := &Key{ ChildNumber: childIndexBytes, ChainCode: intermediary[32:], Depth: key.Depth + 1, IsPrivate: key.IsPrivate, } // Bip32 CKDpriv if key.IsPrivate { childKey.Version = PrivateWalletVersion childKey.FingerPrint = hash160(publicKeyForPrivateKey(key.Key))[:4] childKey.Key = addPrivateKeys(intermediary[:32], key.Key) // Validate key err := validatePrivateKey(childKey.Key) if err != nil { return nil, err } // Bip32 CKDpub } else { keyBytes := publicKeyForPrivateKey(intermediary[:32]) // Validate key err := validateChildPublicKey(keyBytes) if err != nil { return nil, err } childKey.Version = PublicWalletVersion childKey.FingerPrint = hash160(key.Key)[:4] childKey.Key = addPublicKeys(keyBytes, key.Key) } return childKey, nil }
// Creates a new master extended key from a seed func NewMasterKey(seed []byte) (*Key, error) { // Generate key and chaincode hmac := hmac.New(sha512.New, []byte("Bitcoin seed")) hmac.Write([]byte(seed)) intermediary := hmac.Sum(nil) // Split it into our key and chain code keyBytes := intermediary[:32] chainCode := intermediary[32:] // Validate key err := validatePrivateKey(keyBytes) if err != nil { return nil, err } // Create the key struct key := &Key{ Version: PrivateWalletVersion, ChainCode: chainCode, Key: keyBytes, Depth: 0x0, ChildNumber: []byte{0x00, 0x00, 0x00, 0x00}, FingerPrint: []byte{0x00, 0x00, 0x00, 0x00}, IsPrivate: true, } return key, nil }
func (mp *MerkleProof) calcRootHash(seed []byte, lastNode []byte) []byte { hmac := hmac.New(sha256.New, seed) for i := len(mp.Level) - 1; i >= 0; i-- { hmac.Reset() if mp.Level[i].NodeHash != nil { if mp.Level[i].IsLeft { hmac.Write(mp.Level[i].NodeHash) hmac.Write(lastNode) } else { hmac.Write(lastNode) hmac.Write(mp.Level[i].NodeHash) } lastNode = hmac.Sum(nil) } } return lastNode }
// Returns the signature to be used in the query string or Authorization header func Signature(secret, toSign string) string { // Signature = Base64( HMAC-SHA1( UTF-8-Encoding-Of( YourSecretAccessKeyID, StringToSign ) ) ); // Need to confirm what encoding go strings are when converted to []byte hmac := hmac.NewSHA1([]byte(secret)) hmac.Write([]byte(toSign)) return base64.StdEncoding.EncodeToString(hmac.Sum()) }
// hkdfExtract implements HKDF-Extract from RFC 5869. func hkdfExtract(hash func() hash.Hash, salt, ikm []byte) []byte { if salt == nil { salt = make([]byte, hash().Size()) } hmac := hmac.New(hash, salt) hmac.Write(ikm) return hmac.Sum(nil) }
func signHMAC(key []byte, data string) ([]byte, error) { hmac := hmac.New(sha256.New, []byte(key)) _, err := hmac.Write([]byte(data)) if err != nil { return nil, err } return hmac.Sum(nil), nil }
func (bucket *Bucket) sign(req *http.Request) { accessKeyId := bucket.Key secretAccessKey := bucket.Secret hmac := hmac.NewSHA1([]byte(secretAccessKey)) // method msg := req.Method + "\n" // md5sum if md5, present := req.Header["Content-MD5"]; present { msg += md5 } msg += "\n" // content-type if contentType, present := req.Header["Content-Type"]; present { msg += contentType } msg += "\n" // date msg += req.Header["Date"] + "\n" // write out first four hmac.Write([]byte(msg)) // add headers rawpath := req.URL.Path path := strings.TrimLeft(rawpath, "/") // resource resource := "/" + bucket.MainBucket + "/" + path hmac.Write([]byte(resource)) // get a base64 encoding of the signature encoded := new(bytes.Buffer) encoder := base64.NewEncoder(base64.StdEncoding, encoded) encoder.Write(hmac.Sum()) encoder.Close() signature := encoded.String() req.Header["Authorization"] = "AWS " + accessKeyId + ":" + signature }
func IronString(name, value string, key []byte, duration int64) string { if duration > 0 { value = fmt.Sprintf("%d:%s", time.Seconds()+duration, value) } message := fmt.Sprintf("%s|%s", strings.Replace(name, "|", `\|`, -1), value) hmac := ironHMAC(key) hmac.Write([]byte(message)) mac := base64.URLEncoding.EncodeToString(hmac.Sum()) return fmt.Sprintf("%s:%s", mac, value) }
// calcMac calculates HMAC-SHA-256 over the message using the passed secret key as // input to the HMAC. func calcMac(key [keyLen]byte, msg []byte) [securityParameter]byte { hmac := hmac.New(sha256.New, key[:]) hmac.Write(msg) h := hmac.Sum(nil) var mac [securityParameter]byte copy(mac[:], h[:securityParameter]) return mac }
// Create hash_ref suitable for later invocation of Check() func (s ScryptAuth) Hash(pw_cost uint, user_password, salt []byte) (hash_ref []byte, err error) { scrypt_hash, err := scrypt.Key(user_password, salt, 1<<pw_cost, s.R, s.P, KEYLENGTH) if err != nil { return } hmac := hmac.New(sha256.New, s.HmacKey) if _, err = hmac.Write(scrypt_hash); err != nil { return } hash_ref = hmac.Sum(nil) return }
// WithHMAC derives key of length outlen from the provided password, salt, // and the number of iterations using PKCS#5 PBKDF2 with the provided // hash function in HMAC. // // Caller is responsible to make sure that outlen < (2^32-1) * hash.Size(). func WithHMAC(hash func() hash.Hash, password []byte, salt []byte, iterations int, outlen int) []byte { out := make([]byte, outlen) hashSize := hash().Size() ibuf := make([]byte, 4) block := 1 p := out for outlen > 0 { clen := outlen if clen > hashSize { clen = hashSize } ibuf[0] = byte((block >> 24) & 0xff) ibuf[1] = byte((block >> 16) & 0xff) ibuf[2] = byte((block >> 8) & 0xff) ibuf[3] = byte((block) & 0xff) hmac := hmac.New(hash, password) hmac.Write(salt) hmac.Write(ibuf) tmp := hmac.Sum() for i := 0; i < clen; i++ { p[i] = tmp[i] } for j := 1; j < iterations; j++ { hmac.Reset() hmac.Write(tmp) tmp = hmac.Sum() for k := 0; k < clen; k++ { p[k] ^= tmp[k] } } outlen -= clen block++ p = p[clen:] } return out }
// Compute an authentication tag func (ctx *cbcAEAD) computeAuthTag(aad, nonce, ciphertext []byte) []byte { buffer := make([]byte, len(aad)+len(nonce)+len(ciphertext)+8) n := 0 n += copy(buffer, aad) n += copy(buffer[n:], nonce) n += copy(buffer[n:], ciphertext) binary.BigEndian.PutUint64(buffer[n:], uint64(len(aad)*8)) // According to documentation, Write() on hash.Hash never fails. hmac := hmac.New(ctx.hash, ctx.integrityKey) _, _ = hmac.Write(buffer) return hmac.Sum(nil)[:ctx.authtagBytes] }
func (bucket *Bucket) Sign(req *http.Request) { // gather the string to be signed // method msg := req.Method + "\n" // md5sum if md5, present := req.Header["Content-MD5"]; present { msg += md5 } msg += "\n" // content-type if contentType, present := req.Header["Content-Type"]; present { msg += contentType } msg += "\n" // date msg += req.Header["Date"] + "\n" // add headers for _, key := range AWS_HEADERS { if value, present := req.Header[key]; present { msg += key + ":" + value + "\n" } } // resource: the path components should be URL-encoded, but not the slashes resource := http.URLEscape("/" + bucket.bucket + req.URL.Path) resource = strings.Replace(resource, "%2f", "/", -1) msg += resource // create the signature hmac := hmac.NewSHA1([]byte(bucket.secret)) hmac.Write([]byte(msg)) // get a base64 encoding of the signature encoded := new(bytes.Buffer) encoder := base64.NewEncoder(base64.StdEncoding, encoded) encoder.Write(hmac.Sum()) encoder.Close() signature := encoded.String() req.Header["Authorization"] = "AWS " + bucket.key + ":" + signature }
// Compute the HMAC based on the given alg value func (ctx symmetricMac) hmac(payload []byte, alg SignatureAlgorithm) ([]byte, error) { var hash func() hash.Hash switch alg { case HS256: hash = sha256.New case HS384: hash = sha512.New384 case HS512: hash = sha512.New default: return nil, ErrUnsupportedAlgorithm } hmac := hmac.New(hash, ctx.key) // According to documentation, Write() on hash never fails _, _ = hmac.Write(payload) return hmac.Sum(nil), nil }
func (p *Propolis) SignRequest(req *http.Request) { // gather the string to be signed // method msg := req.Method + "\n" // md5sum msg += req.Header.Get("Content-MD5") + "\n" // content-type msg += req.Header.Get("Content-Type") + "\n" // date msg += req.Header.Get("Date") + "\n" // add headers for _, key := range AWS_HEADERS { if value := req.Header.Get(key); value != "" { msg += strings.ToLower(key) + ":" + value + "\n" } } // resource: the path components should be URL-encoded, but not the slashes u := new(url.URL) u.Path = "/" + p.Bucket + req.URL.Path msg += u.String() // create the signature hmac := hmac.NewSHA1([]byte(p.Secret)) hmac.Write([]byte(msg)) // get a base64 encoding of the signature var encoded bytes.Buffer encoder := base64.NewEncoder(base64.StdEncoding, &encoded) encoder.Write(hmac.Sum()) encoder.Close() signature := encoded.String() req.Header.Set("Authorization", "AWS "+p.Key+":"+signature) }
func (api Api) auth(request *Request) error { // extract api version number version, err := strconv.ParseInt(request.Path[0:1], 10, 8) if err != nil { return err } if version < 0 || version > 2 { return InvalidVersion(version) } // add the nonce value to the request parameters request.Parameters.Add("tonce", strconv.FormatInt(time.Now().UnixNano()/1000, 10)) // first decode secret b64 := base64.StdEncoding secret, err := b64.DecodeString(api.ApiSecret) if err != nil { return err } // the data we want to encode encodedData := request.Parameters.Encode() if version == 2 { // version 2 add the pathname for more entropy encodedData = request.Path[2:] + "\x00" + encodedData } // retrieve a sha512 hmac generator hmac := hmac.New(sha512.New, secret) // write our encoded data hmac.Write([]byte(encodedData)) signature := b64.EncodeToString(hmac.Sum(nil)) // add headers to request request.HttpRequest.Header.Add("Rest-Key", api.ApiKey) request.HttpRequest.Header.Add("Rest-Sign", signature) return nil }
func (app Application) ParseSignedRequest(r string) (parsed Map, err error) { var malformed = errors.New("Malformed Signed Request") parts := strings.Split(r, ".") if len(parts) != 2 { return nil, malformed } for _, part := range parts { if part == "" { return nil, malformed } } payload, err := base64.URLEncoding.DecodeString(pad64(parts[1])) if err != nil { return nil, malformed } err = json.Unmarshal(payload, &parsed) if err != nil { return nil, errors.New("Malformed Signed Request") } if parsed["algorithm"] != "HMAC-SHA256" { return nil, errors.New("Unknown algorithm " + parsed["algorithm"].(string)) } hmac := hmac.New(sha256.New, []byte(app.Secret)) hmac.Write([]byte(parts[1])) sig := base64.URLEncoding.EncodeToString(hmac.Sum(nil)) if pad64(parts[0]) != sig { return nil, errors.New("Bad Signature") } return }
func sign(auth Auth, method string, canonicalPath string, headers map[string][]string) { var md5, ctype, date string method = strings.ToLower(method) for k, v := range headers { k = strings.ToLower(k) switch k { case "content-md5": md5 = v[0] case "content-type": ctype = v[0] case "date": date = v[0] } } payload := method + "\n" + md5 + "\n" + ctype + "\n" + date + "\n" + canonicalPath hmac := hmac.New(sha1.New, []byte(auth.SecretKey)) hmac.Write([]byte(payload)) signature := make([]byte, base64.StdEncoding.EncodedLen(hmac.Size())) base64.StdEncoding.Encode(signature, hmac.Sum(nil)) headers["Authorization"] = []string{"AWS " + auth.AccessKey + ":" + string(signature)} }
func (this *HashHmacGenerator) Sha1(data []byte) []byte { hmac := hmac.New(sha1.New, this.EncryptionKey) hmac.Write(data) return hmac.Sum(nil) }
// sign some content using a specific key func sign(key []byte, content []byte) []byte { hmac := hmac.New(sha256.New, key) hmac.Write(content) return hmac.Sum(make([]byte, 0)) }