HMACSHA1 클래스
SHA1 해시 기능을 사용하여 HMAC(해시 기반 메시지 인증 코드)를 계산합니다.
네임스페이스: System.Security.Cryptography
어셈블리: mscorlib(mscorlib.dll)
구문
‘선언
<ComVisibleAttribute(True)> _
Public Class HMACSHA1
Inherits HMAC
‘사용 방법
Dim instance As HMACSHA1
[ComVisibleAttribute(true)]
public class HMACSHA1 : HMAC
[ComVisibleAttribute(true)]
public ref class HMACSHA1 : public HMAC
/** @attribute ComVisibleAttribute(true) */
public class HMACSHA1 extends HMAC
ComVisibleAttribute(true)
public class HMACSHA1 extends HMAC
설명
HMACSHA1은 SHA1 해시 함수를 사용하여 구현되고 HMAC(해시 기반 메시지 인증 코드)로 사용되는 키 지정 해시 알고리즘입니다. HMAC 프로세스는 비밀 키를 메시지 데이터와 혼합하여 그 결과를 해시 함수로 해시한 다음 해시 값을 다시 비밀 키와 혼합한 후 해시 함수를 한 번 더 적용합니다. 출력 해시의 길이는 160비트입니다.
HMAC는 송신자와 수신자가 비밀 키를 공유할 경우 보안되지 않은 채널을 통해 보낸 메시지가 훼손되었는지 여부를 확인하는 데 사용할 수 있습니다. 송신자는 원래 데이터의 해시 값을 계산하여 원래 데이터와 해시 값을 모두 단일 메시지로 보냅니다. 수신자는 받은 메시지에 대해 해시 값을 다시 계산하고 계산된 HMAC가 전송된 HMAC와 일치하는지 확인합니다.
메시지를 변경하거나 올바른 해시 값을 다시 만들기 위해서는 비밀 키를 알아야 하므로 데이터나 해시 값을 변경하면 불일치 상태가 발생합니다. 그러므로 원래 해시 값과 계산된 해시 값이 일치할 경우 메시지가 인증됩니다.
SHA-1(Secure Hash Algorithm, SHS 및 Secure Hash Standard로도 불림)은 미국 정부에서 공개한 암호화 해시 알고리즘입니다. 이 알고리즘은 임의의 길이의 문자열에서 160비트 해시 값을 생성합니다.
HMACSHA1은 모든 크기의 키를 허용하며 길이가 160비트인 해시 시퀀스를 생성합니다.
예제
다음 코드 예제에서는 HMACSHA1을 사용하여 파일을 인코딩한 다음 디코딩하는 방법을 보여 줍니다.
using System;
using System.IO;
using System.Security.Cryptography;
public class HMACSHA1example
{
// Computes a keyed hash for a source file, creates a target file with the keyed hash
// prepended to the contents of the source file, then decrypts the file and compares
// the source and the decrypted files.
public static void EncodeFile(byte[] key, String sourceFile, String destFile)
{
// Initialize the keyed hash object.
HMACSHA1 myhmacsha1 = new HMACSHA1(key);
FileStream inStream = new FileStream(sourceFile, FileMode.Open);
FileStream outStream = new FileStream(destFile, FileMode.Create);
// Compute the hash of the input file.
byte[] hashValue = myhmacsha1.ComputeHash(inStream);
// Reset inStream to the beginning of the file.
inStream.Position = 0;
// Write the computed hash value to the output file.
outStream.Write(hashValue, 0, hashValue.Length);
// Copy the contents of the sourceFile to the destFile.
int bytesRead;
// read 1K at a time
byte[] buffer = new byte[1024];
do
{
// Read from the wrapping CryptoStream.
bytesRead = inStream.Read(buffer,0,1024);
outStream.Write(buffer, 0, bytesRead);
} while (bytesRead > 0);
myhmacsha1.Clear();
// Close the streams
inStream.Close();
outStream.Close();
return;
} // end EncodeFile
// Decrypt the encoded file and compare to original file.
public static bool DecodeFile(byte[] key, String sourceFile)
{
// Initialize the keyed hash object.
HMACSHA1 hmacsha1 = new HMACSHA1(key);
// Create an array to hold the keyed hash value read from the file.
byte[] storedHash = new byte[hmacsha1.HashSize/8];
// Create a FileStream for the source file.
FileStream inStream = new FileStream(sourceFile, FileMode.Open);
// Read in the storedHash.
inStream.Read(storedHash, 0, storedHash.Length);
// Compute the hash of the remaining contents of the file.
// The stream is properly positioned at the beginning of the content,
// immediately after the stored hash value.
byte[] computedHash = hmacsha1.ComputeHash(inStream);
// compare the computed hash with the stored value
for (int i =0; i < storedHash.Length; i++)
{
if (computedHash[i] != storedHash[i])
{
Console.WriteLine("Hash values differ! Encoded file has been tampered with!");
return false;
}
}
Console.WriteLine("Hash values agree -- no tampering occurred.");
return true;
} //end DecodeFile
private const string usageText = "Usage: HMACSHA1 inputfile.txt encryptedfile.hsh\nYou must specify the two file names. Only the first file must exist.\n";
public static void Main(string[] Fileargs)
{
//If no file names are specified, write usage text.
if (Fileargs.Length < 2)
{
Console.WriteLine(usageText);
}
else
{
try
{
// Create a random key using a random number generator. This would be the
// secret key shared by sender and receiver.
byte[] secretkey = new Byte[64];
//RNGCryptoServiceProvider is an implementation of a random number generator.
RNGCryptoServiceProvider rng = new RNGCryptoServiceProvider();
// The array is now filled with cryptographically strong random bytes.
rng.GetBytes(secretkey);
// Use the secret key to encode the message file.
EncodeFile(secretkey, Fileargs[0], Fileargs[1]);
// Take the encoded file and decode
DecodeFile(secretkey, Fileargs[1]);
}
catch (IOException e)
{
Console.WriteLine("Error: File not found",e);
}
} //end if-else
} //end main
} //end class
using namespace System;
using namespace System::IO;
using namespace System::Security::Cryptography;
// Computes a keyed hash for a source file, creates a target file with the keyed hash
// prepended to the contents of the source file, then decrypts the file and compares
// the source and the decrypted files.
void EncodeFile( array<Byte>^key, String^ sourceFile, String^ destFile )
{
// Initialize the keyed hash object.
HMACSHA1^ myhmacsha1 = gcnew HMACSHA1( key );
FileStream^ inStream = gcnew FileStream( sourceFile,FileMode::Open );
FileStream^ outStream = gcnew FileStream( destFile,FileMode::Create );
// Compute the hash of the input file.
array<Byte>^hashValue = myhmacsha1->ComputeHash( inStream );
// Reset inStream to the beginning of the file.
inStream->Position = 0;
// Write the computed hash value to the output file.
outStream->Write( hashValue, 0, hashValue->Length );
// Copy the contents of the sourceFile to the destFile.
int bytesRead;
// read 1K at a time
array<Byte>^buffer = gcnew array<Byte>(1024);
do
{
// Read from the wrapping CryptoStream.
bytesRead = inStream->Read( buffer, 0, 1024 );
outStream->Write( buffer, 0, bytesRead );
}
while ( bytesRead > 0 );
myhmacsha1->Clear();
// Close the streams
inStream->Close();
outStream->Close();
return;
} // end EncodeFile
// Decrypt the encoded file and compare to original file.
bool DecodeFile( array<Byte>^key, String^ sourceFile )
{
// Initialize the keyed hash object.
HMACSHA1^ hmacsha1 = gcnew HMACSHA1( key );
// Create an array to hold the keyed hash value read from the file.
array<Byte>^storedHash = gcnew array<Byte>(hmacsha1->HashSize / 8);
// Create a FileStream for the source file.
FileStream^ inStream = gcnew FileStream( sourceFile,FileMode::Open );
// Read in the storedHash.
inStream->Read( storedHash, 0, storedHash->Length );
// Compute the hash of the remaining contents of the file.
// The stream is properly positioned at the beginning of the content,
// immediately after the stored hash value.
array<Byte>^computedHash = hmacsha1->ComputeHash( inStream );
// compare the computed hash with the stored value
for ( int i = 0; i < storedHash->Length; i++ )
{
if ( computedHash[ i ] != storedHash[ i ] )
{
Console::WriteLine( "Hash values differ! Encoded file has been tampered with!" );
return false;
}
}
Console::WriteLine( "Hash values agree -- no tampering occurred." );
return true;
} //end DecodeFile
int main()
{
array<String^>^Fileargs = Environment::GetCommandLineArgs();
String^ usageText = "Usage: HMACSHA1 inputfile.txt encryptedfile.hsh\nYou must specify the two file names. Only the first file must exist.\n";
//If no file names are specified, write usage text.
if ( Fileargs->Length < 3 )
{
Console::WriteLine( usageText );
}
else
{
try
{
// Create a random key using a random number generator. This would be the
// secret key shared by sender and receiver.
array<Byte>^secretkey = gcnew array<Byte>(64);
//RNGCryptoServiceProvider is an implementation of a random number generator.
RNGCryptoServiceProvider^ rng = gcnew RNGCryptoServiceProvider;
// The array is now filled with cryptographically strong random bytes.
rng->GetBytes( secretkey );
// Use the secret key to encode the message file.
EncodeFile( secretkey, Fileargs[ 1 ], Fileargs[ 2 ] );
// Take the encoded file and decode
DecodeFile( secretkey, Fileargs[ 2 ] );
}
catch ( IOException^ e )
{
Console::WriteLine( "Error: File not found", e );
}
}
} //end main
import System.*;
import System.IO.*;
import System.Security.Cryptography.*;
public class HMACSHA1Example
{
// Computes a keyed hash for a source file, creates a target file with the
// keyed hash prepended to the contents of the source file, then decrypts
// the file and compares the source and the decrypted files.
public static void EncodeFile(ubyte key[], String sourceFile,
String destFile)
{
// Initialize the keyed hash object.
HMACSHA1 myhmacsha1 = new HMACSHA1(key);
FileStream inStream = new FileStream(sourceFile, FileMode.Open);
FileStream outStream = new FileStream(destFile, FileMode.Create);
// Compute the hash of the input file.
ubyte hashValue[] = myhmacsha1.ComputeHash(inStream);
// Reset inStream to the beginning of the file.
inStream.set_Position(0);
// Write the computed hash value to the output file.
outStream.Write(hashValue, 0, hashValue.length);
// Copy the contents of the sourceFile to the destFile.
int bytesRead;
// read 1K at a time
ubyte buffer[] = new ubyte[1024];
do {
// Read from the wrapping CryptoStream.
bytesRead = inStream.Read(buffer, 0, 1024);
outStream.Write(buffer, 0, bytesRead);
} while (bytesRead > 0);
myhmacsha1.Clear();
// Close the streams
inStream.Close();
outStream.Close();
return;
} // end EncodeFile
// Decrypt the encoded file and compare to original file.
public static boolean DecodeFile(ubyte key[], String sourceFile)
{
// Initialize the keyed hash object.
HMACSHA1 hmacsha1 = new HMACSHA1(key);
// Create an array to hold the keyed hash value read from the file.
ubyte storedHash[] = new ubyte[hmacsha1.get_HashSize() / 8];
// Create a FileStream for the source file.
FileStream inStream = new FileStream(sourceFile, FileMode.Open);
// Read in the storedHash.
inStream.Read(storedHash, 0, storedHash.length);
// Compute the hash of the remaining contents of the file.
// The stream is properly positioned at the beginning of the content,
// immediately after the stored hash value.
ubyte computedHash[] = hmacsha1.ComputeHash(inStream);
// compare the computed hash with the stored value
for (int i = 0; i < storedHash.length; i++) {
if (computedHash.get_Item(i) != storedHash.get_Item(i)) {
Console.WriteLine("Hash values differ! Encoded file has been "
+ " tampered with!");
return false;
}
}
Console.WriteLine("Hash values agree -- no tampering occurred.");
return true;
} //DecodeFile //end DecodeFile
private static String usageText = "Usage: HMACSHA1 inputfile.txt "
+ "encryptedfile.hsh\nYou must specify the two file names. Only "
+ "the first file must exist.\n";
public static void main(String[] fileargs)
{
//If no file names are specified, write usage text.
if (fileargs.length < 2) {
Console.WriteLine(usageText);
}
else {
try {
// Create a random key using a random number generator. This
// would be the secret key shared by sender and receiver.
ubyte secretKey[] = new ubyte[64];
// RNGCryptoServiceProvider is an implementation of a random
// number generator.
RNGCryptoServiceProvider rng = new RNGCryptoServiceProvider();
// The array is now filled with cryptographically strong
// random bytes.
rng.GetBytes(secretKey);
// Use the secret key to encode the message file.
EncodeFile(secretKey, fileargs[0], fileargs[1]);
// Take the encoded file and decode
DecodeFile(secretKey, fileargs[1]);
}
catch (IOException e) {
Console.WriteLine("Error: File not found", e);
}
}//end if-else
} //end main
} //end class HMACSHA1Example
상속 계층 구조
System.Object
System.Security.Cryptography.HashAlgorithm
System.Security.Cryptography.KeyedHashAlgorithm
System.Security.Cryptography.HMAC
System.Security.Cryptography.HMACSHA1
스레드로부터의 안전성
이 형식의 모든 public static(Visual Basic의 경우 Shared) 멤버는 스레드로부터 안전합니다. 인터페이스 멤버는 스레드로부터 안전하지 않습니다.
플랫폼
Windows 98, Windows 2000 SP4, Windows Millennium Edition, Windows Server 2003, Windows XP Media Center Edition, Windows XP Professional x64 Edition, Windows XP SP2, Windows XP Starter Edition
.NET Framework에서 모든 플래폼의 모든 버전을 지원하지는 않습니다. 지원되는 버전의 목록은 시스템 요구 사항을 참조하십시오.
버전 정보
.NET Framework
2.0, 1.1, 1.0에서 지원
참고 항목
참조
HMACSHA1 멤버
System.Security.Cryptography 네임스페이스