.Net equivalent of OpenSSL's libeay32-library (HMAC based on SHA1)?

[Kenneth Priisholm]

Hi all.

I need to implement a Hashed Message Authentication Code based on the SHA1
algorithm, that is equivalent to OpenSSL's "libeay32"-library. I already
tried implementing the off-the-shelf System.Security.Cryptography.HMACSHA1
as showed below;

class HmacSHA1Generator:
{
private System.Security.Cryptography.HMACSHA1 _hs;
private System.Text.Encoding _e;

public HmacSHA1Generator(System.Text.Encoding encoding)
{
_e = encoding;
_hs = new HMACSHA1();
}

public byte[] Generate(string key, string data)
{
byte[] bKey = _e.GetBytes(key);
byte[] bData = _e.GetBytes(data);
_hs.Key = bKey;

return _hs.ComputeHash(bData);
}
}

This, however, does not give the same results as libeay32's output, and
trying to use this library, both referencing direct from VS and installing
it wth RegSvr32 fails, so this doesn't seem to be a viable road. So I'm
kinda stuck here, wondering if anybody else has had the joy of trying to
support the HMAC-functionality of libeay32?

Best regards,
//Ken

[Paul Glavich [MVP - ASP.NET]]

I have not had to support the functionality you mention, however I have
written a very basic .Net wrapper for openSSL. It involves a Win32 wrapper
which abstracts some of the openSSL base calls into a more aggregated form,
and then imported that into a .Net wrapper.

Some of the structures are huge in openSSL and I did not want to try and
convert/marshall all of them. Like I said, its a pretty basic
implementation, but would be easily modified to do what you want. If you are
interested, send me an email at [email]glav@aspalliance.com[/email]-NOSPAM (obviously dont
include the -NOSPAM part of my email address.) and I'll send it your way.

There are third party components such as IP*Works SSL component but I have
not personally used this to do what you mention.

--
- Paul Glavich
Microsoft MVP - ASP.NET


"Kenneth Priisholm" <kpr-at-2bm-dot-dk> wrote in message
news:egJaaY0NEHA.644@tk2msftngp13.phx.gbl...

> Hi all.
>
> I need to implement a Hashed Message Authentication Code based on the SHA1
> algorithm, that is equivalent to OpenSSL's "libeay32"-library. I already
> tried implementing the off-the-shelf System.Security.Cryptography.HMACSHA1
> as showed below;
>
> class HmacSHA1Generator:
> {
> private System.Security.Cryptography.HMACSHA1 _hs;
> private System.Text.Encoding _e;
>
> public HmacSHA1Generator(System.Text.Encoding encoding)
> {
> _e = encoding;
> _hs = new HMACSHA1();
> }
>
> public byte[] Generate(string key, string data)
> {
> byte[] bKey = _e.GetBytes(key);
> byte[] bData = _e.GetBytes(data);
> _hs.Key = bKey;
>
> return _hs.ComputeHash(bData);
> }
> }
>
> This, however, does not give the same results as libeay32's output, and
> trying to use this library, both referencing direct from VS and installing
> it wth RegSvr32 fails, so this doesn't seem to be a viable road. So I'm
> kinda stuck here, wondering if anybody else has had the joy of trying to
> support the HMAC-functionality of libeay32?
>
> Best regards,
> //Ken
>
>