4

我正在构建一个经过 FIPS 验证的应用程序,并在我的计算机上打开了 FIPS 模式。我需要一个基于 SHA512 的 HMAC 函数。我知道 HMAC SHA1 函数经过 FIPS 验证,但我有一个经过 FIPS 验证的哈希函数 SHA512CryptoServiceProvider,我知道 FIPS 实际上允许 SHA512。FIPS 验证 HMAC SHA512 的 C# 中是否有类似的 HMAC 函数?

4

2 回答 2

7

有一个HMACSHA512 类,但它在内部使用SHA512Managed 类,它没有经过 FIPS 认证

您可以尝试基于SHA512CryptoServiceProvider 类创建自己的HMACSHA512 类

public class MyHMACSHA512 : HMAC
{
    public MyHMACSHA512(byte[] key)
    {
        HashName = "System.Security.Cryptography.SHA512CryptoServiceProvider";
        HashSizeValue = 512;
        BlockSizeValue = 128;
        Key = key;
    }
}
于 2012-01-31T13:53:34.810 回答
2

以下对我有用 - 我能够创建 AES 和 SHA256 FIPS 快乐 HMAC:

    /// <summary>Computes a Hash-based Message Authentication Code (HMAC) using the AES hash function.</summary>
    public class AesHmac : HMAC
    {
        /// <summary>Initializes a new instance of the AesHmac class with the specified key data.</summary>
        /// <param name="key">The secret key for AesHmac encryption.</param>
        public AesHmac(byte[] key)
        {
            HashName = "System.Security.Cryptography.AesCryptoServiceProvider";
            HashSizeValue = 128;
            BlockSizeValue = 128;
            Initialize();
            Key = (byte[])key.Clone();
        }
    }

    /// <summary>Computes a Hash-based Message Authentication Code (HMAC) using the SHA256 hash function.</summary>
    public class ShaHmac : HMAC
    {
        /// <summary>Initializes a new instance of the ShaHmac class with the specified key data.</summary>
        /// <param name="key">The secret key for ShaHmac encryption.</param>
        public ShaHmac(byte[] key)
        {
            HashName = "System.Security.Cryptography.SHA256CryptoServiceProvider";
            HashSizeValue = 256;
            BlockSizeValue = 128;
            Initialize();
            Key = (byte[])key.Clone();
        }
    }

谢谢,里奇

于 2012-05-07T18:58:16.873 回答