02-06-2007 10:46 AM
I would like to ask, if somebody already implemented HMAC algorithm with ABAP.
(http://tools.ietf.org/html/rfc2104#section-3). I need to calculate the HMAC-SHA1 hash code for authentification purposes.
thanks,
martin
02-06-2007 12:01 PM
My solution of HMAC implementation:
FUNCTION Z_CALCULATE_HMAC .
*"----------------------------------------------------------------------
*"*"Local Interface:
*" IMPORTING
*" REFERENCE(IV_HASH_ALG) TYPE HASHALG
*" REFERENCE(IV_MESSAGE) TYPE XSTRING
*" REFERENCE(IV_KEY) TYPE XSTRING
*" EXPORTING
*" REFERENCE(EV_HASH) TYPE HASH160
*"----------------------------------------------------------------------
* H(K XOR opad, H(K XOR ipad, text))
* B = 64 bytes
DATA: ipad_x TYPE xstring,
opad_x TYPE xstring,
key_x TYPE xstring,
x1 TYPE x,
x2 TYPE x,
x3 TYPE x,
length_key TYPE i,
chars_appended TYPE i,
xor1 TYPE xstring,
xor2 TYPE xstring,
ev_hash_x TYPE hash160x.
* -- index 0. - ipad, opad
* ipad = the byte 0x36 repeated B times
* opad = the byte 0x5C repeated B times.
x1 = '36'.
x2 = '5C'.
x3 = '00'.
DO 64 TIMES.
CONCATENATE ipad_x x1 INTO ipad_x IN BYTE MODE.
CONCATENATE opad_x x2 INTO opad_x IN BYTE MODE.
ENDDO.
* -- index 1. - extend key to 64 bytes
* append zeros to the end of K to create a B byte string
* (e.g., if K is of length 20 bytes and B=64, then K will be appended with 44 zero bytes 0x00)
* KEY is already sended in HEX format
key_x = iv_key.
length_key = XSTRLEN( key_x ).
chars_appended = 64 - length_key.
IF chars_appended > 0 .
DO chars_appended TIMES.
CONCATENATE key_x x3 INTO key_x IN BYTE MODE.
ENDDO.
ENDIF.
* -- index 2. - first calculation = Key XOR ipad
* XOR (bitwise exclusive-OR) the B byte string computed in step (1) with ipad
xor1 = key_x BIT-XOR ipad_x.
* -- index 3.
* append the stream of data 'text' to the B byte string resulting from step (2)
* message is sended already in HEX format
* iv_message_x = iv_message.
CONCATENATE xor1 iv_message INTO xor1 IN BYTE MODE.
* -- index 4.
* apply H to the stream generated in step (3)
CALL FUNCTION 'CALCULATE_HASH_FOR_RAW'
EXPORTING
alg = iv_hash_alg
data = xor1
* length = 20
IMPORTING
hashx = ev_hash_x.
* -- index 5.
* XOR (bitwise exclusive-OR) the B byte string computed in step (1) with opad
xor2 = key_x BIT-XOR opad_x.
* -- index 6.
* append the H result from step (4) to the B byte string resulting from step (5)
* iv_message_x = ev_hash_x.
CONCATENATE xor2 ev_hash_x INTO xor2 IN BYTE MODE.
* -- index 7.
* apply H to the stream generated in step (6) and output the result
CALL FUNCTION 'CALCULATE_HASH_FOR_RAW'
EXPORTING
alg = iv_hash_alg
data = xor2
IMPORTING
hash = ev_hash.
ENDFUNCTION.
Usage:
CALL FUNCTION 'Z_TFM_CALCULATE_HMAC'
EXPORTING
iv_hash_alg = 'SHA1'
iv_message = '4D415254494E' "MARTIN
iv_key = '42524154' "BRAT
IMPORTING
EV_HASH = LV_HASH .
regards,
martin
10-04-2007 12:12 AM
Hi Martin,
I am trying to use your function module but it's not giving the result that the vendor is expecting. We have a similiar requirement of generating trusted key based on shared secret key and user id parameter. The sample trusted key 4c076e4be0de707193002f8ec723909c generated from shared key 'secret' and parameter 'user_IDJSMITH' is not the same that i m getting from ur FM. Can you please advice.
Regards...
Vinay
02-09-2007 7:49 AM
09-23-2008 5:45 PM
The ABAP function modules CALCULATE_HMAC_FOR_CHAR and CALCULATE_HMAC_FOR_RAW are part of the standard shipment (SAP_BASIS) as of NetWeaver 7.1 - it was also downported to NetWeaver 7.0 Enhancement Pack 1 (see [SAP Note 1133249|https://service.sap.com/sap/support/notes/1133249]). Downports to older releases are not planned.
Best regards,
Wolfgang