最近,我一直在深入研究密码学,并获得在Excel中工作的散列和加密函数,我可能会在我正在使用的项目中使用这些函数。PBKDF2 Excel UDF以及如何连接INT(i)
我简单的散列函数使用的工作,例如:
Function Hash(ByVal plainText As String)
Dim utf8Encoding As Object
Dim hashManager As Object
Dim hashBytes() As Byte
Set utf8Encoding = CreateObject("System.Text.UTF8Encoding")
Set hashManager = CreateObject("System.Security.Cryptography.SHA512Managed")
hashBytes = utf8Encoding.GetBytes_4(plainText)
hashBytes = hashManager.ComputeHash_2(hashBytes)
Hash = Encode(hashBytes, edHex)
Set utf8Encoding = Nothing
Set hashManager = Nothing
End Function
要编码的结果我有一个创建了一个功能:
Function Encode(ByRef arrData() As Byte, ByVal dataType As endecodeDataType) As String
Dim domDoc As Object
Set domDoc = CreateObject("MSXML2.DOMDocument")
With domDoc
.LoadXML "<root />"
Select Case dataType
Case edBase64
.DocumentElement.dataType = "bin.base64"
Case edHex
.DocumentElement.dataType = "bin.hex"
End Select
.DocumentElement.nodeTypedValue = arrData
End With
Encode = domDoc.DocumentElement.Text
Set domDoc = Nothing
End Function
这些组合给了我完全可验证的结果。 更多的研究后,我现在工作的一个PBKDF2功能:
- 规格:
- 测试向量:https://tools.ietf.org/html/rfc6070
我第一次尝试寻找到 'Rfc2898DeriveBytes' 如下:
Dim hashManager As Object
Set hashManager = CreateObject("System.Security.Cryptography.Rfc2898DeriveBytes")
但是,这给出了一个错误,指出无法创建ActiveX组件。
除了错误和试图了解PBKDF2的基本知识,学习是为了与比特/字节工作,我创建了以下功能:
编辑:现在我只关注上为dkLen < =为hLen
Function PBKDF2(ByVal password As String, _
ByVal hashIterations As Long, _
ByVal salt As String, _
Optional ByVal encodeHash As hashEncoding = heBase64) As Variant
Dim utf8Encoding As Object
Dim hashManager As Object
Dim hmacKeyBytes() As Byte
Dim saltBytes() As Byte
Dim hmacBytes() As Byte
Dim tempBytes() As Byte
Dim i As Long
'Create encoding and crypto objects
Set utf8Encoding = CreateObject("System.Text.UTF8Encoding")
Set hashManager = CreateObject("System.Security.Cryptography.HMACSHA1")
'Encode the key and salt to bytes
hmacKeyBytes = utf8Encoding.GetBytes_4(password)
saltBytes = utf8Encoding.GetBytes_4(salt)
'Concatenate salt and INT(i) - INT (i) is a four-octet encoding of the integer i, most significant octet first.
'Set the key in the crypto class
hashManager.key = hmacKeyBytes
'Compute HMAC from salt
hmacBytes = hashManager.ComputeHash_2(saltBytes)
tempBytes = hmacBytes
'HMAC iterations
For i = 1 To hashIterations
tempBytes = hashManager.ComputeHash_2(tempBytes)
hmacBytes = XorBytes(tempBytes, hmacBytes)
Next i
'ToDo: extract the first dkLen octets to produce a derived key DK
'Base64, Hex, or Byte() output
If encodeHash = heBase64 Then
PBKDF2 = Encode(hmacBytes, edBase64)
ElseIf encodeHash = heHex Then
PBKDF2 = Encode(hmacBytes, edHex)
End If
Set hashManager = Nothing
Set utf8Encoding = Nothing
End Function
哪里定义给xorBytes为:
Function XorBytes(ByRef byte1() As Byte, ByRef byte2() As Byte) As Byte()
Dim tempBytes() As Byte
Dim len1 As Long
Dim i As Long
len1 = UBound(byte1)
ReDim tempBytes(len1)
For i = 0 To len1
tempBytes(i) = byte1(i) Xor byte2(i)
Next i
XorBytes = tempBytes
End Function
我相信我的基本知识是正确的。我不知道如何解决的一件事是如何将INT(i)连接到salt。规格状态:
U_1 = PRF(P,S || INT(i))的
这里,INT(i)是对整数i的四个八位字节的编码,最显著八位位组第一位。
如何在我的VBA代码中实现这个功能?我希望这使我接近这个测试向量:
- 输入
- P = “密码”(8个字节)
- S = “盐”(4个八比特组)
- C = 1
- 为dkLen = 20
- 输出
- DK = 0C 60 C8 0F 96 1F 0E 71 F3 A9 B5 24 AF 60 12 06 2F E0 37 A6(20个八位字节)
其中是'endecodeDataType'定义? ..它是图书馆的一部分吗? – jsotola
jsotola,我编辑了答案,包括使用的两个枚举和HMAC函数 – Jelmer