All geek questions in one place

Verified FIPS application with HMAC function based on SHA512?

I am creating a FIPS approved application and will enable FIPS mode on my computer. I need a HMAC function, hopefully based on SHA512. I understand that the HMAC SHA1 function is verified by FIPS, but I have a SHA512CryptoServiceProvider hash function that is verified by FIPS, and I know that FIPS does indeed allow SHA512. Is there a similar HMAC feature in C # that makes FIPS a trusted HMAC SHA512?

+4
source share
2 answers

There is an HMACSHA512 class, but it uses the SHA512Managed Class , which is not FIPS certified .

You can try creating your own HMACSHA512 class based on the SHA512CryptoServiceProvider Class :

public class MyHMACSHA512 : HMAC { public MyHMACSHA512(byte[] key) { HashName = "System.Security.Cryptography.SHA512CryptoServiceProvider"; HashSizeValue = 512; BlockSizeValue = 128; Key = key; } }
+7
source

The following worked for me - I was able to create a happy HMAC AES and SHA256 FIPS:

  /// <summary>Computes a Hash-based Message Authentication Code (HMAC) using the AES hash function.</summary> public class AesHmac : HMAC { /// <summary>Initializes a new instance of the AesHmac class with the specified key data.</summary> /// <param name="key">The secret key for AesHmac encryption.</param> public AesHmac(byte[] key) { HashName = "System.Security.Cryptography.AesCryptoServiceProvider"; HashSizeValue = 128; BlockSizeValue = 128; Initialize(); Key = (byte[])key.Clone(); } } /// <summary>Computes a Hash-based Message Authentication Code (HMAC) using the SHA256 hash function.</summary> public class ShaHmac : HMAC { /// <summary>Initializes a new instance of the ShaHmac class with the specified key data.</summary> /// <param name="key">The secret key for ShaHmac encryption.</param> public ShaHmac(byte[] key) { HashName = "System.Security.Cryptography.SHA256CryptoServiceProvider"; HashSizeValue = 256; BlockSizeValue = 128; Initialize(); Key = (byte[])key.Clone(); } }

Thanks Ritchie

+2
source

Source: https://habr.com/ru/post/1393986/

More articles:


All Articles