Thread: HMAC of a directory

im supposed to create a program that checks the HMAC of a directory and then store it in a seperate file. The following program does it for a file. I have a feeling that i would need to use a for loop or something to that effect,but ive been known to be wrong before. If anyone can help me I would appreciate it.

Code:

# include <stdio .h>

# include <string .h>

# include <openssl /evp.h>

int main (int argc , char ** argv )

{

char key [] = " This is the HMAC key";

unsigned char result [ EVP_MAX_MD_SIZE ];

char * data ;

int i, size , *len ;

FILE *fp;

/* Open input file */

if ( argc != 2)

{

fprintf (stderr , " Usage : %s filename \n", argv [0]);

abort ();

}

fp = fopen ( argv [1] , "rb");

if (! fp)

{

fprintf (stderr , " Cannot open file %s\n", argv [1]);

abort ();

}

/* Read file into the data buffer */

fseek (fp , 0, SEEK_END );

size = ftell (fp );

rewind (fp );

data = ( char *) malloc ( size );

3

fread (data , 1, size , fp );

fclose (fp );

/* Compute HMAC */

HMAC ( EVP_sha256 (), key , strlen ( key), data , size , result , len );

/* Output result */

printf (" The HMAC of file %s is: ", argv [1]);

for (i = 0; i < *len ; i++)

printf (" %02x", result [i ]);

printf ("\n");

return 0;
}

You'll have to find out what exactly is meant by the "HMAC of a directory". Are you supposed to find the digest of each file in the directory? The digest of all files concatenated?

If you're on a Unix-like system, you can use opendir() and readdir() to do directory access. POSIX 2008 also added the scandir() function, but many systems that predate POSIX 2008 support it, too.

Originally Posted by cas

You'll have to find out what exactly is meant by the "HMAC of a directory". Are you supposed to find the digest of each file in the directory? The digest of all files concatenated?

If you're on a Unix-like system, you can use opendir() and readdir() to do directory access. POSIX 2008 also added the scandir() function, but many systems that predate POSIX 2008 support it, too.

yeah,its essentially each file in a directory and im using backtrack to do it. so i would just what,add it into a for loop or something?

Im now having an issue with segmentation fault. If anyone can help me id appreciate it.

Code:

#include<stdio.h>
#include<string.h>
#include<dirent.h>
#include<openssl/evp.h>
#include<openssl/hmac.h>

int main (int argc , char ** argv )
{
struct dirent* dent;
char key [] = " This is the HMAC key";
unsigned char result [ EVP_MAX_MD_SIZE ];
char * data ;
int i, size , *len ;
DIR* dir=opendir("..");
FILE *fp;


/* Open input file */

if ( argc != 2)
{
fprintf (stderr , " Usage : %s filename \n", argv [0]);
abort ();
}
fp = fopen ( argv [1] , "rb");
if (! fp)
{
fprintf (stderr , " Cannot open file %s\n", argv [1]);
abort ();
}

/* Read file into the data buffer */
if(dir)
{
while((dent=readdir(dir)))
{


fseek (fp , 0, SEEK_END );
size = ftell (fp );
rewind (fp );
data = ( char *) malloc ( size );
fread (data , 1, size , fp );
fclose (fp );

/* Compute HMAC */

HMAC ( EVP_sha256 (), key , strlen ( key), data , size , result , len );
}
closedir(dir);
}

/* Output result */

printf (" The HMAC of file %s is: ", argv [1]);
for (i = 0; i < *len ; i++)
printf (" %02x", result [i ]);
printf ("\n");
return 0;
}

Fix your indentation, your code is hard to read. http://sourceforge.net/apps/mediawik...le=Indentation

Code:

#include<stdio.h>
#include<string.h>
#include<dirent.h>
#include<openssl/evp.h>
#include<openssl/hmac.h>

int main (int argc , char ** argv )
{
   struct dirent* dent;
   char key [] = " This is the HMAC key";
   unsigned char result [ EVP_MAX_MD_SIZE ];
   char * data ;
   int i, size , *len ;
   DIR* dir=opendir("..");
   FILE *fp;


/* Open input file */

if ( argc != 2)
{
   fprintf (stderr , " Usage : %s filename \n", argv [0]);
   abort ();
}
fp = fopen ( argv [1] , "rb");
if (! fp)
{
   fprintf (stderr , " Cannot open file %s\n", argv [1]);
   abort ();
}

/* Read file into the data buffer */

if(dir)
{
while((dent=readdir(dir)))
{
   fseek (fp , 0, SEEK_END );
   size = ftell (fp );
   rewind (fp );
   data = ( char *) malloc ( size );
   fread (data , 1, size , fp );
   fclose (fp );

/* Compute HMAC */

  HMAC ( EVP_sha256 (), key , strlen ( key), data , size , result , len );
}
closedir(dir);
}

/* Output result */

printf (" The HMAC of file %s is: ", argv [1]);
for (i = 0; i < *len ; i++)
printf (" %02x", result [i ]);
printf ("\n");
return 0;
}

Better, but still could use some work. Witness:

Code:

#include<stdio.h>
#include<string.h>
#include<dirent.h>
#include<openssl/evp.h>
#include<openssl/hmac.h>


int main (int argc , char ** argv )
{
    struct dirent* dent;
    char key [] = " This is the HMAC key";
    unsigned char result [ EVP_MAX_MD_SIZE ];
    char * data ;
    int i, size , *len ;
    DIR* dir=opendir("..");
    FILE *fp;




    /* Open input file */


    if ( argc != 2)
    {
        fprintf (stderr , " Usage : %s filename \n", argv [0]);
        abort ();
    }
    fp = fopen ( argv [1] , "rb");
    if (! fp)
    {
        fprintf (stderr , " Cannot open file %s\n", argv [1]);
        abort ();
    }


    /* Read file into the data buffer */


    if(dir)
    {
        while((dent=readdir(dir)))
        {
            fseek (fp , 0, SEEK_END );
            size = ftell (fp );
            rewind (fp );
            data = ( char *) malloc ( size );
            fread (data , 1, size , fp );
            fclose (fp );


            /* Compute HMAC */


            HMAC ( EVP_sha256 (), key , strlen ( key), data , size , result , len );
        }
        closedir(dir);
    }


    /* Output result */


    printf (" The HMAC of file %s is: ", argv [1]);
    for (i = 0; i < *len ; i++)
        printf (" %02x", result [i ]);
    printf ("\n");
    return 0;
}

I don't know the HMAC function, but I would guess your problem is that len doesn't actually point anywhere. Most likely, the HMAC function wants a pointer to an integer, so it can pass back the length of something via the len parameter. You probably need to declare len as a plain integer, then pass in it's address:

Code:

int len;
...
HMAC(..., &len);

Also, I don't know if this matters, but does data need to be null terminated? If so, you need to malloc size+1 bytes, and set data[size] = '\0'.

noted,but out of curiouisty. Its the first time ive used the dirent library. did I implement it right?

It looks fine, but did you test it? Did you try printing some relevant info from the dent variable each time through the loop to see if it works as expected? There's absolutely no point in using the dirent library unless you make use of the dent variable somewhere. Currently, you call HMAC repeatedly, with what appears to be a bad parameter (len), which is more likely the cause of your seg fault.