Home/ Questions/Q 6095061
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-23T12:46:14+00:00

I have to calculate SHA-2 hash of an XOR encrypted string. I am using

  • 0

I have to calculate SHA-2 hash of an XOR encrypted string. I am using RSA BSafe library(very similar to OpenSSL). My XOR function looks something like this:

for (int i = 0; i < strlen(combined); i++)
{
    encrypted[i] = (combined[i] ^ authkey[i%strlen(authkey)]);

}

This produces some ‘\0’ chars (NullTerminations) inside the char array. After this I pass this encrypted string to my hmac() function.
Now the problem is that when BSafe HMAC calculates hashes on character arrays it does not expect ‘\0’ characters in between. How do I circumvent this problem? Even if the answer in given w.r.t functions in OpenSSL it would be helpful as both are very similar.

Thanks in advance!

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    With OpenSSL, you pass the length explicitly. The data containing NULLs does not matter.

    unsigned char *HMAC(const EVP_MD *evp_md, const void *key,
              int key_len, const unsigned char *d, int n,
              unsigned char *md, unsigned int *md_len);

    n is the length of your data, which is pointed to by d. Obviously, you must track the length of *d yourself, as strlen will not work. I would be shocked if BSafe doesn’t work the same way.

    Of course, as my comment said, using a one-time pad twice is horribly insecure. You almost certainly shouldn’t be re-implementing crypto primitives; doesn’t BSafe provide stream ciphers?

    • 0