HMAC产生错误的结果 [英] HMAC produces wrong results
问题描述
所有这些对我来说都是新事物,所以请原谅我的笨拙问题.
All of this is new to me so please forgive my noobish question.
我正在尝试逐步找出HMAC.
I'm trying to figure out HMAC step by step.
假设我有以下SHA-1方法:
Let's say I have a following SHA-1 method:
public static string SHA_1(string input)
{
SHA1CryptoServiceProvider mySha = new SHA1CryptoServiceProvider();
string temp = BitConverter.ToString(mySha.ComputeHash(Encoding.UTF8.GetBytes(input)));
temp = temp.Replace("-", "").ToUpper();
return temp;
}
它接收纯文本字符串;
It receives a plain text string;
比方说,我的秘密密钥是"(空字符串),消息也是如此; HMAC应该是:fbdb1d1b18aa6c08324b7d64b71fb76370690e1d
Let's say my secret key is "" (empty string) and so is the message; The HMAC is supposed to be: fbdb1d1b18aa6c08324b7d64b71fb76370690e1d
现在那是我有点迷路的地方.我会按照我的理解写下这些步骤,如果我错了(或者我错了),请纠正我.
Now that's where I am a bit lost. I'll write down the steps as I understand them and please correct me if I am wrong (or where I am wrong rather).
- 如果密钥短于64个字节,则需要用0填充. 因此,填充的密钥为0x00(x64-因为密钥为空,否则为64-key.Length);
- 每个64个字节长的两个常量是:
- If the key is shorter than 64 bytes I need to pad it with 0's. So the padded key is 0x00 (x64 - because the key is empty, otherwise it's 64-key.Length);
- Two constants each 64 bytes long are:
ipad = 0x36(x64)
ipad = 0x36 (x64)
opad = 0x5c(x64)
opad = 0x5c (x64)
- 因为键为空字符串,异或运算结果与opad和ipad相同,即
ipad XOR键= ipad
ipad XOR key = ipad
opad XOR键= opad
opad XOR key = opad
- 此时,剩下要做的就是计算HMAC本身.
所以:HMAC = Hash(opad || Hash(ipad || message))就是这样.
So: HMAC = Hash(opad || Hash(ipad || message)) and that should be it.
但是我不确定如何执行此操作. 该消息是文本字符串. opad和ipad是uint/byte数组.我也可以将它们转换为ASCII并分别接收:
But I am not sure how to execute this. The message is a text string. opad and ipad are uint/byte arrays. I can convert them to ASCII as well and receive respectively:
ipad_str ="6666666666 ..." x64
ipad_str = "6666666666..." x64
opad_str ="\\\\\\\ ...." x64
opad_str = "\\\\\\\...." x64
现在我的HMAC应该是:
Now my HMAC is supposed to be:
HMAC = SHA_1("\\\\\\ ...." + SHA_1("6666666 ...."))
HMAC = SHA_1("\\\\\\...."+ SHA_1("6666666...."))
,但结果不匹配.相反,它是: 4DCF4B8D646EBD77EB704A9240BFA429078131A2
but the result doesn't match. Instead it is: 4DCF4B8D646EBD77EB704A9240BFA429078131A2
我在这里想念什么?是否也必须填充空消息? 我怀疑我误解了串联,但是我不确定我还有其他选择.我应该将ipad和opad保留为十六进制吗? SHA1方法接收字符串,因此我必须转换为某种字符串,但我无法弄清楚到底是什么类型.
What am I missing here? Does the empty message have to be padded as well? I suspect that I misinterpret the concatenation, but I am not sure what other options I have. Should I leave ipad and opad as hex? SHA1 methods receives string so I must convert to some sort of a string, I just can't figure out what type exactly.
任何帮助将不胜感激. 在此先感谢您,新年快乐!
Any help would be greatly appreciated. Thanks in advance and Happy New Year!
推荐答案
我的方法存在的问题非常明显,甚至不好笑.在附加opad和内部哈希的结果时,我将内部哈希保留为十六进制格式,但将其视为ASCII,结果104个字节被发送到外部哈希而不是84个字节.所以解决方案类似于:HMAC = SHA_1( opad + HexToASCII(SHA_1(ipad)));
The problem with my method was so obvious, it's not even funny. While appending the result of the opad and inner hash I left the inner hash in hex format but treated it as ASCII, as a result 104 bytes were sent to the outer hash instead of 84. So the solution is something like: HMAC = SHA_1(opad + HexToASCII(SHA_1(ipad)));
这篇关于HMAC产生错误的结果的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
