为什么在实现HMAC-SHA256时会得到不正确的值? [英] Why do I get incorrect values when implementing HMAC-SHA256?

查看:205
本文介绍了为什么在实现HMAC-SHA256时会得到不正确的值?的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

我正在尝试在Rust中创建一个函数,该函数将返回HMAC-SHA256摘要.我一直根据 Wikipedia

I'm trying to make a function in Rust that will return a HMAC-SHA256 digest. I've been working from the description at Wikipedia and RFC 2104.

我一直在努力返回正确的HMAC.我正在将 ring 用于SHA256摘要,但是无论我如何尝试,我都可以似乎得到正确的结果.我怀疑这可能与.as_ref().to_vec()转换有关.即使那是真的,我也不知道该如何继续.并非RFC 2104中的所有内容都在以下代码中实现,但它突出了我的问题.

I've been struggling with returning the correct HMAC. I'm using ring for the SHA256 digests but no matter what I try, I can't seem to get the right result. I suspect it might have something to do with .as_ref().to_vec() conversions. Even if that's true, I don't know how to continue from that. Not everything from RFC 2104 is implemented in the following code, but it highlights my issue.

extern crate ring;
use ring::{digest, test};

pub fn hmac(k: Vec<u8>, mut m: Vec<u8>) -> Vec<u8> {
    // Initialize ipad and opad as byte vectors with SHA256 blocksize
    let ipad = vec![0x5C; 64];
    let opad = vec![0x36; 64];
    // iround and oround are used to seperate the two steps with XORing
    let mut iround = vec![];
    let mut oround = vec![];

    for count in 0..k.len() {
        iround.push(k[count] ^ ipad[count]);
        oround.push(k[count] ^ opad[count]);
    }

    iround.append(&mut m); // m is emptied here
    iround = (digest::digest(&digest::SHA256, &iround).as_ref()).to_vec();
    oround.append(&mut iround); // iround is emptied here
    oround = (digest::digest(&digest::SHA256, &oround).as_ref()).to_vec();
    let hashed_mac = oround.to_vec();

    return hashed_mac;
}

#[test]
fn test_hmac_digest() {
    let k = vec![0x61; 64];
    let m = vec![0x62; 64];
    let actual = hmac(k, m);
    // Expected value taken from: https://www.freeformatter.com/hmac-generator.html#ad-output
    let expected = test::from_hex("f6cbb37b326d36f2f27d294ac3bb46a6aac29c1c9936b985576041bfb338ae70").unwrap();
    assert_eq!(actual, expected);
}

这些是摘要:

Actual = [139, 141, 144, 52, 11, 3, 48, 112, 117, 7, 56, 151, 163, 65, 152, 195, 163, 164, 26, 250, 178, 100, 187, 230, 89, 61, 191, 164, 146, 228, 180, 62]

Expected = [246, 203, 179, 123, 50, 109, 54, 242, 242, 125, 41, 74, 195, 187, 70, 166, 170, 194, 156, 28, 153, 54, 185, 133, 87, 96, 65, 191, 179, 56, 174, 112]

推荐答案

如注释中所述,您已将字节替换为内部和外部填充.返回到维基百科页面:

As mentioned in a comment, you have swapped the bytes for the inner and outer padding. Refer back to the Wikipedia page:

o_key_pad = key xor [0x5c * blockSize]   //Outer padded key
i_key_pad = key xor [0x36 * blockSize]   //Inner padded key

这就是我对该功能的看法.我相信它的分配较少:

Here's what my take on the function would look like. I believe it has less allocation:

extern crate ring;

use ring::{digest, test};

const BLOCK_SIZE: usize = 64;

pub fn hmac(k: &[u8], m: &[u8]) -> Vec<u8> {
    assert_eq!(k.len(), BLOCK_SIZE);

    let mut i_key_pad: Vec<_> = k.iter().map(|&k| k ^ 0x36).collect();
    let mut o_key_pad: Vec<_> = k.iter().map(|&k| k ^ 0x5C).collect();

    i_key_pad.extend_from_slice(m);

    let hash = |v| digest::digest(&digest::SHA256, v);

    let a = hash(&i_key_pad);

    o_key_pad.extend_from_slice(a.as_ref());

    hash(&o_key_pad).as_ref().to_vec()
}

#[test]
fn test_hmac_digest() {
    let k = [0x61; BLOCK_SIZE];
    let m = [0x62; BLOCK_SIZE];
    let actual = hmac(&k, &m);

    // Expected value taken from: https://www.freeformatter.com/hmac-generator.html#ad-output
    let expected = test::from_hex("f6cbb37b326d36f2f27d294ac3bb46a6aac29c1c9936b985576041bfb338ae70").unwrap();
    assert_eq!(actual, expected);
}

这篇关于为什么在实现HMAC-SHA256时会得到不正确的值?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!

查看全文
相关文章
其他开发最新文章
热门教程
热门工具
登录 关闭
扫码关注1秒登录
发送“验证码”获取 | 15天全站免登陆