Hi All,
I've managed to solve the problem of getting the hmac in hex by using perl but
not quite. I've noticed that if the key (in hex) starts with 00..., the digest
given will be wrong. For example:
perl -e 'print
pack("H*","98b0c8e5000000012bdd55872b408bc9a50d7ec6ccdb4725760942ff7ef0110fd7987dbef89e2c334faca33170f0bab76d04acd9aa3bd01ac081a12c075b4f559574f741815e786ad39bfc21d3994138b5c58c919b6a85c2da609c80eb22bb47955138a4d9314f4adc3cf1d11a28dd1d107a3a4c6600c47a")'
|/home/raif/tools/bin/openssl dgst -md5 -hmac `perl -e 'print
pack("H*","c89f2d8eee56cde41aeb12948458c8b8")'`
will produce 388a7391df93eba9423b320aaee2b32b (which is correct - compared
against Hashcalc 2.02 from slavasoft)
Now, the same message is being digested but with different key (with two zeroes
in front - 128 bits length, same as above, length that is) :
perl -e 'print
pack("H*","98b0c8e5000000012bdd55872b408bc9a50d7ec6ccdb4725760942ff7ef0110fd7987dbef89e2c334faca33170f0bab76d04acd9aa3bd01ac081a12c075b4f559574f741815e786ad39bfc21d3994138b5c58c919b6a85c2da609c80eb22bb47955138a4d9314f4adc3cf1d11a28dd1d107a3a4c6600c47a")'
|/home/raif/tools/bin/openssl dgst -md5 -hmac `perl -e 'print
pack("H*","009f2d8eee56cde41aeb12948458c8b8")'`
will produce 79b80eeb128b94aa58589a11db67d63e but the correct answer is
8b6d8ced6f5b4bcf86a19a2f61266436
Is there some way for openssl to accept keys which start with 00 ?
Best regards
-raif
------------------------------------------------------------------
-
-
DISCLAIMER:
This e-mail (including any attachments) may contain confidential information.
If you are not the intended recipient, you are hereby notified that any dealing,
review, distribution, printing, copying or use of this e-mail is strictly
prohibited.
If you have received this email in error, please notify the sender or MIMOS
Berhad
immediately and delete the original message. Opinions, conclusions and other
information in this e-mail that do not relate to the official business of MIMOS
Berhad
and/or its subsidiaries shall be understood as neither given nor endorsed by
MIMOS
Berhad and/or its subsidiaries and neither MIMOS Berhad nor its subsidiaries
accepts
responsibility for the same. All liability arising from or in connection with
computer
viruses and/or corrupted e-mails is excluded to the fullest extent permitted by
law.
