On Wed, Jun 4, 2008 at 5:26 PM, Robert Greig <[EMAIL PROTECTED]> wrote:
> 2008/6/4 Aidan Skinner <[EMAIL PROTECTED]>:
>
>> The hash for guest goes in as:
>
> Is this supposed to be digest that is the last 16 bytes of the client
> response? (i.e. the bit after the username and space).
No, this is the digest of the password that's used as the key to the
HMAC to create that digest.
I've attached a small snippet that I'm going to work into a proper
test case for when I file the bug, the output should be
ff724187be5f9d4df6fd93a7dce660c9
In the meantime, i'm going to implement Digest-MD5 instead since that
has knobs to twiddle that control the password character encoding.
- Aidan
--
aim/y!:aidans42 g:[EMAIL PROTECTED]
http://aidan.skinner.me.uk/
"We belong to nobody and nobody belongs to us. We don't even belong to
each other."
package org.apache.qpid.test;
import java.security.NoSuchAlgorithmException;
import javax.crypto.Mac;
import javax.crypto.spec.SecretKeySpec;
public class HMACTest {
/**
* @param args
* @throws NoSuchAlgorithmException
* @throws Exception
*/
public static void main(String[] args) throws NoSuchAlgorithmException, Exception {
char[] hexkey = new char[]{0x08, 0x4e, 0x03, 0x43,
0xa0, 0x48, 0x6f, 0xf0,
0x55, 0x30, 0xdf, 0x6c,
0x70, 0x5c, 0x8b, 0xb4};
String pwStr = new String(hexkey);
byte[] key = pwStr.getBytes("UTF8");
int i = 0;
for (byte b : key)
{
System.out.printf("0x%02x,", 0xFF&b);
if (++i % 4 == 0)
System.out.println();
}
System.out.println();
SecretKeySpec sk = new SecretKeySpec(key, "HmacMD5");
byte[] data = "<[EMAIL PROTECTED]>".getBytes();
Mac mac = Mac.getInstance("HmacMD5");
mac.init(sk);
byte[] hash = mac.doFinal(data);
for (byte b : hash)
{
System.out.printf("%02x", 0xFF&b);
}
System.out.println();
}
}
