search

PointyCastle / pointycastle

Moved into the Bouncy Castle project: https://github.com/bcgit/pc-dart
MIT License
270 stars 76 forks source link

HMAC-SHA512 giving inconsistent and incorrect output. #93

Closed stevenroose closed 8 years ago

stevenroose commented 8 years ago

From @thedoctor on May 12, 2015 4:24

Hey guys, I picked a project to use to learn Dart and I can't tell if I'm missing something or there is unexpected behavior in the HMAC class. Can anyone else see something I'm doing wrong here?

Trying to do a hmac/sha-512 hex digest of a string for an authentication header and I'm having trouble getting the expected result. I'm also seeing the output change after the first invocation, even with fresh hmac objects and buffers.

(py)~/dart/cipher_hmac_demo$ dart -p ../cryptsy/packages/ demo.dart
36c4277c2dac632480715a3e67c8b3dba2a4124de365a74a7dd3d9e629bac16caf64ea5cc80ae3f0af321b4b91106a94b5188ca056757c905037119d3a70f876

34a341b0f2fcc0149db0c09069ca6fecd49b18bb32b8c481346491a8f3f824805f2c2addd53f13064842bc16e7e88819738a70b8d16213465b89d708908727f3

34a341b0f2fcc0149db0c09069ca6fecd49b18bb32b8c481346491a8f3f824805f2c2addd53f13064842bc16e7e88819738a70b8d16213465b89d708908727f3
...
// Lifted from the cipher package's test suite.
Uint8List createUint8ListFromString( String s ) {
  ...
}
Uint8List createUint8ListFromHexString(String hex) {
  ...
}
String formatBytesAsHexString(Uint8List bytes) {
  ...
}

main() {
  initCipher();

  final cipher.KeyParameter privateKey = new cipher.KeyParameter(
      createUint8ListFromHexString('aaaaaaaaaaaaaaaaaaaaaaaaaaaaaa'));

  Uint8List inBuffer;
  Uint8List outBuffer;
  HMac hmac;

  for (var i = 0; i < 3; i++) {
    hmac = new cipher.Mac('SHA-512/HMAC')
      ..init(privateKey);

    inBuffer = createUint8ListFromString('any message');
    outBuffer = new Uint8List(hmac.macSize);

    hmac.update(inBuffer, 0, inBuffer.lengthInBytes);

    hmac.doFinal(outBuffer, 0);

    print(formatBytesAsHexString(outBuffer));
    print(' ');
  }

}

Python control test:

(py)~/dart/cipher_hmac_demo$ python control.py
2156f4e39d45104a2603e03ddcb80fbe5c0f178b2d66d5defb37e43c099bca21767878b9030e82a9390417cc9d31c405f1d0329545f6d7c024fae185b9580dee

2156f4e39d45104a2603e03ddcb80fbe5c0f178b2d66d5defb37e43c099bca21767878b9030e82a9390417cc9d31c405f1d0329545f6d7c024fae185b9580dee

2156f4e39d45104a2603e03ddcb80fbe5c0f178b2d66d5defb37e43c099bca21767878b9030e82a9390417cc9d31c405f1d0329545f6d7c024fae185b9580dee
import hashlib, hmac

for _ in range(0,3):
    print hmac.new('aaaaaaaaaaaaaaaaaaaaaaaaaaaaaa'.encode('utf-8'),
                   'any message',
                   hashlib.sha512).hexdigest()
    print

Copied from original issue: izaera/cipher#93

stevenroose commented 8 years ago

@thedoctor This is probably the same as #92.

Can your confirm that it is fixed?

thedoctor commented 8 years ago

@stevenroose Confirmed, my hashes match with the changes from #92 :)

stevenroose commented 8 years ago

Super !