标签: rfc-4226

这是RFC 4226错了吗？

RFC的测试值指定:

Appendix D - HOTP Algorithm: Test Values

   The following test data uses the ASCII string
   "12345678901234567890" for the secret:

   Secret = 0x3132333435363738393031323334353637383930

   Table 1 details for each count, the intermediate HMAC value.

   Count    Hexadecimal HMAC-SHA-1(secret, count)
   0        cc93cf18508d94934c64b65d8ba7667fb7cde4b0
   1        75a48a19d4cbe100644e8ac1397eea747a2d33ab

Run Code Online (Sandbox Code Playgroud)

因此,如果我尝试在红宝石中获得0的HMAC,我会得到:

[20] pry(AuthyOTP)> secret_key = "12345678901234567890"
=> "12345678901234567890"
[22] pry(AuthyOTP)> OpenSSL::HMAC.hexdigest(digest, secret_key, "0")
=> "32a67f374525d32d0ce13e3db42b5b4a3f370cce"

Run Code Online (Sandbox Code Playgroud)

我原本应该得到 cc93cf18508d94934c64b65d8ba7667fb7cde4b0

所以我在java中编写了一个实现,我得到了同样的结果:

Calculation OTP for movingFactor = 0
    2. Calculate Hash = 
      32a67f374525d32d0ce13e3db42b5b4a3f370cce

Run Code Online (Sandbox Code Playgroud)

那么当秘密是"12345678901234567890"时,什么是"0"的十六进制SHA1-HMAC？

cryptography rfc rfc-4226

dan*_*iel

2012 02-27

2
推荐指数

1
解决办法

602
查看次数

标签统计

cryptography ×1

rfc ×1

rfc-4226 ×1

这是RFC 4226错了吗？

标签 统计

标签统计