Re: MAC and HMAC from Dave Roberts on 2001-10-19 (w3c-ietf-xmldsig@w3.org from October to December 2001)

From: Dave Roberts <dave.roberts@saaconsultants.com>
Date: Fri, 19 Oct 2001 12:05:04 +0100 (BST)
To: Christian Geuer-Pollmann <geuer-pollmann@nue.et-inf.uni-siegen.de>
cc: dsig <w3c-ietf-xmldsig@w3.org>
Message-ID: <Pine.A32.3.96.1011019115527.64930B-100000@olympus.saa-cons.co.uk>

On Fri, 19 Oct 2001, Christian Geuer-Pollmann wrote:

> Sorry, my idea with the RetrievalMethos was wrong. Of cource I can use 
> RetrievalMethod to reference a key somewhere in the filesystem that's only 
> available in the verification environment, but there's no way to 'tag' this 
> resource to be a symmetric key. Sorry about that. You can only use KeyName.

OK, thanks.

> Maybe this (JAVA-Code) helps: this is what I did:

It does.  So I see that the Most Signficant Bits are taken.

Unfortunately it doesn't explain the examples in
merlin-xmldsig-fifteen.tar.gz.

In file signature-enveloping-hmac-sha1.xml:
The 160 bit HMAC is 2449 4fb6 d213 e009 bb43 e30d a0cc aff9 60df 019c.

In file signature-enveloping-hmac-sha1-40.xml:
The  40 bit HMAC is 1c78 aabc 25.

That's not what I'm expecting given that the input appears to be the same.
I would expect the 40 bit output to be 2449 4fb6 d2.  Like I said, I
appear to be missing something important, and would rather not. :)

Thanks again.

- Dave.

Received on Friday, 19 October 2001 07:06:48 UTC