On Thu, Dec 14, 2006 at 01:27:10PM +0100, Marek Marcola wrote: > > This is done by simply appending the key to the digest input. > I can not agree. In HMAC you use some message digest algorithm > (MD5/SHA1/...) with HMAC algorithm. > Let MD() will be some message digest algorithm, M - message to hash, K - > HMAC key, B - message digest block size. > Then HMAC result H is calculated as: > ipad = the byte 0x36 repeated B time > opad = the byte 0x5C repeated B times > H = MD(K XOR opad, MD(K XOR ipad, M))
This is what I said. :) I distinctly remember how it is done in IPsec code in OpenBSD... I oversimplified it, but not too far from the real thing. regards, Girish -- Linux is for folks who hate Windoze. FreeBSD is for folks who love UNIX. OpenBSD is for folks who can't live without UNIX. ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
