EldoS | Feel safer!

Software components for data protection, secure storage and transfer

HMAC-SHA1/RFC 4226: how to match test vectors

Also by EldoS: CallbackProcess
A component to control process creation and termination in Windows and .NET applications.
#25843
Posted: 07/25/2013 10:25:46
by Stephane Grobety (Priority Standard support level)
Joined: 04/18/2006
Posts: 170

Hello,

I'm trying to implement RFC 4226 (HOTP authentication) in order to add support for Google authenticator to my application.

I think I got the dynamic truncate function right but I cannot match all of the sample values given for HAMC-SHA1 calculation in the RFC (http://tools.ietf.org/html/rfc4226#page-32).

Basically, I'm doing the following: computing a HMAC-SHA1 using the string '12345678901234567890' as key and an int64 counter value as data (the sample starts with 0 and iterates up to 9).


Code
function GetHMACSHA1(Secret: string; Counter: int64; Algo: Integer = SB_ALGORITHM_MAC_HMACSHA1): string;
var
  AHash: TElHashFunction;
  Akey: TElHMACKeyMaterial;
begin
  AKey := TElHMACKeyMaterial.Create();
  try
    AKey.Key := BytesOfString(Secret);
    AHash := TElHashFunction.Create(Algo, Akey);
    try
      AHash.Reset;
      AHash.Update(@Counter, 8);
      result := AHash.Finish;
    finally
      FreeAndNil(AHash);
    end;
  finally
    FreeAndNil(AKey);
  end;
end;


That works fine when the counter is 0 but as soon as it gets != 0, the results are different from the reference in the RFC:

Code
Count    Hexadecimal HMAC-SHA-1(secret, count) (RFC)  HexaDecimal HMAC-SHA1(secret, count) (SBB)
0        cc93cf18508d94934c64b65d8ba7667fb7cde4b0     cc93cf18508d94934c64b65d8ba7667fb7cde4b0
1        75a48a19d4cbe100644e8ac1397eea747a2d33ab     650f1e3b542f5eccb1ba4de01655d130eb01c3de
2        0bacb7fa082fef30782211938bc1c5e70416ff44     19d0488ded3f69709406bc25f834c3e3199f652a
3        66c28227d03a2d5529262ff016a1e6ef76557ece     44d53481fb8d6ce5861b2955703ddaff02297d63
4        a904c900a64b35909874b33e61c5938a8e15ed1c     193464a05960ff21612ffb6ade9c507d310c683d
5        a37e783d7b7233c083d4f62926c7a25f238d0316     d74fc07d98358af1d1fd7a234b96a758e7cd0c45
6        bc9cd28561042c83f219324d3c607256c03272ae     dbda9e3e73b12361766853de84e99d44ef72ff06
7        a4fb960c0bc06e1eabb804e5b397cdc4b45596fa     e4b56f59b3c69a39d0a7bc55c65fd33824b99dd3
8        1b3c89f65e6c9e883012052823443f048b4332db     3baf5824a759cfba1090f5bbb434c01725ab41f2
9        1637409809a679dc698207310c8c7fc07290d9e5     3270e443ced1bbcc2b21433e08a1378a7a1a8842


I checked the C# code sample in CodeProject (http://www.codeproject.com/Articles/403355/Implementing-Two-Factor-Authentication-in-ASP-NET) and it doesn't seem to be doing anything different from my own code. Yet, it doesn't seem to work.

Can anyone see anything obvious I'm doing wrong ?

Thanks
#25844
Posted: 07/25/2013 10:28:52
by Eugene Mayevski (EldoS Corp.)

Do I understand you right, that C# sample also gives "wrong" result?

It is possible that test vectors in the RFC are wrong. This is not the first RFC with such mistakes. Also if HMAC didn't work in SecureBlackbox, the problem would have exposed itself long time ago.


Sincerely yours
Eugene Mayevski
#25845
Posted: 07/25/2013 10:31:10
by Stephane Grobety (Priority Standard support level)
Joined: 04/18/2006
Posts: 170

Quote
Do I understand you right, that C# sample also gives "wrong" result?


I actually don't know: I didn't compile it. I'll try it, though.

I don't doubt that the HMAC calculation in SBB are correct, I'm just not sure I'm using it correctly.
#25846
Posted: 07/25/2013 10:34:44
by Mykola Olshevsky (Basic support level)
Joined: 07/07/2005
Posts: 450

The problem can be in byte order. Try to use big-endian transformation of Int64 to byte array.
#25847
Posted: 07/25/2013 10:41:43
by Stephane Grobety (Priority Standard support level)
Joined: 04/18/2006
Posts: 170

Quote
Mykola Olshevsky wrote:
The problem can be in byte order. Try to use big-endian transformation of Int64 to byte array.


Thanks! That was the problem.

And now that you mention it, I see that the C# code actually does the bye order *facepalm*
Also by EldoS: CallbackRegistry
A component to monitor and control Windows registry access and create virtual registry keys.

Reply

Statistics

Topic viewed 1291 times

Number of guests: 1, registered members: 0, in total hidden: 0




|

Back to top

As of July 15, 2016 EldoS Corporation will operate as a division of /n software inc. For more information, please read the announcement.

Got it!