HMACSHA1 是为零长度消息定义的吗?
我有一个边缘情况。 我正在构建读取由商业闭源工具生成的二进制数据文件的代码。 有关数据格式的信息在文档中指定。
对于数据完整性检查,供应商的规范要求基于 SHA1 的 HMAC,使用派生密钥根据 RFC2898 的密码。 许多编程环境都有一个名为 HMACSHA1 的类来生成这些哈希值。
对于非零长度的数据流,我可以成功计算Hash,并且我的代码中的计算与供应商的实现一致。 换句话说,我的代码可以读取和验证供应商编写的文件,反之亦然。
然而,当数据流的长度为零时,供应商的工具会发出不全零的哈希。 如果没有消息通过 HMACSHA1 运行,我不知道它从哪里来。
对于 HMACSHA1 或任何 HMAC,MAC 是为“空消息”的边缘情况定义的吗?
我正在使用 .NET 和类 System.Security.Cryptography.HMACSHA1,尽管我相信我的问题与平台无关。
有一个特定于平台的位:当我尝试获取该类型的实例上的哈希属性时,如果我没有通过该实例运行任何数据,我会得到
Exception: System.NullReferenceException: Object reference not set to an instance of an object.
at System.Security.Cryptography.HashAlgorithm.get_Hash()
这对我来说一点也不奇怪,因为没有任何东西进行散列。
有什么提示吗?
I have an edge case. I'm building code that reads binary datafiles produced by a commercial, closed source tool. The information on the data format is specified in a document.
For data integrity checks, the vendor's spec calls for an HMAC based on SHA1, using a key derived from a password as per RFC2898. Many programming environments have a class called HMACSHA1 to produce these hashes.
For data streams of non-zero length, I can successfully calculate the Hash, and the calculation in my code agrees with the vendor's implementation. In other words, my code can read and authenticate files written by the vendor, and vice versa.
However, when the length of the data stream is zero, the vendor's tool emits a Hash which is NOT all zeroes. I don't know where it comes from, if there is no message to run through the HMACSHA1.
For HMACSHA1, or for any HMAC, is the MAC defined for the edge case of "a null message"?
I am using .NET, and the class System.Security.Cryptography.HMACSHA1, although I believe my question is platform-agnostic.
There is one platform-specific bit: When I try to get the Hash property on an instance of that type, if I have not run any data through the instance, I get
Exception: System.NullReferenceException: Object reference not set to an instance of an object.
at System.Security.Cryptography.HashAlgorithm.get_Hash()
This isn't surprising to me at all, since there is nothing to hash.
any hints?
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(3)
HMACSHA1 是针对 n 位的所有输入定义的,其中 0 <= n < 2^20 - 160。HMACSHA1
定义为 SHA1(
K*|| SHA1(K**|| text ) ),其中K*和K**是从密钥派生的 20 字节长值(请参阅 FIPS 198a)。所以 HMACSHA1( "empty string" ) = SHA1(
K*|| SHA1(K**) ) ,这是非常明确定义的。HMACSHA1 is defined for all inputs of n bits, where 0 <= n < 2^20 - 160.
HMACSHA1 is defined as SHA1(
K*|| SHA1(K**|| text ) ), whereK*andK**are 20 bytes long values derived from the key (see FIPS 198a).So HMACSHA1( "empty string" ) = SHA1(
K*|| SHA1(K**) ), which is very well-defined.在黑暗中摸索,我找到了我需要的东西。
不确定 HMACSHA1 是否是针对零长度消息的情况定义的,但
我确实发现在 .NET 上,如果我调用 HMACSHA1.ComputeHash() 并传递长度为零的字节数组,我会得到预期的哈希值。
抱歉打扰了,我们现在让您返回之前安排的节目。
Bumbling around in the dark, I found what I needed.
Not sure if HMACSHA1 is defined for the case of a zero-length message, BUT
I did find that on .NET, if I call HMACSHA1.ComputeHash() and pass a byte array of length zero, I get the expected, desired hash.
Sorry for the noise, we now return you to your previously scheduled programming.
必须尝试将零长度数组添加到哈希中吗? 底层对象可能是在第一次调用期间创建的。
使用多种实现对零长度文件进行哈希处理可以得到:
Have to tried to add a zero length array to the hash? The underlying object is likely created during the first call.
Using several implementations hashing a zero length file gives: