Bug#552454: libgcrypt11: HMAC-SHA512 computation with 128-bytes key yields wrong result
Stefan Westerfeld
stefan at space.twc.de
Mon Oct 26 10:35:55 UTC 2009
Package: libgcrypt11
Version: 1.4.1-1
Severity: normal
The HMAC-512 computation with a long key (128 bytes) gives a wrong result. This
is a known problem, a mail from the upstream developer can be found here:
http://www.nabble.com/Important-fix-for-HMAC-SHA-384-512-to20348035.html
I wrote a test program which computes:
- HMAC-SHA512 with 128 bytes key via Debian/stable grcypt
- HMAC-SHA512 implemented manually
- HMAC-SHA512 implemented using python
Results:
* Debian/stable package:
stefan at quadcorn:/big/home/stefan/src/sandbox/fmc$ hmac512 abc
Key: KeyKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKK
Data: abc
GCrypt: 7933494498a4dadbe4e5d7a84d4aea568ea2e7da23f9c159ba609e19fa60e256a079f27c4cd2a7980701aac72243550900e66367af06110adf9dbcc93ec43fb4
MyHMAC: 2c5b16e1d82fff0c6ef5754b97bcfad5324a5bc9515031b5f1ab1a25751db9bca44c28833a51ab108bc67b63803281fece57d596001941a717550082c6f9522c
Python: 2c5b16e1d82fff0c6ef5754b97bcfad5324a5bc9515031b5f1ab1a25751db9bca44c28833a51ab108bc67b63803281fece57d596001941a717550082c6f9522c
* manually compiled gcrypt 1.4.4
stefan at quadcorn:/big/home/stefan/src/sandbox/fmc$ LD_LIBRARY_PATH=/usr/local/gcrypt/lib hmac512 abc
Key: KeyKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKK
Data: abc
GCrypt: 2c5b16e1d82fff0c6ef5754b97bcfad5324a5bc9515031b5f1ab1a25751db9bca44c28833a51ab108bc67b63803281fece57d596001941a717550082c6f9522c
MyHMAC: 2c5b16e1d82fff0c6ef5754b97bcfad5324a5bc9515031b5f1ab1a25751db9bca44c28833a51ab108bc67b63803281fece57d596001941a717550082c6f9522c
Python: 2c5b16e1d82fff0c6ef5754b97bcfad5324a5bc9515031b5f1ab1a25751db9bca44c28833a51ab108bc67b63803281fece57d596001941a717550082c6f9522c
As you see, the newer gcrypt 1.4.4 gives the correct result (the same result as
my routine and python), whereas the Debian/stable gcrypt HMAC-SHA512 is wrong.
-- System Information:
Debian Release: 5.0.3
APT prefers stable
APT policy: (500, 'stable')
Architecture: i386 (i686)
Kernel: Linux 2.6.26-2-686 (SMP w/4 CPU cores)
Locale: LANG=de_DE, LC_CTYPE=de_DE (charmap=ISO-8859-1)
Shell: /bin/sh linked to /bin/bash
Versions of packages libgcrypt11 depends on:
ii libc6 2.7-18 GNU C Library: Shared libraries
ii libgpg-error0 1.4-2 library for common error values an
libgcrypt11 recommends no packages.
Versions of packages libgcrypt11 suggests:
pn rng-tools <none> (no description available)
-- no debconf information
-------------- next part --------------
A non-text attachment was scrubbed...
Name: hmac512.cc
Type: text/x-c
Size: 2276 bytes
Desc: not available
URL: <http://lists.alioth.debian.org/pipermail/pkg-gnutls-maint/attachments/20091026/a6391af5/attachment.bin>
More information about the Pkg-gnutls-maint
mailing list