堆栈内存溢出
  简体   繁体   English

摘要md5响应生成

[英]Digest md5 response generation

 原文  2016-11-09 11:18:22       md5/ digest/ rfc/ digest-authentication/ sasl

问题描述

How to generate response field in client response for DIGEST MD5 challenge, I'am currently using rfc 2831 for reference 如何在DIGEST MD5挑战的客户端响应中生成响应字段,我目前正在使用RFC 2831作为参考

Challenge from server as per rfc 2831 example is: 根据rfc 2831示例,来自服务器的挑战是: 

realm="elwood.innosoft.com",nonce="OA6MG9tEQGm2hh",qop="auth",
algorithm=md5-sess,charset=utf-8

response from client as per rfc 2831 example : 来自客户端的响应,基于rfc 2831示例: 

charset=utf-8,username="chris",realm="elwood.innosoft.com",
nonce="OA6MG9tEQGm2hh",nc=00000001,cnonce="OA6MHXh6VqTrRk",
digest-uri="imap/elwood.innosoft.com",
response=d388dad90d4bbd760a152321f2143af7,qop=auth

collected details are: 收集的详细信息是:

  1. username=chris 用户名=克里斯
  2. password=secret 密码=秘密
  3. nonce=OA6MG9tEQGm2hh 随机数= OA6MG9tEQGm2hh
  4. nc-value=00000001 nc值= 00000001
  5. cnonce=OA6MHXh6VqTrRk cnonce = OA6MHXh6VqTrRk
  6. qop=auth qop = auth
  7. realm=elwood.innosoft.com realm = elwood.innosoft.com
  8. digesturi=imap/elwood.innosoft.com digesturi = imap / elwood.innosoft.com

Response I'm generating doesn't comply with that in rfc 2831 example at page 19 我正在生成的响应与第19页的RFC 2831示例不符

Formulations in rfc 2831 RFC 2831中的配方

Let H(s) be the 16 octet MD5 hash [RFC 1321] of the octet string s. 令H(s)为八位位组字符串s的16个八位位组MD5哈希[RFC 1321]。

Let KD(k, s) be H({k, ":", s}), ie, the 16 octet hash of the string k, a colon and the string s. 令KD(k,s)为H({k,“:”,s}),即字符串k,冒号和字符串s的16个八位位组哈希。

Let HEX(n) be the representation of the 16 octet MD5 hash n as a string of 32 hex digits (with alphabetic characters always in lower case, since MD5 is case sensitive). 假设HEX(n)是16个八位字节的MD5哈希值n的表示形式,是32个十六进制数字的字符串(字母字符始终小写,因为MD5区分大小写)。

Currently i'am using following procedure: 目前,我正在使用以下过程:

A1 = { H(chris:elwood.innosoft.com:secret), ":", nonce-value, ":", cnonce-value } A1 = {H(chris:elwood.innosoft.com:secret),“:”,随机数,“:”,cnonce值}

online md5 generator 在线md5生成器

A1 = {eb5a750053e4d2c34aa84bbc9b0b6ee7:OA6MG9tEQGm2hh:OA6MHXh6VqTrRk} A1 = {eb5a750053e4d2c34aa84bbc9b0b6ee7:OA6MG9tEQGm2hh:OA6MHXh6VqTrRk}

A2 = { "AUTHENTICATE:", digest-uri-value } A2 = {AUTHENTICATE:imap/elwood.innosoft.com} A2 = {“ AUTHENTICATE:”,digest-uri-value} A2 = {AUTHENTICATE:imap / elwood.innosoft.com}

H(A1) = 54442ff1f394d9d0de1205cef4d9cebe H(A1)= 54442ff1f394d9d0de1205cef4d9cebe

HEX(H(A1)) = 54442ff1f394d9d0de1205cef4d9cebe 十六进制(H(A1))= 54442ff1f394d9d0de1205cef4d9cebe

HEX(H(A2)) = 15e3594677e51ade69715d1cb7d207ba 十六进制(H(A2))= 15e3594677e51ade69715d1cb7d207ba

RESPONSE=HEX( KD ( HEX(H(A1)), { nonce-value, ":" nc-value, ":", cnonce-value, ":", qop-value, ":", HEX(H(A2)) })) RESPONSE = HEX(KD(HEX(H(A(A1)),{nonce-value,“:” nc-value,“:”,cnonce-value,“:”,qop-value,“:”,HEX(H( A2)) }))

RESPONSE=HEX( KD ( 54442ff1f394d9d0de1205cef4d9cebe:OA6MG9tEQGm2hh:00000001:OA6MHXh6VqTrRk:auth:15e3594677e51ade69715d1cb7d207ba)) RESPONSE = HEX(KD(54442ff1f394d9d0de1205cef4d9cebe:OA6MG9tEQGm2hh:00000001:OA6MHXh6VqTrRk:auth:15e3594677e51ade69715d1cb7d207ba))

Response as per above procedure is: 根据以上过程的响应是:

26ef1190b643a36e879673066098379c 26ef1190b643a36e879673066098379c

but response value as per rfc is : 但是根据rfc的响应值为:

d388dad90d4bbd760a152321f2143af7 d388dad90d4bbd760a152321f2143af7

Thus response generated above is different from one generated in rfc's example 因此,上面生成的响应不同于在RFC的示例中生成的响应

what changes need to be carried out? 需要进行哪些更改?

3 个解决方案

解决方案1
 1 已采纳  2018-11-16 20:32:23

Sorry, RFC documentation is right, you just miscalculated the hash of A1. 抱歉,RFC文档是正确的,您只是错误地计算了A1的哈希值。

Because, you converted hash value of "H(chris:elwood.innosoft.com:secret)" to hex string. 因为,您将哈希值“ H(chris:elwood.innosoft.com:secret)”转换为十六进制字符串。 But RFC just says "Let H(s) be the 16 octet MD5 hash". 但是RFC只是说“让H(s)成为16个八位位组的MD5哈希”。

Just, don't convert hash result to hex string and concatenate with this byte array hash result. 只是,不要将哈希结果转换为十六进制字符串,并与此字节数组哈希结果串联。

I hope this code helps to explain. 我希望这段代码有助于解释。 

A1 = Md5Hash(Encoding.ASCII.GetBytes(username + ":" + realm + ":" + password))
     .Concat(
        Encoding.ASCII.GetBytes(
          ":" + nonce
        + ":" + cnonce
        + (authzid == null ? "" : (":" + authzid))))
     .ToArray();

解决方案2
 0  2017-01-15 21:24:58

A1 calculation is wrong. A1计算错误。 The MD5 digest over chris:elwood.innosoft.com:secret in your case is 32-octet hexadecimal, 2 octets per original byte. 在您的情况下,chris:elwood.innosoft.com:secret上的MD5摘要是32个八位位组的十六进制,每个原始字节2个八位位组。 In the RFC calculation it is 16-octet, 1 octet = 1 byte. 在RFC计算中,它是16个八位位组,1个八位位组= 1个字节。

解决方案3
 -1  2016-11-10 11:10:33

嗨,您已经正确计算了响应,并且RFC2831中的示例不一致。

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 RoR - MD5代 - RoR - MD5 generation 30个字符的md5摘要 - 30 char md5 digest MD5消息摘要Java - MD5 Message Digest Java Ruby 1.9.3中的摘要:: MD5 - Digest::MD5 in Ruby 1.9.3 恢复下载的MD5摘要 - MD5 digest of a resumed download 这是Python脚本中的MD5摘要吗? - Is it an MD5 digest in this Python script? 在Perl中使用Digest :: MD5返回错误的MD5字符串 - Returning the wrong MD5 String in Perl with Digest::MD5 MD5哈希生成问题 - Issue with MD5 hash generation Java中密码的MD5消息摘要的实现 - Implimentation for MD5 Message Digest for Passwords in Java 从Message Digest获取MD5字符串 - Get MD5 String from Message Digest
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM