Keyed Hash?
Timo Teräs
timo.teras at iki.fi
Mon Sep 20 05:26:42 UTC 2010
On 09/20/2010 01:23 AM, Denys Vlasenko wrote:
>>From a quick experiment it looks like w/o "-hmac KEY"
> part this command basically does sha1sum'ing.
>
> What does -hmac KEY do? It seeds sha1 somehow? How exactly?
Yes, it sort of seeds it with password to allow message authentication.
To compute HMAC over the data `text' we perform
H(K XOR opad | H(K XOR ipad | text))
where H = hash function used
K = password
ipad = 0x36, 0x36, ...
opad = 0x5c, 0x5c, ...
and | meaning concenation of binary data.
See also:
http://en.wikipedia.org/wiki/HMAC
http://tools.ietf.org/html/rfc2104
- Timo
More information about the busybox
mailing list