[Dovecot] HMAC-MD5 / HMAC-MD5-context

Chris Laif chris.laif at googlemail.com
Tue Aug 22 12:30:07 EEST 2006


$ dovecotpw -p testpass
{HMAC-MD5}fe8522268d91e485ccac8f36800e4fa6b10363e2a371cfa61731109b450906cd

I wonder if the prefix 'HMAC-MD5' is the correct notation here.
According to RFC2104 an HMAC is calculated as follows:

 H(K XOR opad, H(K XOR ipad, text))

where H is the cryptographic hash function (MD5 in this case).
Therefore the result has to be a 128 bit string, which is obviously
not the case in the above shown example. In addition, the input value
'text' is missing if you only have a password K.

Maybe it would be better to use {HMAC-MD5-CONTEXT} or {HMAC-MD5-CTX} ?

Chris


More information about the dovecot mailing list