[Dovecot] HMAC-MD5 / HMAC-MD5-context
Andrey Panin
pazke at donpac.ru
Tue Aug 22 12:49:56 EEST 2006
On 234, 08 22, 2006 at 11:30:07AM +0200, Chris Laif wrote:
> $ dovecotpw -p testpass
> {HMAC-MD5}fe8522268d91e485ccac8f36800e4fa6b10363e2a371cfa61731109b450906cd
>
> I wonder if the prefix 'HMAC-MD5' is the correct notation here.
> According to RFC2104 an HMAC is calculated as follows:
>
> H(K XOR opad, H(K XOR ipad, text))
>
> where H is the cryptographic hash function (MD5 in this case).
> Therefore the result has to be a 128 bit string, which is obviously
> not the case in the above shown example. In addition, the input value
> 'text' is missing if you only have a password K.
>
> Maybe it would be better to use {HMAC-MD5-CONTEXT} or {HMAC-MD5-CTX} ?
This change will break existing dovecot installations without any real gain.
--
Andrey Panin | Linux and UNIX system administrator
pazke at donpac.ru | PGP key: wwwkeys.pgp.net
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
Url : http://dovecot.org/pipermail/dovecot/attachments/20060822/78489b03/attachment.pgp
More information about the dovecot
mailing list