2

I am trying to replicate the Hmac generation behavior from my iOS app using SHA-512 algorithm referring to this link Objective-C sample code for HMAC-SHA1.

For this purpose, I have tried using CrytoJS and jsSHA libraries to compute the Hmac using javascript code. I have found discrepancies in hmac values generated by these javascript libraries and the one that I have using my iOS code.

Can someone help me understand what could I be doing wrong here? I have a feeling that I am messing up with the format of key and counter values that are being passed to both the methods.

For example: key = "The quick brown fox jumps over the lazy dog" counter = 123

Hmac generated by iOS code- 8d4b0f7c7f800ffd656829b98988048b49b08d0068f6fd33add8a02b6bce8097cdd3a69dc8292ec7cc04e15021afb4499afe4a292f8db082b2d253ddfe7d7015

Hmac generated by javascript libraries- 211935F67D87CBB6A98DE6A6D9D64F9AAF8DA5F09BF17F1B7E5BD46FCD9BEFBCD3585FB859BD042291AF5D79B6D92CF7B348CD6558A18AEF4328FAF344D63266

iOS Code:

NSData *key = [key dataUsingEncoding:NSASCIIStringEncoding];
NSData *rawKeyData = [DataUtil rawDataFromHex:key];

//encode the counter
uint8_t tosign[8];
for (int i = sizeof(tosign) - 1; i >= 0; i--) {
    tosign[i] = counter & 0xff;
    counter >>= 8;
}

unsigned char cHMAC[CC_SHA512_DIGEST_LENGTH];
CCHmac(kCCHmacAlgSHA512, [rawKeyData bytes], [rawKeyData length], tosign, sizeof(tosign), cHMAC);

NSData *hmac = [NSData dataWithBytes:cHMAC length:sizeof(cHMAC)];

return hmac;

javascript Code:

var hash = CryptoJS.HmacSHA512("123", "The quick brown fox jumps over the lazy dog");
Community
  • 1
  • 1
grane2212
  • 764
  • 1
  • 10
  • 29
  • Are you able to post some code examples? Hard to tell if there is a mistake without seeing actual code. – Frederick F. Kautz IV May 22 '15 at 02:35
  • Where is the counter added in the JS example? In general, HmacSHA512("Message", "Secret Passphrase") should be the same regardless of the language. – Frederick F. Kautz IV May 22 '15 at 03:00
  • Also, if you are adding the byte representation of a counter in JS, be careful because JS has only floating point numbers. – Frederick F. Kautz IV May 22 '15 at 03:02
  • For the first question, I have added the key first and then the counter. I had tried swapping the values too. It still gives me completely different values. For the next question, I have passed in both the key and counter as strings. – grane2212 May 22 '15 at 03:14
  • 1. Why are you doing: `NSData *rawKeyData = [DataUtil rawDataFromHex:key];`? 2. Why: `unsigned char cHMAC[CC_SHA512_DIGEST_LENGTH];`? 3.What is the point of `counter`? 4. You need to study what HMAC is and it's parameters. – zaph May 22 '15 at 05:30
  • 1. That function is used to convert Hex data to binary raw data. 2. This iOS code was written by my peers by using the link above and I am a newbie to iOS. So I don't frankly understand why that is specified. 3. The counter is the data in my case as I am using HOTP (Hmac based one time password algorithm). 4. Yes I will do that! – grane2212 May 22 '15 at 14:02
  • The question might be better if the description was about HOTP. Also see [IETF HOTP](https://tools.ietf.org/html/rfc4226) for an exact description of the HOTP implementation, the WikiPedia article is to vague for an implementation. – zaph May 22 '15 at 14:36
  • `var hash = CryptoJS.HmacSHA512("Key", "Counter");` is not the real code, please edit the question to include the code with the actual values. – zaph May 22 '15 at 14:52
  • What is the result from the updated Javascript code? Also the first argument is the message and the second is the Secret Passphrase so the arguments may be reversed. With the answer's code and "123" as the message I get: `ad459b5a 85570062 3ad3e5a5 8d148218 a282d8ab f1ed7395 d56861a7 04211c3e ce78166e cc387525 88d4ee3d ae59f27a 637b0a30 b0848986 bb855a03 12dcc9bc`. – zaph May 22 '15 at 17:19
  • May I know what key are you using while generating the hmac using the answer code? I will run this and let you know – grane2212 May 22 '15 at 17:39
  • As in the question: message: "123", key: "The quick brown fox jumps over the lazy dog". This may seem backwards but matched the Javascript example in the question. They are different than in the answer because the question was changed. – zaph May 23 '15 at 06:01

1 Answers1

2

HMAC takes a data key and a key and data parameters which are bytes and returns bytes of a length determined by the hash function specified.

Example:

+ (NSData *)doHmacSha512:(NSData *)dataIn
                     key:(NSData *)key
{
    NSMutableData *macOut = [NSMutableData dataWithLength:CC_SHA512_DIGEST_LENGTH];

    CCHmac( kCCHmacAlgSHA512,
            key.bytes,
            key.length,
            dataIn.bytes,
            dataIn.length,
            macOut.mutableBytes);

    return macOut;
}

Test:

NSData *keyData  = [@"MyTestKey" dataUsingEncoding:NSASCIIStringEncoding];
NSData *data     = [@"Now is the time for all good computers to come to the aid of their masters." dataUsingEncoding:NSASCIIStringEncoding];
NSData *hamcData = [Crypto doHmacSha512:data key:keyData]; // Where "Crypto" is the class "doHmacSha512" is defined in.
viplezer
  • 5,519
  • 1
  • 18
  • 25
zaph
  • 111,848
  • 21
  • 189
  • 228