Network Working Group M. Nystrom
Request for Comments: 4231 RSA Security
Category: Standards Track December 2005
Network Working Group M. Nystrom
Request for Comments: 4231 RSA Security
Category: Standards Track December 2005
Identifiers and Test Vectors for HMAC-SHA-224, HMAC-SHA-256, HMAC-SHA-384, and HMAC-SHA-512
HMAC-SHA-224、HMAC-SHA-256、HMAC-SHA-384和HMAC-SHA-512的标识符和测试向量
Status of This Memo
关于下段备忘
This document specifies an Internet standards track protocol for the Internet community, and requests discussion and suggestions for improvements. Please refer to the current edition of the "Internet Official Protocol Standards" (STD 1) for the standardization state and status of this protocol. Distribution of this memo is unlimited.
本文件规定了互联网社区的互联网标准跟踪协议,并要求进行讨论和提出改进建议。有关本协议的标准化状态和状态,请参考当前版本的“互联网官方协议标准”(STD 1)。本备忘录的分发不受限制。
Copyright Notice
版权公告
Copyright (C) The Internet Society (2005).
版权所有(C)互联网协会(2005年)。
Abstract
摘要
This document provides test vectors for the HMAC-SHA-224, HMAC-SHA-256, HMAC-SHA-384, and HMAC-SHA-512 message authentication schemes. It also provides ASN.1 object identifiers and Uniform Resource Identifiers (URIs) to identify use of these schemes in protocols. The test vectors provided in this document may be used for conformance testing.
本文档提供了HMAC-SHA-224、HMAC-SHA-256、HMAC-SHA-384和HMAC-SHA-512消息身份验证方案的测试向量。它还提供ASN.1对象标识符和统一资源标识符(URI),以确定这些方案在协议中的使用。本文件中提供的测试向量可用于一致性测试。
Table of Contents
目录
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 2
2. Conventions Used in This Document . . . . . . . . . . . . . . 2
3. Scheme Identifiers . . . . . . . . . . . . . . . . . . . . . . 3
3.1. ASN.1 Object Identifiers . . . . . . . . . . . . . . . . 3
3.2. Algorithm URIs . . . . . . . . . . . . . . . . . . . . . 3
4. Test Vectors . . . . . . . . . . . . . . . . . . . . . . . . . 3
4.1. Introduction . . . . . . . . . . . . . . . . . . . . . . 3
4.2. Test Case 1 . . . . . . . . . . . . . . . . . . . . . . 4
4.3. Test Case 2 . . . . . . . . . . . . . . . . . . . . . . 4
4.4. Test Case 3 . . . . . . . . . . . . . . . . . . . . . . 5
4.5. Test Case 4 . . . . . . . . . . . . . . . . . . . . . . 5
4.6. Test Case 5 . . . . . . . . . . . . . . . . . . . . . . 6
4.7. Test Case 6 . . . . . . . . . . . . . . . . . . . . . . 6
4.8. Test Case 7 . . . . . . . . . . . . . . . . . . . . . . 7
5. Security Considerations . . . . . . . . . . . . . . . . . . . 7
6. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 8
7. References . . . . . . . . . . . . . . . . . . . . . . . . . . 8
7.1. Normative References . . . . . . . . . . . . . . . . . . 8
7.2. Informative References . . . . . . . . . . . . . . . . . 8
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 2
2. Conventions Used in This Document . . . . . . . . . . . . . . 2
3. Scheme Identifiers . . . . . . . . . . . . . . . . . . . . . . 3
3.1. ASN.1 Object Identifiers . . . . . . . . . . . . . . . . 3
3.2. Algorithm URIs . . . . . . . . . . . . . . . . . . . . . 3
4. Test Vectors . . . . . . . . . . . . . . . . . . . . . . . . . 3
4.1. Introduction . . . . . . . . . . . . . . . . . . . . . . 3
4.2. Test Case 1 . . . . . . . . . . . . . . . . . . . . . . 4
4.3. Test Case 2 . . . . . . . . . . . . . . . . . . . . . . 4
4.4. Test Case 3 . . . . . . . . . . . . . . . . . . . . . . 5
4.5. Test Case 4 . . . . . . . . . . . . . . . . . . . . . . 5
4.6. Test Case 5 . . . . . . . . . . . . . . . . . . . . . . 6
4.7. Test Case 6 . . . . . . . . . . . . . . . . . . . . . . 6
4.8. Test Case 7 . . . . . . . . . . . . . . . . . . . . . . 7
5. Security Considerations . . . . . . . . . . . . . . . . . . . 7
6. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 8
7. References . . . . . . . . . . . . . . . . . . . . . . . . . . 8
7.1. Normative References . . . . . . . . . . . . . . . . . . 8
7.2. Informative References . . . . . . . . . . . . . . . . . 8
This document provides test vectors for the HMAC-SHA-224, HMAC-SHA-256, HMAC-SHA-384, and HMAC-SHA-512 message authentication schemes. It also provides ASN.1 object identifiers and URIs to identify use of these schemes in protocols using ASN.1 constructs (such as those built on Secure/Multipurpose Internet Mail Extensions (S/MIME) [4]) or protocols based on XML constructs (such as those leveraging XML Digital Signatures [5]).
本文档提供了HMAC-SHA-224、HMAC-SHA-256、HMAC-SHA-384和HMAC-SHA-512消息身份验证方案的测试向量。它还提供了ASN.1对象标识符和URI,以识别在使用ASN.1结构的协议(如基于安全/多用途Internet邮件扩展(S/MIME)[4]的协议)或基于XML结构的协议(如利用XML数字签名的协议[5])中使用这些方案的情况。
HMAC-SHA-224 is the realization of the HMAC message authentication code [1] using the SHA-224 hash function, HMAC-SHA-256 is the realization of the HMAC message authentication code using the SHA-256 hash function, HMAC-SHA-384 is the realization of the HMAC message authentication code using the SHA-384 hash function, and HMAC-SHA-512 is the realization of the HMAC message authentication code using the SHA-512 hash function. SHA-224, SHA-256, SHA-384, and SHA-512 are all described in [2].
HMAC-SHA-224是使用SHA-224哈希函数实现HMAC消息认证码[1],HMAC-SHA-256是使用SHA-256哈希函数实现HMAC消息认证码,HMAC-SHA-384是使用SHA-384哈希函数实现HMAC消息认证码,HMAC-SHA-512是使用SHA-512哈希函数实现HMAC消息身份验证码。[2]中描述了SHA-224、SHA-256、SHA-384和SHA-512。
The key word "SHOULD" in this document is to be interpreted as described in RFC 2119 [3].
本文件中的关键词“应”应按照RFC 2119[3]中的说明进行解释。
The following ASN.1 object identifiers have been allocated for these schemes:
已为这些方案分配了以下ASN.1对象标识符:
rsadsi OBJECT IDENTIFIER ::=
{iso(1) member-body(2) us(840) rsadsi(113549)}
rsadsi OBJECT IDENTIFIER ::=
{iso(1) member-body(2) us(840) rsadsi(113549)}
digestAlgorithm OBJECT IDENTIFIER ::= {rsadsi 2}
digestAlgorithm OBJECT IDENTIFIER ::= {rsadsi 2}
id-hmacWithSHA224 OBJECT IDENTIFIER ::= {digestAlgorithm 8}
id-hmacWithSHA256 OBJECT IDENTIFIER ::= {digestAlgorithm 9}
id-hmacWithSHA384 OBJECT IDENTIFIER ::= {digestAlgorithm 10}
id-hmacWithSHA512 OBJECT IDENTIFIER ::= {digestAlgorithm 11}
id-hmacWithSHA224 OBJECT IDENTIFIER ::= {digestAlgorithm 8}
id-hmacWithSHA256 OBJECT IDENTIFIER ::= {digestAlgorithm 9}
id-hmacWithSHA384 OBJECT IDENTIFIER ::= {digestAlgorithm 10}
id-hmacWithSHA512 OBJECT IDENTIFIER ::= {digestAlgorithm 11}
When the "algorithm" component in a value of ASN.1 type AlgorithmIdentifier (see, e.g., [4], Section 10) identifies one of these schemes, the "parameter" component SHOULD be present but have type NULL.
当ASN.1类型AlgorithmIdentifier值中的“算法”组件(参见,例如[4],第10节)识别这些方案之一时,“参数”组件应存在,但类型为NULL。
The following URIs have been allocated for these schemes:
已为这些方案分配了以下URI:
http://www.rsasecurity.com/rsalabs/pkcs/schemas/pkcs-5#hmac-sha-224
http://www.rsasecurity.com/rsalabs/pkcs/schemas/pkcs-5#hmac-sha-256
http://www.rsasecurity.com/rsalabs/pkcs/schemas/pkcs-5#hmac-sha-384
http://www.rsasecurity.com/rsalabs/pkcs/schemas/pkcs-5#hmac-sha-512
http://www.rsasecurity.com/rsalabs/pkcs/schemas/pkcs-5#hmac-sha-224
http://www.rsasecurity.com/rsalabs/pkcs/schemas/pkcs-5#hmac-sha-256
http://www.rsasecurity.com/rsalabs/pkcs/schemas/pkcs-5#hmac-sha-384
http://www.rsasecurity.com/rsalabs/pkcs/schemas/pkcs-5#hmac-sha-512
As usual, when used in the context of [5], the <ds:HMACOutputLength> element may specify the truncated length of the scheme output.
通常,在[5]的上下文中使用时,<ds:HMACOutputLength>元素可以指定方案输出的截断长度。
The test vectors in this document have been cross-verified by three independent implementations. An implementation that concurs with the results provided in this document should be interoperable with other similar implementations.
本文档中的测试向量已通过三个独立的实现进行交叉验证。与本文档中提供的结果一致的实现应该可以与其他类似的实现进行互操作。
Keys, data, and digests are provided in hex.
键、数据和摘要以十六进制提供。
Key = 0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b 0b0b0b0b (20 bytes) Data = 4869205468657265 ("Hi There")
Key=0b0b0b0b0b0b0b0b0b 0b0b0b(20字节)数据=48692054657265(“你好”)
HMAC-SHA-224 = 896fb1128abbdf196832107cd49df33f
47b4b1169912ba4f53684b22
HMAC-SHA-256 = b0344c61d8db38535ca8afceaf0bf12b
881dc200c9833da726e9376c2e32cff7
HMAC-SHA-384 = afd03944d84895626b0825f4ab46907f
15f9dadbe4101ec682aa034c7cebc59c
faea9ea9076ede7f4af152e8b2fa9cb6
HMAC-SHA-512 = 87aa7cdea5ef619d4ff0b4241a1d6cb0
2379f4e2ce4ec2787ad0b30545e17cde
daa833b7d6b8a702038b274eaea3f4e4
be9d914eeb61f1702e696c203a126854
HMAC-SHA-224 = 896fb1128abbdf196832107cd49df33f
47b4b1169912ba4f53684b22
HMAC-SHA-256 = b0344c61d8db38535ca8afceaf0bf12b
881dc200c9833da726e9376c2e32cff7
HMAC-SHA-384 = afd03944d84895626b0825f4ab46907f
15f9dadbe4101ec682aa034c7cebc59c
faea9ea9076ede7f4af152e8b2fa9cb6
HMAC-SHA-512 = 87aa7cdea5ef619d4ff0b4241a1d6cb0
2379f4e2ce4ec2787ad0b30545e17cde
daa833b7d6b8a702038b274eaea3f4e4
be9d914eeb61f1702e696c203a126854
Test with a key shorter than the length of the HMAC output.
使用短于HMAC输出长度的键进行测试。
Key = 4a656665 ("Jefe") Data = 7768617420646f2079612077616e7420 ("what do ya want ") 666f72206e6f7468696e673f ("for nothing?")
Key=4a656665(“Jefe”)Data=7768617420646f2079612077616e7420(“你想要什么”)666F7206E6F7468696E673F(“免费的?”)
HMAC-SHA-224 = a30e01098bc6dbbf45690f3a7e9e6d0f
8bbea2a39e6148008fd05e44
HMAC-SHA-256 = 5bdcc146bf60754e6a042426089575c7
5a003f089d2739839dec58b964ec3843
HMAC-SHA-384 = af45d2e376484031617f78d2b58a6b1b
9c7ef464f5a01b47e42ec3736322445e
8e2240ca5e69e2c78b3239ecfab21649
HMAC-SHA-512 = 164b7a7bfcf819e2e395fbe73b56e0a3
87bd64222e831fd610270cd7ea250554
9758bf75c05a994a6d034f65f8f0e6fd
caeab1a34d4a6b4b636e070a38bce737
HMAC-SHA-224 = a30e01098bc6dbbf45690f3a7e9e6d0f
8bbea2a39e6148008fd05e44
HMAC-SHA-256 = 5bdcc146bf60754e6a042426089575c7
5a003f089d2739839dec58b964ec3843
HMAC-SHA-384 = af45d2e376484031617f78d2b58a6b1b
9c7ef464f5a01b47e42ec3736322445e
8e2240ca5e69e2c78b3239ecfab21649
HMAC-SHA-512 = 164b7a7bfcf819e2e395fbe73b56e0a3
87bd64222e831fd610270cd7ea250554
9758bf75c05a994a6d034f65f8f0e6fd
caeab1a34d4a6b4b636e070a38bce737
Test with a combined length of key and data that is larger than 64 bytes (= block-size of SHA-224 and SHA-256).
使用大于64字节的密钥和数据的组合长度(=SHA-224和SHA-256的块大小)进行测试。
Key aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa aaaaaaaa (20 bytes) Data = dddddddddddddddddddddddddddddddd dddddddddddddddddddddddddddddddd dddddddddddddddddddddddddddddddd dddd (50 bytes)
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
HMAC-SHA-224 = 7fb3cb3588c6c1f6ffa9694d7d6ad264
9365b0c1f65d69d1ec8333ea
HMAC-SHA-256 = 773ea91e36800e46854db8ebd09181a7
2959098b3ef8c122d9635514ced565fe
HMAC-SHA-384 = 88062608d3e6ad8a0aa2ace014c8a86f
0aa635d947ac9febe83ef4e55966144b
2a5ab39dc13814b94e3ab6e101a34f27
HMAC-SHA-512 = fa73b0089d56a284efb0f0756c890be9
b1b5dbdd8ee81a3655f83e33b2279d39
bf3e848279a722c806b485a47e67c807
b946a337bee8942674278859e13292fb
HMAC-SHA-224 = 7fb3cb3588c6c1f6ffa9694d7d6ad264
9365b0c1f65d69d1ec8333ea
HMAC-SHA-256 = 773ea91e36800e46854db8ebd09181a7
2959098b3ef8c122d9635514ced565fe
HMAC-SHA-384 = 88062608d3e6ad8a0aa2ace014c8a86f
0aa635d947ac9febe83ef4e55966144b
2a5ab39dc13814b94e3ab6e101a34f27
HMAC-SHA-512 = fa73b0089d56a284efb0f0756c890be9
b1b5dbdd8ee81a3655f83e33b2279d39
bf3e848279a722c806b485a47e67c807
b946a337bee8942674278859e13292fb
Test with a combined length of key and data that is larger than 64 bytes (= block-size of SHA-224 and SHA-256).
使用大于64字节的密钥和数据的组合长度(=SHA-224和SHA-256的块大小)进行测试。
Key = 0102030405060708090a0b0c0d0e0f10 111213141516171819 (25 bytes) Data = cdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcd cdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcd cdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcd cdcd (50 bytes)
Key=0102030405060708090a0b0c0d0e0f10 111213141516171819(25字节)数据=cdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcd
HMAC-SHA-224 = 6c11506874013cac6a2abc1bb382627c
ec6a90d86efc012de7afec5a
HMAC-SHA-256 = 82558a389a443c0ea4cc819899f2083a
85f0faa3e578f8077a2e3ff46729665b
HMAC-SHA-384 = 3e8a69b7783c25851933ab6290af6ca7
7a9981480850009cc5577c6e1f573b4e
6801dd23c4a7d679ccf8a386c674cffb
HMAC-SHA-512 = b0ba465637458c6990e5a8c5f61d4af7
e576d97ff94b872de76f8050361ee3db
a91ca5c11aa25eb4d679275cc5788063
a5f19741120c4f2de2adebeb10a298dd
HMAC-SHA-224 = 6c11506874013cac6a2abc1bb382627c
ec6a90d86efc012de7afec5a
HMAC-SHA-256 = 82558a389a443c0ea4cc819899f2083a
85f0faa3e578f8077a2e3ff46729665b
HMAC-SHA-384 = 3e8a69b7783c25851933ab6290af6ca7
7a9981480850009cc5577c6e1f573b4e
6801dd23c4a7d679ccf8a386c674cffb
HMAC-SHA-512 = b0ba465637458c6990e5a8c5f61d4af7
e576d97ff94b872de76f8050361ee3db
a91ca5c11aa25eb4d679275cc5788063
a5f19741120c4f2de2adebeb10a298dd
Test with a truncation of output to 128 bits.
将输出截断为128位进行测试。
Key = 0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c 0c0c0c0c (20 bytes) Data = 546573742057697468205472756e6361 ("Test With Trunca") 74696f6e ("tion")
Key=0C0C0C0C0C0C0C0C0C0C0C0C0C0C0C0C0C0C0C0C0C0C(20字节)数据=5465737420576974687468205472756E6361(“使用Trunca进行测试”)74696f6e(“测试”)
HMAC-SHA-224 = 0e2aea68a90c8d37c988bcdb9fca6fa8
HMAC-SHA-256 = a3b6167473100ee06e0c796c2955552b
HMAC-SHA-384 = 3abf34c3503b2a23a46efc619baef897
HMAC-SHA-512 = 415fad6271580a531d4179bc891d87a6
HMAC-SHA-224 = 0e2aea68a90c8d37c988bcdb9fca6fa8
HMAC-SHA-256 = a3b6167473100ee06e0c796c2955552b
HMAC-SHA-384 = 3abf34c3503b2a23a46efc619baef897
HMAC-SHA-512 = 415fad6271580a531d4179bc891d87a6
Test with a key larger than 128 bytes (= block-size of SHA-384 and SHA-512).
使用大于128字节的密钥进行测试(=SHA-384和SHA-512的块大小)。
Key = aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa aaaaaa (131 bytes) Data = 54657374205573696e67204c61726765 ("Test Using Large") 72205468616e20426c6f636b2d53697a ("r Than Block-Siz") 65204b6579202d2048617368204b6579 ("e Key - Hash Key") 204669727374 (" First")
Key=aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa72205468616e20426c6f636b2d53697a(“比块大小大”)65204b6579202d2048617368204b6579(“e键-哈希键”)204669727374(“第一个”)
HMAC-SHA-224 = 95e9a0db962095adaebe9b2d6f0dbce2
d499f112f2d2b7273fa6870e
HMAC-SHA-256 = 60e431591ee0b67f0d8a26aacbf5b77f
8e0bc6213728c5140546040f0ee37f54
HMAC-SHA-384 = 4ece084485813e9088d2c63a041bc5b4
4f9ef1012a2b588f3cd11f05033ac4c6
0c2ef6ab4030fe8296248df163f44952
HMAC-SHA-512 = 80b24263c7c1a3ebb71493c1dd7be8b4
9b46d1f41b4aeec1121b013783f8f352
6b56d037e05f2598bd0fd2215d6a1e52
95e64f73f63f0aec8b915a985d786598
HMAC-SHA-224 = 95e9a0db962095adaebe9b2d6f0dbce2
d499f112f2d2b7273fa6870e
HMAC-SHA-256 = 60e431591ee0b67f0d8a26aacbf5b77f
8e0bc6213728c5140546040f0ee37f54
HMAC-SHA-384 = 4ece084485813e9088d2c63a041bc5b4
4f9ef1012a2b588f3cd11f05033ac4c6
0c2ef6ab4030fe8296248df163f44952
HMAC-SHA-512 = 80b24263c7c1a3ebb71493c1dd7be8b4
9b46d1f41b4aeec1121b013783f8f352
6b56d037e05f2598bd0fd2215d6a1e52
95e64f73f63f0aec8b915a985d786598
Test with a key and data that is larger than 128 bytes (= block-size of SHA-384 and SHA-512).
使用大于128字节的密钥和数据进行测试(=SHA-384和SHA-512的块大小)。
Key = aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa aaaaaa (131 bytes) Data = 54686973206973206120746573742075 ("This is a test u") 73696e672061206c6172676572207468 ("sing a larger th") 616e20626c6f636b2d73697a65206b65 ("an block-size ke") 7920616e642061206c61726765722074 ("y and a larger t") 68616e20626c6f636b2d73697a652064 ("han block-size d") 6174612e20546865206b6579206e6565 ("ata. The key nee") 647320746f2062652068617368656420 ("ds to be hashed ") 6265666f7265206265696e6720757365 ("before being use") 642062792074686520484d414320616c ("d by the HMAC al") 676f726974686d2e ("gorithm.")
Key=aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa73696E67061206C617266572207468(“唱大th”)616E20626C6F636B2D73697A6520665(“块大小ke”)7920616E6420616E642061206C6172665722074(“y和大t”)68616e20626c6f636b2d73697a652064(“han块大小d”)6174612E2054668652065206E6565(“ata.键nee”)647320746F2062652068686173656420(“要散列的ds”)6265666F7265206265696E672070757365(“使用前”)64206279207468520484D414320616C(“HMAC al的d”)676F72697464686262E(“gorithm”)
HMAC-SHA-224 = 3a854166ac5d9f023f54d517d0b39dbd
946770db9c2b95c9f6f565d1
HMAC-SHA-256 = 9b09ffa71b942fcb27635fbcd5b0e944
bfdc63644f0713938a7f51535c3a35e2
HMAC-SHA-384 = 6617178e941f020d351e2f254e8fd32c
602420feb0b8fb9adccebb82461e99c5
a678cc31e799176d3860e6110c46523e
HMAC-SHA-512 = e37b6a775dc87dbaa4dfa9f96e5e3ffd
debd71f8867289865df5a32d20cdc944
b6022cac3c4982b10d5eeb55c3e4de15
134676fb6de0446065c97440fa8c6a58
HMAC-SHA-224 = 3a854166ac5d9f023f54d517d0b39dbd
946770db9c2b95c9f6f565d1
HMAC-SHA-256 = 9b09ffa71b942fcb27635fbcd5b0e944
bfdc63644f0713938a7f51535c3a35e2
HMAC-SHA-384 = 6617178e941f020d351e2f254e8fd32c
602420feb0b8fb9adccebb82461e99c5
a678cc31e799176d3860e6110c46523e
HMAC-SHA-512 = e37b6a775dc87dbaa4dfa9f96e5e3ffd
debd71f8867289865df5a32d20cdc944
b6022cac3c4982b10d5eeb55c3e4de15
134676fb6de0446065c97440fa8c6a58
This document is intended to provide the identifications and test vectors for the four identified message authentication code schemes to the Internet community. No assertion of the security of these message authentication code schemes for any particular use is intended. The reader is referred to [1] for a discussion of the general security of the HMAC construction.
本文件旨在向互联网社区提供四种已识别消息认证码方案的标识和测试向量。不打算为任何特定用途断言这些消息认证码方案的安全性。读者可参考[1]了解HMAC结构的一般安全性。
The test cases in this document are derived from the test cases in [6], although the keys and data are slightly different.
本文中的测试用例源自[6]中的测试用例,尽管键和数据略有不同。
Thanks to Jim Schaad and Brad Hards for assistance in verifying the results.
感谢Jim Schaad和Brad Hards协助验证结果。
[1] Krawczyk, H., Bellare, M., and R. Canetti, "HMAC: Keyed-Hashing for Message Authentication", RFC 2104, February 1997.
[1] Krawczyk,H.,Bellare,M.和R.Canetti,“HMAC:用于消息身份验证的键控哈希”,RFC 2104,1997年2月。
[2] National Institute of Standards and Technology, "Secure Hash Standard", FIPS 180-2, August 2002, with Change Notice 1 dated February 2004.
[2] 国家标准与技术研究所,“安全哈希标准”,FIPS 180-22002年8月,附2004年2月的变更通知1。
[3] Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, March 1997.
[3] Bradner,S.,“RFC中用于表示需求水平的关键词”,BCP 14,RFC 2119,1997年3月。
[4] Housley, R., "Cryptographic Message Syntax (CMS)", RFC 3852, July 2004.
[4] Housley,R.,“加密消息语法(CMS)”,RFC3852,2004年7月。
[5] Eastlake 3rd, D., Reagle, J., and D. Solo, "(Extensible Markup Language) XML-Signature Syntax and Processing", RFC 3275, March 2002.
[5] Eastlake 3rd,D.,Reagle,J.,和D.Solo,“(可扩展标记语言)XML签名语法和处理”,RFC 3275,2002年3月。
[6] Cheng, P. and R. Glenn, "Test Cases for HMAC-MD5 and HMAC-SHA-1", RFC 2202, September 1997.
[6] Cheng,P.和R.Glenn,“HMAC-MD5和HMAC-SHA-1的测试案例”,RFC 2202,1997年9月。
Author's Address
作者地址
Magnus Nystrom RSA Security
Magnus Nystrom RSA安全
EMail: magnus@rsasecurity.com
EMail: magnus@rsasecurity.com
Full Copyright Statement
完整版权声明
Copyright (C) The Internet Society (2005).
版权所有(C)互联网协会(2005年)。
This document is subject to the rights, licenses and restrictions contained in BCP 78, and except as set forth therein, the authors retain all their rights.
本文件受BCP 78中包含的权利、许可和限制的约束,除其中规定外,作者保留其所有权利。
This document and the information contained herein are provided on an "AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY AND THE INTERNET ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
本文件及其包含的信息是按“原样”提供的,贡献者、他/她所代表或赞助的组织(如有)、互联网协会和互联网工程任务组不承担任何明示或暗示的担保,包括但不限于任何保证,即使用本文中的信息不会侵犯任何权利,或对适销性或特定用途适用性的任何默示保证。
Intellectual Property
知识产权
The IETF takes no position regarding the validity or scope of any Intellectual Property Rights or other rights that might be claimed to pertain to the implementation or use of the technology described in this document or the extent to which any license under such rights might or might not be available; nor does it represent that it has made any independent effort to identify any such rights. Information on the procedures with respect to rights in RFC documents can be found in BCP 78 and BCP 79.
IETF对可能声称与本文件所述技术的实施或使用有关的任何知识产权或其他权利的有效性或范围,或此类权利下的任何许可可能或可能不可用的程度,不采取任何立场;它也不表示它已作出任何独立努力来确定任何此类权利。有关RFC文件中权利的程序信息,请参见BCP 78和BCP 79。
Copies of IPR disclosures made to the IETF Secretariat and any assurances of licenses to be made available, or the result of an attempt made to obtain a general license or permission for the use of such proprietary rights by implementers or users of this specification can be obtained from the IETF on-line IPR repository at http://www.ietf.org/ipr.
向IETF秘书处披露的知识产权副本和任何许可证保证,或本规范实施者或用户试图获得使用此类专有权利的一般许可证或许可的结果,可从IETF在线知识产权存储库获取,网址为http://www.ietf.org/ipr.
The IETF invites any interested party to bring to its attention any copyrights, patents or patent applications, or other proprietary rights that may cover technology that may be required to implement this standard. Please address the information to the IETF at ietf-ipr@ietf.org.
IETF邀请任何相关方提请其注意任何版权、专利或专利申请,或其他可能涵盖实施本标准所需技术的专有权利。请将信息发送至IETF的IETF-ipr@ietf.org.
Acknowledgement
确认
Funding for the RFC Editor function is currently provided by the Internet Society.
RFC编辑功能的资金目前由互联网协会提供。