HMAC Hex Key Ambiguity

This happens all the time..

Quite often, a service provider will provide instructions for HMAC generation, and will provide a hexadecimal HMAC key in the example, such as:

01A0251D601FEF3305A38B124068A001CF3F099AA187DB2886314C67CDFDEBCD

This is implicitly ambiguous because there are two ways to interpret the instructions:

1) The HMAC key is composed of the ascii bytes ‘0’, ‘1’, ‘A’, ‘0’, ‘2’, ‘5’, etc. In other words, the HMAC key is 0x30, 0x31, 0x41, etc.

or

2) The HMAC key is composed of the bytes represented by the hex string. In other words, the HMAC key is 0x01, 0xA0, 0x25, etc.

Both can be accomplished using Chilkat.
For the #1 case, one would call

crypt.SetMacKeyString("01A0251D … 67CDFDEBCD")

For the #2 case, one would call

crypt.SetMacKeyEncoded("01A0251D … 67CDFDEBCD","hex")
Tags :