CRAM-MD5 KEYED-MD5 Help

CRAM-MD5 KEYED-MD5 Help

am 17.06.2005 01:19:00 von Remi.Arntzen

In rfc 2195 & 2095
CRAM-MD5 is defined as
MD5((tanstaaftanstaaf XOR opad),
MD5((tanstaaftanstaaf XOR ipad),
<1896.697170952@postoffice.reston.mci.net>))

Question, what is opad and ipad, there is no mention of it in rfc 1828.
Another thing why are there "," in the MD5 function. Do the commas
simply mean take these bytes and concat the next set of bytes onto it,
(because MD5 only takes a *single* array of bytes)?

Re: CRAM-MD5 KEYED-MD5 Help

am 17.06.2005 01:35:39 von Mark Crispin

On Thu, 16 Jun 2005, Remi.Arntzen@gmail.com wrote:
> In rfc 2195 & 2095
> CRAM-MD5 is defined as
> MD5((tanstaaftanstaaf XOR opad),
> MD5((tanstaaftanstaaf XOR ipad),
> <1896.697170952@postoffice.reston.mci.net>))
> Question, what is opad and ipad, there is no mention of it in rfc 1828.
> Another thing why are there "," in the MD5 function.

Look at RFC 2104, which defines HMAC-MD5. All will be clear.

A sample implementation of HMAC-MD5 as used by CRAM-MD5 is in the UW IMAP
toolkit:
ftp://ftp.cac.washington.edu/mail/imap.tar.Z

Look at file imap-200*/src/c-client/auth_md5.c starting with routine
hmac_md5().

-- Mark --

http://staff.washington.edu/mrc
Science does not emerge from voting, party politics, or public debate.
Si vis pacem, para bellum.

Re: CRAM-MD5 KEYED-MD5 Help

am 17.06.2005 02:18:15 von Remi.Arntzen

I thank you. This response was very helpful. (Seeing as I was almost
giving up all hope of ever finding an answer).
I believe I will be able to quickly port the code to java, seeing how
HMAC itself has already been ported as javax.crypto.Mac.

The only thing I need to know is a quick description of memcpy and
memset.

My basic understanding of memcpy(k_ipad,key,kl) is that "key" of length
"kl" is stored in "k_ipad"

However, I do not understand the meaning of
memset(k_ipad+kl,0,(MD5BLKLEN+1)-kl)

Thats all, and again thank you for your help.

---Remi N. Arntzen

Re: CRAM-MD5 KEYED-MD5 Help

am 17.06.2005 02:24:51 von Remi.Arntzen

Never mind helping me with memset. I found it almost instantly using a
web search.

By the way, am I allowed to port your code to java?

Thanks.

Re: CRAM-MD5 KEYED-MD5 Help

am 17.06.2005 02:37:32 von Mark Crispin

On Thu, 16 Jun 2005, Remi Arntzen wrote:
> By the way, am I allowed to port your code to java?

Yes.

-- Mark --

http://staff.washington.edu/mrc
Science does not emerge from voting, party politics, or public debate.
Si vis pacem, para bellum.