For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

DavidW_20496's avatar
DavidW_20496
Icon for Nimbostratus rankNimbostratus
Feb 24, 2015

HMAC Question

F5 posted an example for generating an HMAC based on sha256

 https://devcentral.f5.com/wiki/iRules.HMAC.ashx

In the line 31 there is

set token [sha256 $opad[sha256 "${ipad}${message}"]]

The inner sha256 takes a string parameter. The outer sha256 seems to take a string concatennated with the byte array result of the inner sha256.... This looks very odd to concattenate different types. What actually happens here ?

application delivery
devops
iRules

4 Replies

  • JoshBecigneul's avatar
    JoshBecigneul
    Icon for MVP rankMVP
    Feb 28, 2015

    Looks like TCL allows for that sort of concatenation. I took a few minutes but didn't find a documented example of it. The code example does work, however, and modifying it to the following still returns the same results.

     

    set innerdata [sha256 "${ipad}${message}"]
set token [sha256 "${opad}${innerdata}"]
  • DavidW_20496's avatar
    DavidW_20496
    Icon for Nimbostratus rankNimbostratus
    Mar 01, 2015

    Thanks. Yep found some comment that tcl treats byte arrays as strings.

     

    Am now questioning whether the the HmacSha256 is actually quite to spec. It doesn't pad the key if the key is less than the block length but then does pad the ipad and opad, but with 6 and . This doesn't look like it is doing this to standard, but may be the equivalent.

     

    Anyway, doesn't matter for me I don't need a super secure Hmac, and can save cycles by doing something simpler just using the built in sha256.

     

  • DavidW_20496's avatar
    DavidW_20496
    Icon for Nimbostratus rankNimbostratus
    Dec 02, 2015

    Ta. But we have 10.x. If we ever get around to upgrading/replacing though, will use.