Dialback Key Generation and Validation (XEP-0185)

From XMPP WIKI
Revision as of 20:48, 17 April 2020 by Pep. (talk | contribs)
Jump to navigation Jump to search

This is a page for information about Dialback Key Generation and Validation (XEP-0185), including errata, comments, questions, and implementation experience.

Script used to generate the main example of the XEP

from Crypto.Hash import SHA256
import hmac

originating     = "example.com"
receiving       = "example.net"
id              = "D60000229F"
secret          = "s3cr3tf0rd14lb4ck"

hashed_secret   = SHA256.new(secret).hexdigest()
cat = " ".join([receiving, originating, id])
h = hmac.HMAC(hashed_secret, digestmod = SHA256)
h.update(cat)
key = h.hexdigest()

print "hashed secret\t%s" % (repr(hashed_secret), )
print "arg for hmac\t%s" % (repr(cat), )
print "resulting key\t%s" % (repr(key), )

Developer Hints: generating HMAC-SHA256

This section demonstrates generation of HMAC-SHA256 hashes

C / OpenSSL

The next release of OpenSSL (0.9.8) will support SHA256

#include <stdio.h>
#include <openssl/sha.h>
#include <openssl/hmac.h>
#include <openssl/evp.h>

int main(int argc, char **argv) {
    char md[SHA256_DIGEST_LENGTH];
    int i;
    SHA256_CTX ctx;

    char hmac[SHA256_DIGEST_LENGTH];
    int len;
    HMAC_CTX h;

    /* SHA 256 example */
    SHA256_Init(&ctx);
    SHA256_Update(&ctx, "a", 1);
    SHA256_Update(&ctx, "b", 1);
    SHA256_Update(&ctx, "c", 1);
    SHA256_Final(md, &ctx);
    for (i = 0; i < SHA256_DIGEST_LENGTH; i++)
        printf("%02x", md[i] & 0xff);
    printf("\n");

    /* HMAC-SHA256 example */
    HMAC_Init(&h, "secret", 6, EVP_sha256());
    HMAC_Update(&h, "abc", 3);
    HMAC_Final(&h, hmac, &len);
    for (i = 0; i < len; i++)
        printf("%02x", hmac[i] & 0xff);
    printf("\n");

    return 0;
}

Python

The python standard library supports HMAC and SHA256

from Crypto.Hash import SHA256
import hmac

s = SHA256.new()
s.update("a")
s.update("b")
s.update("c")
print s.hexdigest()

h = hmac.HMAC("secret", digestmod = SHA256)
h.update("abc")
print h.hexdigest()