HMAC-SHA1 could anyone help me:

Question

This URL points to a page on MSDN that may interest you: http://msdn.microsoft.com/en-us/library/aa382379(VS.85).aspx

Hi. everyone
could anyone help me?
My platform is windows mobile 6.0
i tested this URLhttp://msdn.microsoft.com/en-us/library/aa382379(VS.85).aspx sample code.
but  Result was 48 f2 57 38 29 29 43 16 fd f4 db 58 31 e1 0c 74 48 8e d4 e2

also i tested this URL http://buchananweb.co.uk/security01.aspx  by same input value.
 result was  4C2DE361BA8958558DE3D049ED1FB5C115656E65
i don't konw
please. Let me Konw  this reason.

Key ="password"
message="message"

Answer 1

I also did a test project recently where I had to use HMAC-SHA1 and used the MSDN code that you refered to above, and then found that it differed from what the .NET HMACSHA1 class gave me.  So then I tried CSHA1 by Dominik Reichl and it matched the result from the .NET HMACSHA1 class so I determined that the MSDN sample using the CryptoApi was not giving me the results I expected.  When I used the hash from CSHA1, everything worked perfectly and authenticated with the server I was communicating with.

Answer 2

First Thank you for your answer.
but  I found  source from this URLhttp://www.codeproject.com/KB/recipes/HMACSHA1class.aspx 
I tested various sample data by above project.
 most of result data value was correct.
but

BYTE key[]="6d5391f390016b339033c5e99b134af5";
BYTE msg[]="MDN=01011112222:APPID=PW00000001:NONCE=20100222113536";

i want to get this value  "C068E13C3F04DDF1ACAA020F88504EDD767BC3C0"
i got this value "eda5a1533289ca93d3abf792a630739632369e91"

i didn't understand  this reason.

I'm sorry.
could you give me sample code(C++ Version)?

Answer 3

I will dig up my source code, but I think your key is your problem.  I think you are passing the hex string of your key and it should be converted to binary.

Answer 4

I guess you are using the actual hex string as your key.  I get the expected result with this code:

int _tmain(int argc, _TCHAR* argv[])
{
    BYTE key[]="6d5391f390016b339033c5e99b134af5";
    BYTE msg[]="MDN=01011112222:APPID=PW00000001:NONCE=20100222113536";
    BYTE digest[20] = {0};

    int textLen = strlen((char*)msg);
    CHMAC_SHA1 hmacSha1;
    hmacSha1.HMAC_SHA1(msg, textLen, key, sizeof(key), digest);

    return 0;
}

Answer 5

I don't know if this is an alternative for you or not, but if are using native you could use this:

http://msdn.microsoft.com/en-us/library/aa380255(VS.85).aspx

We use it in our projects and have had good luck.  It's only a few simple calls.

Tom