Crypto Hmac SH256 returning incorrect values? #324

cjc opened this Issue Oct 3, 2010 · 8 comments


None yet
6 participants

cjc commented Oct 3, 2010


I've created a test script based on RFC4231 -"Identifiers and Test Vectors for HMAC-SHA-224, HMAC-SHA-256, HMAC-SHA-384, and HMAC-SHA-512". Of the 7 test vectors provided, crypto.createHmac("sha256",.. appears to be returning incorrect results for 3,5,6 and 7.

bartt commented Nov 4, 2010

Same thing happens in

bkw commented Mar 21, 2011

Test 5 should use truncation. If applied, the result looks valid to me.
Test 6 and 7 should hash the key since it is too long (See RFC2104).
Did not check Test 3.

We should fix these tests and add them to the test suite, though.

it doesn't like binary salts at all... probably as it converts the buffer to strings before decoding it as binary.
for the data it skips the toString part and uses the buffer directly.

cjc commented Jul 6, 2011

I'm not sure when this changed, but a retest in 0.4.9 and 0.5.0 shows these tests working in both.

cjc closed this Jul 6, 2011

I just tried my test cases without my patch, and they still don't work. with my path, they do.


bnoordhuis commented Jul 6, 2011

Okay, reopening. cjc's test case fails on master, will have to check what's at fault here.

bnoordhuis reopened this Jul 6, 2011

well, just accept my pull request for it. includes test cases :) joyent#1027

koichik closed this in db99395 Jul 24, 2011

koichik commented Jul 24, 2011

@cjc - After the patch was applied, your test1-4 passed successfully (before the patch was applied, test3 failed). Thanks for the report!

@bartt - Your test still failed. I think your problem is the same as #749.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment