© 2005 Goetz Heller
Table of Contents Description Source Code Copyright Note backThese examples calculate the results for test input as given in RFC 2104 for different hash algorithms. The algorithms used are MD4, MD5, and for demonstration purposes, base64, a non-existing algorithm 'Unknown', and another non-hash class, 'NoHash', created on the fly.
// initialize array of input strings var inp = [ 'Hi There', 'what do ya want for nothing?', '' ]; // make a copy to hold printable versions var si = inp.slice(0, inp.length); for (var j = 0; j < inp.length; j++) { si[j] = inp[j]; } // create unprintable input string for (var i = 0; i < 50; i++) { inp[2] += String.fromCharCode(0xdd); } // create printable versions for (var j = 0; j < si.length; j++) { if (si[j] == '') { si[j] = '0x'; for (var i = 0; i < inp[j].length; i++) { si[j] += ((inp[j].charCodeAt(i) < 16) ? '0' : '') + inp[j].charCodeAt(i).toString(16); } } } // initialize array of keys var key = [ '', 'Jefe', '' ]; // make a copy to hold printable versions var sk = key.slice(0, key.length); for (var j = 0; j < key.length; j++) { sk[j] = key[j]; } // create unprintable key strings for (var i = 0; i < 16; i++) { key[0] += String.fromCharCode(0x0b); key[2] += String.fromCharCode(0xaa); } // create printable versions for (var j = 0; j < key.length; j++) { if (sk[j] == '') { sk[j] = '0x'; for (var i = 0; i < key[j].length; i++) { sk[j] += ((key[j].charCodeAt(i) < 16) ? '0' : '') + key[j].charCodeAt(i).toString(16); } } } // control line breaks var br = ' '; document.write('<' + 'h5>HMAC-MD4<' + '/h5>\n'); // ========================================================================================= // create an MD4 hash algorithm and instantiate a new HMAC algorithm with it // ========================================================================================= try { var md4 = core.createInstance('system.security.encryption.hash.MD4'); var hmacMD4 = core.createInstance('system.security.encryption.hash.HMAC', md4); // calculate hash var d = ''; for (var j = 0; j < inp.length; j++) { d = hmacMD4.computeHash(key[j], inp[j]); s = '0x'; for (var i = 0; i < d.length; i++) { s += ((d.charCodeAt(i) < 16) ? '0' : '') + d.charCodeAt(i).toString(16); } br = (si[j].length > 40) ? '\n\t' : ' '; document.write(hmacMD4 + '.computeHash(\''+si[j]+'\',' + br + '\''+sk[j]+'\') = \'' + s +'\'<' + 'br/>'); } } catch (e) { document.write(e.message + '<' + 'br/>'); } document.write('\n\n<' + 'h5>HMAC-MD5<' + '/h5>\n'); // ========================================================================================= // instantiate a new HMAC algorithm with the name of the MD5 algorithm // ========================================================================================= try { var hmacMD5 = core.createInstance('system.security.encryption.hash.HMAC','MD5'); // calculate hash for (var j = 0; j < inp.length; j++) { d = hmacMD5.computeHash(inp[j], key[j]); s = ''; for (var i = 0; i < d.length; i++) { s += ((d.charCodeAt(i) < 16) ? '0' : '') + d.charCodeAt(i).toString(16); } br = (si[j].length > 40) ? '\n\t' : ' '; document.write(hmacMD5 + '.computeHash(\''+si[j]+'\',' + br + '\''+sk[j]+'\') = \'0x' + s +'\'<' + 'br/>'); } } catch (e) { document.write(e.message + '<' + 'br/>'); } document.write('\n\n<' + 'h5>HMAC-Unknown<' + '/h5>\n'); // ========================================================================================= // try to instantiate a new HMAC algorithm with the name of a non-exisiting class // ========================================================================================= var alg = 'Unknown'; var hmacUnknown = null; try { hmacUnknown = core.createInstance('system.security.encryption.hash.HMAC' ,alg); for (var j = 0; j < inp.length; j++) { d = hmacUnknown.computeHash(inp[j], key[j]); s = ''; for (var i = 0; i < d.length; i++) { s += ((d.charCodeAt(i) < 16) ? '0' : '') + d.charCodeAt(i).toString(16); } br = (si[j].length > 40) ? '\n\t' : ' '; document.write(hmacUnknown + '.computeHash(\''+si[j]+'\',' + br + '\''+sk[j]+'\') = \'0x' + s +'\'<' + 'br/>'); } } catch (e) { document.write(e.message + '<' + 'br/>'); } document.write('\n\n<' + 'h5>HMAC-NoHash (1)<' + '/h5>\n'); // ========================================================================================= // try to instantiate a new HMAC algorithm with the name of a non-hash algorithm // ========================================================================================= var alg = 'NoHash'; var nh = function() {}; nh.classID = function() { return 'system.security.encryption.hash.NoHash'; }; core.installClass(nh); var hmacNoHash = null; try{ hmacNoHash = core.createInstance('system.security.encryption.hash.HMAC', alg); for (var j = 0; j < inp.length; j++) { d = hmacNoHash.computeHash(inp[j], key[j]); s = ''; for (var i = 0; i < d.length; i++) { s += ((d.charCodeAt(i) < 16) ? '0' : '') + d.charCodeAt(i).toString(16); } br = (si[j].length > 40) ? '\n\t' : ' '; document.write(hmacNoHash + '.computeHash(\''+si[j]+'\',' + br + '\''+sk[j]+'\') = \'0x' + s +'\'<' + 'br/>'); } } catch (e) { document.write(e.message + '<' + 'br/>'); } document.write('\n\n<' + 'h5>HMAC-NoHash (2)<' + '/h5>\n'); // ========================================================================================= // try to instantiate a new HMAC algorithm with a non-hash algorithm // ========================================================================================= alg = core.createInstance('system.security.encryption.hash.NoHash'); hmacNoHash = null; try{ hmacNoHash = core.createInstance('system.security.encryption.hash.HMAC', alg); for (var j = 0; j < inp.length; j++) { d = hmacNoHash.computeHash(inp[j], key[j]); s = ''; for (var i = 0; i < d.length; i++) { s += ((d.charCodeAt(i) < 16) ? '0' : '') + d.charCodeAt(i).toString(16); } br = (si[j].length > 40) ? '\n\t' : ' '; document.write(hmacNoHash + '.computeHash(\''+si[j]+'\',' + br + '\''+sk[j]+'\') = \'0x' + s +'\'<' + 'br/>'); } } catch (e) { document.write(e.message + '<' + 'br/>'); } document.write('\n\n<' + 'h5>HMAC-base64<' + '/h5>\n'); // ========================================================================================= // try to instantiate a new HMAC algorithm with base64 algorithm // ========================================================================================= alg = core.createInstance('system.utility.base64'); hmacBase64 = null; try{ hmacBase64 = core.createInstance('system.security.encryption.hash.HMAC', alg); for (var j = 0; j < inp.length; j++) { d = hmacBase64.computeHash(inp[j], key[j]); s = ''; for (var i = 0; i < d.length; i++) { s += ((d.charCodeAt(i) < 16) ? '0' : '') + d.charCodeAt(i).toString(16); } br = (si[j].length > 40) ? '\n\t' : ' '; document.write(hmacBase64 + '.computeHash(\''+si[j]+'\',' + br + '\''+sk[j]+'\') = \'0x' + s +'\'<' + 'br/>'); } } catch (e) { document.write(e.message + '<' + 'br/>'); }