Message: FTS-1027 Section 1.7 CRAM-MD5 Frame Exchange Example

Home Message Groups Fidonet [ADM] FTSC Public EchoReading Messages

Who's Online Login New User Message Groups

Main DOVE-Net BattlNet GatorNet Fidonet ILink DoRENET League 10 CombatNet

File Libraries

Subject:

FTS-1027 Section 1.7 CRAM-MD5 Frame Exchange Example

Date:

Wed Apr 24 2024 12:19 pm

From:

Andrew Leary

To:

Jason Brady

Hello Jason!

23 Apr 24 16:11, you wrote to all:

 JB> Question regarding FTS-1027 section 1.7 "Example of Frame Exchange
 JB> During CRAM Authentication"

 JB> In the example, the Originating side returns

 JB>   M_PWD "CRAM-MD5-56be002162a4a15ba7a9064f0c93fd00"

 JB> This hex value appears to be incorrect. I tested with two
 JB> implementations of the CRAM-MD5 algorithm, and in both cases, the same
 JB> hex value was calculated using the password and challenge hex string
 JB> from the example, which differed from the value shown in the document.

 JB> Password:   tanstaaftanstaaf
 JB> Challenge:  f0315b074d728d483d6887d0182fc328
 JB> Expected:   56be002162a4a15ba7a9064f0c93fd00  <- From section 1.7
 JB> example
 JB> Result:     1503922bb6a38bc934bca7afeb522d28  <- From both MD5
 JB> algorithms

 JB> Which is correct - the value shown in section 1.7 or the test result value?

I will do some testing and attempt to validate your concern.

Andrew

--- GoldED+/LNX 1.1.5-b20240209
 * Origin: From the Desk of the FTSC Administrator (1:320/219)


In Reply To: FTS-1027 Section 1.7 CRAM-MD5 Frame Exchange Example (Jason Brady)

Section One BBS