[Openswan Users] what's the problem of this hmac?

Jun Yin hansyin at gmail.com
Wed Apr 4 05:24:02 EDT 2012

Hi, I'm trying to craft a esp packet for ipsec test, I try to use
python to create the hmac, I tried this:

>>> key1="11111111111111111111111111111111"
>>> msg="000001340000000b46e66a9853b58a94492be70c535a72d5994c3fe54a7c69e6a433c5a1a24b2c207e28f240b6d51e7b8711daa2b2ec39461dfa246ae23265fcd3c20f4bb1d691beecd8a8a717de6f5bcdc4e4564ca75cdf99e748946b551d1d9dcb2ec0b42294af"
>>> hmac.new(key1,msg).hexdigest()
>>> hmac.new(key1,msg.encode('hex')).hexdigest()

after I send the packet with this hmac value(first 12 byte), wireshark
complain the hmac is wrong:

Authentication Data [incorrect, should be 0x3150EDBE93C020C42F23114E]

Looks like my calculation is wrong, but I don't know where. Anyone
could help? Thanks!!!!


Hans Yin
Web:   http://sourceforge.net/projects/autotestnet/
Email:  hansyin at gmail.com
MSN:   hansyin at hotmail.com
Skype: hans_yin_vancouver

More information about the Users mailing list