I am trying to get a MAC TripleDES equivalent of the C# MACTripleDES
class.
I have tried following mcrypt()
, but that is just encoding in TripleDES. I need to get an equivalent MACTripleDES string as the one that is generated in C# to authenticate a message.
I have also looked at PHP's hash_hmac()
function but it does not give the option of generating a MAC with TripleDES
I'm not sure since Microsoft didn't bother to say what standard their class conforms to, but I suspect that this NIST document is what the Microsoft class is computing, only using triple DES in place of DES.
I guess you will have to write your own method using the primitives in mcrypt.
EDIT 1:
Inspired by the bounty, I have these two examples showing equivalent result in PHP and C#.
First, C#:
using System;
using System.Text;
using System.Security.Cryptography;
namespace TDESMacExample
{
class MainClass
{
public static void Main (string[] args)
{
var keyString = "012345678901234567890123";
var keyBytes = Encoding.ASCII.GetBytes(keyString);
var mac = new MACTripleDES(keyBytes);
var data = "please authenticate me example number one oh one point seven niner";
Console.WriteLine(data.Length);
var macResult = mac.ComputeHash(Encoding.ASCII.GetBytes(data));
Console.WriteLine(BitConverter.ToString(macResult));
// B1-29-14-74-EA-E2-74-2D
}
}
}
Next, PHP:
<?php
$data = 'please authenticate me example number one oh one point seven niner';
$key = '012345678901234567890123'; // Key must be 24 bytes long
$iv = '\x00\x00\x00\x00\x00\x00\x00\x00'; // All zero IV is required
$cipher = mcrypt_cbc(MCRYPT_3DES, $key, $data, MCRYPT_ENCRYPT, $iv);
$mac_result = substr($cipher, -8); // Last 8 bytes of the cipher are the MAC
echo "mac result : " . bin2hex($mac_result);
echo "<br>";
?>
The MAC is simply the last eight bytes of the CBC encrypted data. If the key, IV, and the padding method matches, you should be able to just use those bytes.
For more details about MAC definition, see Appendix F of FIPS-81, DES Modes of Operation.