documentation指定的Message-Authenticator字段令人困惑:
5.14. Message-Authenticator
Earlier drafts of this memo used "Signature" as the name of this
attribute, but Message-Authenticator is more precise.
String
When present in an Access-Request packet, Message-Authenticator is
an HMAC-MD5 [9] checksum of the entire Access-Request packet,
including Type, ID, Length and authenticator, using the shared
secret as the key, as follows.
Message-Authenticator = HMAC-MD5 (Type, Identifier, Length,
Request Authenticator, Attributes)
When the checksum is calculated the signature string should be
considered to be sixteen octets of zero.
For Access-Challenge, Access-Accept, and Access-Reject packets,
the Message-Authenticator is calculated as follows, using the
Request-Authenticator from the Access-Request this packet is in
reply to:
Message-Authenticator = HMAC-MD5 (Type, Identifier, Length,
Request Authenticator, Attributes)
When the checksum is calculated the signature string should be
considered to be sixteen octets of zero. The shared secret is
used as the key for the HMAC-MD5 hash. The is calculated and
inserted in the packet before the Response Authenticator is
calculated.
报价:
in an Access-Request packet, Message-Authenticator is
an HMAC-MD5 [9] checksum of the entire Access-Request packet,
including Type, ID, Length and authenticator, using the shared
secret as the key, as follows.
Message-Authenticator = HMAC-MD5 (Type, Identifier, Length,
Request Authenticator, Attributes)
Message-Authenticator暂时不能作为属性,因为尚未计算。
When the checksum is calculated the signature string should be
considered to be sixteen octets of zero.
说“签名”是什么意思?这是要在属性中添加Message-Authenticator并将其值设置为16个零以计算Message-Authenticator,然后替换该值吗?
答案 0 :(得分:1)
我知道这很老,但以防万一。要回答您的问题,是的,您是正确的。这仅适用于Python 2。
req["Message-Authenticator"] = 16*six.b("\x00") raw_packet = req.RequestPacket() digest = hmac.new(secret, raw_packet, hashlib.md5) req["Message-Authenticator"] = digest.hexdigest().decode('hex')