<p>The value description is correct. You hash the Dh secret and xor with the key.</p>
<p>If you are doing that and still getting errors, you are probably using an incorrect representation for the Dh secret. The spec says that the binary representation should be non-negative if interpreted as an extended integer in 2-complement notation (or so I seem to recall)</p>
<p><blockquote type="cite">On May 6, 2009 5:46 AM, "<a href="mailto:coen@rtlinteractief.nl">coen@rtlinteractief.nl</a>" <<a href="mailto:coen@rtlinteractief.nl">coen@rtlinteractief.nl</a>> wrote:<br><br>
<div bgcolor="#ffffff" text="#000000">
<font size="-1"><font face="Helvetica, Arial, sans-serif">Hi,<br>
<br>
I've trouble understanding how to build the enc_mac_key element for the
association. How I read the specs, the value and description of the
element do not seem to match. My test client is also not very helpful
since it immediately jumps to check_immediate without an assoc_handle
which means something went wrong with the association.<br>
<br>
I read something like this:<br>
the value says I should XOR the Mac key with my hashed, secret DH key.<br>
the description says I should encrypt my Mac key with my secret DH key
and then hash the result, although I'm not entirely sure where the
hashing goes here.<br>
<br>
Can somebody explain, perhaps in pseudo code, how to build/assemble the
enc_mac_key? Again, sorry for the n00b level.<br>
<br>
Thanks a bunch!<br>
<br>
</font></font>
<div>-- <br>
<small style="font-family:Helvetica,Arial,sans-serif">Met
vriendelijke groet / With kind regards / mit besten Grüßen,</small><br>
<br>
<br>
<table style="text-align:left;width:177px;height:124px" border="0" cellpadding="0" cellspacing="0">
<tbody>
<tr>
<td style="width:26px;background-color:rgb(255, 153, 0);text-align:right;vertical-align:bottom" colspan="1" rowspan="4"><img style="border:0px solid;width:26px;height:107px" alt="" src="cid:part1.01090907.07080104@rtlinteractief.nl" hspace="0" vspace="0"><br>
</td>
<td style="width:5px"><br>
</td>
<td><small><span style="font-family:Helvetica,Arial,sans-serif"></span></small><small style="font-family:Helvetica,Arial,sans-serif;font-weight:bold">Coen
Schalkwijk</small><br>
<small style="font-family:Helvetica,Arial,sans-serif"><small style="font-style:italic">Software Engineer</small></small></td>
</tr>
<tr>
<td><br>
</td>
<td><small><small style="font-family:Helvetica,Arial,sans-serif"><a href="mailto:coen.schalkwijk@rtl.nl" target="_blank">coen.schalkwijk@rtl.nl</a></small></small></td>
</tr>
<tr>
<td><br>
</td>
<td><small><small style="font-family:Helvetica,Arial,sans-serif"><a href="mailto:coen@rtlinteractief.nl" target="_blank">coen@rtlinteractief.nl</a></small></small></td>
</tr>
<tr>
<td><br>
</td>
<td><small><small style="font-family:Helvetica,Arial,sans-serif">+31
(0)35
671 8915</small></small></td>
</tr>
</tbody>
</table>
<br>
</div>
</div>
<br>_______________________________________________<br>
general mailing list<br>
<a href="mailto:general@openid.net">general@openid.net</a><br>
<a href="http://openid.net/mailman/listinfo/general" target="_blank">http://openid.net/mailman/listinfo/general</a><br>
<br></blockquote></p>