IMPLEMENTOR WARNING: Non-compliant HMAC implementations

Taral taralx at
Wed Jul 6 13:21:39 PDT 2005

On 7/6/05, Taral <taralx at> wrote:
> Someone recently pointed out that my library doesn't appear to work
> with the OpenID demo. I traced this down to a failure of
> Net::OpenID::Consumer to pad HMAC keys out to 64 bytes as specified
> with RFC 2104.

Okay, someone pointed out that I misread the operation of the ^.
Regardless, people should carefully check their HMAC for padding
errors. :)

Taral <taralx at>

More information about the yadis mailing list