Документация , задающая поле Message-Authenticator, сбивает с толку:
5.14. Message-Authenticator
Earlier drafts of this memo used "Signature" as the name of this
attribute, but Message-Authenticator is more precise.
String
When present in an Access-Request packet, Message-Authenticator is
an HMAC-MD5 [9] checksum of the entire Access-Request packet,
including Type, ID, Length and authenticator, using the shared
secret as the key, as follows.
Message-Authenticator = HMAC-MD5 (Type, Identifier, Length,
Request Authenticator, Attributes)
When the checksum is calculated the signature string should be
considered to be sixteen octets of zero.
For Access-Challenge, Access-Accept, and Access-Reject packets,
the Message-Authenticator is calculated as follows, using the
Request-Authenticator from the Access-Request this packet is in
reply to:
Message-Authenticator = HMAC-MD5 (Type, Identifier, Length,
Request Authenticator, Attributes)
When the checksum is calculated the signature string should be
considered to be sixteen octets of zero. The shared secret is
used as the key for the HMAC-MD5 hash. The is calculated and
inserted in the packet before the Response Authenticator is
calculated.
Цитата:
in an Access-Request packet, Message-Authenticator is
an HMAC-MD5 [9] checksum of the entire Access-Request packet,
including Type, ID, Length and authenticator, using the shared
secret as the key, as follows.
Message-Authenticator = HMAC-MD5 (Type, Identifier, Length,
Request Authenticator, Attributes)
Очевидно, что Message-Authenticator не может быть атрибутомв настоящее время, потому что он еще не был рассчитан.
When the checksum is calculated the signature string should be
considered to be sixteen octets of zero.
На что он ссылается, когда говорит «подпись»?Это говорит о том, чтобы добавить Message-Authenticator в атрибуты и установить его значение равным 16 нулям для вычисления Message-Authenticator, а затем заменить значение ???