Cryptonite - SHA256 Hashing with a Key

[debraballenger]

I need to encrypt a string with SHA256 and a secret in my NTWS to authenticate to another service.  But I cannot get the outputting string to match the examples.  What am I doing wrong (example app attached)?

Code: [Select]

inData = '1234.1234:private-foobar'
Password='7ad3773142a6692b25b8'

outData = Clip(inData)
dataLen = Len(Clip(outData))    

Crypto.EncryptString(outdata,datalen,clip(Password),cs:PROV_RSA_AES,cs:MS_ENH_RSA_AES_PROV,cs:CALG_SHA_256)
st.SetValue(outdata)
st.Base64Encode()
outData =st.GetValue()
Returns

3j9D1rZzk0RZX8puFOjYWggrakrDN2c+ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAg
ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAg
ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAg
ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAg
ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAg
ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAg
ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAg
ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAg
ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAg
ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAg
ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAg
ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAg
ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAg
ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAg
ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAg
ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAg
ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAg
ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAg
ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAg
ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAg
ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAg
ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAg
ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAg
ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAg
ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAg
ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAg
ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAg
ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAg
ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAg
ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAg
ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAg
ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAg
ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAg
ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAg
ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAg
ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAg
ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAg
ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAg
ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAg
ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAg
ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAg
ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAg
ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAg
ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAg
ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAg
ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAg
ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAg
ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAg
ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAg
ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAg
ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAg
ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAg
ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAg

but I am expecting it to return

58df8b0c36d6982b82c3ecf6b4662e34fe8c25bba48f5369f135bf843651c3a4

Just for context, I am connecting to the service outlined at http://pusher.com/docs/auth_signatures
to use the Pusher service for notifications.

Suppose that you have the following Pusher credentials

key = '278d425bdf160c739803'
secret = '7ad3773142a6692b25b8'

And the user has connected and Pusher has assigned that user with a socket_id with the value 1234.1234.

Given that your application receives a POST request to /pusher/auth with the parameters

channel_name=private-foobar&socket_id=1234.1234

You would first check that the user (authenticated via cookies or whatever) has permission to access channel private-foobar. If she has permission you would create a HMAC SHA256 hex digest of the following string using your secret key

1234.1234:private-foobar

Using Ruby as an example

require "openssl"

digest = OpenSSL::Digest::SHA256.new
secret = "7ad3773142a6692b25b8"
string_to_sign = "1234.1234:private-foobar"

puts signature = OpenSSL::HMAC.hexdigest(digest, secret, string_to_sign)
# => 58df8b0c36d6982b82c3ecf6b4662e34fe8c25bba48f5369f135bf843651c3a4

[attachment deleted by admin]

[kevin plummer]

You may have more luck using openssl. I tried using cryptonite about 10 months ago to do a similar thing and gave up. Maybe it was me (probably) but I used openssl in the end to do what I wanted.

[Bruce]

Hi Debra,

ok, good news, and bad news.

First a bit of background - what you're wanting here (ultimately) is an HMAC, which is a form of "Hash". Thus you're not encrypting the string, you're hashing it, so you don't want to use EncryptString here, you want to use MakeHash. Since an HMAC is a special form of MakeHash I've added a new method to Cryptonite called MakeHMAC.

The good news is that this should make generating an HMAC easier. It generates the example hmac results, as detailed here;
http://en.wikipedia.org/wiki/Hash-based_message_authentication_code

The bad news is that no matter what I do, I can't seem to find the right form to get the example that Pusher is documenting. I get HMACS for their data, but my output doesn't match the output they have.

 

[Bruce]

update -
I created a small text file (p1.txt) containing
1234.1234:private-foobar

I then ran the following OpenSSL command (from the command line)
openssl dgst -sha256 -hmac "7ad3773142a6692b25b8" -out s3.txt p1.txt

The output (in s3.txt) is
HMAC-SHA256(p1.txt)= 58df8b0c36d6982b82c3ecf6b4662e34fe8c25bba48f5369f135bf843651c3a4

This is consistent with the output from the new MakeHMAC function in Cryptonite.

It's not consistent though with the doc at http://pusher.com/docs/auth_signatures
Which means either I'm missing something, or maybe their page is just wrong. Perhaps contact Pusher, and ask them if they have a OpenSSL command line which generates the same answer as them? I'm guessing that will hint to us where I'm misinterpreting their doc.

Oh, and grab Cryptonite 1.59 when it's up (soon.)

Cheers
Bruce

[debraballenger]

As always, Thanks Guys!   

[debraballenger]

Hi Bruce.

Is this the correct usage?  outData = Clip(inData)

Code: [Select]

dataLen = Len(Clip(outData))         ! Text data, so we are clipping it. For binary data it would not be clipped
st.SetValue(outdata)
Crypto.MakeHMAC(st,clip(password),cs:CALG_SHA_256)

outData =st.GetValue()
Also is it a correct assumption that this is hex, so I need to follow it up with a

Code: [Select]

st.Base64Encode()

[Bruce]

Hi Debra,
>> Is this the correct usage? 
outData = Clip(inData)

No, because now OutData is still space padded on the right. You then call st.SetValue, which is placing the unclipped OutData into the StringTheory object. You want to get the _clipped_ string into the StringTheory object.

dataLen = Len(Clip(outData)) ! Text data, so we are clipping it. For binary data it would not be clipped
st.SetValue(outdata,st:clip)
Crypto.MakeHMAC(st,clip(password),cs:CALG_SHA_256)
outData =st.GetValue()


>> Also is it a correct assumption that this is hex, so I need to follow it up with a
st.Base64Encode()

No, the Base64 encode function encodes using the Base64 alphabet. That's not the same as the Hex alphabet. The correct method to call yould be st.ToHex, but this is unnecessary because the 4th parameter of MakeHMAC (which defaults to true) will automatically make that call for you. So the result of the call to MakeHMAC as detailed above will return the value already as a "hex encoded string".

Cheers
Bruce