Jump to content

Search the Community

Showing results for tags 'hmac'.



More search options

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • General
    • Announcements and Site News
    • Administration
  • AutoIt v3
    • AutoIt Help and Support
    • AutoIt Technical Discussion
    • AutoIt Example Scripts
  • Scripting and Development
    • Developer General Discussion
    • Language Specific Discussion
  • IT Administration
    • Operating System Deployment
    • Windows Client
    • Windows Server
    • Office

Categories

  • AutoIt Team
    • Beta
    • MVP
  • AutoIt
    • Automation
    • Databases and web connections
    • Data compression
    • Encryption and hash
    • Games
    • GUI Additions
    • Hardware
    • Information gathering
    • Internet protocol suite
    • Maths
    • Media
    • PDF
    • Security
    • Social Media and other Website API
    • Windows
  • Scripting and Development
  • IT Administration
    • Operating System Deployment
    • Windows Client
    • Windows Server
    • Office

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


Location


WWW


Interests

Found 3 results

  1. Hello guys. Here is a small function to create a hash hmac similar to hash_hmac PHP function. Supported are: SHA512,SHA256,SHA1,SHA384,MD5 and RIPEMD160. Local $sSecret = "SecretKey" Local $sMessage = "AutoIt Rocks!!!" ConsoleWrite("HMAC-SHA256: " & @TAB & @TAB & _HashHMAC("SHA512", $sMessage, $sSecret) & @CRLF) ConsoleWrite("HMAC-SHA256: " & @TAB & @TAB & _HashHMAC("SHA256", $sMessage, $sSecret) & @CRLF) ConsoleWrite("HMAC-SHA1: " & @TAB & @TAB & _HashHMAC("SHA1", $sMessage, $sSecret) & @CRLF) ConsoleWrite("HMAC-SHA384: " & @TAB & @TAB & _HashHMAC("SHA384", $sMessage, $sSecret) & @CRLF) ConsoleWrite("HMAC-MD5: " & @TAB & @TAB & _HashHMAC("MD5", $sMessage, $sSecret) & @CRLF) ConsoleWrite("HMAC-RIPEMD160: " & @TAB & _HashHMAC("RIPEMD160", $sMessage, $sSecret) & @CRLF) Func _HashHMAC($sAlgorithm, $bData, $bKey, $bRaw_Output = False) Local $oHashHMACErrorHandler = ObjEvent("AutoIt.Error", "_HashHMACErrorHandler") Local $oHMAC = ObjCreate("System.Security.Cryptography.HMAC" & $sAlgorithm) If @error Then SetError(1, 0, "") $oHMAC.key = Binary($bKey) Local $bHash = $oHMAC.ComputeHash_2(Binary($bData)) Return SetError(0, 0, $bRaw_Output ? $bHash : StringLower(StringMid($bHash, 3))) EndFunc ;==>_HashHMAC Func _HashHMACErrorHandler($oError) ;Dummy Error Handler EndFunc ;==>_HashHMACErrorHandler It requires .NET Framework 2.0 or higher. Saludos
  2. Hello, I have been struggling with this for nearly 20 hours, and I just cannot seem to figure out the formatting for the header request. To test this, you will need to use this api key I set up for your testing purposes. (note, I sent tracexx a direct message about this as I didn't realize I could limit API restrictions until just now, so I am now hoping on of you may have the answer on hand) I need to be able to GET balance and POST orders. Right now, I can't get past the 401/403 errors on my own. I believe the Content is formatted for JSON, but using the JSON format didn't work for me ( although that may be because I'm an idiot and formatted something wrong). I want to get: GET balance page POST delete order page Here is a temporary API key + Secret API key with only the "View Balance Page" and "Delete Order" functions enabled: Access-key: tq6GeUrEvfxyF-LG Secret Access-Key: cZlz75K1wb8-Ed67pRaXvUWTPW6RTH9q Here is the site's API guide (I followed this closely and doubt the error is there): https://coincheck.com/documents/exchange/api#libraries And here is running source code (needs those keys inputted) which will hash the above keys to the required HMAC SHA256: #include <Crypt.au3> #include<WinHttp.au3> Global Const $CALG_SHA_256 = 0x0000800c ;; ===== $api = "/api/accounts/balance" $accessNonCE = _TimeGetStamp() $url = "https://coincheck.com/api/accounts/balance" $body = "" WinHTTP($url, $body) Func WinHTTP($sUrl, $sBody) Local $hOpen = _WinHttpOpen() Local $hConnect = _WinHttpConnect($hOpen, "https://coincheck.com/api/accounts/balance") ; Specify the reguest: ;Local $hRequest = _WinHttpOpenRequest($hConnect, Default, $sApi) $accessKey = "" ;; Add the key from above $secretKey = "" ;; Add the secret key from above $message = $accessNonCE & $sUrl $BinarySignature = HMAC($secretKey, $message) $signature = _Base64Encode($BinarySignature) ;Encode signature Local $hRequest = _WinHttpOpenRequest($hConnect, "GET") _WinHttpAddRequestHeaders($hRequest, 'ACCESS-KEY: '&$accessKey) _WinHttpAddRequestHeaders($hRequest, 'ACCESS-NONCE: '&$accessNonCE) _WinHttpAddRequestHeaders($hRequest, 'ACCESS-SIGNATURE: '&$signature) ; Send request _WinHttpSendRequest($hRequest) ; Wait for the response _WinHttpReceiveResponse($hRequest) Local $sHeader = _WinHttpQueryHeaders($hRequest) ; ...get full header Local $sData = _WinHttpReadData($hRequest) ; Clean _WinHttpCloseHandle($hRequest) _WinHttpCloseHandle($hConnect) _WinHttpCloseHandle($hOpen) ; Display retrieved data MsgBox(0, "Data", $sData) EndFunc Func sha256($message) Return _Crypt_HashData($message, $CALG_SHA_256) EndFunc Func HMAC($key, $message, $hash="sha256") Local $blocksize = 64 Local $a_opad[$blocksize], $a_ipad[$blocksize] Local Const $oconst = 0x5C, $iconst = 0x36 Local $opad = Binary(''), $ipad = Binary('') $key = Binary($key) If BinaryLen($key) > $blocksize Then $key = Call($hash, $key) For $i = 1 To BinaryLen($key) $a_ipad[$i-1] = Number(BinaryMid($key, $i, 1)) $a_opad[$i-1] = Number(BinaryMid($key, $i, 1)) Next For $i = 0 To $blocksize - 1 $a_opad[$i] = BitXOR($a_opad[$i], $oconst) $a_ipad[$i] = BitXOR($a_ipad[$i], $iconst) Next For $i = 0 To $blocksize - 1 $ipad &= Binary('0x' & Hex($a_ipad[$i],2)) $opad &= Binary('0x' & Hex($a_opad[$i],2)) Next Return Call($hash, $opad & Call($hash, $ipad & Binary($message))) EndFunc Func _TimeGetStamp() Local $av_Time $av_Time = DllCall('CrtDll.dll', 'long:cdecl', 'time', 'ptr', 0) If @error Then SetError(99) Return False EndIf Return $av_Time[0] EndFunc Func _Base64Encode($input) $input = Binary($input) Local $struct = DllStructCreate("byte[" & BinaryLen($input) & "]") DllStructSetData($struct, 1, $input) Local $strc = DllStructCreate("int") Local $a_Call = DllCall("Crypt32.dll", "int", "CryptBinaryToString", _ "ptr", DllStructGetPtr($struct), _ "int", DllStructGetSize($struct), _ "int", 1, _ "ptr", 0, _ "ptr", DllStructGetPtr($strc)) If @error Or Not $a_Call[0] Then Return SetError(1, 0, "") ; error calculating the length of the buffer needed EndIf Local $a = DllStructCreate("char[" & DllStructGetData($strc, 1) & "]") $a_Call = DllCall("Crypt32.dll", "int", "CryptBinaryToString", _ "ptr", DllStructGetPtr($struct), _ "int", DllStructGetSize($struct), _ "int", 1, _ "ptr", DllStructGetPtr($a), _ "ptr", DllStructGetPtr($strc)) If @error Or Not $a_Call[0] Then Return SetError(2, 0, ""); error encoding EndIf Return DllStructGetData($a, 1) EndFunc ;==>_Base64Encode
  3. Hi all, I need to generate an HMAC hash using SHA512 according to a certain API's specs and the only HMAC example I've seen () does not work as I need it do, even adapting it from a 64-bit blocksize to 512 and adding Ward's_SHA512 UDF. I've tried the following: Func _HashHMAC512($key, $message) $key = _StringRepeat("0", 512 - StringLen($key)) & $key ; keys shorter than blocksize are zero-padded ('?' is concatenation) $o_key_pad = BitXOR(0x5c * 512, $key) ; Where blocksize is that of the underlying hash function $i_key_pad = BitXOR(0x36 * 512, $key) ; Where ? is exclusive or (XOR) Return _SHA512($o_key_pad & _SHA512($i_key_pad & $message)) EndFunc But, of course, it doesn't work (I suspect I'm doing something very blatantly wrong, but as I lack fundamental understanding about binary and hex number formats I can't see what's the issue right off the top of my head.) Note: in my case $key will always by 68 characters long so it will always prepend the leading zeroes. As a litmus test, I need to hash the message 1239348906120181 with the key ba63a816f030cefeea4803cd593569ce23f3815d0cc8c56d9194df6226dca2f0f48239698bc68991cfac387449b07b0f722f6f3df761dbc1fe8894dd65ff00b2 and receive 2610740031eeab61bbe6cd3f08daa6186ff0d59f5ec045dbb0e194fea8998b4f3d1da9aae0f718f8c126d6418302e081d68a82f0576eb266b68f26dc3459b62f as the output. I've been working on this for the past 4-odd hours now, to no avail. I really, really don't want to have to restart my project in python or php or somesuch... or, for that matter, write the hash function in js, python, or php and somehow bootleg that single function's results into my au3 project. I would greatly appreciate any help from ye wise ents, even if it's just a nudge in the right direction.
×
×
  • Create New...