HMAC SHA512 hash not yielding 'correct' values

[JoshDB]

Hi all, I need to generate an HMAC hash using SHA512 according to a certain API's specs and the only HMAC example I've seen () does not work as I need it do, even adapting it from a 64-bit blocksize to 512 and adding Ward's_SHA512 UDF.

I've tried the following:

Func _HashHMAC512($key, $message)
$key = _StringRepeat("0", 512 - StringLen($key)) & $key ; keys shorter than blocksize are zero-padded ('?' is concatenation)

$o_key_pad = BitXOR(0x5c * 512, $key) ; Where blocksize is that of the underlying hash function
$i_key_pad = BitXOR(0x36 * 512, $key) ; Where ? is exclusive or (XOR)

Return _SHA512($o_key_pad & _SHA512($i_key_pad & $message))
EndFunc

But, of course, it doesn't work (I suspect I'm doing something very blatantly wrong, but as I lack fundamental understanding about binary and hex number formats I can't see what's the issue right off the top of my head.)

Note: in my case $key will always by 68 characters long so it will always prepend the leading zeroes.

As a litmus test, I need to hash the message 1239348906120181 with the key ba63a816f030cefeea4803cd593569ce23f3815d0cc8c56d9194df6226dca2f0f48239698bc68991cfac387449b07b0f722f6f3df761dbc1fe8894dd65ff00b2 and receive 2610740031eeab61bbe6cd3f08daa6186ff0d59f5ec045dbb0e194fea8998b4f3d1da9aae0f718f8c126d6418302e081d68a82f0576eb266b68f26dc3459b62f as the output.

I've been working on this for the past 4-odd hours now, to no avail. I really, really don't want to have to restart my project in python or php or somesuch... or, for that matter, write the hash function in js, python, or php and somehow bootleg that single function's results into my au3 project. I would greatly appreciate any help from ye wise ents, even if it's just a nudge in the right direction.

[BrewManNH]

I believe that thread stated you needed to pad the string with Chr(0), not the number 0.

[JoshDB]

Ah, I've fiddled around along that train of thought and don't see any results, sorry. Maybe I'm doing it wrong, but then again that post also says to not to use Chr() but rather to stick with binary values. That's how the accepted solution does it, I just don't see why it's not working with the blocksize increased to 512 and the Call() replaced with straight _SHA512 calls.

e.g.

Func _HashHMAC512($key, $message)
    Local $blocksize = 512
    Local $a_opad[$blocksize], $a_ipad[$blocksize]
    Local Const $oconst = 0x5C, $iconst = 0x36
    Local $opad = Binary(''), $ipad = Binary('')
    $key = Binary($key)
    If BinaryLen($key) > $blocksize Then $key = _SHA512($key)
    For $i = 1 To BinaryLen($key)
        $a_ipad[$i-1] = Number(BinaryMid($key, $i, 1))
        $a_opad[$i-1] = Number(BinaryMid($key, $i, 1))
    Next
    For $i = 0 To $blocksize - 1
        $a_opad[$i] = BitXOR($a_opad[$i], $oconst)
        $a_ipad[$i] = BitXOR($a_ipad[$i], $iconst)
    Next
    For $i = 0 To $blocksize - 1
        $ipad &= Binary('0x' & Hex($a_ipad[$i],2))
        $opad &= Binary('0x' & Hex($a_opad[$i],2))
    Next
    Return _SHA512($$opad & _SHA512($$ipad & Binary($message)))
EndFunc

[BrewManNH]

What the thread said was to not use the character 0, which is not saying don't use Chr(0), it's saying don't use the number 0. Chr(0) IS the binary zero, 00000000 in binary, 0x00000000 in hex and Chr(0) are all equivalent.

[JoshDB]

I'm sorry, but your advice just isn't helping me. I don't understand what you're trying to get at, because I've tried padded with Chr(0) to no avail. Would I need to couple padding Chr(0)s with Binary($key), as well? Why didn't the accepted solution use this method or, indeed, pad at all? I haven't used AutoIt for an intensive task like this since about 2007, just lightweight automation, so am a bit rusty.

[Jazkal]

Did you ever figure this one out?

[jchd]

JoshDB,

Are you sure about your input (text data and hex key)? I ask because HashCalc doesn't give the result you expect either.