Jump to content

How to get binary result from HMAC-SHA256 user defined function?


Go to solution Solved by jchd,

Recommended Posts

Original link:Hash HMAC - AutoIt Example Scripts - AutoIt Forums (autoitscript.com)

original codes:

Local $sSecret = "SecretKey"
Local $sMessage = "AutoIt Rocks!!!"


ConsoleWrite("HMAC-SHA256: " & @TAB & @TAB & _HashHMAC("SHA512", $sMessage, $sSecret) & @CRLF)
ConsoleWrite("HMAC-SHA256: " & @TAB & @TAB & _HashHMAC("SHA256", $sMessage, $sSecret) & @CRLF)
ConsoleWrite("HMAC-SHA1: " & @TAB & @TAB & _HashHMAC("SHA1", $sMessage, $sSecret) & @CRLF)
ConsoleWrite("HMAC-SHA384: " & @TAB & @TAB & _HashHMAC("SHA384", $sMessage, $sSecret) & @CRLF)
ConsoleWrite("HMAC-MD5: " & @TAB & @TAB & _HashHMAC("MD5", $sMessage, $sSecret) & @CRLF)
ConsoleWrite("HMAC-RIPEMD160: " & @TAB &  _HashHMAC("RIPEMD160", $sMessage, $sSecret) & @CRLF)

Func _HashHMAC($sAlgorithm, $bData, $bKey, $bRaw_Output = False)
    Local $oHashHMACErrorHandler = ObjEvent("AutoIt.Error", "_HashHMACErrorHandler")
    Local $oHMAC = ObjCreate("System.Security.Cryptography.HMAC" & $sAlgorithm)
    If @error Then SetError(1, 0, "")
    $oHMAC.key = Binary($bKey)
    Local $bHash = $oHMAC.ComputeHash_2(Binary($bData))
    Return SetError(0, 0, $bRaw_Output ? $bHash : StringLower(StringMid($bHash, 3)))
EndFunc   ;==>_HashHMAC


Func _HashHMACErrorHandler($oError)
    ;Dummy Error Handler
EndFunc   ;==>_HashHMACErrorHandler

The result matches python hexdigest(), How to modify above codes to match python digest()?

tks in advance.

Link to post
Share on other sites
  • Solution

Does this work for you?

Global $HMAC_RAWFORM = 0, $HMAC_HEXFORM = 1, $HMAC_PYFORM = 2

Local $sSecret = "SecretKey"
Local $sMessage = "AutoIt Rocks!!!"


ConsoleWrite(@LF & "Python hexdigest form:" & @LF)
ConsoleWrite("HMAC-SHA512: " & @TAB & @TAB & _HashHMAC("SHA512", $sMessage, $sSecret) & @CRLF)
ConsoleWrite("HMAC-SHA384: " & @TAB & @TAB & _HashHMAC("SHA384", $sMessage, $sSecret) & @CRLF)
ConsoleWrite("HMAC-SHA256: " & @TAB & @TAB & _HashHMAC("SHA256", $sMessage, $sSecret) & @CRLF)
ConsoleWrite("HMAC-RIPEMD160: " & @TAB &  _HashHMAC("RIPEMD160", $sMessage, $sSecret) & @CRLF)
ConsoleWrite("HMAC-SHA1: " & @TAB & @TAB & _HashHMAC("SHA1", $sMessage, $sSecret) & @CRLF)
ConsoleWrite("HMAC-MD5: " & @TAB & @TAB & _HashHMAC("MD5", $sMessage, $sSecret) & @CRLF)
ConsoleWrite(@LF & "Python digest form:" & @LF)
ConsoleWrite("HMAC-SHA512: " & @TAB & @TAB & _HashHMAC("SHA512", $sMessage, $sSecret, $HMAC_PYFORM) & @CRLF)
ConsoleWrite("HMAC-SHA384: " & @TAB & @TAB & _HashHMAC("SHA384", $sMessage, $sSecret, $HMAC_PYFORM) & @CRLF)
ConsoleWrite("HMAC-SHA256: " & @TAB & @TAB & _HashHMAC("SHA256", $sMessage, $sSecret, $HMAC_PYFORM) & @CRLF)
ConsoleWrite("HMAC-RIPEMD160: " & @TAB &  _HashHMAC("RIPEMD160", $sMessage, $sSecret, $HMAC_PYFORM) & @CRLF)
ConsoleWrite("HMAC-SHA1: " & @TAB & @TAB & _HashHMAC("SHA1", $sMessage, $sSecret, $HMAC_PYFORM) & @CRLF)
ConsoleWrite("HMAC-MD5: " & @TAB & @TAB & _HashHMAC("MD5", $sMessage, $sSecret, $HMAC_PYFORM) & @CRLF)

Func _HashHMAC($sAlgorithm, $bData, $bKey, $iOutputForm = $HMAC_HEXFORM)
    Local $oHashHMACErrorHandler = ObjEvent("AutoIt.Error", "_HashHMACErrorHandler")
    Local $oHMAC = ObjCreate("System.Security.Cryptography.HMAC" & $sAlgorithm)
    If @error Then SetError(1, 0, "")
    $oHMAC.key = Binary($bKey)
    Local $bHash = $oHMAC.ComputeHash_2(Binary($bData))
    Local $sHex = StringLower(StringMid($bHash, 3))
    Switch $iOutputForm
        Case $HMAC_RAWFORM
            Return $bHash
        Case $HMAC_HEXFORM
            Return $sHex
        Case $HMAC_PYFORM
            Local $c, $sPy
            For $i = 1 To BinaryLen($bHash)
                $c = BinaryMid($bHash, $i, 1)
                If $c < 0x20 Or $c > 0x7E Then
                    $sPy &= "\x" & StringLower(Hex($c, 2))
                Else
                    $sPy &= ($c = 0x5C ? "\\" : Chr($c))
                EndIf
            Next
            Return $sPy
        Case Else
            Return SetError(2)
    EndSwitch
EndFunc   ;==>_HashHMAC


Func _HashHMACErrorHandler($oError)
    ;Dummy Error Handler
EndFunc   ;==>_HashHMACErrorHandler

 

Edited by jchd
Forgot to escape the backslash (ooops!)

This wonderful site allows debugging and testing regular expressions (many flavors available). An absolute must have in your bookmarks.
Another excellent RegExp tutorial. Don't forget downloading your copy of up-to-date pcretest.exe and pcregrep.exe here
RegExp tutorial: enough to get started
PCRE v8.33 regexp documentation latest available release and currently implemented in AutoIt beta.

SQLitespeed is another feature-rich premier SQLite manager (includes import/export). Well worth a try.
SQLite Expert (freeware Personal Edition or payware Pro version) is a very useful SQLite database manager.
An excellent eBook covering almost every aspect of SQLite3: a must-read for anyone doing serious work.
SQL tutorial (covers "generic" SQL, but most of it applies to SQLite as well)
A work-in-progress SQLite3 tutorial. Don't miss other LxyzTHW pages!
SQLite official website with full documentation (may be newer than the SQLite library that comes standard with AutoIt)

Link to post
Share on other sites

Thank  you so much for quick response.

There are  a little differences between the two results :

Varibles:

Local $sSecret = "TC3Gu5t9xGARNpq86cd98joQYCN3*******"
Local $sMessage = "2019-02-25"

Results:

au3srcriptforum     \xf1\xcbMQ\x8a\x0e\xda\x9d\\xbb\xfd\xb7\x85\x09\x83\xf1\xe6\x03\xee\xaeHN\xde\xa7nM\xd8\xd8\xde\xb5Un
python                      \xf1\xcbMQ\x8a\x0e\xda\x9d\\\xbb\xfd\xb7\x85\t\x83\xf1\xe6\x03\xee\xaeHN\xde\xa7nM\xd8\xd8\xde\xb5Un

 

 

Link to post
Share on other sites

second round:

\xf1\xcbMQ\x8a\x0e\xda\x9d\\\xbb\xfd\xb7\x85\x09\x83\xf1\xe6\x03\xee\xaeHN\xde\xa7nM\xd8\xd8\xde\xb5Un
\xf1\xcbMQ\x8a\x0e\xda\x9d\\\xbb\xfd\xb7\x85\t\x83\xf1\xe6\x03\xee\xaeHN\xde\xa7nM\xd8\xd8\xde\xb5Un

retested, difference " \t" vs "\x09"

Edited by oceanwind
Link to post
Share on other sites

I don't get it. Using your values:

Local $sSecret = "TC3Gu5t9xGARNpq86cd98joQYCN3*******"
Local $sMessage = "2019-02-25"

and the script above as is now (last edited), I get this:

Python hexdigest form:
HMAC-SHA512:        125753b86f4425fa4a35663ad918cd129c0aaa963062a6d84ede71493fc352cc3dd93db80668f2b2a539ebb58cf4abf055006ff084055c13c1b428ee61d07b7a
HMAC-SHA384:        0eff73645a835de1f78a44d9487f8cf61d7b13c0057ba1371c4b522a9db2afca0671165bfe74aff75be2d25cafc4d69b
HMAC-SHA256:        f1cb4d518a0eda9d5cbbfdb7850983f1e603eeae484edea76e4dd8d8deb5556e
HMAC-RIPEMD160:     dcd6396ea581b0c47a0769c57744503e20f336fa
HMAC-SHA1:      4e34c2586c2bff5e4501a7e5e87c599463ea090f
HMAC-MD5:       bd01e348b876a764cb026490b0b8ca6a

Python digest form:
HMAC-SHA512:        \x12WS\xb8oD%\xfaJ5f:\xd9\x18\xcd\x12\x9c\x0a\xaa\x960b\xa6\xd8N\xdeqI?\xc3R\xcc=\xd9=\xb8\x06h\xf2\xb2\xa59\xeb\xb5\x8c\xf4\xab\xf0U\x00o\xf0\x84\x05\\\x13\xc1\xb4(\xeea\xd0{z
HMAC-SHA384:        \x0e\xffsdZ\x83]\xe1\xf7\x8aD\xd9H\x7f\x8c\xf6\x1d{\x13\xc0\x05{\xa17\x1cKR*\x9d\xb2\xaf\xca\x06q\x16[\xfet\xaf\xf7[\xe2\xd2\\\xaf\xc4\xd6\x9b
HMAC-SHA256:        \xf1\xcbMQ\x8a\x0e\xda\x9d\\\xbb\xfd\xb7\x85\x09\x83\xf1\xe6\x03\xee\xaeHN\xde\xa7nM\xd8\xd8\xde\xb5Un
HMAC-RIPEMD160:     \xdc\xd69n\xa5\x81\xb0\xc4z\x07i\xc5wDP> \xf36\xfa
HMAC-SHA1:      N4\xc2Xl+\xff^E\x01\xa7\xe5\xe8|Y\x94c\xea\x09\x0f
HMAC-MD5:       \xbd\x01\xe3H\xb8v\xa7d\xcb\x02d\x90\xb0\xb8\xcaj

 

This wonderful site allows debugging and testing regular expressions (many flavors available). An absolute must have in your bookmarks.
Another excellent RegExp tutorial. Don't forget downloading your copy of up-to-date pcretest.exe and pcregrep.exe here
RegExp tutorial: enough to get started
PCRE v8.33 regexp documentation latest available release and currently implemented in AutoIt beta.

SQLitespeed is another feature-rich premier SQLite manager (includes import/export). Well worth a try.
SQLite Expert (freeware Personal Edition or payware Pro version) is a very useful SQLite database manager.
An excellent eBook covering almost every aspect of SQLite3: a must-read for anyone doing serious work.
SQL tutorial (covers "generic" SQL, but most of it applies to SQLite as well)
A work-in-progress SQLite3 tutorial. Don't miss other LxyzTHW pages!
SQLite official website with full documentation (may be newer than the SQLite library that comes standard with AutoIt)

Link to post
Share on other sites

SHA256 - results:
au3srcriptforum     \xf1\xcbMQ\x8a\x0e\xda\x9d\\\xbb\xfd\xb7\x85\x09\x83\xf1\xe6\x03\xee\xaeHN\xde\xa7nM\xd8\xd8\xde\xb5Un
python                  \xf1\xcbMQ\x8a\x0e\xda\x9d\\\xbb\xfd\xb7\x85\t\x83\xf1\xe6\x03\xee\xaeHN\xde\xa7nM\xd8\xd8\xde\xb5Un

difference show:
au3srcriptforum     \xf1\xcbMQ\x8a\x0e\xda\x9d\\\xbb\xfd\xb7\x85\x09\x83\xf1\xe6\x03\xee\xaeHN\xde\xa7nM\xd8\xd8\xde\xb5Un
python                  \xf1\xcbMQ\x8a\x0e\xda\x9d\\\xbb\xfd\xb7\x85\t- {difference here}- \x83\xf1\xe6\x03\xee\xaeHN\xde\xa7nM\xd8\xd8\xde\xb5Un

Link to post
Share on other sites

they are actually same. but python print it as tab char 0x09=Horzontal tab.

You can use binascii.hexlify to see it as a hex string so you can compare it easily.

 

Saludos

Link to post
Share on other sites

Maybe this depends on some setting or Python version. The version I used to test doesn't output C-style escapes for control characters, but yours seem to do just that. In your last example, TAB (ASCII 0x09) can be output as \x09 or \t (C-style escape). Of course the result is 100% equivalent.

Here's a version featuring C-style escape sequences:

Local $sSecret = "TC3Gu5t9xGARNpq86cd98joQYCN3*******"
Local $sMessage = "2019-02-25"


ConsoleWrite(@LF & "Python hexdigest form:" & @LF)
ConsoleWrite("HMAC-SHA512: " & @TAB & @TAB & _HashHMAC("SHA512", $sMessage, $sSecret) & @CRLF)
ConsoleWrite("HMAC-SHA384: " & @TAB & @TAB & _HashHMAC("SHA384", $sMessage, $sSecret) & @CRLF)
ConsoleWrite("HMAC-SHA256: " & @TAB & @TAB & _HashHMAC("SHA256", $sMessage, $sSecret) & @CRLF)
ConsoleWrite("HMAC-RIPEMD160: " & @TAB &  _HashHMAC("RIPEMD160", $sMessage, $sSecret) & @CRLF)
ConsoleWrite("HMAC-SHA1: " & @TAB & @TAB & _HashHMAC("SHA1", $sMessage, $sSecret) & @CRLF)
ConsoleWrite("HMAC-MD5: " & @TAB & @TAB & _HashHMAC("MD5", $sMessage, $sSecret) & @CRLF)
ConsoleWrite(@LF & "Python digest form:" & @LF)
ConsoleWrite("HMAC-SHA512: " & @TAB & @TAB & _HashHMAC("SHA512", $sMessage, $sSecret, $HMAC_PYFORM) & @CRLF)
ConsoleWrite("HMAC-SHA384: " & @TAB & @TAB & _HashHMAC("SHA384", $sMessage, $sSecret, $HMAC_PYFORM) & @CRLF)
ConsoleWrite("HMAC-SHA256: " & @TAB & @TAB & _HashHMAC("SHA256", $sMessage, $sSecret, $HMAC_PYFORM) & @CRLF)
ConsoleWrite("HMAC-RIPEMD160: " & @TAB &  _HashHMAC("RIPEMD160", $sMessage, $sSecret, $HMAC_PYFORM) & @CRLF)
ConsoleWrite("HMAC-SHA1: " & @TAB & @TAB & _HashHMAC("SHA1", $sMessage, $sSecret, $HMAC_PYFORM) & @CRLF)
ConsoleWrite("HMAC-MD5: " & @TAB & @TAB & _HashHMAC("MD5", $sMessage, $sSecret, $HMAC_PYFORM) & @CRLF)

Func _HashHMAC($sAlgorithm, $bData, $bKey, $iOutputForm = $HMAC_HEXFORM)
    Local $oHashHMACErrorHandler = ObjEvent("AutoIt.Error", "_HashHMACErrorHandler")
    Local $oHMAC = ObjCreate("System.Security.Cryptography.HMAC" & $sAlgorithm)
    If @error Then SetError(1, 0, "")
    $oHMAC.key = Binary($bKey)
    Local $bHash = $oHMAC.ComputeHash_2(Binary($bData))
    Local $sHex = StringLower(StringMid($bHash, 3))
    Switch $iOutputForm
        Case $HMAC_RAWFORM
            Return $bHash
        Case $HMAC_HEXFORM
            Return $sHex
        Case $HMAC_PYFORM
            Local $c, $sPy
            For $i = 1 To BinaryLen($bHash)
                $c = BinaryMid($bHash, $i, 1)
                Switch $c
                    Case 0x00 To 0x06, 0x0E To 0x1F, 0x7F To 0xFF
                        $sPy &= "\x" & StringLower(Hex($c, 2))
                    Case 0x07           ; BELL
                        $sPy &= "\a"
                    Case 0x08           ; BS
                        $sPy &= "\b"
                    Case 0x09           ; HTAB
                        $sPy &= "\t"
                    Case 0x0A           ; LF
                        $sPy &= "\n"
                    Case 0x0B           ; VTAB
                        $sPy &= "\v"
                    Case 0x0C           ; FF
                        $sPy &= "\f"
                    Case 0x0D           ; CR
                        $sPy &= "\r"
                    Case 0x22
                        $sPy &= '\"'    ; escaping single quote may not be required
                    Case 0x27
                        $sPy &= "\'"    ; escaping double quote may not be required
                    Case 0x5C
                        $sPy &= "\\"
                    Case Else
                        $sPy &= Chr($c)
                EndSwitch
            Next
            Return $sPy
        Case Else
            Return SetError(2)
    EndSwitch
EndFunc   ;==>_HashHMAC


Func _HashHMACErrorHandler($oError)
    ;Dummy Error Handler
EndFunc   ;==>_HashHMACErrorHandler

 

This wonderful site allows debugging and testing regular expressions (many flavors available). An absolute must have in your bookmarks.
Another excellent RegExp tutorial. Don't forget downloading your copy of up-to-date pcretest.exe and pcregrep.exe here
RegExp tutorial: enough to get started
PCRE v8.33 regexp documentation latest available release and currently implemented in AutoIt beta.

SQLitespeed is another feature-rich premier SQLite manager (includes import/export). Well worth a try.
SQLite Expert (freeware Personal Edition or payware Pro version) is a very useful SQLite database manager.
An excellent eBook covering almost every aspect of SQLite3: a must-read for anyone doing serious work.
SQL tutorial (covers "generic" SQL, but most of it applies to SQLite as well)
A work-in-progress SQLite3 tutorial. Don't miss other LxyzTHW pages!
SQLite official website with full documentation (may be newer than the SQLite library that comes standard with AutoIt)

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...