Martin_Bauer Posted March 11, 2023 Share Posted March 11, 2023 Hi all. For an Api call, I need a "secret_key" which is a HMAC using SHA-256 as the cryptographic hash function String. I have got an example python script, the output of it would be correct, and the api endpint would accept the generated String . #Py Code import hmac import hashlib # data (which in reality comes from an INI file) _method = "TestData1" _uri ="TestData2" _body ="" _timestamp="TestData3" _secret_key="TestData4" def sign_request(method, uri, body, timestamp, secret_key): plain_text = "\n".join([method, uri, body, str(timestamp)]) digest_maker = hmac.new(secret_key.encode(), None, hashlib.sha256) digest_maker.update(plain_text.encode()) print (digest_maker.hexdigest()) sign_request(_method,_uri, _body, _timestamp, _secret_key) The output of this code would be : 8d492cf6382fdc4911708be1e2a649d821e7e5ff83b8b3071a46601480770bb9 However since I don't want to run a CMD window to start the Python script ( Comspec , shellexecute, run, does not really work. somehow the python script would Start but not be able to read the Data I left in an INI file , does not matter if starting the .py script or .exe compiled) And I don't want the user to get confused seeing 20 powershell/ Cmd windows, So i wrote it in Autoit, and came up with this: #include <Constants.au3> #include <Crypt.au3> sign_request("TestData1", "TestData2", "", "TestData3", "TestData4") Func sign_request($method, $uri, $body, $timestamp, $secret_key) Local $plain_text = $method & @lf & $uri & @lf & $body & @lf & $timestamp& @lf & $secret_key Local $digest_maker = _Crypt_HashData($plain_text, $CALG_SHA_256, $secret_key) ConsoleWrite($digest_maker & @CRLF) EndFunc but the output of the autoit script is : 3708995A8B8DD39ED1C4B104A0BC2ADE7A8E914F70B2641898AEA39B885B47A7 and not: 8d492cf6382fdc4911708be1e2a649d821e7e5ff83b8b3071a46601480770bb9 I tried changing @lf to @crlf and i am always getting a diffrent outputs, but never the one i need. Maybe someone with more Python and Autoit skills can see or find the mistake I have made in translating the code to Autoit. I have also left a Screenshoot from the Api Documentation where they talk about the "secret_key". Thanks for every help / Input in advance. Link to comment Share on other sites More sharing options...
Solution TheXman Posted March 11, 2023 Solution Share Posted March 11, 2023 (edited) I see at least 2 issues with your translation: According to the documentation, $secretkey should not be a part of $plaintext. It is used for the HMAC hash. Your _Crypt_HashData() is doing a SHA_256 hash NOT an HMAC SHA256 hash. I'm not sure if the Crypt UDF, as it currently stands, even has the ability to do HMAC hashing. The _Crypt_HashData() function certainly does not. The CryptoNG UDF, namely _CryptoNG_HashData(), has that capability. (See example below) Spoiler #AutoIt3Wrapper_AU3Check_Parameters=-w 3 -w 4 -w 5 -w 6 -d #include <Constants.au3> #include <cryptong\cryptong.au3> Global $gxSig = "" $gxSig = sign_request_example( _ "TestData1", _ "TestData2", _ "", _ "TestData3", _ "TestData4" _ ) If @error Then Exit MsgBox($MB_ICONERROR, "Error", $gxSig) ConsoleWrite("Signature: " & $gxSig & @CRLF) Func sign_request_example($sMethod, $sURI, $sBody, $sTimeStamp, $sSecretKey) Local $sPlainText = "" Local $xSig = Binary("") ;Create data to be hashed by joining fields using a line feed $sPlainText = StringFormat("%s\n%s\n%s\n%s", $sMethod, $sURI, $sBody, $sTimeStamp) ;Generate signature using HMAC SHA256 $xSig = _CryptoNG_HashData($CNG_BCRYPT_SHA256_ALGORITHM, $sPlainText, True, $sSecretKey) If @error Then Return SetError(1, 0, _CryptoNG_LastErrorMessage()) Return $xSig EndFunc Console output: Signature: 0x8D492CF6382FDC4911708BE1E2A649D821E7E5FF83B8B3071A46601480770BB9 Edited March 11, 2023 by TheXman jugador and AutoBert 1 1 CryptoNG UDF: Cryptography API: Next Gen jq UDF: Powerful and Flexible JSON Processor | jqPlayground: An Interactive JSON Processor Xml2Json UDF: Transform XML to JSON | HttpApi UDF: HTTP Server API | Roku Remote: Example Script About Me How To Ask Good Questions On Technical And Scientific Forums (Detailed) | How to Ask Good Technical Questions (Brief) "Any fool can know. The point is to understand." -Albert Einstein "If you think you're a big fish, it's probably because you only swim in small ponds." ~TheXman Link to comment Share on other sites More sharing options...
Martin_Bauer Posted March 11, 2023 Author Share Posted March 11, 2023 Oh I see now, never had to deal with encryption before. I have tried out your script, and it works perfectly. Thank you ! Not having to do it with the python script saved me a lot of headache Link to comment Share on other sites More sharing options...
TheXman Posted March 11, 2023 Share Posted March 11, 2023 (edited) 4 hours ago, Martin_Bauer said: Oh I see now, never had to deal with encryption before. For the record, you aren't dealing with encryption. You are dealing with hashing. Hashing and encryption are different. 4 hours ago, Martin_Bauer said: I have tried out your script, and it works perfectly. Thank you ! You're welcome! Edited March 11, 2023 by TheXman Martin_Bauer 1 CryptoNG UDF: Cryptography API: Next Gen jq UDF: Powerful and Flexible JSON Processor | jqPlayground: An Interactive JSON Processor Xml2Json UDF: Transform XML to JSON | HttpApi UDF: HTTP Server API | Roku Remote: Example Script About Me How To Ask Good Questions On Technical And Scientific Forums (Detailed) | How to Ask Good Technical Questions (Brief) "Any fool can know. The point is to understand." -Albert Einstein "If you think you're a big fish, it's probably because you only swim in small ponds." ~TheXman Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now