Jump to content

Need some help encrypting a String in autoit

Go to solution Solved by TheXman,

Recommended Posts

Hi all.

For an Api call, I need a "secret_key" which is a  HMAC using SHA-256 as the cryptographic hash function String.

I have got an example python script, the output of it would be correct, and the api endpint would accept the generated String .

#Py Code
import hmac
import hashlib

# data (which in reality comes from an INI file)
_method = "TestData1"
_uri ="TestData2"
_body =""

def sign_request(method, uri, body, timestamp, secret_key):
    plain_text = "\n".join([method, uri, body, str(timestamp)])
    digest_maker = hmac.new(secret_key.encode(), None, hashlib.sha256)
    print (digest_maker.hexdigest())

sign_request(_method,_uri, _body, _timestamp, _secret_key)

The output of this code would be : 8d492cf6382fdc4911708be1e2a649d821e7e5ff83b8b3071a46601480770bb9

However since I don't want to run a CMD window to start the Python script ( Comspec , shellexecute, run, does not really work. somehow the python script would Start but not be able to read the Data I left in an INI file , does not matter if starting the .py script or .exe compiled)
And I don't want the user to get confused seeing 20 powershell/ Cmd windows,

So i wrote it in Autoit, and came up with this:

#include <Constants.au3>
#include <Crypt.au3>

sign_request("TestData1", "TestData2", "", "TestData3", "TestData4")

Func sign_request($method, $uri, $body, $timestamp, $secret_key)
    Local $plain_text = $method & @lf & $uri & @lf & $body & @lf & $timestamp& @lf & $secret_key
    Local $digest_maker = _Crypt_HashData($plain_text, $CALG_SHA_256, $secret_key)
    ConsoleWrite($digest_maker & @CRLF)

but the output of the autoit script is : 3708995A8B8DD39ED1C4B104A0BC2ADE7A8E914F70B2641898AEA39B885B47A7
and not: 8d492cf6382fdc4911708be1e2a649d821e7e5ff83b8b3071a46601480770bb9

I tried changing @lf to @crlf and i am always getting a diffrent outputs, but never the one i need.

Maybe someone with more Python and Autoit skills can see or find the mistake I have made in translating the code to Autoit.
I have also left a Screenshoot from the Api Documentation where they talk about the "secret_key".

Thanks for every help / Input in advance.


Link to comment
Share on other sites

  • Solution

I see at least 2 issues with your translation:

  1. According to the documentation, $secretkey should not be a part of $plaintext.  It is used for the HMAC hash.
  2. Your _Crypt_HashData() is doing a SHA_256 hash NOT an HMAC SHA256 hash.  I'm not sure if the Crypt UDF, as it currently stands, even has the ability to do HMAC hashing.  The _Crypt_HashData() function certainly does not.  The CryptoNG UDF, namely _CryptoNG_HashData(), has that capability.  (See example below)
#AutoIt3Wrapper_AU3Check_Parameters=-w 3 -w 4 -w 5 -w 6 -d

#include <Constants.au3>
#include <cryptong\cryptong.au3>

Global $gxSig = ""

$gxSig = sign_request_example( _
             "TestData1", _
             "TestData2", _
             "", _
             "TestData3", _
             "TestData4" _
If @error Then Exit MsgBox($MB_ICONERROR, "Error", $gxSig)
ConsoleWrite("Signature: " & $gxSig & @CRLF)

Func sign_request_example($sMethod, $sURI, $sBody, $sTimeStamp, $sSecretKey)
    Local $sPlainText = ""
    Local $xSig       = Binary("")

    ;Create data to be hashed by joining fields using a line feed
    $sPlainText = StringFormat("%s\n%s\n%s\n%s", $sMethod, $sURI, $sBody, $sTimeStamp)

    ;Generate signature using HMAC SHA256
    $xSig = _CryptoNG_HashData($CNG_BCRYPT_SHA256_ALGORITHM, $sPlainText, True, $sSecretKey)
    If @error Then Return SetError(1, 0, _CryptoNG_LastErrorMessage())

    Return $xSig

Console output:

Signature: 0x8D492CF6382FDC4911708BE1E2A649D821E7E5FF83B8B3071A46601480770BB9



Edited by TheXman
Link to comment
Share on other sites

4 hours ago, Martin_Bauer said:

Oh I see now, never had to deal with encryption before.

For the record, you aren't dealing with encryption.  You are dealing with hashing.  Hashing and encryption are different. :)

4 hours ago, Martin_Bauer said:

I have tried out your script, and it works perfectly.  Thank you !

You're welcome! :)

Edited by TheXman
Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

  • Recently Browsing   0 members

    • No registered users viewing this page.
  • Create New...