473,218 Members | 1,809 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

Join Bytes to post your question to a community of 473,218 software developers and data experts.

using methods base64 module in conjunction with Crypto.Hash.SHA256

I am attempting to implement a process, and I'm pretty sure that a
major roadblock is that I do not understand the nomenclature. The
specs indicate that the goal is to calculate a message digest using an
SHA-256 algorithm. There are 2 examples included with the specs. The
label on the 2 examples are: 'HMAC samples'. In both examples, the
message on which the digest is to be calculated is (the 33 chars within
the quotes):

'This is a test of VISION services'

In the first example, the value labeled 'Shared key' is the 44
characters within the quotes:
'6lfg2JWdrIR4qkejML0e3YtN4XevHvqowDCDu6XQEFc='
and the value labeled 'Base64 Message Hash' is the 44 characters within
the quotes:
'KF7GkfXkgXFNOgeRud58Oqx2equmKACAwzqQHZnZx9A='

In the second example, the value labeled 'Shared key' is the 44
characters within the quotes:
'jcOv3OBKVNBT8Zk+ZFacrDYNsKlm3D8TGGJyXti//p4='
and the value labeled 'Base64 Message Hash' is the 44 characters within
the quotes:
'XhqneGN0x5I8JVvatXO9z0EBQRre3svFVc+q2lLE3Ik='

My interpretation of the first example is this: when you use an SHA-256
algorithm to calculate a message digest on the message 'This is a test
of VISION services' where the key is
'6lfg2JWdrIR4qkejML0e3YtN4XevHvqowDCDu6XQEFc=', the result should be:
'KF7GkfXkgXFNOgeRud58Oqx2equmKACAwzqQHZnZx9A=' .

Operating system: Win XP
Version of Python: 2.4 (with PyCrypto package installed)

Interactive window of Pythonwin displays how I thought one might
implement the process.
>>from Crypto.Hash import SHA256
import base64
digestStr = 'This is a test of VISION services'
from Crypto.Hash import HMAC
samp1Key = '6lfg2JWdrIR4qkejML0e3YtN4XevHvqowDCDu6XQEFc='
samp1CalcDigest = HMAC.new(samp1Key, digestStr, SHA256)
samp1Hash = base64.b64encode(samp1CalcDigest.digest())
samp1Hash
'35RYYwgt7Bp1Dj9onZiIkSz1PxgKM9UYXCgxlDdWGkA='
>>samp2Key = 'jcOv3OBKVNBT8Zk+ZFacrDYNsKlm3D8TGGJyXti//p4='
samp2CalcDigest = HMAC.new(samp2Key, digestStr, SHA256)
samp2Hash = base64.b64encode(samp2CalcDigest.digest())
samp2Hash
'RtmPKhflZ/BX3yrhl83pDsdCR5A2kwKP6dVnAyBl9tc='
>>>
I was hoping that samp1Hash and samp2Hash would be the same as the
values labled 'Base64 Message Has' in the examples...they are not the
same.

My questions are:
1) Given the terminology identified above, do you think my
interpreation of the first example is accurate? If not, what is a more
accurate interpretation?
2) If the interpretation of the first example is on target, do you see
anything above in the use of the SHA256, HMAC and base64
classes/methods that indicates that I did not correctly implement the
process?
Thank you.

Dec 20 '06 #1
1 4899

mi************@yahoo.com wrote:
I am attempting to implement a process, and I'm pretty sure that a
major roadblock is that I do not understand the nomenclature. The
specs indicate that the goal is to calculate a message digest using an
SHA-256 algorithm. There are 2 examples included with the specs. The
label on the 2 examples are: 'HMAC samples'. In both examples, the
message on which the digest is to be calculated is (the 33 chars within
the quotes):

'This is a test of VISION services'

In the first example, the value labeled 'Shared key' is the 44
characters within the quotes:
'6lfg2JWdrIR4qkejML0e3YtN4XevHvqowDCDu6XQEFc='
I doubt it. That is a base64 encoded value, not the value itself.

<>
My interpretation of the first example is this: when you use an SHA-256
algorithm to calculate a message digest on the message 'This is a test
of VISION services' where the key is
'6lfg2JWdrIR4qkejML0e3YtN4XevHvqowDCDu6XQEFc=',
This isn't the key, but the base64-encoded key.
the result should be:
'KF7GkfXkgXFNOgeRud58Oqx2equmKACAwzqQHZnZx9A=' .
This isn't the result, but the base64-encoded result.
2) If the interpretation of the first example is on target, do you see
anything above in the use of the SHA256, HMAC and base64
classes/methods that indicates that I did not correctly implement the
process?
You should base64 decode the key before passing it to the HMAC
constructor.

-Mike

Dec 20 '06 #2

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

2
by: sh | last post by:
Hi guys, Well, I have a (maybe dumb) question. I want to write my own little blog using Python (as a fairly small but doable project for myself to learn more deaply Python in a web context). ...
4
by: John | last post by:
Hi all, I've been going through google and yahoo looking for a certain base64 decoder in C without success. What I'm after is something that you can pass a base64 encoded string into and get back...
5
by: Michael Sperlle | last post by:
Is it possible? Bestcrypt can supposedly be set up on linux, but it seems to need changes to the kernel before it can be installed, and I have no intention of going through whatever hell that would...
0
by: yaipa | last post by:
I snipped this bit of code out of Andrew Kuchling 'pyCrypto' test fixture. Having a need to XOR Binascii Hex strings in my current project, I found it very helpful to cut down on a bit of code...
8
by: Jeremy Kitchen | last post by:
I have encoded a string into Base64 for the purpose of encryption. I then later decrypted it and converted it back from Base64 the final string returns with four nothing characters. "pass" what...
9
by: Ben | last post by:
Hello, I'll bet this has been asked a million times but I can't seem to find a thread that gives the clear example I need. This PC has MySQL and IIS configured and running. The MySQL database is...
3
by: JDeats | last post by:
I have some .NET 1.1 code that utilizes this technique for encrypting and decrypting a file. http://support.microsoft.com/kb/307010 In .NET 2.0 this approach is not fully supported (a .NET 2.0...
4
by: macm | last post by:
Hi Folks I tested <?php echo 'sha256=>' .hash('sha256', 'The quick brown fox jumped over the lazy dog.') .'</br>'; echo 'sha384=>' .hash('sha384', 'The quick brown fox jumped over the lazy...
3
by: ashu | last post by:
I am searching for Win32 (or WinMobile) API for converting ASCII string to Base64 and vice-versa can anyone help me out.... Thanks in advance...
0
by: VivesProcSPL | last post by:
Obviously, one of the original purposes of SQL is to make data query processing easy. The language uses many English-like terms and syntax in an effort to make it easy to learn, particularly for...
3
isladogs
by: isladogs | last post by:
The next Access Europe meeting will be on Wednesday 3 Jan 2024 starting at 18:00 UK time (6PM UTC) and finishing at about 19:15 (7.15PM). For other local times, please check World Time Buddy In...
0
by: jianzs | last post by:
Introduction Cloud-native applications are conventionally identified as those designed and nurtured on cloud infrastructure. Such applications, rooted in cloud technologies, skillfully benefit from...
0
by: mar23 | last post by:
Here's the situation. I have a form called frmDiceInventory with subform called subfrmDice. The subform's control source is linked to a query called qryDiceInventory. I've been trying to pick up the...
0
by: abbasky | last post by:
### Vandf component communication method one: data sharing ​ Vandf components can achieve data exchange through data sharing, state sharing, events, and other methods. Vandf's data exchange method...
2
by: jimatqsi | last post by:
The boss wants the word "CONFIDENTIAL" overlaying certain reports. He wants it large, slanted across the page, on every page, very light gray, outlined letters, not block letters. I thought Word Art...
0
by: fareedcanada | last post by:
Hello I am trying to split number on their count. suppose i have 121314151617 (12cnt) then number should be split like 12,13,14,15,16,17 and if 11314151617 (11cnt) then should be split like...
0
by: stefan129 | last post by:
Hey forum members, I'm exploring options for SSL certificates for multiple domains. Has anyone had experience with multi-domain SSL certificates? Any recommendations on reliable providers or specific...
1
by: davi5007 | last post by:
Hi, Basically, I am trying to automate a field named TraceabilityNo into a web page from an access form. I've got the serial held in the variable strSearchString. How can I get this into the...

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.