By using this site, you agree to our updated Privacy Policy and our Terms of Use. Manage your Cookies Settings.
449,156 Members | 989 Online
Bytes IT Community
+ Ask a Question
Need help? Post your question and get tips & solutions from a community of 449,156 IT Pros & Developers. It's quick & easy.

using methods base64 module in conjunction with Crypto.Hash.SHA256

P: n/a
I am attempting to implement a process, and I'm pretty sure that a
major roadblock is that I do not understand the nomenclature. The
specs indicate that the goal is to calculate a message digest using an
SHA-256 algorithm. There are 2 examples included with the specs. The
label on the 2 examples are: 'HMAC samples'. In both examples, the
message on which the digest is to be calculated is (the 33 chars within
the quotes):

'This is a test of VISION services'

In the first example, the value labeled 'Shared key' is the 44
characters within the quotes:
'6lfg2JWdrIR4qkejML0e3YtN4XevHvqowDCDu6XQEFc='
and the value labeled 'Base64 Message Hash' is the 44 characters within
the quotes:
'KF7GkfXkgXFNOgeRud58Oqx2equmKACAwzqQHZnZx9A='

In the second example, the value labeled 'Shared key' is the 44
characters within the quotes:
'jcOv3OBKVNBT8Zk+ZFacrDYNsKlm3D8TGGJyXti//p4='
and the value labeled 'Base64 Message Hash' is the 44 characters within
the quotes:
'XhqneGN0x5I8JVvatXO9z0EBQRre3svFVc+q2lLE3Ik='

My interpretation of the first example is this: when you use an SHA-256
algorithm to calculate a message digest on the message 'This is a test
of VISION services' where the key is
'6lfg2JWdrIR4qkejML0e3YtN4XevHvqowDCDu6XQEFc=', the result should be:
'KF7GkfXkgXFNOgeRud58Oqx2equmKACAwzqQHZnZx9A=' .

Operating system: Win XP
Version of Python: 2.4 (with PyCrypto package installed)

Interactive window of Pythonwin displays how I thought one might
implement the process.
>>from Crypto.Hash import SHA256
import base64
digestStr = 'This is a test of VISION services'
from Crypto.Hash import HMAC
samp1Key = '6lfg2JWdrIR4qkejML0e3YtN4XevHvqowDCDu6XQEFc='
samp1CalcDigest = HMAC.new(samp1Key, digestStr, SHA256)
samp1Hash = base64.b64encode(samp1CalcDigest.digest())
samp1Hash
'35RYYwgt7Bp1Dj9onZiIkSz1PxgKM9UYXCgxlDdWGkA='
>>samp2Key = 'jcOv3OBKVNBT8Zk+ZFacrDYNsKlm3D8TGGJyXti//p4='
samp2CalcDigest = HMAC.new(samp2Key, digestStr, SHA256)
samp2Hash = base64.b64encode(samp2CalcDigest.digest())
samp2Hash
'RtmPKhflZ/BX3yrhl83pDsdCR5A2kwKP6dVnAyBl9tc='
>>>
I was hoping that samp1Hash and samp2Hash would be the same as the
values labled 'Base64 Message Has' in the examples...they are not the
same.

My questions are:
1) Given the terminology identified above, do you think my
interpreation of the first example is accurate? If not, what is a more
accurate interpretation?
2) If the interpretation of the first example is on target, do you see
anything above in the use of the SHA256, HMAC and base64
classes/methods that indicates that I did not correctly implement the
process?
Thank you.

Dec 20 '06 #1
Share this Question
Share on Google+
1 Reply


P: n/a

mi************@yahoo.com wrote:
I am attempting to implement a process, and I'm pretty sure that a
major roadblock is that I do not understand the nomenclature. The
specs indicate that the goal is to calculate a message digest using an
SHA-256 algorithm. There are 2 examples included with the specs. The
label on the 2 examples are: 'HMAC samples'. In both examples, the
message on which the digest is to be calculated is (the 33 chars within
the quotes):

'This is a test of VISION services'

In the first example, the value labeled 'Shared key' is the 44
characters within the quotes:
'6lfg2JWdrIR4qkejML0e3YtN4XevHvqowDCDu6XQEFc='
I doubt it. That is a base64 encoded value, not the value itself.

<>
My interpretation of the first example is this: when you use an SHA-256
algorithm to calculate a message digest on the message 'This is a test
of VISION services' where the key is
'6lfg2JWdrIR4qkejML0e3YtN4XevHvqowDCDu6XQEFc=',
This isn't the key, but the base64-encoded key.
the result should be:
'KF7GkfXkgXFNOgeRud58Oqx2equmKACAwzqQHZnZx9A=' .
This isn't the result, but the base64-encoded result.
2) If the interpretation of the first example is on target, do you see
anything above in the use of the SHA256, HMAC and base64
classes/methods that indicates that I did not correctly implement the
process?
You should base64 decode the key before passing it to the HMAC
constructor.

-Mike

Dec 20 '06 #2

This discussion thread is closed

Replies have been disabled for this discussion.