West Wind Internet and Client Tools
wwEncrypt HMACSHA256
I'm trying to do a HMAC SHA256 encryption and can't seem to get the right answer. Using VFPEncryption.FLL, I do get what the service says is the "right" answer. Here's the code
DO prog\wwEncryption
LOCAL oEncrypt, oUtils
oEncrypt = CREATEOBJECT("wwEncryption")
LOCAL lcURLEncode, lcAPIKey, lcHash
lcAPIKey = "b1bdb357ced10fe4e9a69840cdd4f0e9c03d77fe"
lcURLEncode = "Action=FeedList&Format=XML&Timestamp=2015-07-01T11%3A11%3A11%2B00%3A00&UserID=look%40me.com&Version=1.0"
* Westwind
lcHash = oEncrypt.ComputeHash(lcURLEncode,"HMACSHA256", lcAPIKey)
?"Hash Westwind", lcHash
* VFPEncryption.fll
SET LIBRARY TO vfpencryption.fll addi
lcHash = hmac(lcURLEncode, lcAPIKey, 2) && 2 = HMACSHA256
?"VFPEncrypt", STRCONV(lcHash, 15) && Convert to hex binary
Westwind returns: yvuNsshkEaYojVqBDgsktg==
VFPEncryption returns: 3CEB8ED91049DFC718B0D2D176FB2ED0E5FD74F76C5971F34CDAB48412476041
Hi Todd,
There's a bug in the HMAC algorithm in that it adds the salt both to the algorithm for processing and to the data (which is what the salt does for all the other algos).
There's a bit more info in this thread: https://support.west-wind.com/Thread4X20165EC.wwt
The fix requires a change in wwdotnetbridge.dll (fixed but not published) at the moment.
+++ Rick ---