hmac

openssl使用错误"error: storage size of 'ctx' isn't known"

扶醉桌前 提交于 2020-01-10 07:06:22
前言 SSL是Secure Sockets Layer(安全套接层协议)的缩写,openssl是一套开源的库,以便使用者进行安全通信,避免窃听,识别身份。 其中,ssl的HMAC是计算MAC的一种方法,有密钥参与计算,不采用HASH算法,对数据做hash计算,并用密钥加密,计算出MAC数值。 测试 源码请看传送门: https://github.com/openssl/openssl 把openssl编译成动态库libssl.so后以便工程引用。 部分代码片段如下: HMAC_CTX ctx ; H_Mac mac ; mac . accessKey = ACCESS_KEY ; mac . secretKey = SECRET_KEY ; HMAC_CTX_init ( & ctx ) ; HMAC_Init_ex ( & ctx , mac . secretKey , strlen ( mac . secretKey ) , EVP_sha1 ( ) , NULL ) ; HMAC_Update ( & ctx , path , strlen ( path ) ) ; HMAC_Update ( & ctx , "\n" , 1 ) ; if ( addlen > 0 ) { HMAC_Update ( & ctx , addition , addlen ) ; } HMAC

How to: New order Binance API via RStudio

强颜欢笑 提交于 2020-01-05 04:25:07
问题 I am trying to create a new order via the Binance API using RStudio. I found the Binance Official API Docs and figured out that I should use POST /api/v3/order (HMAC SHA256). The following script doesn't work out for me: url='https://api.binance.com/api/v3/account' GET(url, add_headers("X-MBX-APIKEY"= *[my API key]*), query=list("symbol"="ETHBTC", "side"="BUY", "type"="MARKET", "quantity"=1, recvWindow=5000, "timestamp"=1499827319559, "signature"=**???**), verbose()) Does anyone know what I'm

Translation from Python to JavaScript: HMAC-SHA256

▼魔方 西西 提交于 2020-01-04 07:09:08
问题 I'd like to convert the following piece of Python code to JavaScript: signature_string = self.format("{apip_id}{identity_id}{method}{uri}{content_hash}{timestamp}{nonce}") # pyhton unicode string in UTF-8 format signature_bytes = signature_string.encode('utf-8') # previous string is converted in a python bytes string apip_key_bytes = base64.b64decode(self.apip_key.encode('utf-8')) # pyhton unicode string is converted in a python bytes string and then in ?? hasher = hmac.new(apip_key_bytes,

Preparing a string for HMAC

二次信任 提交于 2020-01-04 06:49:34
问题 I am writing a webservice which uses HMAC for message authentication. I am having some issues preparing the 'data' for digest, and am getting different digests for the same 'data' in Python vs NodeJS. I am fairly sure that this issue is due to encoding, but I am not sure how to best approach this. Python code: import hmac from hashlib import sha1 f = open('../test.txt') raw = f.read() raw = raw.strip() hm = hmac.new('12345', raw, sha1) res = hm.hexdigest() print res >>

HMAC produces wrong results

依然范特西╮ 提交于 2020-01-04 05:28:05
问题 All of this is new to me so please forgive my noobish question. I'm trying to figure out HMAC step by step. Let's say I have a following SHA-1 method: public static string SHA_1(string input) { SHA1CryptoServiceProvider mySha = new SHA1CryptoServiceProvider(); string temp = BitConverter.ToString(mySha.ComputeHash(Encoding.UTF8.GetBytes(input))); temp = temp.Replace("-", "").ToUpper(); return temp; } It receives a plain text string; Let's say my secret key is "" (empty string) and so is the

Why does encrypting HMAC-SHA1 in exactly the same code in C# and PowerShell show different results?

百般思念 提交于 2020-01-03 07:00:19
问题 I've been trying to encrypt a Amazon S3-like authorization key with HMAC-SHA1 in PowerShell with the following code: $str="PUT\n\napplication/x-zip-compressed\nThu, 09 Feb 2017 08:59:43 GMT\n/test-bucket/test-key" $secret="c334da95a6734ff4a04abd99efca450f" $sha = [System.Security.Cryptography.KeyedHashAlgorithm]::Create("HMACSHA1") $sha.Key = [System.Text.Encoding]::UTF8.Getbytes($secret) $sign = [Convert]::Tobase64String($sha.ComputeHash([System.Text.Encoding]::UTF8.Getbytes(${str}))) echo

Linkedin API Error Invalid Signature in iPhone Starter Kit

↘锁芯ラ 提交于 2020-01-03 06:41:07
问题 I've tried to run the OAuthStarterKit xcode project out of the box, entered the correct api key/secret and oauth user token/secret. When I get to authorizing with this code: OAMutableURLRequest *request = [[[OAMutableURLRequest alloc] initWithURL:requestTokenURL consumer: self.consumer token: self.requestToken callback:linkedInCallbackURL signatureProvider:sha] autorelease]; It returns the error "signature_invalid", which seems to indicate an incorrect signature. the clear text and secret

How to securely verify an HMAC in Python 2.7?

本小妞迷上赌 提交于 2020-01-02 05:34:07
问题 I'm using Python 2.7 and am creating an HMAC using the hmac library. Python 3.3 includes a compare_digest() function that will compare two digests and resist timing attacks, but that's not available in 2.7. Prevailing advice is not to roll my own crypto, so are there any mature Python libraries that provide that functionality? PyCrypto does not appear to. 回答1: For anyone finding this from search, if using Django, then you can also use the constant_time_compare function in django.utils.crypto.

HMAC SHA256 in C++ (DynamoDB)

冷暖自知 提交于 2020-01-01 06:23:42
问题 I'm trying to connect to DynamoDB through the REST Web API and it requires me to generate a signature using HMAC-SHA256. I've got SHA-256 working, but I cant seem to get HMAC working, here is the C++ code (using OpenSSL) string hmac(string key, string msg) { unsigned char hash[32]; HMAC_CTX hmac; HMAC_CTX_init(&hmac); HMAC_Init_ex(&hmac, &key[0], key.length(), EVP_sha256(), NULL); HMAC_Update(&hmac, (unsigned char*) &msg[0], msg.length()); unsigned int len = 32; HMAC_Final(&hmac, hash, &len);

AES256 CBC + HMAC SHA256 ensuring confidentiality *and* authentication?

限于喜欢 提交于 2019-12-31 08:49:11
问题 I'm thinking of using AES256 CBC + HMAC SHA-256 as a building block for messages that ensures both confidentiality and authentication. In particular, consider this scenario: Alice is possession a public key belonging to Bob (the key exchange and algorithm is outside the scope of this question). Alice has an identifying key K, also shared with Bob, that she can use to identify herself with. Only Alice and Bob knows the key K. Alice encrypts (nonce || K) using Bob's public key. Bob decrypts the
订阅 hmac