RFC 2104-Compliant HMAC hash
704 views
Skip to first unread message
Steve Trimble
Jan 11, 2011, 7:17:01 PM1/11/11
to OpenQM
can anybody help me with this?
Compute an RFC 2104-compliant HMAC hash, using the Secret AWS Access
Key as the key. This value should be base64 encoded, and then included
as the value for the Signature parameter for the request.
i know QM can handle the base64
i know what my 'Secret AWS Access Key' is
but I don't know what a RFC 2104-compliant HMAC hash is
thanks in advance,
Steve T
Compute an RFC 2104-compliant HMAC hash, using the Secret AWS Access
Key as the key. This value should be base64 encoded, and then included
as the value for the Signature parameter for the request.
i know QM can handle the base64
i know what my 'Secret AWS Access Key' is
but I don't know what a RFC 2104-compliant HMAC hash is
thanks in advance,
Steve T
Bob Coleman
Jan 11, 2011, 9:04:41 PM1/11/11
to ope...@googlegroups.com
Try this link: http://www.ietf.org/rfc/rfc2104.txt
-Bob
-Bob
--
You received this message because you are subscribed to the Google Groups "OpenQM" group.
To post to this group, send an email to ope...@googlegroups.com.
To unsubscribe from this group, send email to openqm+un...@googlegroups.com.
For more options, visit this group at http://groups.google.com/group/openqm?hl=en-GB.
Doug Dumitru
Jan 11, 2011, 11:34:16 PM1/11/11
to ope...@googlegroups.com
The RFC is a little help, but the original post is a bit incomplete.
HMAC describes a method of taking a "secret" and then running it through a hashing function. HMAC does not define which hashing function, although in this case it is likely MD5. You then get a hash output which can be used to verify that you have the "secret" without your actually revealing the secret.
If it is MD5 that you need, and if you are on linux, you can just write the secret to a scratch file and run 'md5sum' on it. md5sum outputs the checksum in hex, so if you want it in base64, you will need to convert it.
Hopefully, there is some sort of "test api" that you can use to test this, otherwise, you could spin your wheels for a long while.
Doug--
Doug Dumitru
EasyCo LLC
HMAC describes a method of taking a "secret" and then running it through a hashing function. HMAC does not define which hashing function, although in this case it is likely MD5. You then get a hash output which can be used to verify that you have the "secret" without your actually revealing the secret.
If it is MD5 that you need, and if you are on linux, you can just write the secret to a scratch file and run 'md5sum' on it. md5sum outputs the checksum in hex, so if you want it in base64, you will need to convert it.
Hopefully, there is some sort of "test api" that you can use to test this, otherwise, you could spin your wheels for a long while.
Doug
Doug Dumitru
EasyCo LLC
Martin Phillips
Jan 12, 2011, 4:55:14 AM1/12/11
to ope...@googlegroups.com
Hi Steve,
Further to Doug's reply, not only does QM have a base64
conversion code, it also has an MD5() function so you shouldn't need any
external components.
Martin Phillips
Ladybridge Systems Ltd
17b Coldstream Lane, Hardingstone, Northampton NN4 6DB, England
+44 (0)1604-709200
Ladybridge Systems Ltd
17b Coldstream Lane, Hardingstone, Northampton NN4 6DB, England
+44 (0)1604-709200
Steve Trimble
Jan 12, 2011, 7:35:17 AM1/12/11
to OpenQM
thanks for all the responses
hopefully i can come up with a solution
this signature parameter is a amazon web services requirement that was
recently added
On Jan 12, 3:55 am, "Martin Phillips" <martinphill...@ladybridge.com>
wrote:
> Doug- Hide quoted text -
>
> - Show quoted text -
hopefully i can come up with a solution
this signature parameter is a amazon web services requirement that was
recently added
On Jan 12, 3:55 am, "Martin Phillips" <martinphill...@ladybridge.com>
wrote:
>
> - Show quoted text -
CDMI - Steve T
Jan 13, 2011, 11:58:08 AM1/13/11
to ope...@googlegroups.com
Martin:
upon further investigation and a little more understanding:
here is a php snippet:
<?php
echo "<h5>MD5</h5>";
echo hash_hmac('md5', 'The quick brown fox jumped over the lazy dog.', 'secret');
echo "<h5>SHA256</h5>";
echo hash_hmac('sha256', 'The quick brown fox jumped over the lazy dog.', 'secret');
?>
echo "<h5>MD5</h5>";
echo hash_hmac('md5', 'The quick brown fox jumped over the lazy dog.', 'secret');
echo "<h5>SHA256</h5>";
echo hash_hmac('sha256', 'The quick brown fox jumped over the lazy dog.', 'secret');
?>
results from above snippet:
MD5
7eb2b5c37443418fc77c136dd20e859cSHA256
9c5c42422b03f0ee32949920649445e417b2c634050833c5165704b825c2a53bnotice that hash_hmac has an additional attribute - 'secret'
also, it appears that MD5 is an older but possibly still accepted hash
see: sha256
the amazon php snippet looks like this:
// calculate HMAC with SHA256 and base64-encoding
$signature = base64_encode(hash_hmac("sha256", $string_to_sign, $private_key, True));
$signature = base64_encode(hash_hmac("sha256", $string_to_sign, $private_key, True));
so QM has MD5 and B64
not sure if SHA256 is required or not - haven't yet got a 'working' example with my 'private_key'
will continue working using the php method
it's not the one i want, but once i get a better understanding and a working example, you made be able to direct me toward a complete QM function
thanks as always for your help,
Steve Trimble
Computerized Data Mgmt Inc
PO Box 13403
Maumelle, AR 72113
(501) 803-0974 09:00am - 6:00pm CST
PO Box 13403
Maumelle, AR 72113
(501) 803-0974 09:00am - 6:00pm CST
From: Martin Phillips <martinp...@ladybridge.com>
To: ope...@googlegroups.com
Sent: Wed, January 12, 2011 3:55:14 AM
Subject: Re: RFC 2104-Compliant HMAC hash
Hi Steve,
Further to Doug's reply, not only does QM have a base64 conversion code, it also has an MD5() function so you shouldn't need any external components.
Martin Phillips
Ladybridge Systems Ltd
17b Coldstream Lane, Hardingstone, Northampton NN4 6DB, England
+44 (0)1604-709200
Ladybridge Systems Ltd
17b Coldstream Lane, Hardingstone, Northampton NN4 6DB, England
+44 (0)1604-709200
----- Original Message -----From: Doug DumitruSent: Wednesday, January 12, 2011 4:34 AMSubject: Re: RFC 2104-Compliant HMAC hashThe RFC is a little help, but the original post is a bit incomplete.
HMAC describes a method of taking a "secret" and then running it through a hashing function. HMAC does not define which hashing function, although in this case it is likely MD5. You then get a hash output which can be used to verify that you have the "secret" without your actually revealing the secret.
If it is MD5 that you need, and if you are on linux, you can just write the secret to a scratch file and run 'md5sum' on it. md5sum outputs the checksum in hex, so if you want it in base64, you will need to convert it.
Hopefully, there is some sort of "test api" that you can use to test this, otherwise, you could spin your wheels for a long while.
Doug
Martin Phillips
Jan 13, 2011, 12:08:25 PM1/13/11
to ope...@googlegroups.com
Hi Steve,
So, this isn't really MD5 at all but a further encrypted
version of MD5.
QM has support only for the standard MD5 algorithm. You are
probably back to needing to call external routines or writing it as a QMBasic
subroutine (which you would, of course, publish for others!!!).
Martin Phillips
Ladybridge Systems Ltd
17b Coldstream Lane, Hardingstone, Northampton NN4 6DB, England
+44 (0)1604-709200
Ladybridge Systems Ltd
17b Coldstream Lane, Hardingstone, Northampton NN4 6DB, England
+44 (0)1604-709200
----- Original Message -----From: CDMI - Steve TSent: Thursday, January 13, 2011 4:58 PMSubject: Re: RFC 2104-Compliant HMAC hash
Reply all
Reply to author
Forward
0 new messages