static void Main(string[] args) { using (var rijndael = new RijndaelManaged()) using (var hmacsha256 = new HMACSHA256()) { rijndael.GenerateKey(); hmacsha256.Initialize(); Console.WriteLine(template, new SoapHexBinary(rijndael.Key), new SoapHexBinary(hmacsha256.Key)); } Console.WriteLine("press any key to exit..."); Console.ReadKey(); }
static void Main() { String secretAccessKey = "mykey"; String data = "my data"; byte[] secretKey = Encoding.UTF8.GetBytes(secretAccessKey); HMACSHA256 hmac = new HMACSHA256(secretKey); hmac.Initialize(); byte[] bytes = Encoding.UTF8.GetBytes(data); byte[] rawHmac = hmac.ComputeHash(bytes); Console.WriteLine(Convert.ToBase64String(rawHmac)); }
private void button1_Click(object sender, EventArgs e) { var timestamp = System.DateTime.UtcNow.ToFileTimeUtc().ToString(); using (var hmacsha256 = new HMACSHA256(GetKey())) { hmacsha256.Initialize(); var hash = hmacsha256.ComputeHash(Encoding.UTF8.GetBytes(textBox1.Text)); var ed25519 = new Rebex.Security.Cryptography.Ed25519(); ed25519.FromSeed(hash); label1.Text = $@"Key:{ByteToString( ed25519.GetPrivateKey())} Hash:{ByteToString(hash)}"; } }
public string CreateTokenUser(string email, string pass, string seretKey) { Random random = new Random(); int value = random.Next(100001, 999999); String token = email + pass + value; byte[] secretKey = Encoding.ASCII.GetBytes(seretKey); HMACSHA256 hmac = new HMACSHA256(secretKey); hmac.Initialize(); byte[] bytes = Encoding.ASCII.GetBytes(token); byte[] rawHmac = hmac.ComputeHash(bytes); return("" + Convert.ToBase64String(rawHmac) + ""); }
/** * Builds the authorization string that will sent as part of the Request Header * @param data * @return * @throws Exception */ private string getMacValue(Dictionary <string, string> data) { //Mac mac=Mac.getInstance("HmacSHA256"); string apiSecret = data[APIResourceConstants.SecurityConstants.APISECRET]; //SecretKeySpec secret_key = new SecretKeySpec(apiSecret.getBytes(), "HmacSHA256"); byte[] secret_key = Encoding.UTF8.GetBytes(apiSecret); HMACSHA256 hmac = new HMACSHA256(secret_key); hmac.Initialize(); //foreach (var key in data) //{ // var ss = data[key.Key] //} //byte[] bytes = Encoding.UTF8.GetBytes(data.); //byte[] rawHmac = hmac.ComputeHash(bytes); //Console.WriteLine(Convert.ToBase64String(rawHmac)); //mac.init(secret_key); string apikey = data[APIResourceConstants.SecurityConstants.APIKEY]; string nonce = data[APIResourceConstants.SecurityConstants.NONCE]; //String timeStamp = data.get(APIResourceConstants.SecurityConstants.TIMESTAMP); string token = data[APIResourceConstants.SecurityConstants.TOKEN]; string payload = data[APIResourceConstants.SecurityConstants.PAYLOAD]; StringBuilder buff = new StringBuilder(); buff.Append(apikey); //.append(nonce) //.append(timeStamp); if (token != null) { buff.Append(token); } if (payload != null) { buff.Append(payload); } string bufferData = buff.ToString(); //MessageLogger.logMessage(String.format(bufferData)); //byte[] macHash = mac.doFinal(bufferData.get("UTF-8")); var macHash = Encoding.UTF8.GetBytes(bufferData); //MessageLogger.logMessage(Integer.toString(macHash.length)); //MessageLogger.logMessage(String.format("MacHAsh:{}" , macHash)); string authorizeString = Convert.ToBase64String(macHash); // MessageLogger.logMessage(String.format("Authorize:{}" , authorizeString)); return(authorizeString); }
private String HMAC256EncryptBase64UrlEncode(String str, String accessKey) { byte[] key = Encoding.UTF8.GetBytes(accessKey); byte[] strBytes = Encoding.UTF8.GetBytes(str); HMACSHA256 hmac = new HMACSHA256(key); hmac.Initialize(); byte[] rawHmac = hmac.ComputeHash(strBytes); string b64Str = Convert.ToBase64String(rawHmac); return(b64Str.TrimEnd(padding).Replace('/', '_').Replace('+', '-').Replace("[", "").Replace("=", "").Replace("]", "")); }
private string GetAuthenticationSignature(string method, string path, string contentType, string dateString) { var signature = method + "\n\n" + contentType + "\n" + dateString + "\n" + BolDateHeader.ToLower() + ":" + dateString + "\n" + path; using (var hmac = new HMACSHA256(Encoding.UTF8.GetBytes(_config.PrivateKey))) { hmac.Initialize(); var result = hmac.ComputeHash(Encoding.UTF8.GetBytes(signature)); return(Convert.ToBase64String(result)); } }
public static byte[] hash(byte[] key, string msg) { try { HMACSHA256 hmac = new HMACSHA256(key); hmac.Initialize(); byte[] bytes = Encoding.UTF8.GetBytes(msg); byte[] rawHmac = hmac.ComputeHash(bytes); return(rawHmac); } catch (Exception e) { throw e; } }
private string Digest(string message) { var binKey = HexStringToByteArray(this.key); var buffer = System.Text.Encoding.UTF8.GetBytes(message); using (var hmac = new HMACSHA256(binKey)) { hmac.Initialize(); var signed = hmac.ComputeHash(buffer); var hex = BitConverter.ToString(signed) .Replace("-", string.Empty) .ToLowerInvariant(); return(hex); } }
public static string GetWCHMAC(byte[] data, byte[] key, byte[] iv) { // HMAC-SHA256 using (var hmac = new HMACSHA256(key)) { hmac.Initialize(); byte[] toSign = new byte[iv.Length + data.Length]; //copy our 2 array into one Buffer.BlockCopy(data, 0, toSign, 0, data.Length); Buffer.BlockCopy(iv, 0, toSign, data.Length, iv.Length); var sig = hmac.ComputeHash(toSign); return(sig.ToHexString()); } }
/// <summary> /// HMAC_SHA256 /// </summary> /// <param name="str">The string to be encrypted</param> /// <param name="key">encrypte key</param> /// <param name="encoding">字符编码</param> /// <returns></returns> public static string HMACSHA256(string str, string key, Encoding encoding) { byte[] secrectKey = encoding.GetBytes(key); using (HMACSHA256 hmac = new HMACSHA256(secrectKey)) { hmac.Initialize(); byte[] bytes_hmac_in = encoding.GetBytes(str); byte[] bytes_hamc_out = hmac.ComputeHash(bytes_hmac_in); string str_hamc_out = BitConverter.ToString(bytes_hamc_out); str_hamc_out = str_hamc_out.Replace("-", ""); return(str_hamc_out); } }
private static void PBKDF2_SHA256(HMACSHA256 mac, byte[] password, byte[] salt, int saltLength, long iterationCount, byte[] derivedKey, int derivedKeyLength) { TR.Enter(); if (derivedKeyLength > (Math.Pow(2, 32) - 1) * 32) { TR.Exit(); throw new ArgumentException("Requested key length too long"); } var U = new byte[32]; var T = new byte[32]; var saltBuffer = new byte[saltLength + 4]; var blockCount = (int)Math.Ceiling((double)derivedKeyLength / 32); var r = derivedKeyLength - (blockCount - 1) * 32; Buffer.BlockCopy(salt, 0, saltBuffer, 0, saltLength); using (var incrementalHasher = IncrementalHash.CreateHMAC(HashAlgorithmName.SHA256, mac.Key)) { for (int i = 1; i <= blockCount; i++) { saltBuffer[saltLength + 0] = (byte)(i >> 24); saltBuffer[saltLength + 1] = (byte)(i >> 16); saltBuffer[saltLength + 2] = (byte)(i >> 8); saltBuffer[saltLength + 3] = (byte)(i); mac.Initialize(); incrementalHasher.AppendData(saltBuffer, 0, saltBuffer.Length); Buffer.BlockCopy(incrementalHasher.GetHashAndReset(), 0, U, 0, U.Length); Buffer.BlockCopy(U, 0, T, 0, 32); for (long j = 1; j < iterationCount; j++) { incrementalHasher.AppendData(U, 0, U.Length); Buffer.BlockCopy(incrementalHasher.GetHashAndReset(), 0, U, 0, U.Length); for (int k = 0; k < 32; k++) { T[k] ^= U[k]; } } Buffer.BlockCopy(T, 0, derivedKey, (i - 1) * 32, (i == blockCount ? r : 32)); } } TR.Exit(); }
public void CanStretchKeysUsingBCL() { var ekeypair1 = EphemeralKeyPair.Generate("P-256"); var ekeypair2 = EphemeralKeyPair.Generate("P-256"); var secret1 = ekeypair1.GenerateSharedKey(ekeypair2.PublicKey); var secret2 = ekeypair2.GenerateSharedKey(ekeypair1.PublicKey); var stretched1 = StretchedKeys.Generate("AES-256", "SHA256", secret1); var stretched2 = StretchedKeys.Generate("AES-256", "SHA256", secret2); var raw = Encoding.UTF8.GetBytes("Hello world, this should be encrypted."); byte[] encoded = null; byte[] decoded = null; using (var aes = Aes.Create()) { aes.KeySize = 256; aes.Padding = PaddingMode.PKCS7; aes.Mode = CipherMode.CBC; using (var encryptor = aes.CreateEncryptor(stretched1.Item1.CipherKey, stretched1.Item1.IV)) using (var mac = new HMACSHA256()) { mac.Initialize(); mac.Key = stretched1.Item1.MacKey; var data = encryptor.TransformFinalBlock(raw, 0, raw.Length); encoded = data .Concat(mac.ComputeHash(data, 0, data.Length)) .ToArray(); } using (var decryptor = aes.CreateDecryptor(stretched2.Item1.CipherKey, stretched2.Item1.IV)) using (var mac = new HMACSHA256()) { mac.Initialize(); mac.Key = stretched2.Item1.MacKey; var mark = encoded.Length - (mac.HashSize / 8); var digest = encoded.Skip(mark).ToArray(); Assert.Equal(mac.ComputeHash(encoded, 0, mark), digest); decoded = decryptor.TransformFinalBlock(encoded, 0, mark); } } Assert.Equal(Encoding.UTF8.GetString(decoded), Encoding.UTF8.GetString(raw)); }
private void ValidateBody(byte[] body, IEnumerable <IRequestHeader> requestHeaders) { string signature = ExtractHeaderValue(requestHeaders, "X-GCS-Signature"); string keyId = ExtractHeaderValue(requestHeaders, "X-GCS-KeyId"); using (var mac = new HMACSHA256(StringUtils.Encoding.GetBytes(_secretKeyStore.GetSecretKey(keyId)))) { mac.Initialize(); byte[] unencodedResult = mac.ComputeHash(body); var expectedSignature = Convert.ToBase64String(unencodedResult); bool isValid = signature.CompareWithoutTimingLeak(expectedSignature); if (!isValid) { throw new SignatureValidationException("failed to validate signature '" + signature + "'"); } } }
// Where endpoint like "/prices/spot?currency=USD" private SignatureHeaders GetSignature(string endpoint, string method = "GET") { var unixTimestamp = (Int32)(DateTime.UtcNow.Subtract(new DateTime(1970, 1, 1))).TotalSeconds; //var currency = "USD"; //var message = string.Format("{0}GET/v2/prices/spot?currency={1}", unixTimestamp.ToString(), currency); var message = string.Format("{0}{1}/v2/{2}", unixTimestamp.ToString(), method, endpoint); byte[] secretKey = Encoding.UTF8.GetBytes(ApiSecret); HMACSHA256 hmac = new HMACSHA256(secretKey); hmac.Initialize(); byte[] bytes = Encoding.UTF8.GetBytes(message); byte[] rawHmac = hmac.ComputeHash(bytes); var signature = rawHmac.ByteArrayToHexString(); return(new SignatureHeaders(signature, unixTimestamp)); }
private static (byte, byte[]) EncryptData(Stream inStream, Stream outStream, byte[] internalKey, byte[] iv, int bufferSize) { var lastDataReadSize = 0; // File size modulo 16 in least significant byte positions using (var cipher = CreateAes(internalKey, iv)) using (var ms = new MemoryStream()) using (var cryptoStream = new CryptoStream(ms, cipher.CreateEncryptor(), CryptoStreamMode.Write)) { int bytesRead; var buffer = new byte[bufferSize]; while ((bytesRead = inStream.Read(buffer, 0, buffer.Length)) > 0) { cryptoStream.Write(buffer, 0, bytesRead); if (bytesRead < bufferSize) { lastDataReadSize = bytesRead % AesBlockSize; if (lastDataReadSize != 0) { var padLen = 16 - bytesRead % AesBlockSize; var padding = new byte[padLen]; padding.Fill((byte)padLen); cryptoStream.Write(padding, 0, padding.Length); } } } cryptoStream.FlushFinalBlock(); ms.Position = 0; using (var hmac0 = new HMACSHA256(internalKey)) { hmac0.Initialize(); while ((bytesRead = ms.Read(buffer, 0, buffer.Length)) > 0) { outStream.Write(buffer, 0, bytesRead); hmac0.TransformBlock(buffer, 0, bytesRead, null, 0); } hmac0.TransformFinalBlock(Array.Empty <byte>(), 0, 0); return((byte)lastDataReadSize, hmac0.Hash); } } }
internal string sign(string[] list) { if (connectionInformation.key == "") { return(""); } else { hmac.Initialize(); foreach (var s in list) { transformPart(s); } hmac.TransformFinalBlock(new byte[] { }, 0, 0); return(BitConverter.ToString(hmac.Hash).Replace("-", "").ToLower()); } }
protected void EncodeInternal(byte[] buffer, int offset, ushort count) { byte[] header = new byte[PREFIX_SIZE]; byte[] size = BitConverter.GetBytes(count); byte[] counter = BitConverter.GetBytes(_outCounter++); _encryptor.TransformBlock(size, 0, size.Length, header, HMAC_SIZE); _encryptor.TransformBlock(buffer, offset, count, buffer, offset); _signer.TransformBlock(counter, 0, counter.Length, null, 0); _signer.TransformBlock(header, HMAC_SIZE, size.Length, null, 0); _signer.TransformFinalBlock(buffer, offset, count); Buffer.BlockCopy(_signer.Hash, 0, header, 0, HMAC_SIZE); _signer.Initialize(); OnDataEncoded(buffer, offset, count, header); }
public Tuple <Container.Types.MessageType, Any, uint, uint> Unpack(byte[] data) { var container = Container.Parser.ParseFrom(data); _sha256.Initialize(); var hash = _sha256.ComputeHash(container.Payload.Value.ToByteArray()); if (!StructuralComparisons.StructuralEqualityComparer.Equals(hash, container.Signature.ToByteArray())) { throw new InvalidDataException("invalid signature."); } return(new Tuple <Container.Types.MessageType, Any, uint, uint>( container.MessageType, container.Payload, container.SequenceNumber, container.LifeTimeMilliSeconds )); }
private void OnBufferReady(byte[] buffer) { if (!_secure) { ProcessFrame(buffer, _offset, _bytesToBuffer); return; } if (_bytesToBuffer == PREFIX_SIZE) { byte[] size = new byte[2]; _decryptor.TransformBlock(_buffer, _offset + HMAC_SIZE, 2, size, 0); _bytesToBuffer += BitConverter.ToUInt16(size, 0); } else { byte[] counter = BitConverter.GetBytes(_inCounter++); _verifier.TransformBlock(counter, 0, counter.Length, null, 0); _verifier.TransformFinalBlock(_buffer, _offset + HMAC_SIZE, _bytesToBuffer - HMAC_SIZE); if (!CompareBytes(_verifier.Hash, 0, _buffer, _offset, HMAC_SIZE)) { OnExceptionThrown(new InvalidDataException("Invalid record signature.")); return; } _verifier.Initialize(); _decryptor.TransformBlock(_buffer, _offset + PREFIX_SIZE, _bytesToBuffer - PREFIX_SIZE, _buffer, _offset + PREFIX_SIZE); if (_state == FrameState.Established) { OnDataDecoded(buffer, _offset + PREFIX_SIZE, _bytesToBuffer - PREFIX_SIZE); _bufferPosition = 0; _bytesToBuffer = PREFIX_SIZE; } else { ProcessFrame(buffer, _offset + PREFIX_SIZE, _bytesToBuffer - PREFIX_SIZE); } } }
/// <summary> /// HMAC_SHA256 /// </summary> /// <param name="srcString">The string to be encrypted</param> /// <param name="key">encrypte key</param> /// <returns></returns> public static string HMACSHA256(string srcString, string key) { Check.Argument.IsNotEmpty(srcString, nameof(srcString)); Check.Argument.IsNotEmpty(key, nameof(key)); byte[] secrectKey = Encoding.UTF8.GetBytes(key); using (HMACSHA256 hmac = new HMACSHA256(secrectKey)) { hmac.Initialize(); byte[] bytes_hmac_in = Encoding.UTF8.GetBytes(srcString); byte[] bytes_hamc_out = hmac.ComputeHash(bytes_hmac_in); string str_hamc_out = BitConverter.ToString(bytes_hamc_out); str_hamc_out = str_hamc_out.Replace("-", ""); return(str_hamc_out); } }
/// <summary> /// /// </summary> /// <param name="clientKey">Client API key.</param> /// <param name="clientSecret">Client secret.</param> /// <param name="resourcePath">Relative path to the resource.</param> /// <param name="host">Host name.</param> /// <param name="port">Port number.</param> /// <param name="httpMethod">HTTP method.</param> /// <param name="payload">Payload.</param> /// <param name="nonce">Unique nonce.</param> /// <param name="ts">Timestamp.</param> /// <returns></returns> private string GenerateMacHeader(string clientKey, string clientSecret, string resourcePath, string host, int port, string httpMethod, string payload, string nonce, string ts) { //create crypto using client secret var hmac = new HMACSHA256(Encoding.UTF8.GetBytes(clientSecret)); hmac.Initialize(); //body hash generation byte[] rawBodyHash = hmac.ComputeHash(Encoding.UTF8.GetBytes(payload)); string bodyHash = Convert.ToBase64String(rawBodyHash); //create signature string signature = string.Format(SIGNATURE_FORMAT, ts, nonce, httpMethod, resourcePath, host, port, bodyHash); byte[] signatureBytes = hmac.ComputeHash(Encoding.UTF8.GetBytes(signature)); string signatureString = Convert.ToBase64String(signatureBytes); return(string.Format(AUTH_HEADER_FORMAT, clientKey, ts, nonce, bodyHash, signatureString)); }
private static void HmacEval(byte[] pbKey, byte[] pbMsg, byte[] pbExpc) { using var h = new HMACSHA256(pbKey); h.TransformBlock(pbMsg, 0, pbMsg.Length, pbMsg, 0); h.TransformFinalBlock(new byte[0], 0, 0); var pbHash = h.Hash; Assert.That(MemUtil.ArraysEqual(pbHash, pbExpc), Is.True); // Reuse the object h.Initialize(); h.TransformBlock(pbMsg, 0, pbMsg.Length, pbMsg, 0); h.TransformFinalBlock(new byte[0], 0, 0); pbHash = h.Hash; Assert.That(MemUtil.ArraysEqual(pbHash, pbExpc), Is.True); }
/// <summary> /// Compute PBKDF2 using HMAC-SHA256 as the PRF, and write the output to derivedKey. /// </summary> private static void PBKDF2_SHA256(HMACSHA256 mac, byte[] password, byte[] salt, int saltLength, long iterationCount, byte[] derivedKey, int derivedKeyLength) { if (derivedKeyLength > (Math.Pow(2, 32) - 1) * 32) { throw new ArgumentException("Requested key length too long"); } var U = new byte[32]; var T = new byte[32]; var saltBuffer = new byte[saltLength + 4]; var blockCount = (int)Math.Ceiling((double)derivedKeyLength / 32); var r = derivedKeyLength - (blockCount - 1) * 32; Buffer.BlockCopy(salt, 0, saltBuffer, 0, saltLength); for (int i = 1; i <= blockCount; i++) { saltBuffer[saltLength + 0] = (byte)(i >> 24); saltBuffer[saltLength + 1] = (byte)(i >> 16); saltBuffer[saltLength + 2] = (byte)(i >> 8); saltBuffer[saltLength + 3] = (byte)(i); mac.Initialize(); mac.TransformFinalBlock(saltBuffer, 0, saltBuffer.Length); Buffer.BlockCopy(mac.Hash, 0, U, 0, U.Length); Buffer.BlockCopy(U, 0, T, 0, 32); for (long j = 1; j < iterationCount; j++) { mac.TransformFinalBlock(U, 0, U.Length); Buffer.BlockCopy(mac.Hash, 0, U, 0, U.Length); for (int k = 0; k < 32; k++) { T[k] ^= U[k]; } } Buffer.BlockCopy(T, 0, derivedKey, (i - 1) * 32, (i == blockCount ? r : 32)); } }
private static bool verify(String consumerSecret, String encodedPayload, String encodedSignature) { if (consumerSecret == null || consumerSecret.Trim().Length == 0) { throw new System.ArgumentException("secret is null, did you set your environment variable CANVAS_CONSUMER_SECRET?"); } try { byte[] key = Encoding.UTF8.GetBytes(consumerSecret); HMACSHA256 hmacKey = new HMACSHA256(key); hmacKey.Initialize(); byte[] algorithmBytes = Encoding.UTF8.GetBytes(encodedPayload); byte[] rawHmac = hmacKey.ComputeHash(algorithmBytes); string result = Convert.ToBase64String(rawHmac); return((result == Uri.UnescapeDataString(encodedSignature)) ? true : false); } catch (System.Exception e) { throw new System.Exception("Verify failed.", e.InnerException); } }
/// <summary> /// 微信支付新接口均使用了 HMAC-SHA256 签名算法 /// </summary> /// <param name="dict">请求的参数对</param> /// <param name="key">微信支付商户后台设置的密钥</param> /// <returns>HMACSHA256 计算得到的签名值</returns> public static string Sign(Dictionary <string, string> dict, string key) { var q = from kv in dict where string.IsNullOrEmpty(kv.Value) == false orderby kv.Key select string.Join("=", kv.Key, kv.Value); var str = string.Join("&", q); str = $"{str}&key={key}"; using (var sha = new HMACSHA256(Encoding.UTF8.GetBytes(key))) { sha.Initialize(); var hash = BitConverter.ToString(sha.ComputeHash(Encoding.UTF8.GetBytes(str))).Replace("-", null); return(hash); } }
private static string GenerateSaSToken(string uri) { var targetUri = WebUtility.UrlEncode(uri.ToLower())?.ToLower(); var expiresOnDate = Convert.ToInt64(DateTime.UtcNow.Subtract (new DateTime(1970, 1, 1, 0, 0, 0)).TotalSeconds) + 60 * 60; var toSign = targetUri + "\n" + expiresOnDate; var keyBytes = Encoding.UTF8.GetBytes(SasKeyValue); var mac = new HMACSHA256(keyBytes); mac.Initialize(); var rawHmac = mac.ComputeHash(Encoding.UTF8.GetBytes(toSign)); var signature = WebUtility.UrlEncode(Convert.ToBase64String(rawHmac)); var token = "SharedAccessSignature sr=" + targetUri + "&sig=" + signature + "&se=" + expiresOnDate + "&skn=" + SasKeyName; return(token); }
/// <summary> /// Sign /// </summary> /// <param name="data"></param> /// <param name="secreteKey"></param> /// <returns></returns> private static string Sign(string data, string secreteKey) { if (data == null || secreteKey == null) { throw new Exception("ArgumentNullException"); } //data = data.ToUpper(); byte[] secretKeyBytes = CharacterEncoding.GetBytes(secreteKey); HMACSHA256 hmac = new HMACSHA256(secretKeyBytes); hmac.Initialize(); byte[] bytes = CharacterEncoding.GetBytes(data); byte[] rawHmac = hmac.ComputeHash(bytes); //foreach (var raw in rawHmac) //{ // Console.Write($"{raw:X}"); Console.Write(" "); //} //Console.WriteLine(Convert.ToBase64String(rawHmac)); return(Convert.ToBase64String(rawHmac)); }
/// <summary> /// HMAC_SHA256 /// </summary> /// <param name="source">The string to be encrypted</param> /// <param name="key">encrypte key</param> /// <returns></returns> public static string A256(string source, string key) { if (string.IsNullOrEmpty(source)) { throw new ArgumentNullException(nameof(source), ""); } if (string.IsNullOrEmpty(key)) { throw new ArgumentNullException(nameof(key), ""); } using (var hmac = new HMACSHA256(Encoding.UTF8.GetBytes(key))) { hmac.Initialize(); var strHmacOut = BitConverter.ToString(hmac.ComputeHash(Encoding.UTF8.GetBytes(source))); strHmacOut = strHmacOut.Replace("-", ""); return(strHmacOut); } }
protected string ComputeHmacToken(string stringForSigning, string signature) { if (string.IsNullOrWhiteSpace(signature)) { throw new ArgumentNullException("The signature cannot be null"); } byte[] secretKey = Encoding.UTF8.GetBytes(signature); using (HMACSHA256 hmac = new HMACSHA256(secretKey)) { hmac.Initialize(); byte[] bytes = Encoding.UTF8.GetBytes(stringForSigning); byte[] rawHmac = hmac.ComputeHash(bytes); string base64hmac = Convert.ToBase64String(rawHmac); return(base64hmac); } }
private void ValidateBody(byte[] body, IEnumerable <IRequestHeader> requestHeaders) { var numberOfSignatureHeaders = requestHeaders.Count(SignaturePredicate); if (numberOfSignatureHeaders == 0) { throw new SignatureValidationException("Missing X-GCS-Signature header"); } if (numberOfSignatureHeaders != 1) { throw new SignatureValidationException("Duplicate X-GCS-Signature header"); } var numberOfKeyIdHeaders = requestHeaders.Count(KeyIdPredicate); if (numberOfKeyIdHeaders == 0) { throw new SignatureValidationException("Missing X-GCS-KeyId header"); } if (numberOfKeyIdHeaders != 1) { throw new SignatureValidationException("Duplicate X-GCS-KeyId header"); } var signature = requestHeaders.SingleOrDefault(SignaturePredicate)?.Value; var keyId = requestHeaders.SingleOrDefault(KeyIdPredicate)?.Value; using (var mac = new HMACSHA256(StringUtils.Encoding.GetBytes(_secretKeyStore.GetSecretKey(keyId)))) { mac.Initialize(); byte[] unencodedResult = mac.ComputeHash(body); var expectedSignature = Convert.ToBase64String(unencodedResult); bool isValid = signature.CompareWithoutTimingLeak(expectedSignature); if (!isValid) { throw new SignatureValidationException("failed to validate signature '" + signature + "'"); } } }