/// <summary> /// Computes a new hash of <paramref name="data"/> usign the <paramref name="key"/> specified. /// </summary> /// <param name="key">A byte array containing the key (secret) to use to generate a hash.</param> /// <param name="data">A byte arrasy containing the data to be hashed.</param> /// <returns>A new byte array containing the hash result.</returns> public byte[] ComputeHash(byte[] key, byte[] data) { using (var hasher = new System.Security.Cryptography.HMACSHA1(key)) { return(hasher.ComputeHash(data)); } }
/// <summary> /// Converts a string into a SHA-1 hash using a hash message authentication code (HMAC). Pass the secret key for the message as a parameter to the function. /// </summary> /// <param name="text">The input string</param> /// <param name="secretKey">The secret key</param> /// <returns>The `SHA-1` hash of the input string using a hash message authentication code (HMAC)</returns> /// <remarks> /// ```scriban-html /// {{ "test" | string.hmac_sha1 "secret" }} /// ``` /// ```html /// 1aa349585ed7ecbd3b9c486a30067e395ca4b356 /// ``` /// </remarks> public static string HmacSha1(string text, string secretKey) { using (var hsha1 = new System.Security.Cryptography.HMACSHA1(Encoding.UTF8.GetBytes(secretKey ?? string.Empty))) { return(Hash(hsha1, text)); } }
public static string Sign(string value, string key) { using (var hmac = new System.Security.Cryptography.HMACSHA1(Encoding.ASCII.GetBytes(key))) { return(UrlEncodeTo64(hmac.ComputeHash(Encoding.ASCII.GetBytes(value)))); } }
/// <summary> /// Method to Sign your app key /// This should be called with each URI resource /// before sending any HTTP command to the remote server /// </summary> /// <param name="url"></param> /// <param name="app"></param> /// <returns></returns> public static string Sign(string url) { try { // Add appSID parameter. UriBuilder builder = new UriBuilder(url); if (builder.Query != null && builder.Query.Length > 1) builder.Query = builder.Query.Substring(1) + "&appSID=" + AsposeApp.AppSID; else builder.Query = "appSID=" + AsposeApp.AppSID; // Remove final slash here as it can be added automatically. builder.Path = builder.Path.TrimEnd('/'); // Compute the hash. byte[] privateKey = System.Text.Encoding.UTF8.GetBytes(AsposeApp.AppKey); System.Security.Cryptography.HMACSHA1 algorithm = new System.Security.Cryptography.HMACSHA1(privateKey); //System.Text.ASCIIEncoding byte[] sequence = System.Text.ASCIIEncoding.ASCII.GetBytes(builder.Uri.AbsoluteUri); byte[] hash = algorithm.ComputeHash(sequence); string signature = Convert.ToBase64String(hash); // Remove invalid symbols. signature = signature.TrimEnd('='); signature = System.Web.HttpUtility.UrlEncode(signature); // Convert codes to upper case as they can be updated automatically. signature = System.Text.RegularExpressions.Regex.Replace(signature, "%[0-9a-f]{2}", e => e.Value.ToUpper()); //signature = System.Text.RegularExpressions.Regex.Replace(signature, "%[0-9a-f]{2}", delegate(string e){ e.Value.ToUpper()}); // Add the signature to query string. return string.Format("{0}&signature={1}", builder.Uri.AbsoluteUri, signature); } catch (Exception ex) { throw new Exception(ex.Message); } }
public void AuthenticateRequest(WebRequest request, string base64Secret) { var secret = Convert.FromBase64String(base64Secret); var hashingAlg = new System.Security.Cryptography.HMACSHA1(secret); var canonHeaders = request.Headers.AllKeys .Where(h => h.StartsWith("x-emc", StringComparison.InvariantCultureIgnoreCase)) .OrderBy(h => h.ToLowerInvariant()) .Select(h => h + ":" + request.Headers[h].Trim()) .Aggregate(string.Empty, (current, header) => current + header + "\n") .TrimEnd('\n'); var contentType = request.ContentType ?? string.Empty; var range = request.Headers["range"] ?? string.Empty; var date = request.Headers["date"] ?? string.Empty; var requestRelativeUri = Uri.UnescapeDataString(request.RequestUri.Segments.Aggregate(string.Empty, (current, segment) => current + segment) + request.RequestUri.Query); var hashString = request.Method + "\n" + contentType + "\n" + range + "\n" + date + "\n" + requestRelativeUri + "\n" + canonHeaders; var signature = Convert.ToBase64String(hashingAlg.ComputeHash(Encoding.Default.GetBytes(hashString))); request.Headers.Add("x-emc-signature", signature); }
private string GenerateSignature(string encodedText) { var key = Environment.GetEnvironmentVariable("SECRET_ACCESS_KEY"); var hash = new System.Security.Cryptography.HMACSHA1(new ASCIIEncoding().GetBytes(key)); return(Convert.ToBase64String(hash.ComputeHash(new ASCIIEncoding().GetBytes(encodedText)))); }
private static bool IsValidGithubMessage(string requestBody, string githubSignature, dynamic data) { if (requestBody == null) { throw new ArgumentNullException(nameof(requestBody)); } var bodyBytes = System.Text.Encoding.ASCII.GetBytes(requestBody); // string requestBody = System.Text.Encoding.UTF8.GetString(bodyBytes); string signature; var repoSecret = Environment.GetEnvironmentVariable(("SECRET_" + data.repository.name).ToUpper()); if (repoSecret == null) { _log.Info("Secret not found for repo " + data.repository.name); return(false); } byte[] keyParts = System.Text.Encoding.ASCII.GetBytes(repoSecret); using (var hmac = new System.Security.Cryptography.HMACSHA1(keyParts)) { // We'll be a little lazy and take the performance hit of BitConverter signature = "sha1=" + BitConverter.ToString( hmac.ComputeHash(bodyBytes)).Replace("-", ""); } return(string.Compare(githubSignature, signature, true) == 0); }
public static int GetVerificationCode(int value, string secretStr) { byte[] val = new byte[8]; for (int i = 8; (i--) != 0; value >>= 8) { val[i] = (byte)(value & 0xFF); } byte[] secret = Base32Encoding.ToBytes(secretStr); if (secret == null || secret.Length == 0) { return(-1); } System.Security.Cryptography.HMACSHA1 hmac = new System.Security.Cryptography.HMACSHA1(secret, true); byte[] hash = hmac.ComputeHash(val); int offset = hash[SHA1_DIGEST_LENGTH - 1] & 0xF; uint truncatedHash = 0; for (int i = 0; i < 4; ++i) { truncatedHash <<= 8; truncatedHash |= hash[offset + i]; } truncatedHash &= 0x7FFFFFFF; truncatedHash %= 1000000; return((int)truncatedHash); }
public void ComputeHMACShortTermCredentials(byte [] bMsgBytes, int nLengthWithoutMessageIntegrity, string strPassword) { byte[] bKey = System.Text.UTF8Encoding.UTF8.GetBytes(strPassword); System.Security.Cryptography.HMACSHA1 sha1 = new System.Security.Cryptography.HMACSHA1(bKey); HMAC = sha1.ComputeHash(bMsgBytes, 0, nLengthWithoutMessageIntegrity); }
string HmacSha1(string key, string text) { using (var mac = new System.Security.Cryptography.HMACSHA1(Encoding.UTF8.GetBytes(key))) { return(mac.ComputeHash(Encoding.UTF8.GetBytes(text)).Aggregate(string.Empty, (s, e) => { return s + e.ToString("x2"); }, m => m)); } }
/// <summary> /// Calculates the signature for an OAuth call. /// </summary> /// <param name="method">POST or GET method.</param> /// <param name="url">The URL the request will be sent to.</param> /// <param name="parameters">Parameters to be added to the signature.</param> /// <param name="tokenSecret">The token secret (either request or access) for generating the SHA-1 key.</param> /// <returns>Base64 encoded SHA-1 hash.</returns> public string OAuthCalculateSignature(string method, string url, Dictionary<string, string> parameters, string oAuthAccessTokenSecret) { string baseString = ""; string key = ApiSecret + "&" + oAuthAccessTokenSecret; byte[] keyBytes = System.Text.Encoding.UTF8.GetBytes(key); SortedList<string, string> sorted = parameters.ToSortedList(); StringBuilder sb = new StringBuilder(); foreach (KeyValuePair<string, string> pair in sorted) { sb.Append(pair.Key); sb.Append("="); sb.Append(pair.Value.ToEscapeOAuth()); sb.Append("&"); } //remove last & sb.Remove(sb.Length - 1, 1); baseString = method + "&" + url.ToEscapeOAuth() + "&" + sb.ToString().ToEscapeOAuth(); System.Security.Cryptography.HMACSHA1 sha1 = new System.Security.Cryptography.HMACSHA1(keyBytes); byte[] hashBytes = sha1.ComputeHash(System.Text.Encoding.UTF8.GetBytes(baseString)); string hash = Convert.ToBase64String(hashBytes); //Debug.WriteLine("key = " + key); //Debug.WriteLine("base = " + baseString); //Debug.WriteLine("sig = " + hash); return hash; }
/// <summary> /// Operations to be performed during the upgrade process. /// </summary> public override void Up() { string qry = @" SELECT L.[Id] ,L.[Password] ,L.[Guid] FROM [UserLogin] L INNER JOIN [EntityType] ET ON ET.[Id] = L.[entityTypeId] AND ET.[Guid] = '4E9B798F-BB68-4C0E-9707-0928D15AB020' "; var rdr = Rock.Data.DbService.GetDataReader(qry, System.Data.CommandType.Text, null); while (rdr.Read()) { var hash = new System.Security.Cryptography.HMACSHA1(); hash.Key = HexToByte(rdr["Guid"].ToString().Replace("-", "")); string oldPassword = rdr["Password"].ToString(); string newPassword = Convert.ToBase64String(hash.ComputeHash(Convert.FromBase64String(oldPassword))); string updateQry = string.Format(@" UPDATE [UserLogin] SET [Password] = '{0}' WHERE [Id] = {1} ", newPassword, rdr["Id"].ToString()); Rock.Data.DbService.ExecuteCommand(updateQry, System.Data.CommandType.Text); } rdr.Close(); }
private static string GetContent(byte[] secret, HttpListenerRequest request) { var ms = new System.IO.MemoryStream(); request.InputStream.CopyTo(ms); byte[] bytes = ms.ToArray(); (request.InputStream as IDisposable).Dispose(); var signature = request.Headers.Get("X-Signature"); if (secret != null) { using (var hmac = new System.Security.Cryptography.HMACSHA1(secret)) { hmac.Initialize(); string result = BitConverter.ToString( hmac.ComputeHash(bytes, 0, bytes.Length) ).Replace("-", ""); if (!string.Equals( signature, $"sha1={result}", StringComparison.OrdinalIgnoreCase )) { return(null); } } } return(request.ContentEncoding.GetString(bytes)); }
/// <summary> /// Hmac signin with /// </summary> /// <param name="dataToSign">payoad to compute</param> /// <param name="keyBody">key</param> /// <returns>bytes of computehash</returns> private static byte[] SignWithHmac(byte[] dataToSign, byte[] keyBody) { using (var hmacAlgorithm = new System.Security.Cryptography.HMACSHA1(keyBody)) { return(hmacAlgorithm.ComputeHash(dataToSign)); } }
/// <summary> /// Operations to be performed during the upgrade process. /// </summary> public override void Up() { string qry = @" SELECT L.[Id] ,L.[Password] ,L.[Guid] FROM [UserLogin] L INNER JOIN [EntityType] ET ON ET.[Id] = L.[entityTypeId] AND ET.[Guid] = '4E9B798F-BB68-4C0E-9707-0928D15AB020' "; var rdr = Rock.Data.DbService.GetDataReader( qry, System.Data.CommandType.Text, null ); while ( rdr.Read() ) { var hash = new System.Security.Cryptography.HMACSHA1(); hash.Key = HexToByte( rdr["Guid"].ToString().Replace( "-", "" ) ); string oldPassword = rdr["Password"].ToString(); string newPassword = Convert.ToBase64String( hash.ComputeHash( Convert.FromBase64String( oldPassword ) ) ); string updateQry = string.Format( @" UPDATE [UserLogin] SET [Password] = '{0}' WHERE [Id] = {1} ", newPassword, rdr["Id"].ToString() ); Rock.Data.DbService.ExecuteCommand( updateQry, System.Data.CommandType.Text ); } rdr.Close(); }
string GetDownloadAuthoritionKey(string filePath, DateTime?expired) { var bucket = _options.Bucket; var appId = _options.AppId; var secretId = _options.SecretId; var secretKey = _options.SecretKey; int e; if (expired.HasValue) { e = Convert.ToInt32(Math.Floor(DateTimeUtils.ToUnixTime(expired.Value))); } else { e = 0; } string fileId = filePath; var rdm = new Random().Next(Int32.MaxValue); var plainText = "a=" + appId + "&k=" + secretId + "&e=" + e + "&t=" + Convert.ToInt32(Math.Floor(DateTimeUtils.ToUnixTime(DateTime.Now))) + "&r=" + rdm + "&f=" + fileId + "&b=" + bucket; using (var mac = new System.Security.Cryptography.HMACSHA1(Encoding.UTF8.GetBytes(secretKey))) { var hash = mac.ComputeHash(Encoding.UTF8.GetBytes(plainText)); var pText = Encoding.UTF8.GetBytes(plainText); var all = new byte[hash.Length + pText.Length]; Array.Copy(hash, 0, all, 0, hash.Length); Array.Copy(pText, 0, all, hash.Length, pText.Length); return(Convert.ToBase64String(all)); } }
public void AuthenticateRequest(WebRequest request, string base64Secret) { var secret = Convert.FromBase64String(base64Secret); //var url = Encoding.Default.GetBytes(request.RequestUri.ToString()); var hashingAlg = new System.Security.Cryptography.HMACSHA1(secret); Convert.ToBase64String(hashingAlg.ComputeHash(Encoding.UTF8.GetBytes(request.RequestUri.ToString()))); }
protected override async Task <HttpResponseMessage> SendAsync( HttpRequestMessage request, CancellationToken cancellationToken) { var query = string.Format("{0}{1}devid={2}", request.RequestUri.PathAndQuery, request.RequestUri.PathAndQuery.Contains("?") ? "&" : "?", this.UserId); var encoding = new ASCIIEncoding(); // encode key byte[] apiKeyBytes = encoding.GetBytes(this.ApiKey); // encode url byte[] queryBytes = encoding.GetBytes(query); byte[] tokenBytes = new System.Security.Cryptography.HMACSHA1(apiKeyBytes).ComputeHash(queryBytes); var sb = new StringBuilder(); // convert signature to string Array.ForEach <byte>(tokenBytes, x => sb.Append(x.ToString("X2"))); // add signature to url var signature = string.Format("{0}&signature={1}", query, sb.ToString()); var r = $"{request.RequestUri.GetLeftPart(UriPartial.Authority)}{signature}"; request.RequestUri = new Uri(r); return(await base.SendAsync(request, cancellationToken)); }
private void CreatePasswordHash(string password, out byte[] passwordHash, out byte[] passwordSalt) { using (var hmac = new System.Security.Cryptography.HMACSHA1()){ passwordSalt = hmac.Key; passwordHash = hmac.ComputeHash(System.Text.Encoding.UTF8.GetBytes(password)); } }
/// <summary> /// Generates AuthenticationHeaderValue to authorize requests to twitter API. /// (https://developer.twitter.com/en/docs/basics/authentication/guides/authorizing-a-request) /// </summary> /// <param name="requestParameters">The custom parameters of the request.</param> /// <param name="httpMethod">The http method of the request.</param> /// <param name="url">The url to which the request will be made.</param> /// <returns>AuthenticationHeaderValue with the parameters to authorize the request.</returns> public AuthenticationHeaderValue getAuthenticationHeaderValue( Dictionary <string, string> requestParameters, string httpMethod, string url) { //USER-AUTHENTICATION(https://developer.twitter.com/en/docs/basics/authentication/guides/authorizing-a-request) //CREATE SIGNATURE(https://developer.twitter.com/en/docs/basics/authentication/guides/creating-a-signature.html) // 1) Percent Encode all parameters: Dictionary <string, string> allEncodedParameters = new Dictionary <string, string>(); foreach (var x in OAuthUtil.paramatersDic.Concat(requestParameters)) { allEncodedParameters.Add(PercentEncode(x.Key), PercentEncode(x.Value)); } // 2) get signature base string: string allParameterString = AggregateParameters(allEncodedParameters, "&"); string signature_base_string = PercentEncode(httpMethod) + "&" + PercentEncode(url) + "&" + PercentEncode(allParameterString); // 3) get signing key: string signingKey = PercentEncode(OAuthUtil.OAUTH_CONSUMER_SECRET) + "&" + PercentEncode(OAuthUtil.OAUTH_SECRET); // 4) calculate oauth_signature [HMACSHA1]: var aux = new System.Security.Cryptography.HMACSHA1(Encoding.ASCII.GetBytes(signingKey)); var hashValue = aux.ComputeHash(Encoding.ASCII.GetBytes(signature_base_string)); string oauth_signature = Convert.ToBase64String(hashValue); // 5) generate AuthenticationHeaderValue: Dictionary <string, string> oauthDic = new Dictionary <string, string>(allEncodedParameters); //include request parameters! oauthDic.Add(PercentEncode("oauth_signature"), PercentEncode(oauth_signature)); string oauthFinalString = AggregateParameters(oauthDic, ", ", true); return(new System.Net.Http.Headers.AuthenticationHeaderValue("OAuth", oauthFinalString)); }
public static string sign(String data, String appSecret) { System.Security.Cryptography.HMACSHA1 hmacsha1 = new System.Security.Cryptography.HMACSHA1(); hmacsha1.Key = Encoding.UTF8.GetBytes(appSecret); byte[] dataBuffer = Encoding.UTF8.GetBytes(data); byte[] hashBytes = hmacsha1.ComputeHash(dataBuffer); return byteToHexStr(hashBytes); }
public static string sign(String data, String appSecret) { System.Security.Cryptography.HMACSHA1 hmacsha1 = new System.Security.Cryptography.HMACSHA1(); hmacsha1.Key = Encoding.UTF8.GetBytes(appSecret); byte[] dataBuffer = Encoding.UTF8.GetBytes(data); byte[] hashBytes = hmacsha1.ComputeHash(dataBuffer); return(byteToHexStr(hashBytes)); }
public static byte[] SHA1(byte[] Data, byte[] Key, int Offset, int Length) { byte[] destinationArray = new byte[Data.Length]; Array.Copy(Data, Offset, destinationArray, 0, Data.Length); byte[] array = new System.Security.Cryptography.HMACSHA1(Key).ComputeHash(destinationArray); Array.Resize <byte>(ref array, 0x10); return(array); }
internal static string Sha1Hash(byte[] key, string basestring) { var sha1 = new System.Security.Cryptography.HMACSHA1(key); var hashBytes = sha1.ComputeHash(Encoding.UTF8.GetBytes(basestring)); return(Convert.ToBase64String(hashBytes)); }
private string Hmac_Sha1AndBase64(string Source, string SecretKey) { System.Security.Cryptography.HMACSHA1 hmacsha1 = new System.Security.Cryptography.HMACSHA1(); hmacsha1.Key = System.Text.Encoding.ASCII.GetBytes(SecretKey); byte[] dataBuffer = System.Text.Encoding.ASCII.GetBytes(Source); //signatureBase要进行签名的基础字符串 byte[] hashBytes = hmacsha1.ComputeHash(dataBuffer); return(Convert.ToBase64String(hashBytes)); }
public static string HMACSHA1(string value, string salt) { byte[] inBuf = Encoding.UTF8.GetBytes(value); System.Security.Cryptography.HMACSHA1 sha1 = new System.Security.Cryptography.HMACSHA1(Encoding.UTF8.GetBytes(salt)); var hash = sha1.ComputeHash(inBuf); return(OtpTools.ByteArrayToHexString(hash)); }
public static String HmacSha1(String value, String key) { byte[] keyBytes = Encoding.UTF8.GetBytes(key); var mac = new System.Security.Cryptography.HMACSHA1(keyBytes); byte[] rawHmac = mac.ComputeHash(Encoding.UTF8.GetBytes(value)); return(Base64Util.Base64(rawHmac)); }
public static string GetSig(string policyStr, string secretKey) { policyStr = GetBase64_string(policyStr); var signature = new System.Security.Cryptography.HMACSHA1(GetBase64(secretKey)); var bytes = GetBase64(policyStr); var moreBytes = signature.ComputeHash(bytes); var encodedCanonical = Convert.ToBase64String(moreBytes); return encodedCanonical; }
public string Encrypt(Encoding encode, string text, string key) { using (var sha = new System.Security.Cryptography.HMACSHA1(encode.GetBytes(key))) { var hash = sha.ComputeHash(encode.GetBytes(text)); return(ByteToString.Convert(hash)); } }
public static string HMACSHA1(string text, string passKey) { var provider = new System.Security.Cryptography.HMACSHA1(Encoding.ASCII.GetBytes(passKey)); provider.Initialize(); var binary = provider.ComputeHash(Encoding.ASCII.GetBytes(text)); return(Convert.ToBase64String(binary)); }
public string awsGetSHA1AuthorizationValue(string sAWSSecretAccessKey, string sStringToSign) { System.Security.Cryptography.HMACSHA1 MySigner = new System.Security.Cryptography.HMACSHA1(System.Text.Encoding.UTF8.GetBytes(sAWSSecretAccessKey)); string SignatureValue = Convert.ToBase64String(MySigner.ComputeHash(System.Text.Encoding.UTF8.GetBytes(sStringToSign))); return(SignatureValue); }
public static byte[] GenerateHMACSHA1Signature(this string content, string sigKey) { var hmac = new System.Security.Cryptography.HMACSHA1(); hmac.Key = Encoding.UTF8.GetBytes(sigKey); var contentBytes = Encoding.UTF8.GetBytes(content); return(hmac.ComputeHash(contentBytes)); }
/// <summary> /// HmacSha1签名算法 /// </summary> /// <param name="key">密钥</param> /// <param name="data">要签名的数据</param> /// <returns></returns> private static string HmacSha1Sign(string key, string data) { var signer = new System.Security.Cryptography.HMACSHA1(); signer.Key = Encoding.UTF8.GetBytes(key.ToCharArray()); return(Convert.ToBase64String( signer.ComputeHash(Encoding.UTF8.GetBytes(data.ToCharArray())))); }
public static string GetSig(string policyStr, string secretKey) { policyStr = GetBase64_string(policyStr); var signature = new System.Security.Cryptography.HMACSHA1(GetBase64(secretKey)); var bytes = GetBase64(policyStr); var moreBytes = signature.ComputeHash(bytes); var encodedCanonical = Convert.ToBase64String(moreBytes); return(encodedCanonical); }
public static String Sign(String signatureBaseString, String signingKey) { Byte[] keyBytes = System.Text.Encoding.ASCII.GetBytes(signingKey); using (var myhmacsha1 = new System.Security.Cryptography.HMACSHA1(keyBytes)) { Byte[] byteArray = System.Text.Encoding.ASCII.GetBytes(signatureBaseString); Byte[] signedValue = myhmacsha1.ComputeHash(byteArray);//stream); return(Convert.ToBase64String(signedValue)); } }
private static string SignCompute(string accessSecret, string stringToSign) { var hmacsha1 = new System.Security.Cryptography.HMACSHA1 { Key = Encoding.UTF8.GetBytes(accessSecret) }; var dataBuffer = Encoding.UTF8.GetBytes(stringToSign); var hashBytes = hmacsha1.ComputeHash(dataBuffer); return(Convert.ToBase64String(hashBytes)); }
internal static byte[] ComputeHmacSha1Hash(byte[] data, byte[] key) { Contract.Requires(data != null); Contract.Requires(key != null); Contract.Ensures(Contract.Result<byte[]>() != null); using (var crypto = new System.Security.Cryptography.HMACSHA1(key)) { return crypto.ComputeHash(data); } }
public string AuthenticateRequest(string queryString, string base64Secret) { var queryBytes = Encoding.UTF8.GetBytes(queryString.ToLower()); var secret = Encoding.UTF8.GetBytes(base64Secret); var hashingAlg = new System.Security.Cryptography.HMACSHA1(secret); var hashedQuery = hashingAlg.ComputeHash(queryBytes); var base64Hash = Convert.ToBase64String(hashedQuery); var signature = Uri.EscapeDataString(base64Hash); return signature; }
public void Configuration(IAppBuilder app) { AsyncOAuth.OAuthUtility.ComputeHash = (key, buffer) => { using (var hmac = new System.Security.Cryptography.HMACSHA1(key)) { return hmac.ComputeHash(buffer); } }; ConfigureAuth(app); }
/// <summary> /// Gets a HMAC-SHA1 hash for an OAuth request. /// </summary> /// <param name="consumerSecret"> /// The consumer secret. /// </param> /// <param name="oauthSecret"> /// The OAuth secret. /// </param> /// <param name="signatureBaseString"> /// The signature base string for which to compute the hash. /// </param> /// <returns> /// A HMAC-SHA1 hash of <paramref name="signatureBaseString"/>. /// </returns> public string ComputeHash(string consumerSecret, string oauthSecret, string signatureBaseString) { if (signatureBaseString == null) return null; byte[] key = Encoding.UTF8.GetBytes(String.Format("{0}&{1}", consumerSecret, oauthSecret)); using (System.Security.Cryptography.HMACSHA1 sha1 = new System.Security.Cryptography.HMACSHA1(key)) { byte[] signatureBaseStringHash = sha1.ComputeHash(Encoding.UTF8.GetBytes(signatureBaseString)); return Convert.ToBase64String(signatureBaseStringHash); } }
public void Initialize(byte[] sessionKey) { // create RC4-drop[1024] stream using(HMACSHA1 outputHMAC = new HMACSHA1(encryptionKey)) encryptionStream = new ARC4(outputHMAC.ComputeHash(sessionKey)); encryptionStream.Process(new byte[1024], 0, 1024); // create RC4-drop[1024] stream using(HMACSHA1 inputHMAC = new HMACSHA1(decryptionKey)) decryptionStream = new ARC4(inputHMAC.ComputeHash(sessionKey)); decryptionStream.Process(new byte[1024], 0, 1024); Status = AuthStatus.Ready; }
/// <summary> /// Creates an HMAC-SHA1 hash from an array of parameters and a security token. /// </summary> /// <param name="paramList">The parameters to be hashed</param> /// <param name="signingKey">The Subscriber's unique signing key.</param> /// <returns>The BASE64-encoded HMAC</returns> public static string CalculateHMAC(string signingKey, params object[] paramList) { byte[] key = Encoding.UTF8.GetBytes(signingKey); string stringToSign = Canonicalize(paramList); byte[] bytesToSign = Encoding.UTF8.GetBytes(stringToSign); byte[] signature; using (var hmac = new System.Security.Cryptography.HMACSHA1(key)) { signature = hmac.ComputeHash(bytesToSign); } return System.Convert.ToBase64String(signature); }
/// <summary> /// Operations to be performed during the upgrade process. /// </summary> public override void Up() { // Update the Admin's password to be encoded using the current passwordKey setting in web.config string encryptionKey = System.Configuration.ConfigurationManager.AppSettings["PasswordKey"]; if ( !String.IsNullOrWhiteSpace( encryptionKey ) ) { var hash = new System.Security.Cryptography.HMACSHA1(); hash.Key = Encryption.HexToByte( encryptionKey ); string newPassword = Convert.ToBase64String( hash.ComputeHash( System.Text.Encoding.Unicode.GetBytes( "admin" ) ) ); Sql( string.Format( "Update [UserLogin] SET [Password] = '{0}' WHERE [UserName] = 'Admin'", newPassword ) ); } AddColumn("dbo.GroupLocation", "GroupMemberPersonId", c => c.Int()); CreateIndex("dbo.GroupLocation", "GroupMemberPersonId"); AddForeignKey("dbo.GroupLocation", "GroupMemberPersonId", "dbo.Person", "Id", cascadeDelete: true); }
/// <summary> /// Calculates the signature for an OAuth call. /// </summary> /// <param name="method">POST or GET method.</param> /// <param name="url">The URL the request will be sent to.</param> /// <param name="parameters">Parameters to be added to the signature.</param> /// <param name="tokenSecret">The token secret (either request or access) for generating the SHA-1 key.</param> /// <returns>Base64 encoded SHA-1 hash.</returns> public string OAuthCalculateSignature(string method, string url, Dictionary<string, string> parameters, string tokenSecret) { string baseString = ""; string key = ApiSecret + "&" + tokenSecret; byte[] keyBytes = System.Text.Encoding.UTF8.GetBytes(key); #if !SILVERLIGHT SortedList<string, string> sorted = new SortedList<string, string>(); foreach (KeyValuePair<string, string> pair in parameters) { sorted.Add(pair.Key, pair.Value); } #else var sorted = parameters.OrderBy(p => p.Key); #endif StringBuilder sb = new StringBuilder(); foreach (KeyValuePair<string, string> pair in sorted) { sb.Append(pair.Key); sb.Append("="); sb.Append(UtilityMethods.EscapeOAuthString(pair.Value)); sb.Append("&"); } sb.Remove(sb.Length - 1, 1); baseString = method + "&" + UtilityMethods.EscapeOAuthString(url) + "&" + UtilityMethods.EscapeOAuthString(sb.ToString()); #if WindowsCE FlickrNet.Security.Cryptography.HMACSHA1 sha1 = new FlickrNet.Security.Cryptography.HMACSHA1(keyBytes); #else System.Security.Cryptography.HMACSHA1 sha1 = new System.Security.Cryptography.HMACSHA1(keyBytes); #endif byte[] hashBytes = sha1.ComputeHash(System.Text.Encoding.UTF8.GetBytes(baseString)); string hash = Convert.ToBase64String(hashBytes); Debug.WriteLine("key = " + key); Debug.WriteLine("base = " + baseString); Debug.WriteLine("sig = " + hash); return hash; }
public App() { UnhandledException += Application_UnhandledException; InitializeComponent(); InitializePhoneApplication(); InitializeLanguage(); // initialize computehash function OAuthUtility.ComputeHash = (key, buffer) => { using (var hmac = new System.Security.Cryptography.HMACSHA1(key)) { return hmac.ComputeHash(buffer); } }; if (Debugger.IsAttached) { Application.Current.Host.Settings.EnableFrameRateCounter = true; PhoneApplicationService.Current.UserIdleDetectionMode = IdleDetectionMode.Disabled; } }
public MACSHA1(byte[] key) { _algorithm = new HMACSHA1(key); }
//I have no idea how this works, but it takes the signing key and uses //it to create somesort of cryptokey and then applies it to the //basestring and then returns the b64 version of it. public static string Sign(string signatureBaseString, string signingKey) { var keyBytes = System.Text.Encoding.ASCII.GetBytes(signingKey); using (var myhmacsha1 = new System.Security.Cryptography.HMACSHA1(keyBytes)) { byte[] byteArray = System.Text.Encoding.ASCII.GetBytes(signatureBaseString); var stream = new MemoryStream(byteArray); var signedValue = myhmacsha1.ComputeHash(stream); var result = Convert.ToBase64String(signedValue, Base64FormattingOptions.None); return result; } }
public static String Sign(String signatureBaseString, String signingKey) { Byte[] keyBytes = System.Text.Encoding.ASCII.GetBytes(signingKey); using (var myhmacsha1 = new System.Security.Cryptography.HMACSHA1(keyBytes)) { Byte[] byteArray = System.Text.Encoding.ASCII.GetBytes(signatureBaseString); Byte[] signedValue = myhmacsha1.ComputeHash(byteArray);//stream); return Convert.ToBase64String(signedValue); } }
protected void decode(int stanzaSize, bool useDecrypt) { int size = stanzaSize; byte[] data = new byte[size]; byte[] dataReal = null; Buffer.BlockCopy(this.buffer.ToArray(), 0, data, 0, size); byte[] packet = new byte[size - 4]; byte[] hashServerByte = new byte[4]; Buffer.BlockCopy(data, 0, hashServerByte, 0, 4); Buffer.BlockCopy(data, 4, packet, 0, size - 4); System.Security.Cryptography.HMACSHA1 h = new System.Security.Cryptography.HMACSHA1(this.Encryptionkey); byte[] hashByte = new byte[4]; Buffer.BlockCopy(h.ComputeHash(packet, 0, packet.Length), 0, hashByte, 0, 4); if (hashServerByte.SequenceEqual(hashByte)) { this.buffer.RemoveRange(0, 4); if (useDecrypt) { dataReal = Encryption.WhatsappDecrypt(this.Encryptionkey, packet); } else { dataReal = Encryption.WhatsappEncrypt(this.Encryptionkey, packet, true); //dataReal = new byte[foo.Length - 4]; //Buffer.BlockCopy(foo, 0, dataReal, 0, dataReal.Length); } for (int i = 0; i < size - 4; i++) { this.buffer[i] = dataReal[i]; } } else { throw new Exception("Hash doesnt match"); } }
/// <summary> /// OAuth認証ヘッダの署名作成 /// </summary> /// <param name="tokenSecret">アクセストークン秘密鍵</param> /// <param name="method">HTTPメソッド文字列</param> /// <param name="uri">アクセス先Uri</param> /// <param name="parameter">クエリ、もしくはPOSTデータ</param> /// <returns>署名文字列</returns> protected virtual string CreateSignature( string tokenSecret, string method, Uri uri, Dictionary< string, string > parameter ) { // パラメタをソート済みディクショナリに詰替(OAuthの仕様) SortedDictionary< string, string > sorted = new SortedDictionary< string, string >( parameter ); // URLエンコード済みのクエリ形式文字列に変換 string paramString = this.CreateQueryString( sorted ); // アクセス先URLの整形 string url = string.Format( "{0}://{1}{2}", uri.Scheme, uri.Host, uri.AbsolutePath ); // 署名のベース文字列生成(&区切り)。クエリ形式文字列は再エンコードする string signatureBase = string.Format( "{0}&{1}&{2}", method, this.UrlEncode( url ), this.UrlEncode( paramString ) ); // 署名鍵の文字列をコンシューマー秘密鍵とアクセストークン秘密鍵から生成(&区切り。アクセストークン秘密鍵なくても&残すこと) string key = this.UrlEncode( this.consumerSecret ) + "&"; if ( !string.IsNullOrEmpty( tokenSecret ) ) key += this.UrlEncode( tokenSecret ); // 鍵生成&署名生成 using ( HMACSHA1 hmac = new HMACSHA1( Encoding.ASCII.GetBytes( key ) ) ) { byte[] hash = hmac.ComputeHash( Encoding.ASCII.GetBytes( signatureBase ) ); return Convert.ToBase64String( hash ); } }
public void ComputeHMACShortTermCredentials(STUNMessage msgWithoutHMAC, int nLengthWithoutMessageIntegrity, string strPassword) { if (strPassword == null) strPassword = ""; /// No MD5 on short term credentials byte[] bKey = System.Text.UTF8Encoding.UTF8.GetBytes(strPassword); byte[] bBytes = msgWithoutHMAC.Bytes; System.Security.Cryptography.HMACSHA1 sha1 = new System.Security.Cryptography.HMACSHA1(bKey); HMAC = sha1.ComputeHash(bBytes, 0, nLengthWithoutMessageIntegrity); }
/// <summary> /// Generate a Totp using provided binary data. /// </summary> /// <param name="key">Binary data.</param> /// <returns>Time-based One Time Password.</returns> public string Generate(byte[] key) { System.Security.Cryptography.HMACSHA1 hmac = new System.Security.Cryptography.HMACSHA1(key, true); //Instanciates a new hash provider with a key. byte[] hash = hmac.ComputeHash(GetBytes((ulong)Counter)); //Generates hash from key using counter. hmac.Clear(); //Clear hash instance securing the key. int offset = hash[hash.Length - 1] & 0xf; //Math. int binary = //Math. ((hash[offset] & 0x7f) << 24) //Math. | ((hash[offset + 1] & 0xff) << 16) //Math. | ((hash[offset + 2] & 0xff) << 8) //Math. | (hash[offset + 3] & 0xff); //Math. int password = binary % (int)Math.Pow(10, _Length); //Math. return password.ToString(new string('0', _Length)); //Math. }
private static byte[] GetHMAC(byte[] key, byte[] counter) { System.Security.Cryptography.HMACSHA1 hmac = new System.Security.Cryptography.HMACSHA1(key, true); return hmac.ComputeHash(counter); }
string SignString( string toSign, string withKey ) { // sign parameter string byte[] sigBase = UTF8Encoding.UTF8.GetBytes ( toSign ); MemoryStream ms = new MemoryStream(); ms.Write (sigBase, 0, sigBase.Length ); byte[] key = UTF8Encoding.UTF8.GetBytes ( withKey ); System.Security.Cryptography.HMACSHA1 sha1 = new System.Security.Cryptography.HMACSHA1( key ); byte[] hashBytes = sha1.ComputeHash ( sigBase ); return System.Convert.ToBase64String( hashBytes ); }
/// <summary> /// Signs the specified data (in string format) with HMAC-SHA1 algorithm and the specified <paramref name="signKey"/>. /// </summary> /// <param name="data">The data to be signed.</param> /// <param name="signKey">The sign key.</param> /// <returns>The base64 format signature string.</returns> private static string Sign(string data, string signKey) { var dataBytes = Encoding.ASCII.GetBytes(data); var signKeyBytes = Encoding.ASCII.GetBytes(signKey); var algorithm = new System.Security.Cryptography.HMACSHA1(signKeyBytes); var result = Convert.ToBase64String(algorithm.ComputeHash(dataBytes)); return result; }
public void ComputeHMACLongTermCredentials(STUNMessage msgWithoutHMAC, int nLengthWithoutMessageIntegrity, string strUserName, string strRealm, string strPassword) { string strKey = string.Format("{0}:{1}:{2}", strUserName, strRealm, strPassword); System.Security.Cryptography.MD5CryptoServiceProvider md5 = new System.Security.Cryptography.MD5CryptoServiceProvider(); byte[] bKey = md5.ComputeHash(System.Text.UTF8Encoding.UTF8.GetBytes(strKey)); byte[] bBytes = msgWithoutHMAC.Bytes; System.Security.Cryptography.HMACSHA1 sha1 = new System.Security.Cryptography.HMACSHA1(bKey); HMAC = sha1.ComputeHash(bBytes, 0, nLengthWithoutMessageIntegrity); }
public WebResponse SendRequest(String twitterSreenName) { try { var oauth_token = "1594158649-FN2fYJKW8aLJopq81cD0HZbUylDtpmIVbOU9KJR"; var oauth_token_secret = "0t14X8BvUJmyCu5loN5itfH97QejFjzS0xDTaptu8"; var oauth_consumer_key = "ui7oDxGwLbcoPzQmUuA"; var oauth_consumer_secret = "Xe68RKvQ77NpXbmcGvUTvcScLT2wWQTFxrp6ckxUzM"; var oauth_version = "1.0"; var oauth_signature_method = "HMAC-SHA1"; var oauth_nonce = Convert.ToBase64String( new System.Text.ASCIIEncoding().GetBytes( DateTime.Now.Ticks.ToString())); var timeSpan = DateTime.UtcNow - new DateTime(1970, 1, 1, 0, 0, 0, 0, DateTimeKind.Utc); var oauth_timestamp = Convert.ToInt64(timeSpan.TotalSeconds).ToString(); //var slug = "libraries-and-news-sites"; var owner_screen_name = twitterSreenName; var resource_url = "https://api.twitter.com/1.1/statuses/user_timeline.json"; var baseFormat = "oauth_consumer_key={0}&oauth_nonce={1}&oauth_signature_method={2}" + "&oauth_timestamp={3}&oauth_token={4}&oauth_version={5}&screen_name={6}"; var baseString = string.Format(baseFormat, oauth_consumer_key, oauth_nonce, oauth_signature_method, oauth_timestamp, oauth_token, oauth_version, Uri.EscapeDataString(owner_screen_name) ); baseString = string.Concat("GET&", Uri.EscapeDataString(resource_url), "&", Uri.EscapeDataString(baseString)); var compositeKey = string.Concat(Uri.EscapeDataString(oauth_consumer_secret), "&", Uri.EscapeDataString(oauth_token_secret)); string oauth_signature; using (System.Security.Cryptography.HMACSHA1 hasher = new System.Security.Cryptography.HMACSHA1(System.Text.ASCIIEncoding.ASCII.GetBytes(compositeKey))) { oauth_signature = Convert.ToBase64String( hasher.ComputeHash(System.Text.ASCIIEncoding.ASCII.GetBytes(baseString))); } var headerFormat = "OAuth oauth_consumer_key=\"{0}\", oauth_nonce=\"{1}\", oauth_signature=\"{2}\", oauth_signature_method=\"{3}\", oauth_timestamp=\"{4}\", oauth_token=\"{5}\", oauth_version=\"{6}\""; var authHeader = string.Format(headerFormat, Uri.EscapeDataString(oauth_consumer_key), Uri.EscapeDataString(oauth_nonce), Uri.EscapeDataString(oauth_signature), Uri.EscapeDataString(oauth_signature_method), Uri.EscapeDataString(oauth_timestamp), Uri.EscapeDataString(oauth_token), Uri.EscapeDataString(oauth_version) ); ServicePointManager.Expect100Continue = false; var getBody = "?screen_name=" + Uri.EscapeDataString(owner_screen_name); resource_url += getBody; HttpWebRequest request = (HttpWebRequest)WebRequest.Create(resource_url); request.Headers.Add("Authorization", authHeader); request.Method = "GET"; request.ContentType = "application/x-www-form-urlencoded"; WebResponse response = request.GetResponse(); return response; } catch (Exception ex) { throw ex; } }
public static HttpWebRequest AddOAuth(this HttpWebRequest req, string pData, string ConsumerKey, string ConsumerSecret, string AccessToken, string AccessTokenSecret) { string nonce = new Random().Next(Int16.MaxValue, Int32.MaxValue).ToString("X", System.Globalization.CultureInfo.InvariantCulture); string timeStamp = DateTime.UtcNow.ToUnixTimeStamp().ToString(); // Create the base string. This is the string that will be hashed for the signature. Dictionary<string, string> param = new Dictionary<string, string>(); param.Add("oauth_consumer_key", ConsumerKey); param.Add("oauth_nonce", nonce); param.Add("oauth_signature_method", "HMAC-SHA1"); param.Add("oauth_timestamp", timeStamp); if (!string.IsNullOrEmpty(AccessToken)) param.Add("oauth_token", AccessToken); param.Add("oauth_version", "1.0"); pData += req.RequestUri.Query; foreach (string kv in pData.Replace("?", "&").Split('&')) { string[] akv = kv.Split('='); if (akv.Length == 2) { param.Add(akv[0], akv[1].PercentDecode()); } } StringBuilder sParam = new StringBuilder(); ; foreach (KeyValuePair<string, string> p in param.OrderBy(k => k.Key)) { if (sParam.Length > 0) sParam.Append("&"); sParam.AppendFormat("{0}={1}", p.Key.PercentEncode(), p.Value.PercentEncode()); } string url = req.RequestUri.AbsoluteUri; if (!string.IsNullOrEmpty(req.RequestUri.Query)) { url = url.Replace(req.RequestUri.Query, ""); } string signatureBaseString = string.Format("{0}&{1}&{2}", req.Method.ToUpper(), url.PercentEncode(), sParam.ToString().PercentEncode() ); // Create our hash key (you might say this is a password) string signatureKey = string.Format("{0}&{1}", ConsumerSecret.PercentEncode(), AccessTokenSecret.PercentEncode()); // Generate the hash System.Security.Cryptography.HMACSHA1 hmacsha1 = new System.Security.Cryptography.HMACSHA1(Encoding.UTF8.GetBytes(signatureKey)); byte[] signatureBytes = hmacsha1.ComputeHash(Encoding.UTF8.GetBytes(signatureBaseString)); string signature = Convert.ToBase64String(signatureBytes).PercentEncode(); string at = string.IsNullOrEmpty(AccessToken) ? "" : string.Format("oauth_token=\"{0}\",", AccessToken); string oauth = "OAuth realm=\"{0}\",oauth_consumer_key=\"{1}\",oauth_nonce=\"{2}\",oauth_signature_method=\"HMAC-SHA1\",oauth_timestamp=\"{3}\",{4}oauth_version=\"1.0\",oauth_signature=\"{5}\""; oauth = string.Format(oauth, "Spiral16", ConsumerKey, nonce, timeStamp, at, signature); req.Headers.Add("Authorization", oauth); req.ContentType = "application/x-www-form-urlencoded"; return req; }