I am having some issues getting myself logged in to a service, which I believe is due to something I´m not doing right with the signing. See the result that I´m getting with the below:
The following is an attempt to do the same, but the result is not the same. Any idea what I´m doing wrong?
B4X:
Dim bc As ByteConverter
Dim m As Mac
Dim k As KeyGenerator
Dim Secret As String = "72d4b1c24f2344f29cab98607d41c2a5"
Dim input As String = "test"
Dim m As Mac
Dim k As KeyGenerator
Dim signature As String
k.Initialize("HMACSHA256")
k.KeyFromBytes(Secret.GetBytes("UTF8"))
m.Initialise("HMACSHA256", k.Key)
m.Update(input.GetBytes("UTF8"))
Dim b() As Byte
b = m.Sign
Dim bc As ByteConverter
signature=bc.HexFromBytes(b)
signature = signature.ToLowerCase
Log (signature)
Result:
2d869c0f5bac1f3cecb35c0a1fb85fec4b6d43b27a36d7837d173b09b3916ac2
I didn't carefully read the first post, I just tested it on my machine and the result #5 was correct, same as you posted b4j code. actually the version is not problem,just the cmdline need to add -n .
Weird, here the -n does not matter. No clue why the results are different, but I found out that despite the difference between what I get from the bash and b4j, it actually works how it should. It was just my mistake to think that this part was the culprit, but thanks!
Thanks aeric, it was in fact a mistake that I left the nonce line there and it has now been removed. As far as I understand, I do not need this to create an identical key to the one generated with "openssl dgst -sha256 -hmac "72d4b1c24f2344f29cab98607d41c2a5", or am I wrong?
I should add that nonce is not mentioned in the API that I´m trying to access - that part was left over from old code I had from another API where nonce was required, so I just renamed it. Timestamp is required though, but that´s not so important at this stage, where all I´m trying to do is getting the same signature, since I have the idea that the reason why I cannot log in is due to this, so I took out all the code regarding what needs to be sent, making a simple test, just to show that the signature looks different.
I am not sure the correct way to call this in bash command. If you have extra space after the "echo" keyword, it seems make a difference. The result may be differ if you have different version of openssl.
I am not sure the correct way to call this in bash command. If you have extra space after the "echo" keyword, it seems make a difference. The result may be differ if you have different version of openssl.
Thanks aeric. The thing is that in the API manual, there is an example with a secret and a string, where also the expected signature is showing. This signature is identical to what I get with the bash command, but the result with b4j is different.
I didn't carefully read the first post, I just tested it on my machine and the result #5 was correct, same as you posted b4j code. actually the version is not problem,just the cmdline need to add -n .
The manual page on Terminal for echo -n is the following: -n Do not print the trailing newline character. This may also be achieved by appending `\c' to the end of the string, as is do...
I didn't carefully read the first post, I just tested it on my machine and the result #5 was correct, same as you posted b4j code. actually the version is not problem,just the cmdline need to add -n .
Weird, here the -n does not matter. No clue why the results are different, but I found out that despite the difference between what I get from the bash and b4j, it actually works how it should. It was just my mistake to think that this part was the culprit, but thanks!