HMAC SHA256 hex digest of a string in Erlang, how?
Asked Answered
A

5

12

I am trying to interact with third party real time Web messaging System created and maintained by Pusher.com. Now, i cannot send anything through the API unless i produce an HMAC SHA256 hex digest of my data. A sample source code written in ruby could try to illustrate this:

# Dependencies
# gem install ruby-hmac
#
require 'rubygems'
require 'hmac-sha2'

secret = '7ad3773142a6692b25b8'
string_to_sign = "POST\n/apps/3/channels/test_channel/events\nauth_key=278d425bdf160c739803&auth_timestamp=1272044395&auth_version=1.0&body_md5=7b3d404f5cde4a0b9b8fb4789a0098cb&name=foo"

hmac = HMAC::SHA256.hexdigest(secret, string_to_sign)

puts hmac
# >> 309fc4be20f04e53e011b00744642d3fe66c2c7c5686f35ed6cd2af6f202e445

I checked the erlang crypto Library and i cannot even generate a SHA256 hex digest "directly"

How do i do this whole thing in Erlang ? help....

* UPDATE *

I have found solutions here: sha256 encryption in erlang and they have led me to erlsha2. But still, how do i generate the HMAC of a SHA256 hexdigest output from this module ?

Aila answered 20/1, 2012 at 13:47 Comment(0)
A
11

With erlsha2, use the following to get the equivalent of your Ruby code:

1> hmac:hexlify(hmac:hmac256(<<"7ad3773142a6692b25b8">>, <<"POST\n/apps/3/channels/test_channel/events\nauth_key=278d425bdf160c739803&auth_timestamp=1272044395&auth_version=1.0&body_md5=7b3d404f5cde4a0b9b8fb4789a0098cb&name=foo">>)).
"309FC4BE20F04E53E011B00744642D3FE66C2C7C5686F35ED6CD2AF6F202E445"
Ambush answered 21/1, 2012 at 1:22 Comment(1)
Great! Great ! Great ! Thanks so much @Steve+VinoskiAila
S
6

I just stumbled through this myself and finally managed it just using crypto, so thought I would share. For your usage I think you would want:

:crypto.hmac(:sha256, secret, string_to_sign) |> Base.encode16

The hmac portion should take care of digest + hmac and then piping to encode 16 should provide the hex part. I imagine you probably moved on some time ago, but since I just had the same issue and wanted to try and figure it out in stdlib stuff I thought I would share.

Surovy answered 19/11, 2014 at 14:35 Comment(0)
V
3

The same project (erlsha2) has a module for this:

https://github.com/vinoski/erlsha2/blob/master/src/hmac.erl

Velure answered 20/1, 2012 at 14:42 Comment(1)
i have looked at this, but i need sample source producing the same results as the ruby code above. Thanks @VelureAila
H
2

If you're using Elixir, you can use

:crypto.hash(:sha256, [secret, string_to_sign]) 
|> Base.encode16 
|> String.downcase
Hardenberg answered 18/5, 2021 at 14:59 Comment(0)
Q
0

This is a one-liner (Erlang 24):

[begin if N < 10 -> 48 + N; true -> 87 + N end end ||
            <<N:4>> <= crypto:mac(hmac, sha256, Secret1, StringToSign1)].

>>> "309fc4be20f04e53e011b00744642d3fe66c2c7c5686f35ed6cd2af6f202e445"

No need for external libs.

Quatrain answered 24/12, 2021 at 1:42 Comment(0)

© 2022 - 2024 — McMap. All rights reserved.