Help

Roku Developer Program

Join our online forum to talk to Roku developers and fellow channel creators. Ask questions, share tips with the community, and find helpful resources.
cancel
Turn on suggestions
Showing results for 
Show  only  | Search instead for 
Did you mean: 
wshirley
Binge Watcher
‎09-06-2019 09:58 AM

Stuck using HMAC

I'm debugging code by working through an Amazon AWS S3 "Put" example.  I'm at a step where I need to run an HMAC SHA256 hash.  In the AWS example, they express it as:

HMAC-SHA256("AWS4" + "wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY","20130524")

and the result, in HEX format should be:

969fbb94feb542b71ede6f87fe4d5fa29c789342b0f407474670f0c2489e0a0d

I'm using the following code (to no avail):


  HMAC = createobject("roHMAC")
  ba = createobject("roByteArray")
  ba.FromAsciiString("AWS" + "wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY")  'this is the "key" that AWS uses in the example
  if HMAC.Setup("sha256", ba) = 0  'this if group of code is based on the example code in Rokus documentation
    message1 = CreateObject("roByteArray")
    message2 = CreateObject("roByteArray")    
    messageStr1 = "AWS4" + "wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY"
    message1.fromAsciiString(messageStr1)
    HMAC.Update(message1)
    message2.FromAsciiString("20130524")
    HMAC.Update(message2)
    DateKey = HMAC.final()
? DateKey.ToHexString()


I'm getting this result:
8AE94D64B5C24455E4C0508F2AD8AA036BAE46B6469DCE6599F035B2AFFD11CB

Can anyone point me in the right direction?  I've tried running the code with only message2, (wondering if the "setup" command might be seeding the function with the key?) but that doesn't work either.

Help?!

Thanks
0 Kudos
Reply
2 REPLIES 2
renojim
Community Streaming Expert
‎09-06-2019 01:58 PM

Re: Stuck using HMAC

I think you have multiple problems.  First of all, you're prepending your key string with "AWS" instead of "AWS4".  Second, if I search for 969fbb94feb542b71ede6f87fe4d5fa29c789342b0f407474670f0c2489e0a0d I find this example from AWS that shows that result from a different key and date string.  This online calculator verifies the result for these values:
secret key = AWS4wJalrXUtnFEMI/K7MDENG+bPxRfiCYEXAMPLEKEY
string = 20120215

Note that the key is different from yours by one character.

BRS code:
keystr = "AWS4wJalrXUtnFEMI/K7MDENG+bPxRfiCYEXAMPLEKEY"
dateStamp = "20120215"
sha256 = CreateObject("roHMAC")
bakey = CreateObject("roByteArray")
bamsg = CreateObject("roByteArray")
bakey.FromAsciiString(keystr)
bamsg.FromAsciiString(dateStamp)
if sha256.Setup("sha256",bakey) = 0 then
   hash = sha256.Process(bamsg).ToHexString()
   print "Hash:  ";hash
else
   print "Failure"
end if

Results in:
Hash:  969FBB94FEB542B71EDE6F87FE4D5FA29C789342B0F407474670F0C2489E0A0D

Do you have a link to the example you're using?  It appears to be wrong.

-JT
Roku Community Streaming Expert

Help others find this answer and click "Accept as Solution."
If you appreciate my answer, maybe give me a Kudo.

I am not a Roku employee.
0 Kudos
Reply
wshirley
Binge Watcher
‎09-06-2019 02:49 PM

Re: Stuck using HMAC

SOLVED!  Thank you , thank you, thank you!  Your code worked.

My bad for not seeing the typos, especially the AWS vs AWS4.  Sometimes you stare at code so long, you don't really even "see" it anymore.

I started with an example here:  https://docs.aws.amazon.com/general/latest/gr/signature-v4-examples.html#signature-v4-common-coding-...,which i thought uses the same "key" value, but doesn't, and I failed to note the different date value that the latter example uses (my second bad).

I'm pretty sure I can get to the final signature now -- then it's off to the maze of addheader and postfromstring commands to see if I can actually "PUT" a file to AWS!

Thanks again.
0 Kudos
Reply
Need Assistance?
Welcome to the Roku Community! Feel free to search our Community for answers or post your question to get help.

Become a Roku Streaming Expert!

Share your expertise, help fellow streamers, and unlock exclusive rewards as part of the Roku Community. Learn more.
li.common.scroll-to.top