Convert Ruby HMAC SHA256 code to C# (Windows 8.1 Universal)

Question

I have the following Ruby code which I'm trying to port to a Windows universal app. Most examples I've found use System.Security.Cryptography which isn't available in the framework.

method = "POST"
uri = "http://api.somewhere.com/events"
data = "my_data"
timestamp = 1423778684
data_utf8 = data.force_encoding("UTF-8").bytes.to_a.map(&:chr).join
message = "#{method}#{uri}#{data_utf8}#{timestamp}"
key = "ABC123"
checksum = Digest::HMAC.hexdigest(message, key, Digest::SHA256)
puts checksum
# => 83f47bcd10c7360614bb8a858786eb588be3494f1e9bf8a1769bd5f6fff0a3b8

The 'Digest::HMAC.hexdigest' being the line giving me trouble. Thanks!

Answer 1

Hi,

I do not very familiar with the Ruby code. But seem you want to create hash value in windows store app. If so, you can use the Windows.Security.Cryptography namespaces to do that. There are some codes you can try:

string stringToSign = "Whatever message you wish to sign";
           string hashKey = "The key you want to sign it with.";
 
MacAlgorithmProvider macAlgorithmProvider = MacAlgorithmProvider.OpenAlgorithm("HMAC_SHA256");
BinaryStringEncoding encoding = BinaryStringEncoding.Utf8;
var messageBuffer = CryptographicBuffer.ConvertStringToBinary(stringToSign, encoding);
IBuffer keyBuffer = CryptographicBuffer.ConvertStringToBinary(hashKey, encoding);
CryptographicKey hmacKey = macAlgorithmProvider.CreateKey(keyBuffer);
IBuffer signedMessage = CryptographicEngine.Sign(hmacKey, messageBuffer);
 
string hashedString = CryptographicBuffer.EncodeToBase64String(signedMessage);

 

More information you can refer to the link below:

https://msdn.microsoft.com/en-us/library/windows.security.cryptography.core.macalgorithmprovider.aspx?cs-save-lang=1&cs-lang=csharp#code-snippet-1

Best Wishes!

---

We are trying to better understand customer views on social support experience, so your participation in this interview project would be greatly appreciated if you have time. Thanks for helping make community forums a great place. <br/> Click <a href="http://support.microsoft.com/common/survey.aspx?showpage=1&scid=sw%3Ben%3B3559&theme=tech"> HERE</a> to participate the survey.

Answer 2

Thanks for that :)

However it doesn't seem to return the same hashed string as the ruby implementation (or other languages, we have an iOS version too) this website http://hash.online-convert.com/sha256-generator gives the same result as the Ruby version using this value/key

value = "POSThttp://api.somewhere.com/eventsmy_data1423778684"
key = "ABC123"

should give hashed string: 83f47bcd10c7360614bb8a858786eb588be3494f1e9bf8a1769bd5f6fff0a3b8

the above c# implementation gives: g/R7zRDHNgYUu4qFh4brWIvjSU8em/ihdpvV9v/wo7g=

Answer 3

The C# implementation you showed:  g/R7zRDHNgYUu4qFh4brWIvjSU8em/ihdpvV9v/wo7g= is a base64 string representation of the data. Running it through a base64 => hex string converter (http://tomeko.net/online_tools/base64.php?lang=en) gives you the same value of: 83F47BCD10C7360614BB8A858786EB588BE3494F1E9BF8A1769BD5F6FFF0A3B8

(Use CryptographicBuffer.EncodeToHexString(signedMessage) instead of CryptographicBuffer.EncodeToBase64String(signedMessage))