MATLAB Answers

# Why the encryption doesn't work correctly? (SHA-256, HMAC-SHA-512)

138 views (last 30 days)
Goryn on 15 Feb 2019
Answered: Florian Besten on 17 Dec 2019
1) We have determined input:
challenge = 'c100b894-1729-464d-ace1-52dbce11db42';
apiSecret = '7zxMEF5p/Z8l2p2U7Ghv6x14Af+Fx+92tPgUdVQ748FOIrEoT9bgT+bTRfXc5pz8na+hL/QdrCVG7bh9KpT0eMTm';
2) We need to receive an expected output:
signed_output = '4JEpF3ix66GA2B+ooK128Ift4XQVtc137N9yeg4Kqsn9PI0Kpzbysl9M1IeCEdjg0zl00wkVqcsnG4bmnlMb3A==';
3) Here are steps of how we should encrypt it:
1. Hash the challenge with the SHA-256 algorithm
2. Base64-decode your api_secret
3. Use the result of step 2 to hash the result of step 1 with the HMAC-SHA-512 algorithm
4. Base64-encode the result of step 3
My code:
import matlab.net.*
% 1. Hash the challenge with the SHA-256 algorithm
hash_digest = DataHash(challenge, struct('Method','SHA-256'));
% 2. Base64-decode your api_secret
secret_decoded = base64decode(apiSecret);
% 3. Use the result of step 2 to hash the result of step 1 with the HMAC-SHA-512 algorithm
hmac_digest = HMAC(secret_decoded,hash_digest,'SHA-512');
% 4. Base64-encode the result of step 3
signed_output = base64encode(hmac_digest);
I am using these functions:
The result is wrong. Could you please help me to fix it?

#### 3 Comments

Walter Roberson on 15 Feb 2019
This is not encryption , this is authentication . There is an important difference in that if it were encryption then due to the laws of the USA we would not be able to permit the discussion to take place here. The legal rules about authentication are not the same so discussion is permitted .
Jan on 15 Feb 2019
@Walter: You are correct and thank you for mention this again. After all these years I'm still astonished about this difference. It is legal to publish code, which creates e.g. a 128 bit Hash for a certain input. If I create a hash over a key and use the HMAC method to obtain the hash over the complete string, this is legal also. But as soon as I store the intermediate results of the hashing for each block, it is a strong encryption with a 128 bit key and the publishing of the method in executable form is prohibitted by the US export laws. This means, calculating a hash of a complete text is fine, but splitting the text to 128 bit blocks and calling hashing tool blockwise while storing the output is evil.
I'm not getting tired to mention, that e.g. the publication of the AES algorithm is allowed in printed form, e.g. as PDF, because then it is covered by the freedom of speech, see e.g. https://nvlpubs.nist.gov/nistpubs/fips/nist.fips.197.pdf . As far as I know, a discussion is legal also, as long as it does not contain executable code. But finally even executable code is allowed, as long as the owner of the web service has a written certificate from the US government. See e.g. https://csrc.nist.gov/projects/cryptographic-standards-and-guidelines/archived-crypto-projects/aes-development : Running C code for 256 bit AES encryption directly from NIST.gov .
I still believe that MathWorks must have such a certificate, because Matlab is shipped with tools needed for a strong encryption - as all browsers and mail software is also.
When I concatenate the ASCII code of 3 lines of Java code and find a prime number, which starts with these digits, would this be an illegal prime number? We have 2019. You can find the AES code in official places in the net for over 20 years now. It is time to adjust the laws.
Walter Roberson on 15 Feb 2019
Outputing hashes is fine under USA law, since hashes cannot be reversed to give original data.
A number of years ago someone posted a "Wheat and Chaff" process that showed that the distinction between encryption and authentication was not entirely meaningful, provided that you were willing to send N useless packets for every valid packet, but nothing changed.

Sign in to comment.

### Accepted Answer

Jan on 15 Feb 2019
Edited: Jan on 18 Feb 2019
Your call of DataHash creates the hash considering the class of the obejct. You want to get the hash for the values only.
challenge = 'c100b894-1729-464d-ace1-52dbce11db42';
Opt.Method = 'SHA-256';
Opt.Input = 'ascii'; % Use the contents only and only 8 bits
hash_digest = DataHash(challenge, Opt)
% Compare with:
DataHash(challenge, struct('Method','SHA-256'))
% Note that this considers the class and dimensions of the input also:
DataHash(challenge.', struct('Method','SHA-256'))
% ^^ other result for transposed input!!!
By the way, DataHash is an overkill here. Leaner:
Engine = java.security.MessageDigest.getInstance('SHA-256');
Engine.update(uint8(challenge(:)));
Hash = typecast(Engine.digest, 'uint8')
And for HMAC:
BlockSize = 128; % 64 for: MD5, SHA-1, SHA-256
KeySize = numel(Key);
Key = uint8(Key); % Hash it if it is longer than BlockSize
ipad(1:BlockSize) = uint8(54); % 0x36
ipad(1:KeySize) = bitxor(uint8(54), Key);
opad(1:BlockSize) = uint8(92); % 0x5c
opad(1:KeySize) = bitxor(uint8(92), Key);
Engine2 = java.security.MessageDigest.getInstance('SHA-512');
Engine2.update(ipad);
Engine2.update(uint8(Msg));
iHash = typecast(Engine2.digest, 'uint8');
Engine2.update(opad);
Engine2.update(iHash);
HMAC = typecast(Engine2.digest, 'uint8');

#### 2 Comments

Goryn on 15 Feb 2019
Thank you for the answer, but this doesn't work either:
import matlab.net.*
% 1. Hash the challenge with the SHA-256 algorithm
Opt.Method = 'SHA-256';
Opt.Input = 'ascii';
hash_digest = DataHash(challenge, Opt);
% 2. Base64-decode your api_secret
secret_decoded = base64decode(apiSecret);
% 3. Use the result of step 2 to hash the result of step 1 with the HMAC-SHA-512 algorithm
hmac_digest = HMAC(secret_decoded,hash_digest,'SHA-512');
% 4. Base64-encode the result of step 3
signed_output = base64encode(hmac_digest);
Jan on 17 Feb 2019
@Goryn:
% 1. Hash the challenge with the SHA-256 algorithm
Opt.Method = 'SHA-256';
Opt.Input = 'ascii';
Opt.Format = 'double'; % You want the bytes, not the HEX code
hash_digest = DataHash(challenge, Opt);
secret_decoded = matlab.net.base64decode(apiSecret);
hmac_digest = HMAC(secret_decoded,hash_digest,'SHA-512');
% Again: The bytes, not the hex codes:
hmac_byte = sscanf(hmac_digest, '%2x');
signed_output = matlab.net.base64encode(hmac_bytes)
% '4JEpF3ix66GA2B+ooK128Ift4XQVtc137N9yeg4Kqsn9PI0Kpzbysl9M1IeCEdjg0zl00wkVqcsnG4bmnlMb3A=='
Do not confuse hex strings and byte values. 'E0' is something completely different than 224.

Sign in to comment.

### More Answers (1)

Florian Besten on 17 Dec 2019
For me it worked with this code with internal functions only
challenge_char = 'c100b894-1729-464d-ace1-52dbce11db42';
secret_char = '7zxMEF5p/Z8l2p2U7Ghv6x14Af+Fx+92tPgUdVQ748FOIrEoT9bgT+bTRfXc5pz8na+hL/QdrCVG7bh9KpT0eMTm';
hash256_class = System.Security.Cryptography.SHA256Managed.Create();
challenge_hash = uint8(hash256_class.ComputeHash(uint8(challenge_char)));
secret_uint8 = matlab.net.base64decode(secret_char);
hmac512_class = System.Security.Cryptography.HMACSHA512(secret_uint8);
sign_uint8 = uint8(hmac512_class.ComputeHash(challenge_hash));
sign_char = matlab.net.base64encode(sign_uint8);

#### 0 Comments

Sign in to comment.

R2018a

### Community Treasure Hunt

Find the treasures in MATLAB Central and discover how the community can help you!

Start Hunting!

Translated by