using methods base64 module in conjunction with Crypto.Hash.SHA256

mirandacascade at yahoo.com mirandacascade at yahoo.com
Wed Dec 20 00:58:29 EST 2006 

I am attempting to implement a process, and I'm pretty sure that a
major roadblock is that I do not understand the nomenclature.  The
specs indicate that the goal is to calculate a message digest using an
SHA-256 algorithm.  There are 2 examples included with the specs.  The
label on the 2 examples are: 'HMAC samples'.  In both examples, the
message on which the digest is to be calculated is (the 33 chars within
the quotes):

'This is a test of VISION services'

In the first example, the value labeled 'Shared key' is the 44
characters within the quotes:
    '6lfg2JWdrIR4qkejML0e3YtN4XevHvqowDCDu6XQEFc='
and the value labeled 'Base64 Message Hash' is the 44 characters within
the quotes:
    'KF7GkfXkgXFNOgeRud58Oqx2equmKACAwzqQHZnZx9A='

In the second example, the value labeled 'Shared key' is the 44
characters within the quotes:
    'jcOv3OBKVNBT8Zk+ZFacrDYNsKlm3D8TGGJyXti//p4='
and the value labeled 'Base64 Message Hash' is the 44 characters within
the quotes:
    'XhqneGN0x5I8JVvatXO9z0EBQRre3svFVc+q2lLE3Ik='

My interpretation of the first example is this: when you use an SHA-256
algorithm to calculate a message digest on the message 'This is a test
of VISION services' where the key is
'6lfg2JWdrIR4qkejML0e3YtN4XevHvqowDCDu6XQEFc=', the result should be:
'KF7GkfXkgXFNOgeRud58Oqx2equmKACAwzqQHZnZx9A=' .

Operating system: Win XP
Version of Python: 2.4 (with PyCrypto package installed)

Interactive window of Pythonwin displays how I thought one might
implement the process.

>>> from Crypto.Hash import SHA256
>>> import base64
>>> digestStr = 'This is a test of VISION services'
>>> from Crypto.Hash import HMAC
>>> samp1Key = '6lfg2JWdrIR4qkejML0e3YtN4XevHvqowDCDu6XQEFc='
>>> samp1CalcDigest = HMAC.new(samp1Key, digestStr, SHA256)
>>> samp1Hash = base64.b64encode(samp1CalcDigest.digest())
>>> samp1Hash
'35RYYwgt7Bp1Dj9onZiIkSz1PxgKM9UYXCgxlDdWGkA='
>>> samp2Key = 'jcOv3OBKVNBT8Zk+ZFacrDYNsKlm3D8TGGJyXti//p4='
>>> samp2CalcDigest = HMAC.new(samp2Key, digestStr, SHA256)
>>> samp2Hash = base64.b64encode(samp2CalcDigest.digest())
>>> samp2Hash
'RtmPKhflZ/BX3yrhl83pDsdCR5A2kwKP6dVnAyBl9tc='
>>>

I was hoping that samp1Hash and samp2Hash would be the same as the
values labled 'Base64 Message Has' in the examples...they are not the
same.

My questions are:
1) Given the terminology identified above, do you think my
interpreation of the first example is accurate? If not, what is a more
accurate interpretation?
2) If the interpretation of the first example is on target, do you see
anything above in the use of the SHA256, HMAC and base64
classes/methods that indicates that I did not correctly implement the
process?  


Thank you.

More information about the Python-list mailing list