Is my HMAC print function correct?

I want to print HMAC using SHA256. This is the code:

#include "sha256.h"
void print_hmac(uint8_t *hmac)
{
  for(int i=0; i<32; i++)
  Serial.print(hmac[i],HEX);
}//end print_hmac
//-------------------------------------------------
void setup() {
  // put your setup code here, to run once:
  Serial.begin(9600);
  //to compute the Hash
  uint8_t *hash; //uint8_t is equal to unsigned char. Its size=1B
  Sha256.initHmac((const uint8_t*)"hash key",8); // key, and length of key in bytes
  Sha256.print("This is a message to hash");
  hash = Sha256.resultHmac();
  print_hmac(hash);
}
//---------------------------------------------------

The result I got in the Serial monitor is:
8d1b419d611b9abf35956edac8fdfcb338e92a67bbfb24dee395c1cc94a822

As far as I know, the HMAC-SHA256 output must be 64 hex. digits while I am getting 62 digits only. If this is because it happens that the 1st two digits are 0, then, I assume they should be printed.

Can you please check the print_hmac in my code? am I printing the result correctly?

Hello,

I am computing HMAC using SHA256. I used Arduino and Python. I must get the same result since the key and string are same.

Here is Arduino code:

#include "sha256.h"
void print_hmac(uint8_t *hmac)
{
  for(int i=0; i<32; i++)
  Serial.print(hmac[i],HEX);
}//end print_hmac
//-------------------------------------------------
void setup() {
  // put your setup code here, to run once:
  Serial.begin(9600);
  //to compute the Hash
  uint8_t *hash; //uint8_t is equal to unsigned char. Its size=1B
  Sha256.initHmac((const uint8_t*)"hash key",8); // key, and length of key in bytes
  Sha256.print("This is a message to hash");
  hash = Sha256.resultHmac();
  print_hmac(hash);
}
//---------------------------------------------------
void loop() {
  // put your main code here, to run repeatedly:

}

Here is Python code:

import hashlib
import hmac

# key = CONSUMER_SECRET& #If you dont have a token yet
key = "hash key" 


# The Base String as specified here: 
raw = "This is a message to hash" # as specified by oauth

hashed = hmac.new(key, raw, hashlib.sha256)

# The signature
print hashed.digest().encode("hex").rstrip('\n')

Arduino HMAC result is:
8D1B419D611B9ABF35956EDAC8FDFCB338E92A67BBFB24DEE395C1CC94A822

While python one is:
4b400507eaf8f4ae9ba1fa8cc35030282a993e3274c46b9215a2304cbefb0c6f

Can you help me figure out what the problem is?

Any byte that is less than 16 will print as a single hex digit. You should modify your function so that it prints a leading zero if required:

  for(int i=0; i<32; i++) {
    if(hmac[i] < 16)Serial.print("0");
    Serial.print(hmac[i],HEX);
  }

Pete

itroublee:
Arduino HMAC result is:
8D1B419D611B9ABF35956EDAC8FDFCB338E92A67BBFB24DEE395C1CC94A822

While python one is:
4b400507eaf8f4ae9ba1fa8cc35030282a993e3274c46b9215a2304cbefb0c6f

Can you help me figure out what the problem is?

Arduino HMAC result actually is:
4B400507EAF8F4AE9BA1FA8CC35030282A993E3274C46B9215A2304CBEFB0C6F

Why is yours different?

Your Arduino code seems to be mostly correct.

I see just one little problem: Your “print_hmac” is NOT PRINTING LEADING ZEROS, so your printed code will miss all leading zeros that are contained in the HEX codes. So your code should print (wrong due to missing some zeros):
4B4057EAF8F4AE9BA1FA8CC35030282A993E3274C46B9215A2304CBEFBC6F
If you see something completely different, you have a library problem.

Fixed version of function “print_hmac”:

void print_hmac(uint8_t *hmac)
{
  for(int i=0; i<32; i++)
  {
    if (hmac[i]<0x10) Serial.print('0'); // print leading zero with codes less than 0x10
    Serial.print(hmac[i],HEX);
  }
}

Are we, perhaps, aiming for the world record "how many threads can we start, all asking the same question" ?

Threads merged.

@jurs I tried your code. The same old result which is different from python. Can you provide me with which library you downloaded and what version of IDE are using?

My Java version gives 4b400507eaf8f4ae9ba1fa8cc35030282a993e3274c46b9215a2304cbefb0c6f
which, since it matches your Python result, indicates that the Arduino code is at fault. Which library are you using?

itroublee:
Can you provide me with which library you downloaded and what version of IDE are using?

Again?
What about my answers yesterday?
Could you perhaps look up all the threads in which you posted and I answered yesterday?

In case you are unable to read answers you already got, read here:

Link to library is in the initial (very first) posting in this thread:

The guy who started the thread linked "Spaniako's CryptoSuite here" and on the word "here" there is a link to the library.
That's the library he used.
That's the library I used.
Got it?

The Arduino IDE version I used is 1.0.5, as I wrote yesterday in a reply to one of your questions.

But I'm sure, that if all "PROGMEM" declarations in the library get an additional "const" declaration, the library will also compile with Arduino 1.6.x versions.

Using "Spaniako's CryptoSuite here" library downloaded from GitHub - spaniakos/Cryptosuite: Cryptographic suite for Arduino & RPi (SHA, HMAC-SHA) with the RFC4231 4.3 test taken from hmacsha256test.pde i.e.

 Serial.println("Test: RFC4231 4.3");
  Serial.println("Expect:5bdcc146bf60754e6a042426089575c75a003f089d2739839dec58b964ec3843");
  Serial.print("Result:");
  ms = micros();
  Sha256.initHmac((uint8_t*)"Jefe",4);
  Sha256.print("what do ya want for nothing?");
  printHash(Sha256.resultHmac());
  Serial.print(" Hash took : ");
  Serial.print((micros() - ms));
  Serial.println(" micros");
  Serial.println();

Using an ATMega2560 I cannot get a match between the expected hmac and the output of this code.

To get the library to compile under 1.6.7 I had to add 'const' to the PROGMEM lines in the library files and had to capitalize the A in the Arduino includes (I work with Linux so case matters) .

I think that library needs further work; if I have the time and inclination in the next few days I might have a go at fixing it.

It is interesting that the OP did not first try the library examples when he found his test case did not give the expected result.

The modified version that I posted in one of your other threads is based on this library by Cathedrow. As also indicated earlier, I did not use the 'library' but added the modified cpp and h files to the project directory.

After modifying your print_hmac to handle leading zeroes (using snprintf()), I got the expected result (same as your python code).

Compiled on Windows8 using IDE1.6.6; description of the changes in one or more of your other threads but as reference

  • changed the return type of the write function from void to int in both the h and cpp file; as I did not add a return statement in the function, it will now 'return' garbage
  • added const to const uint32_t sha256K[] PROGMEM = { and const uint8_t sha256InitState[] PROGMEM = { in the cpp file

Note:
If you used 'my' modified version, not returning a value in write might be the cause of unexpected results. I have added a return 1; to the write function. Getting the expected result and jurs' code still gives the expected results.

size_t Sha256Class::write(uint8_t data) {
  ++byteCount;
  addUncounted(data);
  // 20160117; added a return statement
  return 1;
}

Another note: which Arduino are you using? I had to modify jurs' code due to low-on-memory on an Uno giving unexpected results. I initially ignored the warning but found out the hard way (:)) that that was not advisable this time.

The problem seemingly resolved and I got the two hashes in Python and Arduino similar. However, I do not like to modify crypto libraries unless by the author himself. Crypto. is critical and small change can cause catastrophic. Here what I ended up with:

  1. Arduin IDE 1.6.7
  2. This library: GitHub - spaniakos/Cryptosuite: Cryptographic suite for Arduino & RPi (SHA, HMAC-SHA) with the modifications proposed by @sterretje in this thread: https://forum.arduino.cc/index.php?topic=372312.0
  3. Reference to @robtillaart, I also changed the return 0 to return 1 in the write function in the sha256.cpp. So it becomes as the following:
size_t Sha256Class::write(uint8_t data) {
  ++byteCount;
  addUncounted(data);
  //return 0;
  //modified from "return 0" to "return 1" 
  return 1;
}
  1. the Arduino code for print the hmac should consider the leading 0 - otherwise the hmac will be wrong. The print must be as follows:
void print_hmac(uint8_t *hmac)
{
  for(int i=0; i<32; i++)
  {
    if (hmac[i]<0x10) Serial.print('0'); // print leading zero with codes less than 0x10
    Serial.print(hmac[i],HEX);
  }//end for
}//end print_hmac

Now, how can I test my hmac modified library to be 100% sure it is functioning correctly? I saw in some posts by @sterretje some output for testing the library. Where did you get the code? I checked the library page: GitHub - spaniakos/Cryptosuite: Cryptographic suite for Arduino & RPi (SHA, HMAC-SHA) but I do not find any. Any hints plz?

To all the folks, thaks for your enermous help. Plz excuse my ignorance. I am new to Arduino. Trying to learn and I am thankful to you. Plz, be patient from now till unknown time.

It was output thar jurs posted in one of your other threads. My output matched jurs' one so I was confident that was correct.