Sha256 hash and base64 encode

mesihas · June 11, 2021, 9:30am

I am trying to authenticate to OBS software (websockets) using ESP32

I can communicate send and receive data from ESP32 but can't authenticate. The process is as following:
send auth request and get challenge and salt
then process the data and send auth_response back
Pseudo Code Example:

password = "supersecretpassword"
challenge = "ztTBnnuqrqaKDzRM3xcVdbYm"
salt = "PZVbYpvAnZut2SS6JNJytDm9"

secret_string = password + salt
secret_hash = binary_sha256(secret_string)
secret = base64_encode(secret_hash)

auth_response_string = secret + challenge
auth_response_hash = binary_sha256(auth_response_string)
auth_response = base64_encode(auth_response_hash)

It works using different clients like JS example

In my ESP32 I can get first two steps working:

secret_string = password + salt
secret_hash = binary_sha256(secret_string)

but when I try:

secret = base64_encode(secret_hash)

I get a different result comparing to JS the example

Arduino references

#include "mbedtls/md.h"
#include <base64.h>

code:

String encoded = base64::encode("blablabla");     
Serial.println("encoded:  ");    
Serial.println(encoded);

Wondering why I get different results in Arduino core and JavaScript while using base64::encode

J-M-L · June 11, 2021, 9:48am

if I run this on an ESP32

#include <base64.h>

void setup()
{
  Serial.begin(115200);
  Serial.print("Base 64 encoding of \"blablabla\" is \"");
  Serial.print(base64::encode("blablabla")); 
  Serial.println("\"");
}

void loop() {}

Serial Monitor (@ 115200 bauds) shows

Base 64 encoding of "blablabla" is "YmxhYmxhYmxh"

if I double check with cryptii I do get the same thing

Danois90 · June 11, 2021, 10:13am

If anyone should help you find the problem, you must post the code that does not work. Usually the issue is not base64 but the hashing of data.

mesihas · June 13, 2021, 7:27am

OK, I was doing a bad implementation of the base64 encoder. Now I have changed the way and works

      unsigned char secret[128];
      memset(secret, 0, sizeof(secret));
      mbedtls_base64_encode(secret, sizeof(secret), &hashb64_len, sha256, sizeof(sha256));

system · October 11, 2021, 7:27am

This topic was automatically closed 120 days after the last reply. New replies are no longer allowed.