Geek Answers Handbook

HMAC-SHA256 in Delphi

I need to create HMAC-SHA256 signatures for the Amazon Web Services API. The old DCPcrypt library has sha256 procedures, but the HMAC is not signed. Does anyone know of a free hash library that I could use?

+6
amazon-web-services delphi hmac
source share
6 answers

After a bit of searching, I found OpenStreamSec - it looks like it was abandoned a few years ago, but is still compiling in D2007.

http://sourceforge.net/projects/openstrsecii/

Creating an HMAC-256 for Amazon is very simple:

StrToMime64(HMACString(haSHA256, SecretKey, 32, DataToHash));
+4
source share

My favorite answer is that I would use the OpenSSL libraries, the HMAC function. I successfully used the OpenSSL libraries in Delphi, accepting and adapting work from M Ferrante http://www.disi.unige.it/person/FerranteM/delphiopenssl/
For other OpenSSL signatures, etc. See this link
In D2010, this is something like this (libeay32 is a unit taken from a website and slightly modified for unicode / D2010):

 uses libeay32; const LIBEAY_DLL_NAME = 'libeay32.dll'; EVP_MAX_MD_SIZE = 64; function EVP_sha256: pEVP_MD; cdecl; external LIBEAY_DLL_NAME; function HMAC(evp: pEVP_MD; key: PByte; key_len: integer; data: PByte; data_len: integer; md: PByte; var md_len: integer): PByte; cdecl; external LIBEAY_DLL_NAME; function GetHMAC(const AKey, AData: string): TBytes; var key, data: TBytes; md_len: integer; res: PByte; begin OpenSSL_add_all_algorithms; // Seed the pseudo-random number generator // This should be something a little more "random"! RAND_load_file('c:\windows\paint.exe', 512); key := TEncoding.UTF8.GetBytes(AKey); data := TEncoding.UTF8.GetBytes(AData); md_len := EVP_MAX_MD_SIZE; SetLength(result, md_len); res := HMAC(EVP_sha256, @key[0], Length(key), @data[0], Length(data), @result[0], md_len); if (res <> nil) then begin SetLength(result, md_len); end; end;

Then call it using the passphrase and data string. The result is TBytes, which can be converted as needed, for example, to Base64 using something like JclMime or a simple function like HexToString.
For an older version of Delphi, you will have to change PBytes to PChars or something similar.
Disclaimer: I do not have reference data to verify this, but it works fine!

+3
source share

Delphi ships with Indy, and Indy has the TIdHMACSHA256 class:

 uses IdGlobal, IdHashSHA, IdHMAC, IdHMACSHA1, IdSSLOpenSSL; function CalculateHMACSHA256(const value, salt: String): String; var hmac: TIdHMACSHA256; hash: TIdBytes; begin LoadOpenSSLLibrary; if not TIdHashSHA256.IsAvailable then raise Exception.Create('SHA256 hashing is not available!'); hmac := TIdHMACSHA256.Create; try hmac.Key := IndyTextEncoding_UTF8.GetBytes(salt); hash := hmac.HashValue(IndyTextEncoding_UTF8.GetBytes(value)); Result := ToHex(hash); finally hmac.Free; end; end;
+3
source share

Have you looked at the answers to this SO question?

+2
source share

HMAC is simply a function that uses SHA256 to calculate the hash according to some specific rules. If you look at Wikipedia , it has a pseudo-code example.

You can also call the .NET HMAC class in System.Security.Cryptography through COM interpolation.

+2
source share

Regarding the answer from Jacob: OpenStrSecII is an affiliate of StreamSec Tools 2.1, which is sold under a commercial license without any frills, and today (February 8, 2012) it supports Delphi Win32 up to Delphi XE2. StreamSec Tools 4.0 also has support for Win64.

0
source share

More articles:


All Articles