Welcome!

By registering with us, you'll be able to discuss, share and private message with other members of our community.

SignUp Now!

[VB6] HMAC-SHA-256, HMAC-SHA-1 Using Crypto API

MikiSoft

New member
Joined
Jun 6, 2011
Messages
461
Well, I've got a report for HS512 class on Windows 8.1 64-bit that this error has shown:
View attachment 134197

And this is the code which is calling the class:
Code:
With hs5
.InitHmac .ToUTF8(server_seed)
roll_hash = .Encode(.HmacSha512(.ToUTF8("1-" & i)))
End With
What it could be, how to solve it? On my Windows 7 32-bit it's working perfectly though.
 
Last edited:

dilettante

PowerPoster
Joined
Feb 5, 2006
Messages
20,939
Odd.

I just tried the demo program on a Windows 10 x64 system and it works fine there.

https://rcpmag.com/articles/2016/01/14/windows-8-support-deadline.aspx

As of Jan. 12, 2016, Windows 8 is now considered to be "unsupported" by Microsoft, meaning the company will no longer issues hotfixes or security updates for the operating system. Exceptions to this policy might be organizations that have purchased Microsoft's "custom support," but that option is thought to be an expensive one, with contracts lasting just a year.

So Windows 8 is dead anyway, but Win8.1 Update 1 (or is it Update 2?) should still be supported for a little while. If somebody reports the bug there is a chance it might get fixed. However they really, really, really want people to move off 8.x OSs entirely so maybe it won't.
 
Last edited:

DevJay

New member
Joined
Oct 7, 2016
Messages
2
Odd.

I just tried the demo program on a Windows 10 x64 system and it works fine there.

The HS256 class is not working for me in Windows 10 Excel x64. All the "Declare Kernal32" lines are red and I get an error about 64bit compatibility if I try to create one.
 

dilettante

PowerPoster
Joined
Feb 5, 2006
Messages
20,939
You will have to go through it and make the necessary changes. Part of the problem with 64-bit Office and later versions of Office in general is that VBA6.5 and VBA7 lose some VB6 compatibility.

Add the [tt]PtrSafe[/tt] decorator to Declare statements, and change the type of pointer and handle arguments from [tt]Long[/tt] to [tt]LongPtr[/tt].

See PtrSafe <keyword>

I don't have 64-bit Excel to test with.
 

vbpian

New member
Joined
Jan 6, 2017
Messages
2
Hi, dilettante

First of all thank you for the project sample, i have problem using this class to my case.

i have this this data:

Data: hypermart1468914526
Key: a4f6bf89b2a85781b7c1cab997b7ee0c89be03f7ac6ef29b63a45d07253cc401

i have tested in http://codebeautify.org/hmac-generator with HMAC-SHA256 and the result was correct.

How i implement this with your class.

Thank you
 

dilettante

PowerPoster
Joined
Feb 5, 2006
Messages
20,939
That web page sort of sucks.

The "key" value must be entered as printable/typeable text, you can't use a string of hex digits. If you do that it just takes it as text and you get an incorrect HMAC value there.

Here's an example with optional "sucks" mode:


View attachment 143967

Same result as "sucky" web page​
 

vbpian

New member
Joined
Jan 6, 2017
Messages
2
That web page sort of sucks.

The "key" value must be entered as printable/typeable text, you can't use a string of hex digits. If you do that it just takes it as text and you get an incorrect HMAC value there.

Here's an example with optional "sucks" mode:

Thank you for you sample dilettante, it works as expected.

here is my code before

Code:
Private Sub Command1_Click()
    Dim xKey As String
    Dim xData As String
    Dim bSig() As Byte


    Dim StringToSign() As Byte
    Dim secretKey() As Byte

    xKey = "a4f6bf89b2a85781b7c1cab997b7ee0c89be03f7ac6ef29b63a45d07253cc401"
    xData = "hypermart1468914526"

    With hs256
        StringToSign = .ToUTF8(xData)
        secretKey = .ToUTF8(xKey)
        .InitHmac secretKey
        Erase secretKey

        bSig = .HmacSha256(StringToSign)
        Erase StringToSign

        MsgBox .Encode(bSig, edfBase64, efNoFolding)
        Erase bSig
    End With
End Sub

i realize that the msgbox line was the cause why the result always incorrect, after removing edfBase64 and efNoFolding the result was correct
 

dilettante

PowerPoster
Joined
Feb 5, 2006
Messages
20,939
Another version that might work better in some scenarios. It only uses the default Base Provider.

However note that this might only work on newer versions of Windows. See Microsoft Base Cryptographic Provider:

To maintain backward compatibility with earlier versions the new version of the provider retains the version 1.0 designation of the name in Wincrypt.h. However, version 2.0 of this provider is currently shipping. To determine the actual version of the provider in use, call CryptGetProvParam with the dwParam argument set to PP_VERSION. If 0x0200 is returned in pbData, then you have version 2.0.

So while the operations my class performs are working under Windows 10 they may rely on things that are only in version 2.0 of this Provider.

Tested and works on Windows 10 1709 and on Windows Home Server 2011 SP 1 (basically the Windows 7 codebase).
 
Last edited:

wqweto

New member
Joined
May 25, 2011
Messages
1,942
All 7 cases in HS512 Demo 1-2 Base.zip seem to work fine on Windows Server 2013 here.

cheers,
</wqw>
 

fatkidz4

New member
Joined
Mar 25, 2018
Messages
1
Please help a self-taught VBA user that can’t quite close the knowledge gap and use the Excel class that dilettante provided. Does the HS256 Excel demo from post #59 contain the code necessary for the following problem that I have?

I am trying sign a request for an API. The secret key below is an example. The CB-ACCESS-SIGN header is generated by creating a sha256 HMAC using the base64-decoded secret key on the prehash string and base64-encode the output. “1522000342.391” is the timestamp in UNIX Epoch time.

Prehash string:
1522000342.391POST/orders{"price":“1.0”,“size”:“1.0”,“side”:“buy”,“product_id”:“BTC-USD”}

Secret key:
D1/0wNj3wsKg8XcTs4KCfZUVzsHXIOW7w38Moj+YximHA5VQS7zAG47bgNSNGIGtFtYQ0vei2JiSPvX3JkBsA==
 

abumohammed

New member
Joined
Jul 8, 2011
Messages
1
How to validate the Signature ? I am using below php code:

PHP:
function dec_enc($action, $string) {
    $output = false;
 
    $encrypt_method = "AES-256-CBC";
    $secret_key = 'This is my secret key';
    $secret_iv = 'This is my secret iv';

    // hash
    $key = hash('sha256', $secret_key);
  
    // iv - encrypt method AES-256-CBC expects 16 bytes - else you will get a warning
    $iv = substr(hash('sha256', $secret_iv), 0, 16);

    if( $action == 'encrypt' ) {
        $output = openssl_encrypt($string, $encrypt_method, $key, 0, $iv);
        $output = base64_encode($output);
    }
    else if( $action == 'decrypt' ){
        $output = openssl_decrypt(base64_decode($string), $encrypt_method, $key, 0, $iv);
    }
    return $output;
}
 
Top