7 Replies Latest reply on Jul 24, 2017 6:24 PM by Alchemist

    Struggling with CryptAuthCode function

    cwhitty

      Hi,

       

      Im reasonably new to Filemaker so bear with...

      Im trying to generate a hmac to send to an API Server required for activating sims.

       

      Currently I can create what i need using the Base elements plugin;

       

      Lower ( BE_HMAC ( $DATA ; table::secretkey ;  BE_MessageDigestAlgorithm_SHA256; "" ;  "" ) )

       

      returns

       

      1a162ad9f68ea18ff6313c6efe8b531ef0998cfb1915e8d0c420f0f1f9736f18

       

      where

       

      $DATA = "lower=&20upper=113&tariff=8&nickname=&tags=Chris Whitfield"

       

      But as scripts to activate sims will be ran via Webdirect and Filmmaker app I can't see it working and would rather use what is already in filemaker.

       

      So Ideally i would us the new crypt auth code function but it seems to return a file called hmac.data

       

      So to try and get the hmac retuned as text rightly or wrongly i tried this;

       

      Base64Decode ( Base64EncodeRFC ( "4648" ; CryptAuthCode ( $DATA ; "SHA256" ; table::secretkey ) ) )

       

      result:   *������1<n��S ����  ��� ���so

       

      Any help will be greatly appreciated.

        • 1. Re: Struggling with CryptAuthCode function
          mikebeargie

          Why not use CryptEncrypt() for the encryption and then CryptDecrypt() for the decryption?

          CryptEncrypt() - FileMaker Pro 16 Help

          CryptDecrypt() - FileMaker Pro 16 Help

          • 2. Re: Struggling with CryptAuthCode function
            cwhitty

            Thanks for the reply,

             

            CryptDecrypt( CryptEncrypt( CryptAuthCode ( $DATA ; "SHA256" ; "9cfb29377943159b41c06df5296cc694795f0e2dedd6a89440efc59727ccc236" ) ; "whishthiswouldwork" ) ; "whishthiswouldwork" )

             

            returns;

            hmac.data

             

            I presume hmac.data is a file and what lies within looks something like this

            1a162ad9f68ea18ff6313c6efe8b531ef0998cfb1915e8d0c420f0f1f9736f18

            is that correct???

             

            if so any ideas how i can get it?

            • 3. Re: Struggling with CryptAuthCode function
              mikebeargie

              You need to perform them as separate actions, rather than trying to do it all in one calculation.

               

              CryptEncrypt() results in a container file, so use Set Field to stick that into a container. Then use CryptDecrypt() to test decrypting that container’s file.

               

              Read the documentation I linked to, it is much more thorough and there are other functions you may be able to use as well.

              2 of 2 people found this helpful
              • 4. Re: Struggling with CryptAuthCode function
                cwhitty

                Set Field container with CryptEncrypt( CryptAuthCode ( $DATA ; "SHA256" ; "9cfb29377943159b41c06df5296cc694795f0e2dedd6a89440efc59727ccc236" ) ; "whishthiswouldwork" )

                 

                Container field contents are

                encrypted.data

                 

                set variable $HMAC1 using CryptDecrypt( Subscriptions::Container ; "whishthiswouldwork" )

                returns

                hmac.data

                 

                so the encrypt, decrypt appears to be working but still returns the original file/container

                • 5. Re: Struggling with CryptAuthCode function
                  mikebeargie

                  Why are you double encrypting your data with:

                  CryptEncrypt( CryptAuthCode ( $DATA ; "SHA256" ; "9cfb29377943159b41c06df5296cc694795f0e2dedd6a89440efc59727ccc236" ) ; "whishthiswouldwork" )

                   

                  Did you try just:

                  CryptEncrypt( "9cfb29377943159b41c06df5296cc694795f0e2dedd6a89440efc59727ccc236" ; "whishthiswouldwork" )

                   

                  You are basically encrypting an encrypted file, then only decrypting it one step. This results in an encrypted file (your hmac.data), that still requires an additional level of decryption from you using CryptAuthCode()

                  • 6. Re: Struggling with CryptAuthCode function
                    fmpdude

                    Example 1 on your linked help file shows the operations in one step:

                     

                    Example 1

                    Returns This needs protection, the text that was encrypted using CryptEncrypt with the same key.

                     

                    CryptDecrypt (
                    CryptEncrypt ( "This needs protection" ; "My secret password" ) ;
                    "My secret password"
                    )

                    • 7. Re: Struggling with CryptAuthCode function
                      Alchemist

                      I also struggled with CryptAuthCode when it became available.  I was able to get the BaseElements plugin to work, but not the native function.

                       

                      Two issues;

                       

                      1.     CryptAuthCode in 16.0.1 does not produce correct results.

                       

                      2.     CryptAuthCode works internally with binary data.

                       

                      What does this mean?  Firstly you need to be running at least 16.0.2.  Secondly whereas the BaseElements plugin allows you to specify if C and K are Hex or Base64 you need to encode C and K appropriately for it to produce same results.  If you just pass in a Hex string it will be treated as text ... not what you intended.

                       

                      Try something like this;

                       

                      Lower ( HexEncode ( CryptAuthCode ( C ; "SHA1" ; K ) ) )

                       

                      where

                       

                      C = HexDecode ( Globals::Data ; "data.bin" )

                      K = HexDecode ( Globals::Key; "key.bin")

                       

                      The Data and Key fields contain Hex strings.

                       

                      Cheers,  Malcolm