My workflow has a C# script that generates the HMAC SHA256 hex digest of a particular input string. The script is below:
protected override void Execute() { byte[] key_byte = System.Text.Encoding.UTF8.GetBytes("7ad3773142a6692b25b8"); string my_string = GetTokenValue("String_to_sign").ToString(); byte[] message_byte = System.Text.Encoding.UTF8.GetBytes(my_string); var hash = new HMACSHA256(key_byte); string signed_string = BitConverter.ToString(hash.ComputeHash(message_byte)).Replace("-", string.Empty).ToLower(); SetTokenValue("Signed String", signed_string); }
(All the values and keys are dummy values.)
The value of the String_to_sign token, which is the input string, is:
POST\n/apps/3/events\nauth_key=278d425bdf160c739803&auth_timestamp=1353088179&auth_version=1.0&body_md5=ec365a775a4cd0599faeb73354201b6f
When this string is cryptographically signed using the key 7ad3773142a6692b25b8, the string of the output is supposed to be:
da454824c97ba181a32ccc17a72625ba02771f50b50e1e7430e47a1f3f457e6c
However, I am getting:
ef728567b8fa59ad9ffda67ac44f85481676c5f80758610ce6fd229e44a5375c
Here's the odd part: if I hardcode the input string into the my_string variable, as opposed to getting its value from the String_to_sign token, I get the correct output. So the below version of the script works:
protected override void Execute() { byte[] key_byte = System.Text.Encoding.UTF8.GetBytes("7ad3773142a6692b25b8"); string my_string = "POST\n/apps/3/events\nauth_key=278d425bdf160c739803&auth_timestamp=1353088179&auth_version=1.0&body_md5=ec365a775a4cd0599faeb73354201b6f"; byte[] message_byte = System.Text.Encoding.UTF8.GetBytes(my_string); var hash = new HMACSHA256(key_byte); string signed_string = BitConverter.ToString(hash.ComputeHash(message_byte)).Replace("-", string.Empty).ToLower(); SetTokenValue("Signed String", signed_string); }
I'm trying to understand the discrepancy. The input string will be dynamic -- I can't hardcode it. Any help would be appreciated.