I am trying to create a hash using PowerShell code to confirm an webhook subscription using Kamstrup READy API. However, I get errors the following error when confirming a subscription.
Then I tried to recreate the example hash in their documentation (under Confirm). I keep getting a different result that do not match their example hash.
$message = @'
{
"verificationToken" : "e6557603-9121-4c9b-9c38-1a33f56204b0"
}
'@
$secret = '6KVQ05mN9iLvCg=='
$hmacsha = New-Object System.Security.Cryptography.HMACSHA256
$hmacsha.key = [Convert]::FromBase64String($secret)
$signature = $hmacsha.ComputeHash([Text.Encoding]::ASCII.GetBytes($message.ToString()))
$signature = [Convert]::ToBase64String($signature)
echo $signature
$ExpectedHash = 'jm Inr5EVDgLHbpZaTVjInllgm8Ogs7Ok9mLePiciNc='
$ReturnedHash = 'Zo5DukhFluumI/RchKOPQOBheY7rlnzOFLD A0aBbDk='
I'm kind of stuck at this point. I expect that it has to do something with the formatting of the message.
CodePudding user response:
The documentation to which you link states that you must hash the verification token -- not the entire message.
First they must take the verificationToken and hash it using a client secret(Base64 value created in READyManager) and SHA256.
Correcting your code to use just the verification token, I get the expected hash back.
# $message = '{ "verificationToken" : "e6557603-9121-4c9b-9c38-1a33f56204b0" }'
$message = 'e6557603-9121-4c9b-9c38-1a33f56204b0'
$secret = '6KVQ05mN9iLvCg=='
$hmacsha = New-Object System.Security.Cryptography.HMACSHA256
$hmacsha.key = [Convert]::FromBase64String($secret)
$signature = $hmacsha.ComputeHash([Text.Encoding]::Default.GetBytes($message.ToString()))
$signature = [Convert]::ToBase64String($signature)
echo $signature
$ExpectedHash = 'jm Inr5EVDgLHbpZaTVjInllgm8Ogs7Ok9mLePiciNc='
$ReturnedHash = 'Zo5DukhFluumI/RchKOPQOBheY7rlnzOFLD A0aBbDk='
Output:
H:\Temp> .\testps.ps1
jm Inr5EVDgLHbpZaTVjInllgm8Ogs7Ok9mLePiciNc=
A simple case of RTFM :-)