Write HMAC tokens for secure POST requests #410
Assignees
Comments
aufdenkampe
changed the title
aufdenkampe
changed the title
aufdenkampe
referenced
this issue
Apr 14, 2022
@SRGDamia1, general HMAC functions could benefit all dataPublishers, so I am adding it to the dataPublisherBase. Does that make sense? Once I get general HMAC SHA256 tokens to work, I'll then be creating a new publisher for Azure EventHubs. AWS IoT has a similar endpoint, so this could be widely used.
|
@SRGDamia1, general HMAC functions could benefit all dataPublishers, so I am adding it to the dataPublisherBase. Does that make sense? See commit 0ca66e3. |
|
@SRGDamia1, thanks for letting me know via 0ca66e3#commitcomment-71532797 that I put the HMAC functions in the right space. With commit b0da816 I got HMAC working within ModularSensors via a test sketch. I have not yet fully implemented it into generating a Shared Access Signature (SAS) token, in part because I got stuck on this other issue: |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Develop the capability to write an HMAC-SHA256 signature -- which is a keyed-hash message authentication code (HMAC) created using the SHA-256 cryptographic hash algorithm -- for generating tokens for authenticating requests using the authorization header.
HMAC-SHA256 signatures are used as a security feature by many cloud platforms for authenticating HTTP POST Requests, including:
I plan on implementing this using a fork of https://github.com/daknuett/cryptosuite2.
My early tests with https://github.com/EnviroDIY/cryptosuite2 demonstrate that I can create an HMAC on an EnviroDIY Mayfly in 90 ms, using only 526 bytes RAM (3.2%) and 6640 bytes of Flash (5.1%).
The text was updated successfully, but these errors were encountered: