-
-
Notifications
You must be signed in to change notification settings - Fork 48
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Write HMAC tokens for secure POST requests #410
Comments
@SRGDamia1, general HMAC functions could benefit all dataPublishers, so I am adding it to the dataPublisherBase. Does that make sense? Once I get general HMAC SHA256 tokens to work, I'll then be creating a new publisher for Azure EventHubs. AWS IoT has a similar endpoint, so this could be widely used.
@SRGDamia1, general HMAC functions could benefit all dataPublishers, so I am adding it to the dataPublisherBase. Does that make sense? See commit 0ca66e3. |
@SRGDamia1, thanks for letting me know via 0ca66e3#commitcomment-71532797 that I put the HMAC functions in the right space. With commit b0da816 I got HMAC working within ModularSensors via a test sketch. I have not yet fully implemented it into generating a Shared Access Signature (SAS) token, in part because I got stuck on this other issue: |
Develop the capability to write an HMAC-SHA256 signature -- which is a keyed-hash message authentication code (HMAC) created using the SHA-256 cryptographic hash algorithm -- for generating tokens for authenticating requests using the authorization header.
HMAC-SHA256 signatures are used as a security feature by many cloud platforms for authenticating HTTP POST Requests, including:
I plan on implementing this using a fork of https://github.com/daknuett/cryptosuite2.
My early tests with https://github.com/EnviroDIY/cryptosuite2 demonstrate that I can create an HMAC on an EnviroDIY Mayfly in 90 ms, using only 526 bytes RAM (3.2%) and 6640 bytes of Flash (5.1%).
The text was updated successfully, but these errors were encountered: