hash_hmac in 1C:Enterprise



Understanding basics of 1C:Enterprise platform. To start working with 1C:Enterprise platform visit Getting started page

#1
People who like this:0Yes/0No
Interested
Rating: 30
Joined: Apr 5, 2012
Company: 1TC

Hi,

I there possibility to use HMAC method in 1C. In php there is embedded function as "hash_hmac". Where you can give as parameter hash method, hash data and hash key.

Or we should write manuel algorithm?

 
#2
People who like this:0Yes/0No
Just came
Rating: 0
Joined: Apr 8, 2013
Company: 1C Company

Hi, Murat,

The latest official version of 1C Enterprise platform (8.3.9) has not HMAC function because the platform does not support bitwise operations. The bitwise operations would appear in the version 8.3.10 or later.


I have used the MSScriptControl COM object to get the HMAC. Please refer below to get an example.

Function call:

Code
oauth_signature = EncodeString(OauthCommonUse.B64_HMAC_SHA1("b64_hmac_sha1", SigningKey, SignatureBaseString), StringEncodingMethod.URLEncoding);


Function description:
Code
// Function - B64_HMAC_SHA1 is a special function for calculating 
// a hash based message authentication code MAC using hash function 
// in combination with secret cryptographic key
// For more information please refer following page:
// https://en.wikipedia.org/wiki/Hash-based_message_authentication_code
// IMPORTANT the function works only in MS Windows environment. 
// For cross platform using please develop Native API component 
// or rework the code after 8.3.10 platform release (would support bitwise operations)
//
// Parameters:
//  JSFunction    a name of function using in JS 
//  Key          a combination of consumer and token secret keys. 
//  Data       data witch shoudl be signed
// 
// Returns:
//   Result - a signature for this data with this key
//
Function B64_HMAC_SHA1(JSFunction, Key, Data = Undefined) Export 
   Var Result;
   
   ScriptControl = New COMObject("MSScriptControl.ScriptControl");
   ScriptControl.Language = "javascript";
   ScriptControl.AddCode("
   |/*
   | * A JavaScript implementation of the Secure Hash Algorithm, SHA-1, as defined
   | * in FIPS 180-1
   | * Version 2.2 Copyright Paul Johnston 2000 - 2009.
   | * Other contributors: Greg Holt, Andrew Kepert, Ydnar, Lostinet
   | * Distributed under the BSD License
   | * See http://pajhome.org.uk/crypt/md5 for details.
   | */
   |
   |/*
   | * Configurable variables. You may need to tweak these to be compatible with
   | * the server-side, but the defaults work in most cases.
   | */
   |var hexcase = 0;  /* hex output format. 0 - lowercase; 1 - uppercase        */
   |var b64pad  = ""=""; /* base-64 pad character. ""="" for strict RFC compliance   */
   |
   |/*
   | * These are the functions you'll usually want to call
   | * They take string arguments and return either hex or base-64 encoded strings
   | */
   |function hex_sha1(s)    { return rstr2hex(rstr_sha1(str2rstr_utf8(s))); }
   |function b64_sha1(s)    { return rstr2b64(rstr_sha1(str2rstr_utf8(s))); }
   |function any_sha1(s, e) { return rstr2any(rstr_sha1(str2rstr_utf8(s)), e); }
   |function hex_hmac_sha1(k, d)
   |  { return rstr2hex(rstr_hmac_sha1(str2rstr_utf8(k), str2rstr_utf8(d))); }
   |function b64_hmac_sha1(k, d)
   |  { return rstr2b64(rstr_hmac_sha1(str2rstr_utf8(k), str2rstr_utf8(d))); }
   |function any_hmac_sha1(k, d, e)
   |  { return rstr2any(rstr_hmac_sha1(str2rstr_utf8(k), str2rstr_utf8(d)), e); }
   |
   |/*
   | * Perform a simple self-test to see if the VM is working
   | */
   |function sha1_vm_test()
   |{
   |  return hex_sha1(""abc"").toLowerCase() == ""a9993e364706816aba3e25717850c26c9cd0d89d"";
   |}
   |
   |/*
   | * Calculate the SHA1 of a raw string
   | */
   |function rstr_sha1(s)
   |{
   |  return binb2rstr(binb_sha1(rstr2binb(s), s.length * 8));
   |}
   |
   |/*
   | * Calculate the HMAC-SHA1 of a key and some data (raw strings)
   | */
   |function rstr_hmac_sha1(key, data)
   |{
   |  var bkey = rstr2binb(key);
   |  if(bkey.length > 16) bkey = binb_sha1(bkey, key.length * 8);
   |
   |  var ipad = Array(16), opad = Array(16);
   |  for(var i = 0; i < 16; i++)
   |  {
   |    ipad[i] = bkey[i] ^ 0x36363636;
   |    opad[i] = bkey[i] ^ 0x5C5C5C5C;
   |  }
   |
   |  var hash = binb_sha1(ipad.concat(rstr2binb(data)), 512 + data.length * 8);
   |  return binb2rstr(binb_sha1(opad.concat(hash), 512 + 160));
   |}
   |
   |/*
   | * Convert a raw string to a hex string
   | */
   |function rstr2hex(input)
   |{
   |  try { hexcase } catch(e) { hexcase=0; }
   |  var hex_tab = hexcase ? ""0123456789ABCDEF"" : ""0123456789abcdef"";
   |  var output = """";
   |  var x;
   |  for(var i = 0; i < input.length; i++)
   |  {
   |    x = input.charCodeAt(i);
   |    output += hex_tab.charAt((x >>> 4) & 0x0F)
   |           +  hex_tab.charAt( x        & 0x0F);
   |  }
   |  return output;
   |}
   |
   |/*
   | * Convert a raw string to a base-64 string
   | */
   |function rstr2b64(input)
   |{
   |  try { b64pad } catch(e) { b64pad=''; }
   |  var tab = ""ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/"";
   |  var output = """";
   |  var len = input.length;
   |  for(var i = 0; i < len; i += 3)
   |  {
   |    var triplet = (input.charCodeAt(i) << 16)
   |                | (i + 1 < len ? input.charCodeAt(i+1) << 8 : 0)
   |                | (i + 2 < len ? input.charCodeAt(i+2)      : 0);
   |    for(var j = 0; j < 4; j++)
   |    {
   |      if(i * 8 + j * 6 > input.length * 8) output += b64pad;
   |      else output += tab.charAt((triplet >>> 6*(3-j)) & 0x3F);
   |    }
   |  }
   |  return output;
   |}
   |
   |/*
   | * Convert a raw string to an arbitrary string encoding
   | */
   |function rstr2any(input, encoding)
   |{
   |  var divisor = encoding.length;
   |  var remainders = Array();
   |  var i, q, x, quotient;
   |
   |  /* Convert to an array of 16-bit big-endian values, forming the dividend */
   |  var dividend = Array(Math.ceil(input.length / 2));
   |  for(i = 0; i < dividend.length; i++)
   |  {
   |    dividend[i] = (input.charCodeAt(i * 2) << 8) | input.charCodeAt(i * 2 + 1);
   |  }
   |
   |  /*
   |   * Repeatedly perform a long division. The binary array forms the dividend,
   |   * the length of the encoding is the divisor. Once computed, the quotient
   |   * forms the dividend for the next step. We stop when the dividend is zero.
   |   * All remainders are stored for later use.
   |   */
   |  while(dividend.length > 0)
   |  {
   |    quotient = Array();
   |    x = 0;
   |    for(i = 0; i < dividend.length; i++)
   |    {
   |      x = (x << 16) + dividend[i];
   |      q = Math.floor(x / divisor);
   |      x -= q * divisor;
   |      if(quotient.length > 0 || q > 0)
   |        quotient[quotient.length] = q;
   |    }
   |    remainders[remainders.length] = x;
   |    dividend = quotient;
   |  }
   |
   |  /* Convert the remainders to the output string */
   |  var output = """";
   |  for(i = remainders.length - 1; i >= 0; i--)
   |    output += encoding.charAt(remainders[i]);
   |
   |  /* Append leading zero equivalents */
   |  var full_length = Math.ceil(input.length * 8 /
   |                                    (Math.log(encoding.length) / Math.log(2)))
   |  for(i = output.length; i < full_length; i++)
   |    output = encoding[0] + output;
   |
   |  return output;
   |}
   |
   |/*
   | * Encode a string as utf-8.
   | * For efficiency, this assumes the input is valid utf-16.
   | */
   |function str2rstr_utf8(input)
   |{
   |  var output = """";
   |  var i = -1;
   |  var x, y;
   |
   |  while(++i < input.length)
   |  {
   |    /* Decode utf-16 surrogate pairs */
   |    x = input.charCodeAt(i);
   |    y = i + 1 < input.length ? input.charCodeAt(i + 1) : 0;
   |    if(0xD800 <= x && x <= 0xDBFF && 0xDC00 <= y && y <= 0xDFFF)
   |    {
   |      x = 0x10000 + ((x & 0x03FF) << 10) + (y & 0x03FF);
   |      i++;
   |    }
   |
   |    /* Encode output as utf-8 */
   |    if(x <= 0x7F)
   |      output += String.fromCharCode(x);
   |    else if(x <= 0x7FF)
   |      output += String.fromCharCode(0xC0 | ((x >>> 6 ) & 0x1F),
   |                                    0x80 | ( x         & 0x3F));
   |    else if(x <= 0xFFFF)
   |      output += String.fromCharCode(0xE0 | ((x >>> 12) & 0x0F),
   |                                    0x80 | ((x >>> 6 ) & 0x3F),
   |                                    0x80 | ( x         & 0x3F));
   |    else if(x <= 0x1FFFFF)
   |      output += String.fromCharCode(0xF0 | ((x >>> 18) & 0x07),
   |                                    0x80 | ((x >>> 12) & 0x3F),
   |                                    0x80 | ((x >>> 6 ) & 0x3F),
   |                                    0x80 | ( x         & 0x3F));
   |  }
   |  return output;
   |}
   |
   |/*
   | * Encode a string as utf-16
   | */
   |function str2rstr_utf16le(input)
   |{
   |  var output = """";
   |  for(var i = 0; i < input.length; i++)
   |    output += String.fromCharCode( input.charCodeAt(i)        & 0xFF,
   |                                  (input.charCodeAt(i) >>> 8) & 0xFF);
   |  return output;
   |}
   |
   |function str2rstr_utf16be(input)
   |{
   |  var output = """";
   |  for(var i = 0; i < input.length; i++)
   |    output += String.fromCharCode((input.charCodeAt(i) >>> 8) & 0xFF,
   |                                   input.charCodeAt(i)        & 0xFF);
   |  return output;
   |}
   |
   |/*
   | * Convert a raw string to an array of big-endian words
   | * Characters >255 have their high-byte silently ignored.
   | */
   |function rstr2binb(input)
   |{
   |  var output = Array(input.length >> 2);
   |  for(var i = 0; i < output.length; i++)
   |    output[i] = 0;
   |  for(var i = 0; i < input.length * 8; i += 8)
   |    output[i>>5] |= (input.charCodeAt(i / 8) & 0xFF) << (24 - i % 32);
   |  return output;
   |}
   |
   |/*
   | * Convert an array of big-endian words to a string
   | */
   |function binb2rstr(input)
   |{
   |  var output = """";
   |  for(var i = 0; i < input.length * 32; i += 8)
   |    output += String.fromCharCode((input[i>>5] >>> (24 - i % 32)) & 0xFF);
   |  return output;
   |}
   |
   |/*
   | * Calculate the SHA-1 of an array of big-endian words, and a bit length
   | */
   |function binb_sha1(x, len)
   |{
   |  /* append padding */
   |  x[len >> 5] |= 0x80 << (24 - len % 32);
   |  x[((len + 64 >> 9) << 4) + 15] = len;
   |
   |  var w = Array(80);
   |  var a =  1732584193;
   |  var b = -271733879;
   |  var c = -1732584194;
   |  var d =  271733878;
   |  var e = -1009589776;
   |
   |  for(var i = 0; i < x.length; i += 16)
   |  {
   |    var olda = a;
   |    var oldb = b;
   |    var oldc = c;
   |    var oldd = d;
   |    var olde = e;
   |
   |    for(var j = 0; j < 80; j++)
   |    {
   |      if(j < 16) w[j] = x[i + j];
   |      else w[j] = bit_rol(w[j-3] ^ w[j-8] ^ w[j-14] ^ w[j-16], 1);
   |      var t = safe_add(safe_add(bit_rol(a, 5), sha1_ft(j, b, c, d)),
   |                       safe_add(safe_add(e, w[j]), sha1_kt(j)));
   |      e = d;
   |      d = c;
   |      c = bit_rol(b, 30);
   |      b = a;
   |      a = t;
   |    }
   |
   |    a = safe_add(a, olda);
   |    b = safe_add(b, oldb);
   |    c = safe_add(c, oldc);
   |    d = safe_add(d, oldd);
   |    e = safe_add(e, olde);
   |  }
   |  return Array(a, b, c, d, e);
   |
   |}
   |
   |/*
   | * Perform the appropriate triplet combination function for the current
   | * iteration
   | */
   |function sha1_ft(t, b, c, d)
   |{
   |  if(t < 20) return (b & c) | ((~b) & d);
   |  if(t < 40) return b ^ c ^ d;
   |  if(t < 60) return (b & c) | (b & d) | (c & d);
   |  return b ^ c ^ d;
   |}
   |
   |/*
   | * Determine the appropriate additive constant for the current iteration
   | */
   |function sha1_kt(t)
   |{
   |  return (t < 20) ?  1518500249 : (t < 40) ?  1859775393 :
   |         (t < 60) ? -1894007588 : -899497514;
   |}
   |
   |/*
   | * Add integers, wrapping at 2^32. This uses 16-bit operations internally
   | * to work around bugs in some JS interpreters.
   | */
   |function safe_add(x, y)
   |{
   |  var lsw = (x & 0xFFFF) + (y & 0xFFFF);
   |  var msw = (x >> 16) + (y >> 16) + (lsw >> 16);
   |  return (msw << 16) | (lsw & 0xFFFF);
   |}
   |
   |/*
   | * Bitwise rotate a 32-bit number to the left.
   | */
   |function bit_rol(num, cnt)
   |{
   |  return (num << cnt) | (num >>> (32 - cnt));
   |}
   |");
   
   If Data = Undefined Then
      Result = ScriptControl.Run(JSFunction, TrimAll(String(Key)));
      
   Else
      Result = ScriptControl.Run(JSFunction, TrimAll(String(Key)), TrimAll(String(Data)));
      
   EndIf;
   
   Return Result;
   
EndFunction


There are some constraints to using the function. It works only on MS Windows-based system.
If you use 64-bit operation system you need to wrap the COM object to COM+ because there is no 64-bit version of MSScriptControl.

Please let us know if the function is useful for you.

Edited: Anton Chikov - Mar 17, 2017 03:45 PM
 
Subscribe
Users browsing this topic (guests: 1, registered: 0, hidden: 0)