Reputation: 87
creating a HMAC SHA256 key in python
I'm trying to properly create a new HMAC key to interact with an API. However I keep on hitting obstacle after obstacle. I've copied the code from the API documents to create the authentication message but it keeps throwing errors.
class CoinbaseExchangeAuth(AuthBase):
def __init__(self, api_key, secret_key, passphrase):
self.api_key = api_key
self.secret_key = secret_key
self.passphrase = passphrase
def __call__(self, request):
timestamp = str(time.time())
message = timestamp + request.method + request.path_url + (request.body or '')
hmac_key = base64.b64decode(self.secret_key)
signature = hmac.new(hmac_key, message, hashlib.sha256)
signature_b64 = signature.digest().encode('base64').rstrip('\n')
request.headers.update({
'CB-ACCESS-SIGN': signature_b64,
'CB-ACCESS-TIMESTAMP': timestamp,
'CB-ACCESS-KEY': self.api_key,
'CB-ACCESS-PASSPHRASE': self.passphrase,
'Content-Type': 'application/json'
})
return request
api_url = 'https://api.pro.coinbase.com/'
auth = CoinbaseExchangeAuth(API_KEY, API_SECRET, API_PASS)
# Get accounts
r = requests.get(api_url + 'accounts', auth=auth)
This is the code directly from the webpage, when i run it with the correct values(API_KEY, API_SECRET, API_PASS) it moans saying that the key needs encoding before hashing.
the key itself looks something like this 36jGMCGkfpyjsnrywCz/sYL6K4nd6Iy41CTe8ovhVWh2EjforFSAkhrH7nyovzqgLWzBcvIIUjyCy3Eku+weSg==
which i believe is base64 encoded, so when i change the variable of hmac_key to = b'36jGMCGkfpyjsnrywCz/sYL6K4nd6Iy41CTe8ovhVWh2EjforFSAkhrH7nyovzqgLWzBcvIIUjyCy3Eku+weSg=='
it still tells me that the code needs encoding first through this error message
Traceback (most recent call last):
File "C:\Users\Chris\Documents\New folder\import csv.py", line 35, in <module>
signature = hmac.new(encoded_key, message, digestmod=hashlib.sha256)
File "C:\Users\Chris\AppData\Local\Programs\Python\Python39\lib\hmac.py", line 170, in new
return HMAC(key, msg, digestmod)
File "C:\Users\Chris\AppData\Local\Programs\Python\Python39\lib\hmac.py", line 93, in __init__
self.update(msg)
File "C:\Users\Chris\AppData\Local\Programs\Python\Python39\lib\hmac.py", line 113, in update
self._inner.update(msg)
TypeError: Unicode-objects must be encoded before hashing
however the API documents says that i need to decode the secret key/hmac_key first which is what their code is doing. can someone please shed some light on this before i frisby the laptop out the window
Upvotes: 0
Views: 1226
Answers (2)
Reputation: 87
i have encoded both the message and the key with the .encode() method and it has worked. I now have a hmac object saved to memory
Upvotes: 0
Reputation: 8572
Most of encryption algorithms (I believe, HMAC included) expects data in binary. So you should .encode() key before calling hmac.new().
Wild guess – this docs on website is from py2 times and weren't updated
Upvotes: 1
Related Questions
- How to use SHA256-HMAC in python code?
- Generate HMAC SHA256 signature Python
- Python encoded message with HMAC-SHA256
- Generate HMAC Sha256 in python 3
- Problem with calculating HMAC of a string with python
- base64 HMAC with SHA256 in Python
- How do i generate an hmac with sha-512?
- Implementing SHA1-HMAC with Python
- Python 3 sign a message with key sha512
- Generating HMAC signature with hashed "password"