OpenSSL - as alternative to Lua encdec.hmacsha256()

Question

I’m trying to re-platform a Lua script that uses modules I can’t find. The one I’m stuck on is encdec.hmacsha256() which is used in this specific command sig = encdec.hmacsha256(ciphertext, hmac_key, true)

I’m looking to use openSSL instead in order to create the signature, but I’ve been unable to successfully construct the required command line. Please could someone help?

(FYI - I’m a newbie when it comes to encryption and ciphers etc.)

Here is the Lua code where it fits in..

local hmac_key = createHMACKey()
print ("Returned hmac_key = " ..hmac_key)
local hmac_key_HEX = binascii.hexlify(hmac_key)
print ("Returned hmac_key_HEX = " ..hmac_key_HEX)
--------------------------------

--orig = local sig = encdec.hmacsha256(ciphertext, hmac_key, true)
local opensslHMAC256command = "openssl sha256 -hex -mac HMAC -macopt hexkey:" ..ciphertext..hmac_key
local command = assert(io.popen(opensslHMAC256command, 'r'))
local output = command:read('*all')
command:close()

print("opensslHMAC256command in = " ..output)
local file = "etc/encryptedpayload1.txt"
local outf = io.open(file, "w")
outf:write(payload)
outf:close()

local file = "etc/encryptedpayload2.txt"
local outf = io.open(file, "r")
local encreading = outf:read("*all")
print("opensslHMAC256command out = " ..encreading)
outf:close()

local sig = encreading
print("sig = " ..sig)

Answer 1

In my particular situation, we had to alter the require sha2 module and the associated local call, (adding a .z = option) so the function could be requested correctly

local sha = require("sha2").z
local sig = sha.hex_to_bin(sha.hmac(sha.sha256, hmac_key, ciphertext))

Answer 2

You can replace

local sig = encdec.hmacsha256(ciphertext, hmac_key, true)

with

local sha = require("sha2")
local sig = sha.hex_to_bin(sha.hmac(sha.sha256, hmac_key, ciphertext))

The library is here