digital signature - Githubissues

dzavalishin / mqtt_udp

Simpified version of MQTT over UDP

MIT License

145 stars 32 forks source link

digital signature #19

Open dzavalishin opened 6 years ago

dzavalishin commented 6 years ago

[x] java
[x] python3
[x] c
[ ] go
[ ] lua
[ ] codesys

dzavalishin commented 5 years ago

HMAC-MD5

https://github.com/mygityf/cipher/blob/master/cipher/hmac.c

https://github.com/gityf/ngx_cipher/tree/master/lualib/cipher/c

https://github.com/ElMostafaIdrassi/MiDHmacLib_Static/blob/master/MiDHmacLib_Static/HMACLib.cpp

dzavalishin commented 5 years ago

I was told that Blake2 or SHA-256 is much better than MD-5...

dzavalishin commented 5 years ago

python:

import hashlib import hmac

signature_computed = 'sha1=' + hmac.new(
    key=secret.encode('utf-8'),
    msg=data.encode('utf-8'),
    digestmod=hashlib.sha1
).hexdigest()
if not hmac.compare_digest(signature, signature_computed):
    log("Invalid payload")

dzavalishin commented 5 years ago

Need #69 to implement this. Both done in Java send code. Other code checked to ignore extra packet data.