Help with HashTextWithKey - Working with Duo Security API

I’m attempting to utilize the Duo Security API with UiPath.

I’m following the authorization example given here: Duo Auth API | Duo Security

I’m having trouble with this step from the Duo documentation:
“Lastly, compute the HMAC-SHA1 of this canonical representation, using your Duo application’s secret key as the HMAC key.”

The Duo page gives example Python (2.x) code as an example. In trying to re-code the given Python example in UiPath, I’ve narrowed down my issue to the following Python statement:
sig = hmac.new(skey, canon, hashlib.sha1)

  • sig refers to what Duo calls an API signature. For our purposes here, it is the HMAC-SHA1 of the text we are attempting to encode
  • skey is the secret key of the Duo API. We use this as they key in our hashing function. In our example, this is “Zh5eGmUq9zpfQnyUIu5OL9iWoMMv5ZNmk3zLJ4Ep”
  • canon is the text we are attempting to hash
  • hashlib.sha1 is the hash method we are required to use

I’ve figured out that the equivalent function in UiPath is UiPath.Cryptography.Activities.KeyedHashText.

If we set canon = “Tue, 21 Aug 2012 17:29:18 -0000”, I get the same output from both the Python code and from UiPath

import hmac, hashlib
skey = “Zh5eGmUq9zpfQnyUIu5OL9iWoMMv5ZNmk3zLJ4Ep”
canon = “Tue, 21 Aug 2012 17:29:18 -0000”
sig = hmac.new(skey, canon, hashlib.sha1)
sig.hexdigest()

Outputs: ‘71d06cbdfe3a78568d3d4c4ee152991e14e589fd’

I get the same output when I use UiPath.Cryptography.Activities.KeyedHashText with Algorithm “HMACSHA1”, Text = “Tue, 21 Aug 2012 17:29:18 -0000”, and Key = “Zh5eGmUq9zpfQnyUIu5OL9iWoMMv5ZNmk3zLJ4Ep”

If we set canon to “Tue, 21 Aug 2012 17:29:18 -0000\nPOST”, we get different values from Python and UiPath.

import hmac, hashlib
skey = “Zh5eGmUq9zpfQnyUIu5OL9iWoMMv5ZNmk3zLJ4Ep”
canon = “Tue, 21 Aug 2012 17:29:18 -0000\nPOST”
sig = hmac.new(skey, canon, hashlib.sha1)
sig.hexdigest()

Outputs: ‘5866f32beddbb0c52d7a1add8bb488376af8caf9’

I get the different output when I use UiPath.Cryptography.Activities.KeyedHashText with Algorithm “HMACSHA1”, Text = “Tue, 21 Aug 2012 17:29:18 -0000\nPOST”, and Key = “Zh5eGmUq9zpfQnyUIu5OL9iWoMMv5ZNmk3zLJ4Ep”

Outputs: ‘9AB9F90ED447928566799C8D382D243692808F7D’

The full text I need to hash will include several lines. I understand that ‘\n’ in Python (and elsewhere) usually means newline. If I set the Text equal to “Tue, 21 Aug 2012 17:29:18 -0000” + environment.NewLine + “POST” in UiPath, I get the output ‘4199382B91864EA19E96A7B7503F0B35C00C79BD’

Playing around a bit, I always get matching output when the input text does not include \n. Can anyone figure out how I can get matching output from UiPath when there is a \n in the text?

I’ve attached my UiPath code. The Python code should be easily copied from my post.

Example.xaml (11.5 KB)

1 Like