ModularSensors
ModularSensors copied to clipboard
Write HMAC tokens for secure POST requests
Develop the capability to write an HMAC-SHA256 signature -- which is a keyed-hash message authentication code (HMAC) created using the SHA-256 cryptographic hash algorithm -- for generating tokens for authenticating requests using the authorization header.
HMAC-SHA256 signatures are used as a security feature by many cloud platforms for authenticating HTTP POST Requests, including:
- Microsoft Azure Service Bus Messaging - Shared Access Signatures (SAS)
- AWS Simple Storage Service (S3) Request Authorization Headers
I plan on implementing this using a fork of https://github.com/daknuett/cryptosuite2.
My early tests with https://github.com/EnviroDIY/cryptosuite2 demonstrate that I can create an HMAC on an EnviroDIY Mayfly in 90 ms, using only 526 bytes RAM (3.2%) and 6640 bytes of Flash (5.1%).
@SRGDamia1, general HMAC functions could benefit all dataPublishers, so I am adding it to the dataPublisherBase. Does that make sense? See commit 0ca66e3.
@SRGDamia1, thanks for letting me know via https://github.com/EnviroDIY/ModularSensors/commit/0ca66e3218b9e253296500103e4cb37f6a6b4f72#commitcomment-71532797 that I put the HMAC functions in the right space.
With commit b0da816d4355feef3ce2185c7dc60916c924be53 I got HMAC working within ModularSensors via a test sketch. I have not yet fully implemented it into generating a Shared Access Signature (SAS) token, in part because I got stuck on this other issue:
- #411