Difference in SHA hashes between ruby and C#

Question

I'm developing an application, that makes use of some REST web services. It's technical documentation says that I should pass SHA256 hash of some string in the request.

In an example request (in the documentation) a string:

hn-Rw2ZHYwllUYkklL5Zo_7lWJVkrbShZPb5CD1expires=1893013926label[0]=any/somestatistics=1d,2d,7d,28d,30d,31d,lifetimestatus=upl,livetitle=a

After executing:

digest = Digest::SHA256.digest(string_to_sign)
signature = Base64::encode64(digest).chomp.gsub(/=+$/, '')

results in a hash:

YRYuN2zO+VvxISNp/vKQM5Cl6Dpzoin7mNES0IZJ06U

This example is in ruby, as the documentation is for ruby developers.

I'm developing my application in C# and for the exactly same string, when I execute:

byte[] rawHash = sha256.ComputeHash(rawRequest, 0, rawRequest.Length);
string friendlyHash = Convert.ToBase64String(rawHash);

and remove the trailing "=" signs, I get:

Vw8pl/KxnjcEbyHtfNiMikXZdIunysFF2Ujsow8hyiw

and therefore, the application fails to execute resulting in an signature mismatch error.

I've tried changing the encoding while converting the string to a byte array preceding the hashing and nothing changed.

Any ideas?

Answer 1

Based on the document here, you are missing a - (that is a dash) in your string. Seems that Acrobat helpfully removes it in a copy paste from the document...

Here is some code that I splatted together that gets the same value as the example (well it would if you trimmed the final =)

    string s = "hn-Rw2ZH-YwllUYkklL5Zo_7lWJVkrbShZPb5CD1expires=1893013926label[0]=any/somestatistics=1d,2d,7d,28d,30d,31d,lifetimestatus=upl,livetitle=a";

    SHA256Managed sh = new SHA256Managed();
    byte[] request = System.Text.UTF8Encoding.UTF8.GetBytes(s);
    sh.Initialize();
    byte[] b4bbuff = sh.ComputeHash(request, 0, request.Length);

    string b64 = Convert.ToBase64String(b4bbuff);