1

I'm trying to create a SHA256 object from MS Access VBA.

I'm running Access 2016 on a Windows machine with .NET 4.8.

Public Function Base64_HMACSHA256(ByVal sTextToHash As String, ByVal sSharedSecretKey As String) As String
    Dim asc As Object, enc As Object
    Dim TextToHash() As Byte
    Dim SharedSecretKey() As Byte
    Set asc = CreateObject("System.Text.UTF8Encoding")
    'Set enc = CreateObject("System.Security.Cryptography.HMACSHA256") 'THIS SUCCESSFULLY CREATES THE OBJECT
    'Set enc = CreateObject("System.Security.Cryptography.SHA256") 'IHF 02/03/22 'CAN'T CREATE OBJECT
    'Set enc = CreateObject("System.Security.Cryptography.SHA256CryptoServiceProvider") 'IHF 02/03/22 'CAN'T CREATE OBJECT
    'Set enc = CreateObject("System.Security.Cryptography.RSACryptoServiceProvider") 'CAN'T CREATE OBJECT
    TextToHash = asc.Getbytes_4(sTextToHash)
    SharedSecretKey = asc.Getbytes_4(sSharedSecretKey)    
    enc.Key = SharedSecretKey 
    Dim bytes() As Byte
    bytes = enc.ComputeHash_2((TextToHash))
    Base64_HMACSHA256 = EncodeBase64(bytes)
    Set asc = Nothing
    Set enc = Nothing
End Function

I ended up doing it all a totally different way, so I never figured this out.

Ian Fletcher
  • 9
  • 5
  • Have you tried "System.Security.Cryptography.SHA256Managed". You can have the list of creatable class (= COM Progid in this case) if you look at "HKEY_CLASSES_ROOT" in the registry – Simon Mourier Feb 05 '22 at 07:36

1 Answers1

1

The appropriate class, as noted in the comments, is System.Security.Cryptography.SHA256Managed. Wikibooks has an example.

However, I prefer using the WinAPI CNG api directly (docs). This has some flexibility, performance and security advant.ages. See an example

Erik A
  • 31,639
  • 12
  • 42
  • 67
  • Thanks, but the 256managed class does a different thing, i.e. generate its own keys. That's why it's called "managed." I need a class where I get to specify the private key. – Ian Fletcher Feb 06 '22 at 16:41
  • Eeh... What do you mean _get the private key_? Hashing doesn't use private keys. Are you trying to use HMAC? Please clarify exactly what you want to do (the goal, not some object that can't be created) in the question – Erik A Feb 06 '22 at 16:50
  • I'm trying to follow the instructions on this page: https://developers.docusign.com/platform/auth/jwt/jwt-get-token Specifically, this step: "The signature part of the JWT is a digital signature that enables DocuSign to verify that the JWT was created by your application and has not been modified since it was created. The first two parts of the JWT are signed with your application's private key (using the RSA SHA-256 digital signature algorithm) as shown in the diagram." – Ian Fletcher Feb 06 '22 at 18:26
  • 1
    Eh, that's RSA SHA256, none of those .Net default libraries implement that afaik. That's very much a nontrivial task, and you need RSA crypto provider object, not just the SHA256 ones. My advice would be to start by getting it to work in .Net before considering using .Net libraries in VBA to reduce complexity. – Erik A Feb 06 '22 at 20:30
  • Thanks. That is, in fact, what I'm going to try next. Build it as a DLL in .NET and then call the authentication from Access. – Ian Fletcher Feb 07 '22 at 19:02
  • @IanFletcher, did you figure this out? I am struggling with the same thing in Access 2016 and coming up on the 10/1/2022 DocuSign deadline for migration to OAUTH2. If you could share your solution, I would be eternally grateful. – PSD Sep 05 '22 at 16:48