1

I am getting the “input” from the server in “Base64-encoded” form as shown in picture.

  1. I need to decode it into its original form of Binary string .i.e original = base64_decode(input) .
  2. concatenate i.e to_be_hash =password (known value) + input.
  3. Hash the concatenated string using SHA-256. i.e binary_hash_str =sha256(to_be_hash).

I need Base64 URL-safe encode the binary hash string above to make it suitable for HTTP requests.

final_hash = base64_url_safe_encode(binary_hash_str)

I am using powershell for this. Can someone guide me how to progress please.

Improve this question

2 Answers 2

Reset to default
2

The correct way of doing this is shown here: https://www.powershellgallery.com/packages/Posh-ACME/2.0.1/Content/Private%5CConvertTo-Base64Url.ps1

Base64Url-encode is not the same as Base64-encode + Url-encode.

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

1

If I understand correctly you would like to send a base64 string as a argument in a url? You can escape the characters that are not acceptable in a url using [uri]::EscapeDataString()

$text = "some text!!"
$bytes = [System.Text.Encoding]::Unicode.GetBytes($text)
$base64 = [System.Convert]::ToBase64String($bytes)
$urlSafeString = [uri]::EscapeDataString($base64)

"Base64        : " + $base64
"urlSafeString : " + $urlSafeString

Base64        : cwBvAG0AZQAgAHQAZQB4AHQAIQAhAA==
urlSafeString : cwBvAG0AZQAgAHQAZQB4AHQAIQAhAA%3D%3D
Improve this answer

2 Comments

To avoid the escaping, most web apps expect - instead of = in Base64 strings.
It seems this might not be a consideration here, but the + and / can be undesirable in the base64 alphabet and for those, the RFC has an alternative alphabet: RFC4648 -- some environments, such as Java, actually support this explicitly - I'm hoping to find a way to do it in PowerShell but so far have only found doing replacement manually afterwards.

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.