Hi colleagues. It has been a while since I posted anything. Today I will write a quick post as part of an interface I am currently developing to do procurement PunchOut using cXML, an old protocol from 1999, for my customer and its suppliers. This will eventually end up in their Infor M3 and M3 Enterprise Collaborator implementation.
I only needed to test the Message Authentication Code (MAC) so I wrote a quick prototype in Python.
The cXML User’s Guide describes the MAC algorithm using HMAC-SHA1-96:
Here is my implementation in Python:
# Normalize the values
data = [fromDomain.lower(),
fromIdentity.strip().lower(),
senderDomain.lower(),
senderIdentity.strip().lower(),
creationDate,
expirationDate]
# Concatenate the UTF-8-encoded byte representation of the strings, each followed by a null byte (0x00)
data = b''.join([(bytes(x, "utf-8") + b'\x00') for x in data])
# Calculate the Message Authentication Code (MAC)
digest = hmac.new(password.encode("utf-8"), data, hashlib.sha1).digest()
# Truncate to 96 bits (12 bytes)
truncated = digest[0:12]
# Base-64 encode, and convert bytearray to string
mac = str(base64.b64encode(truncated), "utf-8")
# Set the CredentialMac in the XML document
credentialMac = xml.find("Header/Sender/Credential").find("CredentialMac")
credentialMac.attrib["creationDate"] = creationDate
credentialMac.attrib["expirationDate"] = expirationDate
credentialMac.text = mac
Here is my resulting MAC, and it matches that of the cXML User’s Guide, good:
I posted the full source code in my GitHub repository at https://github.com/M3OpenSource/cXML/blob/master/Test.py .
That’s it!
Thank you for continuing to support this blog.
M3 ideas 