W3C home > Mailing lists > Public > xproc-dev@w3.org > May 2010

Re: EXProc proposal: pxp:hmac-sha1 (and pxp:hmac-md5)

From: Henry S. Thompson <ht@inf.ed.ac.uk>
Date: Tue, 18 May 2010 13:46:57 +0100
To: Norman Walsh <ndw@nwalsh.com>
Cc: XProc Dev <xproc-dev@w3.org>
Message-ID: <f5bsk5ps7ge.fsf@calexico.inf.ed.ac.uk>
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Norman Walsh writes:

> FWIW, I've already implemented HMAC SHA1 as an extension to p:hash. Or
> rather, Henry has, as I did little more than apply his patch. I
> believe he needed it for some interaction with Amazon.

Yes, to access Amazon Web Services, e.g. the Mechanical Turk.

> <p:hash algorithm="cx:hmac">
>   <p:with-param name="cx:accessKey" value="..."/>
> </p:hash>

Here's a sample pipeline:

<p:pipeline xmlns:p="http://www.w3.org/ns/xproc" version="1.0"
            xmlns:mt="http://mechanicalturk.amazonaws.com/AWSMechanicalTurkRequester/2005-10-01"
            exclude-inline-prefixes="mt"
            xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"
            xmlns:c="http://www.w3.org/ns/xproc-step">

 <p:documentation>
  <div xmlns="http://www.w3.org/1999/xhtml">
     Sign and send a request to the Turk</div>
 </p:documentation>

 <p:variable name="stamp" select="current-dateTime()"/>

 <p:insert position="first-child">
  <p:input port="insertion">
   <p:inline><Signature
xmlns="http://mechanicalturk.amazonaws.com/AWSMechanicalTurkRequester/2005-10-01"><here/></Signature></p:inline>
  </p:input>
 </p:insert>

 <p:insert position="first-child">
  <p:input port="insertion">
   <p:inline><Timestamp
xmlns="http://mechanicalturk.amazonaws.com/AWSMechanicalTurkRequester/2005-10-01"><here/></Timestamp></p:inline>
  </p:input>
 </p:insert>

 <p:string-replace match="mt:Timestamp/mt:here">
  <p:with-option name="replace"
                 select="concat('&quot;',$stamp,'&quot;')"/>
 </p:string-replace>

 <p:insert position="first-child">
  <p:input port="insertion">
   <p:inline><AWSAccessKeyId
xmlns="http://mechanicalturk.amazonaws.com/AWSMechanicalTurkRequester/2005-10-01">[your access key here]</AWSAccessKeyId></p:inline>
  </p:input>
 </p:insert>

 <p:hash match="/*/mt:Signature/mt:here" algorithm="cx:hmac"
         xmlns:cx="http://xmlcalabash.com/ns/extensions" name="hash">
 <p:with-option name="value"
                select="concat('AWSMechanicalTurkRequester',
                               local-name(/*),$stamp)"/>
 <p:with-param name="cx:key"
               select="'[your key here]'"/>
</p:hash>

 <p:insert match="soapenv:Body" position="first-child">
  <p:input port="source">
   <p:inline>
    <c:request method="POST"
href="http://mechanicalturk.sandbox.amazonaws.com/onca/soap?Service=AWSMechanicalTurkRequester">
     <c:header name="SOAPAction"
               value="&quot;http://soap.amazon.com&quot;"/>
     <c:body content-type="application/xml">
     <soapenv:Envelope
          xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/">
      <soapenv:Body/></soapenv:Envelope></c:body>
    </c:request>
   </p:inline>
  </p:input>
  <p:input port="insertion">
   <p:pipe step="hash" port="result"/>
  </p:input>
 </p:insert>

 <p:http-request/>

</p:pipeline>

- -- 
       Henry S. Thompson, School of Informatics, University of Edinburgh
      10 Crichton Street, Edinburgh EH8 9AB, SCOTLAND -- (44) 131 650-4440
                Fax: (44) 131 651-1426, e-mail: ht@inf.ed.ac.uk
                       URL: http://www.ltg.ed.ac.uk/~ht/
 [mail from me _always_ has a .sig like this -- mail without it is forged spam]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.6 (GNU/Linux)

iD8DBQFL8oxBkjnJixAXWBoRAp1ZAJ0Wx9wtVKKD3ZmzQaE+noNULkyTiQCdGLuv
LN/wZ0PSRPPbVadZQmoD024=
=Fo8o
-----END PGP SIGNATURE-----
Received on Tuesday, 18 May 2010 12:48:04 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Tuesday, 18 May 2010 12:48:05 GMT