Vasily
Vasily

Reputation: 3790

HMAC-SHA1 for OAuth Signature in Swift

I'm trying to make OAuth module for Swift 2 in my application. I'm stucked with HMAC-SHA1 signature generating because my function returns incorrect base64 hmac-sha1 for signature. Can you help me with it? What's wrong?

func URLEncodedKey() -> String? {   
    let key = "efgh"
    let string = "GET&http%3A%2F%2Fhost.net%2Fresource&name%3Dvalue%26name%3Dvalue%26oauth_consumer_key%3Dabcd%26oauth_nonce%3DxUwWEy3LVsI%26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp%3D1441375089%26oauth_token%3Dijkl%26oauth_version%3D1.0"

    guard let keyData = key.dataUsingEncoding(NSUTF8StringEncoding),
        stringData = string.dataUsingEncoding(NSUTF8StringEncoding),
        outputData = NSMutableData(length: Int(CC_SHA1_DIGEST_LENGTH)) else {
            return nil
    }
    outputData.length = Int(CC_SHA1_DIGEST_LENGTH)

    CCHmac(CCHmacAlgorithm(kCCHmacAlgSHA1),
        keyData.bytes, keyData.length,
        stringData.bytes, stringData.length,
        outputData.mutableBytes)

    return outputData
        .base64EncodedStringWithOptions([])
}

For checking:

String for encode: in code

Correct: O8UjUTYX1UxKF93KaY/mta9HETs=
My (incorrect): f5elSONqP6nPdpgBIyroJTCN19s=

Correct encoder is here (javascript): https://oauth.googlecode.com/svn/code/javascript/example/signature.html

Upvotes: 4

Views: 1422

Answers (1)

rintaro
rintaro

Reputation: 51911

Your method must returns correct result as is.

See http://oauth.net/core/1.0/#signing_process:

The HMAC-SHA1 signature method uses the HMAC-SHA1 signature algorithm as defined in [RFC2104] where the Signature Base String is the text and the key is the concatenated values (each first encoded per Parameter Encoding) of the Consumer Secret and Token Secret, separated by an ‘&’ character (ASCII code 38) even if empty.

The key should be "efgh&mnop" in this case.

Upvotes: 3

Related Questions