Reputation: 5203
Python 3 sign a message with key sha512
I have the following line of code:
return hmac.new(self.Secret.upper() , message , hashlib.sha512).digest().encode("base64").replace("\n","")
This works fine in Python2, but not in Python 3. As soon as I try in Python 3 I get:
TypeError: key: expected bytes or bytearray, but got 'str'
from hmac.py. I've of course tried converting self.Secret and message using bytes() and bytearray(), but that hasn't worked either.
I've also tried using hashlib.sha512 to generate the key, but that's not very clear to me. I have a secret API key that needs to be used to sign the POST data and the only clear way to do this is using hmac.new(), but when I finally do get something that can be passed as a string it looks nothing like it should, and as expected I can't authenticate with it.
Another attempt was:
sign = hashlib.sha512(message_to_sign)
sign.update(self.Secret.upper())
This also produces a string that looks nothing like the working key that comes from the original code in Python 2.7.
I've tried so many other variations as well, but none of them give me anything that works.
Upvotes: 2
Views: 4231
Answers (2)
Reputation: 8116
This one works for me on python 3.4.2:
print((base64.b64encode(hmac.new(bytearray("SECRET".upper(), "ASCII") , bytearray("TEST","ASCII") , hashlib.sha512).digest())).decode("ASCII").replace("\n", ""))
...and calculates a correct HMAC.
You might want to change "ASCII" to some other encoding.
Upvotes: 3
Reputation: 77407
hmac hashing works with binary keys and data. In python2, str is a sequence of 8 bit characters which is interchangable with binary so everything works. In python3, str is a sequence of unicode characters and must be encoded to binary to work. This should work:
return hmac.new(bytes(self.Secret.upper().encode('ascii')) , bytes(message.encode('ascii') , hashlib.sha512).digest().encode("base64").replace("\n","")
Notice I used ascii encoding but that's just a guess. Your python2 strings may be your local code page and your message may be a binary blob already. You'll need to formalize what encoding you use so that receivers know how to verify the signature.
Upvotes: 2
Related Questions
- Generate HMAC SHA256 signature Python
- Python encoded message with HMAC-SHA256
- Sign a byte string with SHA256 in Python
- Can't signing a Message using sha512 in python at iconomi
- creating a HMAC SHA256 key in python
- Generating a Signature Value in python
- How do I sign a POST request using HMAC-SHA512 and the Python requests library?
- HMAC signing requests in Python
- Using RSA in Python 3, need to sign a message (without hashing the message)
- hash_hmac sha512 authentication in python