CODEWITHSUNDEEP
javarubybase64digital-signaturehmac
user1141515
user1141515

Reputation: 1

Signature with HMAC SHA-256 and Base64Encoder

I tried a lot for creating signature to access one web service.

They required that I generate a signature with each request.

For generating signature, I have one message say "abc" and one secrete key say "xyz". According to them my signature should be processed as the following ruby code

require 'base64'

require 'openssl'

secret = "xyz"

request = "abc"

digest = OpenSSL::Digest::Digest.new('sha256')

signature = Base64.encode64(OpenSSL::HMAC.digest(digest, secret, request)).chomp

signature should be 9ZjsfVB3k5nPNLf5he+gfyYaxNWCIJ6J8YcRpxW5GG0= but I am not getting this using Java code which is as below:

 SecretKey secretKey = null;    

 byte[] keyBytes = keyString.getBytes("UTF-8");     

 Mac mac = Mac.getInstance("HMACHSA256");

 secretKey = new SecretKeySpec(keyBytes,mac.getAlgorithm());

 mac.init(secretKey);   

 byte[] text = baseString.getBytes("UTF-8");

 //mac.update(digest.digest());

 byte[] encodedText = mac.doFinal(text);    

 return new String(Base64.encodeBase64(encodedText)).trim();

Please help me on this.

Upvotes: 0

Views: 3392

Answers (1)

demongolem
demongolem

Reputation: 9708

I ran the Java code and got oQLjGtDh255Vg5ix4fjVzHvFOq7TNygJRcbQ/EnF8JE=

I went to this online site and I got oQLjGtDh255Vg5ix4fjVzHvFOq7TNygJRcbQ/EnF8JE=

I ran the top script as a ruby script, and I got oQLjGtDh255Vg5ix4fjVzHvFOq7TNygJRcbQ/EnF8JE=

Since those three match, I suggest that all the code above is consistent but the value you report is not correct. The above Java code is pretty much textbook HMACSHA256 for Java but I cannot comment on the Ruby part because I am only a Java guy.

Upvotes: 1

Related Questions