8000 calculateMac using MessageDigest instead of Mac · Issue #9 · wealdtech/hawk · GitHub
[go: up one dir, main page]
More Web Proxy on the site http://driver.im/
Skip to content
This repository was archived by the owner on Mar 17, 2020. It is now read-only.
This repository was archived by the owner on Mar 17, 2020. It is now read-only.
calculateMac using MessageDigest instead of Mac #9
Closed
Closed
calculateMac using MessageDigest instead of Mac#9
@sjoerdmulder

Description

@sjoerdmulder
sjoerdmulder
opened on Feb 26, 2013

Trying to create a Java based application with a NodeJS client had issues with comparing the MAC.

It seems that that the Java code is using the SHA256 instead of the HmacSHA256 algorithm.
Javascript:

var signer = Crypto.createHmac('sha256', 'mysecretkey');
var digest = signer.update("myvalue").digest('hex');

produces: 0be4107835174ea2923cce1989b1201653ec5e125c49d536b13e3cfdf6de26d9

Using MessageDigest (currently used):

String byteArrayToHex(byte[] a) {
  StringBuilder sb = new StringBuilder();
  for(byte b: a)
    sb.append(String.format("%02x", b&0xff));
  return sb.toString();
}
String input = "myvalue";
String key = "mysecretkey";

MessageDigest md = MessageDigest.getInstance("SHA-256");
md.update(input.getBytes("UTF-8"));
byte[] result = md.digest(key.getBytes("UTF-8"));

System.out.println(byteArrayToHex(result));

produces: 21f15ac13d209e2d38a9b8eb325e1351f26f029eb3379b932050105a62def29c

code / algorithm should be:

Mac sha256 = Mac.getInstance("HmacSHA256");
sha256.init(new SecretKeySpec(key.getBytes("UTF-8"), "HmacSHA256"));
byte[] result = sha256.doFinal(input.getBytes("UTF-8"));

produces: 0be4107835174ea2923cce1989b1201653ec5e125c49d536b13e3cfdf6de26d9

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions
      0