How to use SHA256-HMAC in python code?
Solution 1
You are not making use of hmac
at all in your code.
Typical way to use hmac
, construct an HMAC object from your key, message and identify the hashing algorithm by passing in its constructor:
h = hmac.new( key, my, hashlib.sha256 )
print( h.hexdigest() )
That should output
adcb671e8e24572464c31e8f9ffc5f638ab302a0b673f72554d3cff96a692740
for your example data.
Solution 2
For later versions of python, you need a mix of all of the other answers to get the OPs output. The hmac.new
function wants the key
argument to be of type bytes
or bytearray
, so running the code in Neil Slater's answer would produce the following error:
TypeError: key: expected bytes or bytearray, but got 'str'
Even if the key
argument were fixed, the hmac.new
function would then complain about the my
string with the following error:
TypeError: Unicode-objects must be encoded before hashing
To fix both of these, the bytes
function from Sujoy's answer and the encode
method from Wilson Wu's answer are used to convert the variables into the correct types.
import hashlib
import hmac
# my and key as per question
my = "/api/embedded_dashboard?data=%7B%22dashboard%22%3A7863%2C%22embed%22%3A%22v2%22%2C%22filters%22%3A%5B%7B%22name%22%3A%22Filter1%22%2C%22value%22%3A%22value1%22%7D%2C%7B%22name%22%3A%22Filter2%22%2C%22value%22%3A%221234%22%7D%5D%7D"
key = "e179017a-62b0-4996-8a38-e91aa9f1"
# encoding as per other answers
byte_key = bytes(key, 'UTF-8') # key.encode() would also work in this case
message = my.encode()
# now use the hmac.new function and the hexdigest method
h = hmac.new(byte_key, message, hashlib.sha256).hexdigest()
# print the output
print(h)
The output that this prints is
adcb671e8e24572464c31e8f9ffc5f638ab302a0b673f72554d3cff96a692740
exactly as the OP expected.
Solution 3
Some code for you, easy to use:
import hmac
import hashlib
import binascii
def create_sha256_signature(key, message):
byte_key = binascii.unhexlify(key)
message = message.encode()
return hmac.new(byte_key, message, hashlib.sha256).hexdigest().upper()
create_sha256_signature("E49756B4C8FAB4E48222A3E7F3B97CC3", "TEST STRING")
Solution 4
A note to Wilson WU's answer, if both the key and messages are hex, the returned value is wrong, just change below line of code to fix that ;
message = message.encode() ---> message = message.binascii.unhexlify(message)
Solution 5
It may be too late. Yet, posting what worked for me just in case it works for someone else -
import hmac
import hashlib
import base64
access_token = <your token in string format>
app_secret = <your secret access key in string format>
# use any one, all three options work.
# OPTION 1 (it works)
# digest = hmac.new(app_secret.encode('UTF-8'),
# access_token.encode('UTF-8'), hashlib.sha256)
# OPTION 2 (it works)
# digest = hmac.new(str.encode(app_secret),
# str.encode(access_token), hashlib.sha256)
# OPTION 3 (it works)
digest = hmac.new(bytes(app_secret, 'UTF-8'),
bytes(access_token, 'UTF-8'), hashlib.sha256)
signature = digest.hexdigest()
print(signature)
![Venkatesh Panabaka](https://i.stack.imgur.com/xZmJF.jpg?s=256&g=1)
Venkatesh Panabaka
If you have any doubts please mail to me [email protected] Skype id:- panabakavenkatesh
Updated on July 05, 2022Comments
-
Venkatesh Panabaka almost 2 years
I am taking message and key from this URL
import hmac import hashlib import base64 my = "/api/embedded_dashboard?data=%7B%22dashboard%22%3A7863%2C%22embed%22%3A%22v2%22%2C%22filters%22%3A%5B%7B%22name%22%3A%22Filter1%22%2C%22value%22%3A%22value1%22%7D%2C%7B%22name%22%3A%22Filter2%22%2C%22value%22%3A%221234%22%7D%5D%7D" key = "e179017a-62b0-4996-8a38-e91aa9f1" print(hashlib.sha256(my + key).hexdigest())
I am getting this result:
2df1d58a56198b2a9267a9955c31291cd454bdb3089a7c42f5d439bbacfb3b88
Expecting result:
adcb671e8e24572464c31e8f9ffc5f638ab302a0b673f72554d3cff96a692740