Skip to main content
Version: 2.9

HMAC Generate Signature Examples

Python 3#

import base64import hashlibimport hmac
secret = bytes('the shared secret key here', 'utf-8')message = bytes('this is signature string', 'utf-8')

hash = hmac.new(secret, message, hashlib.sha256)
# to lowercase hexitshash.hexdigest()
# to lowercase base64base64.b64encode(hash.digest())

Java#

import javax.crypto.Mac;import javax.crypto.spec.SecretKeySpec;import java.security.InvalidKeyException;import java.security.NoSuchAlgorithmException;import javax.xml.bind.DatatypeConverter;
class Main {  public static void main(String[] args) {   try {     String secret = "the shared secret key here";     String message = "this is signature string";
     Mac hasher = Mac.getInstance("HmacSHA256");     hasher.init(new SecretKeySpec(secret.getBytes(), "HmacSHA256"));
     byte[] hash = hasher.doFinal(message.getBytes());
     // to lowercase hexits     DatatypeConverter.printHexBinary(hash);
     // to base64     DatatypeConverter.printBase64Binary(hash);   }   catch (NoSuchAlgorithmException e) {}   catch (InvalidKeyException e) {}  }}

Go#

package main
import (    "crypto/hmac"    "crypto/sha256"    "encoding/base64"    "encoding/hex")
func main() {    secret := []byte("the shared secret key here")    message := []byte("this is signature string")
    hash := hmac.New(sha256.New, secret)    hash.Write(message)
    // to lowercase hexits    hex.EncodeToString(hash.Sum(nil))
    // to base64    base64.StdEncoding.EncodeToString(hash.Sum(nil))}

Ruby#

require 'base64'require 'openssl'
secret = 'the shared secret key here'message = 'this is signature string'
# to lowercase hexitsOpenSSL::HMAC.hexdigest('sha256', secret, message)
# to base64Base64.encode64(OpenSSL::HMAC.digest('sha256', secret, message))

NodeJs#

var crypto = require('crypto');
var secret = 'the shared secret key here';var message = 'this is signature string';
var hash = crypto.createHmac('sha256', secret).update(message);
// to lowercase hexitshash.digest('hex');
// to base64hash.digest('base64');

JavaScript ES6#

const secret = 'the shared secret key here';const message = 'this is signature string';
const getUtf8Bytes = str =>  new Uint8Array(    [...unescape(encodeURIComponent(str))].map(c => c.charCodeAt(0))  );
const secretBytes = getUtf8Bytes(secret);const messageBytes = getUtf8Bytes(message);
const cryptoKey = await crypto.subtle.importKey(  'raw', secretBytes, { name: 'HMAC', hash: 'SHA-256' },  true, ['sign']);const sig = await crypto.subtle.sign('HMAC', cryptoKey, messageBytes);
// to lowercase hexits[...new Uint8Array(sig)].map(b => b.toString(16).padStart(2, '0')).join('');
// to base64btoa(String.fromCharCode(...new Uint8Array(sig)));

PHP#

<?php
$secret = 'the shared secret key here';$message = 'this is signature string';
// to lowercase hexitshash_hmac('sha256', $message, $secret);
// to base64base64_encode(hash_hmac('sha256', $message, $secret, true));

Lua#

local hmac = require("resty.hmac")local secret = 'the shared secret key here'local message = 'this is signature string'local digest = hmac:new(secret, hmac.ALGOS.SHA256):final(message)
--to lowercase hexitsngx.say(digest)
--to base64ngx.say(ngx.encode_base64(digest))

Shell#

SECRET="the shared secret key here"MESSAGE="this is signature string"
# to lowercase hexitsecho -e $MESSAGE | openssl dgst -sha256 -hmac $SECRET
# to base64echo -e $MESSAGE | openssl dgst -sha256 -hmac $SECRET -binary | base64