An example of how to use HMAC

Question

An example of how to use HMAC

Ruffio opened this issue 7 years ago · 3 comments

I would be nice with an example of how to use HMAC. Are there any restrictions on salt? Length/format ?

Answer 1 · 2017-10-06T11:06:02.000Z

I'll second that. It's the only one not mentioned in the docs, and it seems to be implemented in a non-straightforward way? I'm on version 1.0.7 and have this problem:

const sha256 = message => new Hashes.SHA256().hex(message) // Works!
const hmac = message => new Hashes.HMAC().hex(message) // Doesn't work

Answer 2 · 2017-12-04T21:22:18.000Z

https://github.com/h2non/jshashes/blob/master/examples/server/hmac.js

Answer 3 · 2020-05-18T16:14:22.000Z

I landed here after following an example in the Twitter API docs and not getting the expected result, hopefully the following will help someone else:

The README is a bit misleading as it lists HMAC under "Supported hash algorithms" but "Usage" does not include an example of it an instantiable Object. Turns out HMAC is NOT available as an instance, you'll need one of the public methods instead: hex_hmac(), b64_hmac() or any_hmac()
The example pasted above by @robocoder is incorrect as b64_mac() and other functions take key first and then the string; a small detail that completely modifies the result of the encoding.

In my case I was able to sign an OAuth 1.0 request correctly with the following:

const OAUTH_SIGNATURE = new Hashes.SHA1().b64_hmac(KEY, STRING);