I write code to verify an HMAC Auth incoming POST request with JSON to our API. The HMAC I received is OD5ZxL4tdGgWr78e9vO3cYrjuOFT8WOrTbTIuuIH1PQ=
When I try to generate it by my self using Python, it is always different.
Here is the JSON request I received:
{
"shipper_id": 4841,
"status": "Cancelled",
"shipper_ref_no": "",
"tracking_ref_no": "",
"shipper_order_ref_no": "",
"timestamp": "2018-05-23T15:13:28+0800",
"id": "61185ecf-3484-4985-b625-ffe30ba36e28",
"previous_status": "Pending Pickup",
"tracking_id": "NVSGBHINK000000001"
}
And the client secret is 817a3723917f4c7fac24b1f1b324bbab.
The HMAC secret I received is OD5ZxL4tdGgWr78e9vO3cYrjuOFT8WOrTbTIuuIH1PQ=.
Here is the code when I write it in PHP:
But I have no idea how to do it in Python 3.
A hash-based message authentication code [HMAC] is an algorithm for generating a message authentication code [MAC], which can be used to verify both the integrity and the authentication of a given message. Although both constructs, HMAC and MAC, are based on a cryptographic hash function [such as SHA-1, Whirlpool or RIPEMD-160], the former requires a key [shared between the sender and the receiver of the message] while the latter doesn’t. The HMAC concept was proposed by Bellare, Canetti, and Krawczyk in 1996 and is described in RFC 2104.
As seen from its name, HMAC-SHA-256 uses as its engine the SHA-256 cryptographic hash function, which produces message digests of 256 bits in length. Like the other members of the SHA-2 family [and also MD-5 and SHA-1], SHA-256 is an iterative hash function [based on the Merkle–Damgård scheme] that works by breaking up the input message into blocks of a fixed size [512 bits for SHA-256] and iterating over them with a compression function.
#!/usr/bin/python3
#
# Author: Joao H de A Franco []
#
# Description: HMAC-SHA256 implementation in Python 3
#
# Date: 2013-06-10
#
# License: Attribution-NonCommercial-ShareAlike 3.0 Unported
# [CC BY-NC-SA 3.0]
#================================================================
from functools import reduce
from math import log,ceil
def intToList2[number,length]:
"""Convert a number into a byte list
with specified length"""
return [[number >> i] & 0xff
for i in reversed[range[0,length*8,8]]]
def intToList[number]:
"""Converts an integer of any length into an integer list"""
L1 = log[number,256]
L2 = ceil[L1]
if L1 == L2:
L2 += 1
return [[number&[0xff8*i for i in reversed[range[L2]]]
def listToInt[lst]:
"""Convert a byte list into a number"""
return reduce[lambda x,y:[x