I write code to verify an HMAC Auth incoming POST request with JSON to our API. The HMAC I received is OD5ZxL4tdGgWr78e9vO3cYrjuOFT8WOrTbTIuuIH1PQ=
When I try to generate it by my self using Python, it is always different.
Here is the JSON request I received:
{
"shipper_id": 4841,
"status": "Cancelled",
"shipper_ref_no": "",
"tracking_ref_no": "",
"shipper_order_ref_no": "",
"timestamp": "2018-05-23T15:13:28+0800",
"id": "61185ecf-3484-4985-b625-ffe30ba36e28",
"previous_status": "Pending Pickup",
"tracking_id": "NVSGBHINK000000001"
}
And the client secret is 817a3723917f4c7fac24b1f1b324bbab
.
The HMAC secret I received is OD5ZxL4tdGgWr78e9vO3cYrjuOFT8WOrTbTIuuIH1PQ=
.
Here is the code when I write it in PHP:
But I have no idea how to do it in Python 3.
A hash-based message authentication code [HMAC] is an algorithm for generating a message authentication code [MAC], which can be used to verify both the integrity and the authentication of a given message. Although both constructs, HMAC and MAC, are based on a cryptographic hash function [such as SHA-1, Whirlpool or RIPEMD-160], the former requires a key [shared between the sender and the receiver of the message] while the latter doesn’t. The HMAC concept was proposed by Bellare, Canetti, and Krawczyk in 1996 and is described in RFC 2104.
As seen from its name, HMAC-SHA-256 uses as its engine the SHA-256 cryptographic hash function, which produces message digests of 256 bits in length. Like the other members of the SHA-2 family [and also MD-5 and SHA-1], SHA-256 is an iterative hash function [based on the Merkle–Damgård scheme] that works by breaking up the input message into blocks of a fixed size [512 bits for SHA-256] and iterating over them with a compression function.
#!/usr/bin/python3 # # Author: Joao H de A Franco [] # # Description: HMAC-SHA256 implementation in Python 3 # # Date: 2013-06-10 # # License: Attribution-NonCommercial-ShareAlike 3.0 Unported # [CC BY-NC-SA 3.0] #================================================================ from functools import reduce from math import log,ceil def intToList2[number,length]: """Convert a number into a byte list with specified length""" return [[number >> i] & 0xff for i in reversed[range[0,length*8,8]]] def intToList[number]: """Converts an integer of any length into an integer list""" L1 = log[number,256] L2 = ceil[L1] if L1 == L2: L2 += 1 return [[number&[0xff8*i for i in reversed[range[L2]]] def listToInt[lst]: """Convert a byte list into a number""" return reduce[lambda x,y:[x