OpenSSL HMAC_SHA1 as b64 hash (not base64 encoded)

Question

I was successfully able to get a HMAC_SHA1, however it is hex. I am not able to figure out how to get base64 string. This is how I get hex string:

Running this on "message" and "key" gives me hex string of 2088df74d5f2146b48146caf4965377e9d0be3a4, this is correct. Doing a base64 encode on this gives me MjA4OGRmNzRkNWYyMTQ2YjQ4MTQ2Y2FmNDk2NTM3N2U5ZDBiZTNhNA==, this is correctly base64 encoded, but not a b64 hash string, which should be IIjfdNXyFGtIFGyvSWU3fp0L46Q=.

#include <openssl/evp.h>
#include <openssl/sha.h>
#include <openssl/hmac.h>

std::string calcHmac(std::string message, std::string key, std::string aStrType="base64") {
    char hash[41];

    // The data that we’re going to hash using HMAC
    const unsigned char *unsignedData = (unsigned char *)message.c_str();
    unsigned char *digest;
    // I have used sha1 hash engine here.
    digest = HMAC(EVP_sha1(), key.c_str(), strlen(key.c_str()), unsignedData, strlen((char *)unsignedData), NULL, NULL);

    // Length of string depends on the chosen hash engine for example with the
    // chosen hash engine  i.e SHA1 it produces a 20-byte hash value which
    // rendered as 40 characters.
    // Length of the string need to be changed as per hash engine used.
    for (int i = 0; i < 20; i++) {
      sprintf(&hash[i * 2], "% 02x", (unsigned int)digest[i]);
    }

    std::string hash_hex = std::string(hash);

    // if (aStrType == "base64") {
    //     std::string hash_b64 = "";
    //     return hash_b64;
    // }
    return hash_hex;
}

@MaartenBodewes the accepted solution is not proper base64, I needed strict please. I am trying to get hmac sha1 of "message" and "key" to result in `IIjfdNXyFGtIFGyvSWU3fp0L46Q=`. Thanks so much though for pointing me there. — Noitidart, Jan 04 '17 at 20:20
Are you just missing the `=` at the end? Did you use the solution posted by [TCS](http://stackoverflow.com/a/5331271/589259)? — Maarten Bodewes, Jan 04 '17 at 20:24
Thanks @MaartenBodewes but doing calcHmacSha1("message", "key") is giving me hex string of `2088df74d5f2146b48146caf4965377e9d0be3a4`. Then using the base64 encode from that accepted solution linked to, it just converts this to `MjA4OGRmNzRkNWYyMTQ2YjQ4MTQ2Y2FmNDk2NTM3N2U5ZDBiZTNhNA==`. Whereas it should convert it to `IIjfdNXyFGtIFGyvSWU3fp0L46Q=` for proper b64 hash. I think its called "strict base64". — Noitidart, Jan 04 '17 at 20:26
@Noitidart I've reopened this, since you believe it's not a true duplicate. — Drew Dormann, Jan 04 '17 at 20:27
You should not encode it first to hexadecimals. Try to use base 64 directly on the result of SHA-1. Hexadecimals is just used to *represent* the bytes so that they are human readable. — Maarten Bodewes, Jan 04 '17 at 20:29
Thank you @DrewDormann I have added more to explain why it's different then regular "base64 encoding". I needed the "b64 hash encoding". Which might be called "strict b64" — Noitidart, Jan 04 '17 at 20:30
I'll try that now @MaartenBodewes thank you and I'll report back. — Noitidart, Jan 04 '17 at 20:30
[This page](http://tomeko.net/online_tools/base64.php?lang=en) returns the same result (displayed as hex) so it *must* work. — Maarten Bodewes, Jan 04 '17 at 20:35
Thanks @MaartenBodewes I tried it, it gave me weird result of `Rg==`, may you please see my attempt - https://gist.github.com/Noitidart/99fff093bdd03418140b360d242b1d06#file-blah-cpp-L101-L108 - I am very new to writing C++. — Noitidart, Jan 04 '17 at 20:36
Well in this case you simply encoded the wrong variable I guess. — Maarten Bodewes, Jan 04 '17 at 20:39
Let us [continue this discussion in chat](http://chat.stackoverflow.com/rooms/132338/discussion-between-maarten-bodewes-and-noitidart). — Maarten Bodewes, Jan 04 '17 at 20:40
You should also stop using `strlen` because of embedded NULLs. `std::string` has a `length()`, and you should use it instead. Also, you should Base64 encode the binary string; and not your ASCII representation of it. — jww, Jan 04 '17 at 20:43
Thank you @jww yep that fixed it! :) Maarten helped me in chat. Thanks very muc hboth! — Noitidart, Jan 04 '17 at 20:51
@jww Hu, a golden OpenSSL badge. And I thought my Crypto & Encryption golden badges were specialized :) — Maarten Bodewes, Jan 07 '17 at 18:58
@MaartenBodewes - Congrats. I'm hoping to get one for Crypto++ eventually. — jww, Jan 08 '17 at 01:00

OpenSSL HMAC_SHA1 as b64 hash (not base64 encoded)

0 Answers0