C# HMAC to Java

Question

I'm making the equivalent java code for the code below. But I can make something that returns the same result for encodedString. What Java class can I use for achieve the same result?

//Set the Hash method to SHA1
HMAC hash;
switch (validation)
{
    case MachineKeyValidation.MD5:
        hash = new HMACMD5();
        break;
    case MachineKeyValidation.SHA1:
    default:
        hash = new HMACSHA1();
        break;
}
//Get the hash validation key as an array of bytes
hash.Key = HexToByte(validationKey);
//Encode the password based on the hash key and
//converts the encrypted value into a string
encodedString = Convert.ToBase64String(hash.ComputeHash(Encoding.Unicode.GetBytes(password)));

Thanks in advance! :)

score 2 · Accepted Answer · answered Feb 16 '11 at 17:30

I found a solution for the translation code. There was two main problem. When a request a HMACSHA1 I'm not talking about a SHA1 algorithm, but a HmacSHA1. And there is a difference between the encoding from Java and C#. I was using the correct key, and the correct algorithm, but the encoding was differente.

SecretKeySpec signingKey = new SecretKeySpec(key, "HmacSHA1");
Mac mac = Mac.getInstance("HmacSHA1");
mac.init(signingKey);
// The big problem is difference between C# and Java encoding
byte[] rawHmac = mac.doFinal(data.getBytes("UTF-16LE"));
result = new String(Base64.encode(rawHmac));

I'm trying to port a similar java code to c#. So which encoding does java use by default? — HuseyinUslu, Nov 25 '12 at 00:53

score 1 · Answer 2 · edited May 23 '17 at 10:33

1

See this question about computing hash functions in Java.

And look at the javadoc for java.security.MessageDigest.getInstance(String algorithm).

Edited to add:

Try running the following app to see what providers you have registered.


import java.security.Provider;
import java.security.Security;

public class SecurityTest {

    public static void main(String[] args) {

        Provider[] providers = Security.getProviders();
        for (Provider p : providers) {
            System.out.println(p.toString());
        }
    }
}

You should have at least a few Sun providers listed. If not, you may need to download some security libraries.

edited May 23 '17 at 10:33

Community

1
1

answered Feb 15 '11 at 19:04

Rick Goldstein

299
1
6

It doesn't work: "java.security.NoSuchAlgorithmException: Cannot find any provider supporting SHA1" – Victor Feb 15 '11 at 19:58
Edited to add a bit of code to help you narrow down the problem. – Rick Goldstein Feb 15 '11 at 20:52
I have the listed providers, but I can hash my string with SHA1, what is the required package for this operation? SUN version 1.6, SunRsaSign version 1.5, SunJSSE version 1.6, SunJCE version 1.6, SunJGSS version 1.0, SunSASL version 1.5 and XMLDSig version 1.0 SunPCSC version 1.6 SunMSCAPI version 1.6 – Victor Feb 16 '11 at 11:21
Not sure I understand. Can you call `MessageDigest.getInstance("SHA-1")` without throwing an exception? When I do it, the returned `MessageDigest` uses the SUN version 1.6 provider, so you apparently have what you need. Also, I really recommend looking at the answers to the question I linked. There's a pointer to an apache library that provides a bunch of utilities for doing what you want. Good luck. – Rick Goldstein Feb 16 '11 at 16:25

C# HMAC to Java

2 Answers2