SHA512 hashing with secret key

Question

I need to specify both the data and the secret key to generate a SHA512 hash.

possible duplicate of [How can I create an SHA512 digest string in Java using bouncy castle?](http://stackoverflow.com/questions/2208374/how-can-i-create-an-sha512-digest-string-in-java-using-bouncy-castle) — Damian Leszczyński - Vash, Oct 10 '11 at 14:29

score 2 · Answer 1 · answered Oct 10 '11 at 14:41

2

Bouncy Castle includes an HMAC class which can use any digest (=hash) available, including SHA-256.

answered Oct 10 '11 at 14:41

rossum

score 0 · Accepted Answer · answered Oct 10 '11 at 14:31

0

I recommend using Apache Commons Codec and especially its DigestUtils.

For instance like this:

public String calcSha(String secret, String data) {
    return DigestUtils.sha512Hex(secret + data);
}

answered Oct 10 '11 at 14:31

M.L.

I updated the answer. The PHP-version is probably doing similar thing inside. – M.L. Oct 10 '11 at 14:34
1

I don't get it- you pass the secret with the data as a concatenated string? Why aren't they two separate parameters? – IcedDante May 26 '16 at 19:30
This is incorrect, HMAC (per the original question) would be `H(secret XOR outer-padding, H(secret XOR inner-padding, data))` ([RFC 2104](https://tools.ietf.org/html/rfc2104)), not just a naive concatenation of a secret and a message. This is to [resist length extension attacks](https://en.wikipedia.org/wiki/Length_extension_attack). Also, do not use `String` types everywhere at such a low level, prefer to encode/decode for armoring at the boundaries, and only if necessary. @IcedDante: That's because this isn't a HMAC, a normal hash function has only one parameter and no notion of secret keys. – tne Jul 21 '19 at 10:07

2 Answers2