HMAC post request validation

abeyjoshy · December 17, 2024, 4:44am

Hi, I m trying to validate my payload using HMAC method as mentioned in the link below.

https://developers.google.com/android/els/reference/http-spec#hash-based_message_authentication_code_hmac

I used the mentioned example for validation given here:
https://developers.google.com/android/els/reference/http-spec#examples_2

I have used Nodejs for validation but I am not getting the correct output. The Nodejs code example is provided below:

const crypto = require(‘crypto’);
// HMAC secret key (decoded from base64)
const HMAC_KEY = Buffer.from(‘ASNFZ4mrze8BI0VniavN7wEjRWeJq83vASNFZ4mrze8BI0VniavN7wEjRWeJq83vASNFZ4mrze8BI0VniavN7w==’, ‘base64’);
// Function to compute HMAC
function computeHmac(payload) {
return crypto.createHmac(‘sha1’, HMAC_KEY)
.update(payload,‘utf8’) // Process the payload as a UTF-8 string
.digest(‘hex’); // Output as a hexadecimal string
}
// Input
const payload = ‘v=2&thunderbird_version=1&emergency_number=911’;
const computedHmac = computeHmac(payload);
console.log(‘Computed HMAC:’, computedHmac);
//Expected Output: e27dce749babe97c1188cf3e272b0492d018e8
//Actual output: 87d3197707630e01834de124cbff28bac274ff0c

Can Anyone help me with what will be the possible issue in mismatch. Thanks in advance.

dchiesa1 · December 17, 2024, 5:50pm

The forum you originally posted this to, is focused on Google Cloud. The space you selected is dedicated to Apigee. That seems like the wrong place for this question.

You might want to try posting on Stack overflow: https://stackoverflow.com/questions/tagged/android

Topic		Replies	Views
HMAC cryptojs client and JAVA on server Apigee api-runtime	10	15	June 10, 2016
hmac for post request,HMAC for post Request Apigee api-runtime	2	313	May 15, 2018
Encryption Decryption policies Apigee api-runtime	3	11	June 28, 2015

HMAC post request validation

AI Suggested topics