java - Hash Based Message Authentication Codes (MAC) does not match at receiver end -
i trying create basic demo application 1 class generate message sent in following format signedmessage_using_hmac.base64encoded_message
at receiving end (decodedata.java) first wan compare if message signed using right key decrypting signed message , signing message same key , compare signed message @ receiver end signed message sent. these not work.
when try decode base64 encoded message not give me correct message.
can please guide me what's wrong here?
import org.apache.commons.codec.binary.base64; import javax.crypto.mac; import javax.crypto.secretkey; import javax.crypto.spec.secretkeyspec; public class encodedata { public static void main(string[] args) throws exception { string myappcontext = "abc123def"; string consumersecret = "959595"; string algorithm = "hmacsha256"; byte[] encodedcontext; // base64 encoded context; encodedcontext = new base64(true).encode(myappcontext.getbytes()); system.out.print("encoded context : "); system.out.println(encodedcontext); //generate signed context secretkey hmackey = new secretkeyspec(consumersecret.getbytes(), algorithm); mac mac = mac.getinstance(algorithm); mac.init(hmackey); byte[] digest = mac.dofinal(myappcontext.getbytes()); system.out.print("created digest : "); system.out.println(digest); // signed based64 context , base64 encoded context string messagetosend = digest.tostring() + "." + encodedcontext.tostring(); system.out.println(messagetosend); } }
import org.apache.commons.codec.binary.base64; import javax.crypto.mac; import javax.crypto.secretkey; import javax.crypto.spec.secretkeyspec; import java.util.arrays; public class decodedata { public static void main(string[] args) throws exception { byte[] myappcontext; string consumersecret = "959595"; string algorithm = "hmacsha256"; string messagerecieved = args[0]; byte[] singeddecodedcontext; string recieveddigest = messagerecieved.split("[.]", 2)[0]; string encodedcontext = messagerecieved.split("[.]", 2)[1]; myappcontext = new base64(true).decode(encodedcontext); system.out.print("decrypted message : "); system.out.println(myappcontext); //check if message sent correct sender signing context , matching signed context secretkey hmackey = new secretkeyspec(consumersecret.getbytes(), algorithm); mac mac = mac.getinstance(algorithm); mac.init(hmackey); byte[] digest = mac.dofinal(myappcontext); system.out.print("created digest : "); system.out.println(digest); if (arrays.equals(digest, recieveddigest.getbytes())) { system.out.println("message not tempered , sent correct sender"); } else { system.out.println("message tempered or not sent corrrect sender"); } } }
output
output of encodedata.java c:\users\vivek.patel\desktop\api\java\encoding>java -cp commons-codec-1.10.jar;. encodedata encoded context : [b@510bfe2c created digest : [b@73f025cb [b@73f025cb.[b@510bfe2c
output of decodedata.java c:\users\vivek.patel\desktop\api\java\encoding>java -cp commons-codec- 1.10.jar;. decodedata [b@73f025cb.[b@510bfe2c
decrypted message : [b@6726a408 created digest : [b@7168bd8b message tempered or not sent correct sender
before evaluate code, aren't comparing values. if print this:
system.out.print("encoded context : "); system.out.println(encodedcontext);
you printting type of array ([b) followed hashcode. initialize string encoded bytes:
system.out.println(new string(encodedcontext, "utf8"));
you should consider using explicit charset instead of default 1 (depending on origin charset).
try , re-post results.
Comments
Post a Comment