java - Hash Based Message Authentication Codes (MAC) does not match at receiver end -


i trying create basic demo application 1 class generate message sent in following format signedmessage_using_hmac.base64encoded_message

at receiving end (decodedata.java) first wan compare if message signed using right key decrypting signed message , signing message same key , compare signed message @ receiver end signed message sent. these not work.

when try decode base64 encoded message not give me correct message.

can please guide me what's wrong here?

import org.apache.commons.codec.binary.base64; import javax.crypto.mac; import javax.crypto.secretkey; import javax.crypto.spec.secretkeyspec;  public class encodedata {  public static void main(string[] args) throws exception {     string myappcontext = "abc123def";     string consumersecret = "959595";     string algorithm = "hmacsha256";     byte[] encodedcontext;      // base64 encoded context;     encodedcontext = new base64(true).encode(myappcontext.getbytes());     system.out.print("encoded context : ");     system.out.println(encodedcontext);      //generate signed context                secretkey hmackey = new secretkeyspec(consumersecret.getbytes(), algorithm);     mac mac = mac.getinstance(algorithm);     mac.init(hmackey);      byte[] digest = mac.dofinal(myappcontext.getbytes());            system.out.print("created digest : ");     system.out.println(digest);      // signed based64 context , base64 encoded context             string messagetosend = digest.tostring() + "." + encodedcontext.tostring();     system.out.println(messagetosend); }    } 

import org.apache.commons.codec.binary.base64; import javax.crypto.mac; import javax.crypto.secretkey; import javax.crypto.spec.secretkeyspec; import java.util.arrays;  public class decodedata {  public static void main(string[] args) throws exception {     byte[] myappcontext;     string consumersecret = "959595";     string algorithm = "hmacsha256";     string messagerecieved = args[0];     byte[] singeddecodedcontext;      string recieveddigest = messagerecieved.split("[.]", 2)[0];                  string encodedcontext = messagerecieved.split("[.]", 2)[1];     myappcontext = new base64(true).decode(encodedcontext);     system.out.print("decrypted message : ");     system.out.println(myappcontext);      //check if message sent correct sender signing context , matching signed context     secretkey hmackey = new secretkeyspec(consumersecret.getbytes(), algorithm);     mac mac = mac.getinstance(algorithm);     mac.init(hmackey);           byte[] digest = mac.dofinal(myappcontext);      system.out.print("created digest : ");     system.out.println(digest);      if (arrays.equals(digest, recieveddigest.getbytes())) {         system.out.println("message not tempered , sent correct sender");     } else {         system.out.println("message tempered or not sent corrrect sender");     }    }    } 

output

output of encodedata.java c:\users\vivek.patel\desktop\api\java\encoding>java -cp commons-codec-1.10.jar;. encodedata encoded context : [b@510bfe2c created digest : [b@73f025cb [b@73f025cb.[b@510bfe2c

output of decodedata.java c:\users\vivek.patel\desktop\api\java\encoding>java -cp commons-codec- 1.10.jar;. decodedata [b@73f025cb.[b@510bfe2c

decrypted message : [b@6726a408 created digest : [b@7168bd8b message tempered or not sent correct sender 

before evaluate code, aren't comparing values. if print this:

system.out.print("encoded context : "); system.out.println(encodedcontext); 

you printting type of array ([b) followed hashcode. initialize string encoded bytes:

system.out.println(new string(encodedcontext, "utf8")); 

you should consider using explicit charset instead of default 1 (depending on origin charset).

try , re-post results.


Comments

Popular posts from this blog

Payment information shows nothing in one page checkout page magento -

tcpdump - How to check if server received packet (acknowledged) -