How to create HMAC-SHA1 signature in android?

Question

How to create HMAC-SHA1 signature in android?

This is my base line:

String args ="oauth_consumer_key="+enc(consumerkey) + "&oauth_nonce="+enc(generateNonce()) + "&oauth_signature_method=HMAC-SHA1" + "&oauth_timestamp="+ timestamp + "&oauth_token="+enc(Home.consToken) + "&oauth_verifier="+verifier+"&oauth_version=1.0"; String base ="POST&"+enc("https://api.linkedin.com/uas/oauth /accessToken") +"&"+ enc(args); String signature =computeHmac(base,consumer_secret+"&"+secretToken);

This is my headline:

  String header = "OAuth " + "oauth_consumer_key=\""+ enc(consumerkey)+ "\"," + "oauth_nonce=\""+ enc(generateNonce()) + "\"," + "oauth_signature_method=\"HMAC-SHA1\"," + "oauth_timestamp=\""+ timestamp + "\"," + "oauth_token=\""+Home.consToken + "\"," + "oauth_signature=\""+enc(signature)+"\","+ "oauth_verifier=\""+verifier +"\","+ "oauth_version=\""+1.0+"\"" ;

I use the following method to generate a signature:

 public String computeHmac(String baseString, String key) throws NoSuchAlgorithmException, InvalidKeyException, IllegalStateException, UnsupportedEncodingException { Mac mac = Mac.getInstance("HmacSHA1"); SecretKeySpec secret = new SecretKeySpec(key.getBytes(), mac.getAlgorithm()); mac.init(secret); byte[] digest = mac.doFinal(baseString.getBytes()); byte[] result=Base64.encodeBase64(digest); return new String(result); }

while executing this code, I get the following error ...

 oauth_problem=signature_invalid& oauth_problem_advice=com.linkedin.security.auth.pub.LoginDeniedInvalidAuthTokenException

can someone help me with this?

Thanks...

+8

android linkedin

Taruni May 17 '11 at 4:44

source share

2 answers

Andrei Buneyeu · Answer 1 · 2013-09-19T12:57:58+0000

Femi's answer is absolutely correct, however, it was not obvious to me what exactly intval(b) . As I understand it, b & 0xFF .

I also applied some optimizations (which I found here ) and here is my code:

 private static String hmacSha1(String value, String key) throws UnsupportedEncodingException, NoSuchAlgorithmException, InvalidKeyException { String type = "HmacSHA1"; SecretKeySpec secret = new SecretKeySpec(key.getBytes(), type); Mac mac = Mac.getInstance(type); mac.init(secret); byte[] bytes = mac.doFinal(value.getBytes()); return bytesToHex(bytes); } private final static char[] hexArray = "0123456789abcdef".toCharArray(); private static String bytesToHex(byte[] bytes) { char[] hexChars = new char[bytes.length * 2]; int v; for (int j = 0; j < bytes.length; j++) { v = bytes[j] & 0xFF; hexChars[j * 2] = hexArray[v >>> 4]; hexChars[j * 2 + 1] = hexArray[v & 0x0F]; } return new String(hexChars); }

Femi · Answer 2 · 2011-05-17T05:13:39+0000

Loose, but I use this:

 static String hash_hmac(String type, String value, String key) { try { javax.crypto.Mac mac = javax.crypto.Mac.getInstance(type); javax.crypto.spec.SecretKeySpec secret = new javax.crypto.spec.SecretKeySpec(key.getBytes(), type); mac.init(secret); byte[] digest = mac.doFinal(value.getBytes()); StringBuilder sb = new StringBuilder(digest.length*2); String s; for (byte b : digest){ s = Integer.toHexString(intval(b)); if(s.length() == 1) sb.append('0'); sb.append(s); } return sb.toString(); } catch (Exception e) { android.util.Log.v("TAG","Exception ["+e.getMessage()+"]", e); } return ""; }

Then you call it like this:

 hash_hmac("HmacSHA1", value, key);

How to create HMAC-SHA1 signature in android?

More articles: