How to get PHP to create HMAC-SHA1 strings like Objective-C?

Paul picture Paul · Dec 23, 2010 · Viewed 20.5k times · Source

I am trying to implement an authentication solution with PHP and Objective-C. Both languages create their own HMAC-SHA1 encoded strings with the same key and the same secret.

Apparently they seem to differ in their way how they do it.

On Objective-C side I am using OAuthCustomer as signing class which produces the correct looking encoded string:

/3n/d4sKN6k3I7nBm1qau59UukU=

On PHP side I am using the built-in function hash_hmac('sha1',...) with base64 encoding which produces this:

ZmY3OWZmNzc4YjBhMzdhOTM3MjNiOWMxOWI1YTlhYmI5ZjU0YmE0NQ==

Then I have tried to use another function (mentioned here) and this produces with base64 encoding this:

NWY1ODUwOWE3NGI4NWU5ZTIxMDYzMTNmNzk3NTYxMDQ4OWE1MmUzNQ==

I have absolutely no idea how I can fix this issue and I don't even know why this happens.

Thanks a bunch for help,

Paul

Answer

mario picture mario · Dec 25, 2010

Okay, I'll add a faux answer. (On Stackoverflow every question should be decorated by an answer.)

The hash functions in PHP mostly return hex-strings, not the real data. (For whatever reason). There is usually a function parameter to make it compatible to what other implementations expect:

 hash_hmac("sha1", $data, $key, $raw_output=TRUE);

 md5($str, $raw_output=TRUE);

 hash("sha1", $data, $raw_output=TRUE);