Bill's Security Tips

Home  [Bill's Home]

HMAC Example

HMAC is a message authentication code (MAC) and can be used to verify the integrity and authentication of a message. It involves hashing a message with a secret key. As with any MAC, it can be used with standard hash function, such as MD5 or SHA-1, which results in methods such as HMAC-MD5 or HMAC-SHA-1. As with any hashing function, the strength depends on the quality of the hashing function, and the resulting number of code bits. Along with this the number of bits in the secret key is a factor.

Message:
Key:

The results are then:


HMAC-MD5 is:

HMAC-SHA-1 is:

HMAC-SHA256 is:

HMAC-SHA384 is:

HMAC-SHA512 is:

 

Try it with a message of "testing123" and a key of "hello", and you should get:

AC2C2E614882CE7158F69B7E3B12114465945D01

The code is:

protected void Button3_Click(object sender, EventArgs e)
{
 string message;
string key;
key = this.key.Text;
message = this.message.Text;
System.Text.ASCIIEncoding encoding=new System.Text.ASCIIEncoding();
byte [] keyByte = encoding.GetBytes(key);

HMACMD5 hmacmd5 = new HMACMD5(keyByte);
HMACSHA1 hmacsha1 = new HMACSHA1(keyByte);

byte [] messageBytes = encoding.GetBytes(message);
byte[] hashmessage = hmacmd5.ComputeHash(messageBytes);
this.hmac1.Text=ByteToString(hashmessage);

byte[] hashmessage = hmacsha1.ComputeHash(messageBytes);
this.hmac2.Text = ByteToString(hashmessage);
}
public static string ByteToString(byte [] buff)
{
string sbinary="";

for (int i=0;i<buff.Length;i++)
{
sbinary+=buff[i].ToString("X2"); // hex format
}
return(sbinary);
}

Other related .NET articles I've written include:

- Design Tip 298. [.NET] HMAC-SHA1.
- Design Tip 243. [.NET] Base-64 or Hex hash values.
- Design Tip 242. [.NET] Digital Certificates.
- Design Tip 241. [.NET] Public-key Encryption.
- Design Tip 240. [.NET] Diffie-Hellman Method.
- Design Tip 239. [.NET] Symmetric Encryption (Private-key).
- Design Tip 238. [.NET] Obfuscation Part II.
- Design Tip 237. [.NET] Obfuscation Part I
- Design Tip 236. [.NET] Data packet capture (filters: IP, TCP, and so on).
- Design Tip 235. [.NET] Data packet capture.
- Design Tip 234. [.NET] Interface to network adapter.
- Design Tip 232. [.NET] Creating an SSH client.
- Design Tip 231. [.NET] Creating an SNMP client.
- Design Tip 216. [.NET] Client/server communications.
- Design Tip 210. [XML/.NET] XML and .NET.
- Design Tip 207. [.NET] Treeviews for interest.
- Design Tip 206. [.NET/Design] Design, evaluate, design, .....
- Design Tip 205. [.NET] Treeviews.
- Design Tip 203. [.NET] Replacing menus with Treeviews.
- Design Tip 202. [.NET/Flash] .NET and Flash - the perfect pair.