This is an api signing key maker.I want to convert this into php code as this is not able to integrate into my php project.

public static String signingkey(String apiAccessKey, String hmacSecretKey, String apiMethod, String clientip, String jsonInput) {
String retval = "";
final String HMAC_SHA_512_ALGORITHM = "HmacSHA512";
final String userKey = apiAccessKey + hmacSecretKey;
try {
// get an hmac_sha512 key from the raw key bytes
SecretKeySpec signingKey = new SecretKeySpec(userKey.getBytes(), HMAC_SHA_512_ALGORITHM);
// get an hmac_sha512 Mac instance and initialize with the signing key
Mac mac = Mac.getInstance(HMAC_SHA_512_ALGORITHM);
mac.init(signingKey);
// compute the hmac on input data bytes
String payload = (apiMethod.toUpperCase()).concat(clientip).concat(jsonInput);
byte[] rawHmac = mac.doFinal(payload.getBytes());
// the value of hmac needs to placed in headers under the key api-hmac
return Hex.encodeHexString(rawHmac);
} catch (Exception e) {
throw new RuntimeException(e);
}
}

Recommended Answers

Java/ Javascript is usually client side

There's no such thing as "Java/ Javascript"

javascript is client side. Java (not the same thing) is used for both, but the majority of Java development today is corporate server-side.

Jump to Post

All 4 Replies

Some good news is that the SHA 512 looks supported.

I'm reading https://www.php.net/manual/en/function.hash-hmac-algos.php but decline to convert your code.

commented: so how can we make this thing work?Except this signing key the rest api post method i written but without this key i cannot able to authenticate +0

The challenge has many challenges.

Let's start that Java/ Javascript is usually client side. PHP is server side so right there is a big pile of work to redesign this to be on the server side.

That's for the web master to decide how to do that. My concern was if PHP had HMAC SHA 512". It does so there's one brick wall down.

Java/ Javascript is usually client side

There's no such thing as "Java/ Javascript"

javascript is client side. Java (not the same thing) is used for both, but the majority of Java development today is corporate server-side.

commented: My haste is my undoing on that. Thanks for the correction and clarification. +15
commented: Then seems like a dead end to me +0

I think I've found your requests on another forum:

Kindly somebody advice on how to generate the signinkey and use it in cURL php section ?

While it's clear one can use the PHP hash-hmac-algos, the problem is not "code conversion." It's how to bring it altogether and make it work with some untold system you are trying to talk to. There's a lot of missing information and story here but given the above my bet is code conversion won't yield a working system.

Be a part of the DaniWeb community

We're a friendly, industry-focused community of 1.20 million developers, IT pros, digital marketers, and technology enthusiasts learning and sharing knowledge.