HMAC SHA256 Powershell convert

Question

Why does the following powershell script:

$privateKey = "843c1f887b"
$requestData = "1543448572|[email protected]|Firstname Lastname"
function signRequest {
    $hmacsha = New-Object System.Security.Cryptography.HMACSHA256
    $hmacsha.key = [Text.Encoding]::ASCII.GetBytes($privateKey)
    $signature = $hmacsha.ComputeHash([Text.Encoding]::ASCII.GetBytes($requestData))
    $signature = [Convert]::ToBase64String($signature)
    $outi = $signature
    return $signature
}

convert to hash:

FipK51tOtzb2m2yFQAf5IK6BNthClnqE24luMzYMPuo=

and other online hmac sha256 generators with the same input to:

162a4ae75b4eb736f69b6c854007f920ae8136d842967a84db896e33360c3eea

any suggestions what I'm doing wrong in the script? Thanks!

Mathias R. Jessen Mathias R. Jessen · Accepted Answer · 2018-11-28T23:01:51

Your code produces the correct HMAC, you're just base64-encoding it instead of output a hex string like all the other tools.

Change this line

$signature = [Convert]::ToBase64String($signature)

to

$signature = [System.BitConverter]::ToString($signature).Replace('-','').ToLower()

Explanation:

[BitConverter]::ToString($signature) produces a hexadecimal string (16-2A-4A-E7...)
String.Replace('-','') removes the - (162A4AE7...)
String.ToLower() lowercases the final string (162a4ae7...)

HMAC SHA256 Powershell convert

1 Answers