RevealTheme logo

Generator HMAC

Hasilkan tanda tangan HMAC menggunakan SHA-1, SHA-256, SHA-384, atau SHA-512.

Cara menggunakan alat ini

  1. 1

    Pick a hash algorithm from the dropdown: SHA-1, SHA-256, SHA-384, or SHA-512.

  2. 2

    Type or paste your shared secret key into the key field.

  3. 3

    Type or paste the message you want to authenticate into the message box.

  4. 4

    Click Generate to compute the HMAC; the lowercase hex digest appears below.

Apa itu Generator HMAC?

HMAC (Hash-based Message Authentication Code) memverifikasi integritas sekaligus keaslian sebuah pesan menggunakan kunci rahasia bersama. Ini adalah dasar dari tanda tangan webhook, penandatanganan permintaan API (AWS Signature V4, webhook Stripe), dan algoritma HS256/HS384/HS512 pada JWT.

Kasus penggunaan umum

  • Verify an incoming webhook by recomputing the HMAC of the raw request body with your endpoint's signing secret and comparing it to the provider's signature header.

  • Check a Stripe webhook locally: HMAC-SHA256 the timestamped payload with your whsec_ secret to confirm your verification logic before deploying.

  • Debug a mismatched signature by pasting the exact bytes your server and client each signed to see which side is wrong.

  • Generate a quick integrity tag for a config file or message so a teammate with the same key can confirm it was not altered in transit.

  • Teach or learn how HMAC differs from a bare hash by toggling algorithms and watching the digest length change.

  • Sanity-check a single HMAC step of a larger signing scheme (such as one round of the AWS SigV4 key-derivation chain) during development.

Pertanyaan yang sering diajukan

Apakah HMAC sama dengan hash?
Tidak. Hash sederhana (SHA-256) dapat dihitung oleh siapa pun. HMAC memerlukan kunci rahasia: tanpanya, Anda tidak dapat memverifikasi atau memalsukan tanda tangan.

Alat terkait