RevealTheme logo

HMAC 생성기

SHA-1, SHA-256, SHA-384 또는 SHA-512를 사용하여 HMAC 서명을 생성합니다.

이 도구 사용 방법

  1. 1

    Pick a hash algorithm from the dropdown: SHA-1, SHA-256, SHA-384, or SHA-512.

  2. 2

    Type or paste your shared secret key into the key field.

  3. 3

    Type or paste the message you want to authenticate into the message box.

  4. 4

    Click Generate to compute the HMAC; the lowercase hex digest appears below.

HMAC 생성기란 무엇인가요?

HMAC(Hash-based Message Authentication Code)는 공유된 비밀 키를 사용하여 메시지의 무결성과 진위 여부를 모두 검증합니다. 이는 웹훅 서명, API 요청 서명(AWS Signature V4, Stripe 웹훅), JWT의 HS256/HS384/HS512 알고리즘의 기반이 됩니다.

일반적인 사용 사례

  • Verify an incoming webhook by recomputing the HMAC of the raw request body with your endpoint's signing secret and comparing it to the provider's signature header.

  • Check a Stripe webhook locally: HMAC-SHA256 the timestamped payload with your whsec_ secret to confirm your verification logic before deploying.

  • Debug a mismatched signature by pasting the exact bytes your server and client each signed to see which side is wrong.

  • Generate a quick integrity tag for a config file or message so a teammate with the same key can confirm it was not altered in transit.

  • Teach or learn how HMAC differs from a bare hash by toggling algorithms and watching the digest length change.

  • Sanity-check a single HMAC step of a larger signing scheme (such as one round of the AWS SigV4 key-derivation chain) during development.

자주 묻는 질문

HMAC은 해시와 같은 것인가요?
아닙니다. 단순 해시(SHA-256)는 누구나 계산할 수 있습니다. HMAC은 비밀 키를 필요로 합니다: 키가 없으면 서명을 검증할 수도, 위조할 수도 없습니다.

관련 도구