Sample code for 30+ languages & platforms
Pascal (Lazarus/Delphi)

Duplicate Java HMAC-SHA1 using Chilkat

See more Encryption Examples

This example uses Chilkat to produce the same results as this Java code:
import org.apache.commons.codec.binary.Base64;
import org.apache.commons.codec.binary.Hex;

import javax.crypto.Mac;
import javax.crypto.spec.SecretKeySpec;
import java.security.InvalidKeyException;
import java.security.Key;
import java.security.NoSuchAlgorithmException;

public void hmacSignatureExample() throws NoSuchAlgorithmException,
InvalidKeyException {

final String method = "POST";
final Long epoch = 1456765639015L; // Hardcoding for this example
final String uri = "/api/v5/policy/1234567890";
final String newline = "\n";

final String privateKey = "qwfvUeVRWAwyjlAzGivefFPTg+m6QtBPmDVv7Ra
/u7K3UuVVRhrZ/qc8EPh8IGJatuxsWD4EX+D9qE/eVvLTpw==";
final String publicKey = "16baedbe244b6c063968850716afb319a";

// Prepare the signature
final String plainText = method + newline + epoch + newline + uri + newline;

// Hash the plaintext with the private key
final byte[] keyBytes = privateKey.getBytes();
final Key key = new SecretKeySpec(keyBytes, 0, keyBytes.length, "HmacSHA1");
final Mac mac = Mac.getInstance("HmacSHA1");
mac.init(key);
String signatureHash = new String(Hex.encodeHex(mac.doFinal(plainText.
getBytes())));

// Prefix with public key
signatureHash = publicKey + ":" + signatureHash;

// Base64 encode to produce AUTHORIZATION
final String authorization = new String(Base64.encodeBase64(signatureHash.
getBytes()));
}

Chilkat Pascal (Lazarus/Delphi) Downloads

Pascal (Lazarus/Delphi)
program ChilkatDemo;

// Demonstrates using the Chilkat Pascal wrapper via the C bridge DLL.
// Builds as a console application under Lazarus (FPC) or Delphi.

{$IFDEF FPC}
  {$MODE DELPHI}
{$ENDIF}
{$APPTYPE CONSOLE}

uses
  {$IFDEF UNIX}
  cthreads,
  {$ENDIF}
  SysUtils,
  CkDllLoader,
  Chilkat.Crypt2,
  Chilkat.StringBuilder;

// ---------------------------------------------------------------------------

procedure RunDemo;
var
  success: Boolean;
  privateKey: string;
  publicKey: string;
  plainText: string;
  crypt: TCrypt2;
  hmacHex: string;
  sbSignatureHash: TStringBuilder;
  authorization: string;

begin
  success := False;

  //  This example assumes the Chilkat API to have been previously unlocked.
  //  See Global Unlock Sample for sample code.

  //  This is clearly in base64 encoding.
  privateKey := 'qwfvUeVRWAwyjlAzGivefFPTg+m6QtBPmDVv7Ra/u7K3UuVVRhrZ/qc8EPh8IGJatuxsWD4EX+D9qE/eVvLTpw==';

  //  This is clearly in the hex encoding.
  publicKey := '16baedbe244b6c063968850716afb319a';

  plainText := 'POST' + #10 + '1456765639015' + #10 + '/api/v5/policy/1234567890' + #10;

  crypt := TCrypt2.Create;

  //  We want HMAC-SHA1.
  crypt.MacAlgorithm := 'HMAC';
  crypt.HashAlgorithm := 'SHA1';

  //  The Java code (above) is literally using the us-ascii chars of the base64 string as the HMAC key.
  //  (It is NOT using the base64 decoded bytes.)
  crypt.SetMacKeyEncoded(privateKey,'us-ascii');

  //  We want our HMAC-SHA1 output to be a hex string.
  crypt.EncodingMode := 'hex_lower';

  hmacHex := crypt.MacStringENC(plainText);

  WriteLn(hmacHex);

  //  The expected result is: dd3e8440f6b550f152156ea5e12d3e20b262adae

  sbSignatureHash := TStringBuilder.Create;
  sbSignatureHash.Append(publicKey);
  sbSignatureHash.Append(':');
  sbSignatureHash.Append(hmacHex);

  authorization := sbSignatureHash.GetEncoded('base64','utf-8');
  WriteLn('Authorization: ' + authorization);

  //  The expected result is:  MTZiYWVkYmUyNDRiNmMwNjM5Njg4NTA3MTZhZmIzMTlhOmRkM2U4NDQwZjZiNTUwZjE1MjE1NmVhNWUxMmQzZTIwYjI2MmFkYWU=


  crypt.Free;
  sbSignatureHash.Free;

end;

// ---------------------------------------------------------------------------

begin

  try
    RunDemo;
  except
    on E: Exception do
      WriteLn('Unhandled exception: ', E.ClassName, ': ', E.Message);
  end;

  WriteLn;
  {$IFDEF MSWINDOWS}
  WriteLn('Press Enter to exit...');
  ReadLn;
  {$ENDIF}
end.