How can I decrypt a HMAC?


Question

I can make an HMAC using the following:

var encrypt = crypto.createHmac("SHA256", secret).update(string).digest('base64');

I am trying to decrypt an encoded HMAC with the secret:

var decrypt = crypto.createDecipher("SHA256", secret).update(string).final("ascii");

The following was unsuccessful. How can I decrypt a HMAC with the key?

I get the following error:

node-crypto : Unknown cipher SHA256

crypto.js:155
  return (new Decipher).init(cipher, password);
                        ^
Error: DecipherInit error
1
11
1/8/2013 3:54:40 PM

Accepted Answer

HMAC is a MAC/keyed hash, not a cipher. It's not designed to be decrypted. If you want to encrypt something, use a cipher, like AES, preferably in an authenticated mode like AES-GCM.

The only way to "decrypt" is guessing the whole input and then comparing the output.

45
1/8/2013 3:57:37 PM

Again to reiterate hashes aren't designed to be decrypted. However once you have a hash you can check any string is equal to that hash by putting it through the same encryption with the same secret.

var crypto = require('crypto')

var secret = 'alpha'
var string = 'bacon'

var hash = crypto.createHmac('SHA256', secret).update(string).digest('base64');
// => 'IbNSH3Lc5ffMHo/wnQuiOD4C0mx5FqDmVMQaAMKFgaQ='

if (hash === crypto.createHmac('SHA256', secret).update(string).digest('base64')) {
  console.log('match') // logs => 'match'
} else {
  console.log('no match')
}

Seems obvious, but very powerful.


Licensed under: CC-BY-SA with attribution
Not affiliated with: Stack Overflow
Icon