2

This might be a very silly question, but I am a total novice in encryption. I don't know where to start searching for an answer to this problem.

I am building applications using a proprietary language developed by my company. I am trying to call a REST service using my application. This REST service is authenticated using HMAC-SHA1 encrypted tokens. By which I mean I have to put a bunch of values together and HMAC-SHA1 encrypt them. Unfortunately my company's language doesn't have APIs for HMAC-SHA1. It only has APIs for AES encryption.

If I use AES to generate my token, will I get the same result as using HMAC-SHA1 APIs to generate a token?

d1str0
  • 348
  • 1
  • 13
ferrari16
  • 123
  • 1
  • 4

1 Answers1

4

No. HMAC-SHA1 is very different from AES encryption. HMAC-SHA1 is not an encryption algorithm. It is a hashing function.

Wikipedia and other sources are good at explaining what AES, HMAC, and SHA-1 are. In all honestly, you shouldn't be rolling your own crypto and if you know this little about crypto you probably shouldn't be developing this part of the application at all.

d1str0
  • 348
  • 1
  • 13