HMAC generator

Sign a message with a secret key — HMAC-SHA256 by default, SHA-512, SHA-1 and MD5 available. The key never leaves this page.

HMAC-SHA256

enter a secret key to start — it never leaves this page


What an HMAC proves

A plain hash proves a message is intact; an HMAC (RFC 2104) proves it's intact and was produced by someone holding the shared secret. The construction wraps a hash like SHA-256 around the key twice — H(key ⊕ opad, H(key ⊕ ipad, message)) — which neatly sidesteps the length-extension weakness of hashing key + message naively. Receiver recomputes, compares, done: authentication without certificates or asymmetric keys.

The everyday use: webhooks and API signatures

If you're debugging why a webhook fails signature validation, you're in the right place. Stripe's Stripe-Signature, GitHub's X-Hub-Signature-256, Slack's request signing — all HMAC-SHA256 over the raw request body (GitHub prefixes the hex with sha256=; paste it whole, the comparator copes). Shopify does the same but emits base64 — that's what the b64 toggle is for. The classic gotcha: signing a re-serialized JSON body instead of the exact raw bytes received. Whitespace counts.

Handling the key

The key is combined with your message by your browser's own crypto engine — WebCrypto for the SHA family, WebAssembly for HMAC-MD5 — and no network request carries it anywhere; the page works offline once loaded. Ordinary secret hygiene still applies, of course: prefer test-mode keys while debugging and mind who's watching your screen.

Choosing the algorithm

HMAC-SHA256, unless the other side dictates otherwise. HMAC-SHA512 suits systems standardized on SHA-512. HMAC-SHA1 and HMAC-MD5 remain unbroken in practice — HMAC survives collision attacks on its inner hash — but they exist here strictly to match legacy APIs, not to be chosen. Unsure what format a signature you've been handed is? The hash identifier reads hex and base64 shapes.

questions

Is my secret key sent anywhere?

No. The key and message are combined in your browser's own crypto engine (WebCrypto, or WebAssembly for HMAC-MD5) and never leave the page. There's no server involved — you can confirm in the network tab of your developer tools, or go offline and keep signing.

What is an HMAC actually for?

Proving a message came from someone holding the shared secret and wasn't altered. It's the signature scheme behind most webhook verification (Stripe, GitHub, Slack), request signing for APIs, and signed tokens. A plain hash proves integrity; an HMAC proves integrity plus "someone with the key made this".

Which hash algorithm should I pick for HMAC?

HMAC-SHA256, unless you're matching an API that specifies otherwise. HMAC-SHA1 and even HMAC-MD5 have no known practical breaks — HMAC survives collision attacks on its inner hash — but there's no reason to pick them for anything new.

Should the output be hex or base64?

Whatever the other side expects. Stripe and GitHub webhook signatures are hex; Shopify's are base64. This page computes the same bytes either way — use the b64 toggle to switch encodings.

Does my key need to be a particular length?

No. Keys longer than the hash's block size get hashed down first (that's in the HMAC spec, RFC 2104), and short keys work but offer less security. For a new secret, a random string of 32+ characters is a sensible default.