Menu
We're currently designing a web api and are in the process of implementing authorization. We've followed (mostly) amazons implementation but there's one part I really don't fully understand.
Namely, what is the point of base64 encoding the resulting hmac? The difference in length is negligible, at least for most sites. Amazon would probably notice the difference though. Is that the only reason? Does it maybe have something to do with ascii/unicode?
469
Hash algorithms and HMAC don't provide hexadecimal string outputs, which is what many people tend to believe; they both output binary data. Base64 provides you with a way to easily and portably represent binary data as a string.
As far as why, it's likely just for convenience and using a standard encoding between many different parts of their software. There's nothing special about it, other than it being a widely used encoding.
122
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
