I am trying to connect to an API that uses an outdated hmac hash authentication mechanism for the API's.
For an instance:
$signature = hash_hmac('sha256', $string_to_sign, $api_sec);
vs the one generated in Go:
h := hmac.New(sha256.New, []byte(authSecret))
h.Write([]byte(stringToSign))
signature := hex.EncodeToString(h.Sum(nil))
When I use the same stringToSign($string_to_sign)
and same authSecret($api_sec)
the signature generated with Go results as an invalid signature for the API. But if I create the same with the PHP function it works fine. I am a bit lost as to where to look.