I’m trying to generate a signature to verify the authenticity of incoming data from a source, and have been given these instructions:
To calculate the signature, concatenate the UUID and Timestamp; then use a standard HMAC SHA1 algorithm and your Secret Access Key.
I’m not too hot on cryptographic functions, so I’m having trouble getting the generated string to tally up with the signature on the incoming data. There’s what I’ve done:
$expected_signature = hash_hmac("sha1", $UUID.$timestamp, $secretKey);
Is this correct (as in following the instructions above)?