--- title: digest.hmac_sha1_base64 summary: null url: >- https://www.fastly.com/documentation/reference/vcl/functions/cryptographic/digest-hmac-sha1-base64 --- ``` STRING digest.hmac_sha1_base64(STRING key, STRING s) ``` **Available in:** all subroutines Returns the HMAC-SHA1 of `message` using `key`, encoded as a Base64 string. ## Parameters | Parameter | Type | Description | | --------- | ------ | ----------------------------------- | | `key` | STRING | The secret key for HMAC computation | | `message` | STRING | The message to authenticate | The `key` is used directly as the HMAC key. For keys longer than 64 bytes (the SHA-1 block size), the key is first hashed with SHA-1 before use, as specified in RFC 2104. ## Return value Returns a 28-character Base64-encoded string representing the 160-bit (20-byte) HMAC, using standard Base64 encoding (RFC 4648 Section 4) with padding. Example output: `uEsAIHcVJkam2pIc9YEhcFFQqWc=` If `key` is empty or not set, the function returns an empty string (not set). ## Security notice While HMAC-SHA1 is still believed to be secure, SHA-1 has known cryptographic weaknesses and is considered deprecated for new applications. For new code, use `digest.hmac_sha256_base64()` instead. Use HMAC-SHA1 only when required for compatibility with existing systems that mandate it. ## Base64 encoding This function uses standard Base64 encoding as defined in RFC 4648 Section 4: | Property | Value | | -------- | ----------------- | | Alphabet | `A-Za-z0-9+/` | | Padding | `=` (always used) | ## Examples ### Basic usage ```vcl declare local var.hmac STRING; set var.hmac = digest.hmac_sha1_base64("secret-key", "hello world"); # Result: uEsAIHcVJkam2pIc9YEhcFFQqWc= ``` To verify this output using OpenSSL: ```term $ echo -n "hello world" | openssl dgst -sha1 -hmac "secret-key" -binary | openssl base64 uEsAIHcVJkam2pIc9YEhcFFQqWc= ``` ### OAuth 1.0 signature with Base64 OAuth 1.0 signatures are typically transmitted as Base64: ```vcl sub vcl_recv { declare local var.base_string STRING; declare local var.signing_key STRING; declare local var.signature STRING; declare local var.signature_encoded STRING; set var.base_string = req.http.X-OAuth-Base-String; set var.signing_key = table.lookup(oauth_secrets, "consumer_secret") + "&" + table.lookup(oauth_secrets, "token_secret"); set var.signature = digest.hmac_sha1_base64(var.signing_key, var.base_string); # URL-encode the Base64 signature for inclusion in OAuth header set var.signature_encoded = urlencode(var.signature); } ``` ### Verifying legacy webhook signatures Some webhook providers send Base64-encoded HMAC-SHA1 signatures: ```vcl sub vcl_recv { declare local var.expected STRING; declare local var.secret STRING; set var.secret = table.lookup(webhook_secrets, "legacy-service"); if (var.secret == "") { error 500 "Webhook secret not configured"; } set var.expected = digest.hmac_sha1_base64(var.secret, req.body); if (!digest.secure_is_equal(var.expected, req.http.X-Signature)) { error 401 "Invalid signature"; } } ``` ## Security considerations ### Prefer SHA-256 for new applications ```vcl # Recommended for new code set var.signature = digest.hmac_sha256_base64(var.key, var.message); ``` ### Constant-time comparison When comparing HMAC values for authentication, always use `digest.secure_is_equal()` to prevent timing attacks. String comparison with `==` leaks information about which bytes matched, potentially allowing an attacker to forge valid authentication tags: ```vcl if (!digest.secure_is_equal(var.expected, var.actual)) { error 401 "Invalid signature"; } ``` ## Related content - `digest.hmac_sha1()` - Returns hex-encoded output with `0x` prefix. - `digest.hmac_sha256_base64()` - HMAC-SHA256 with Base64 output (recommended). - `digest.secure_is_equal()` - Constant-time string comparison.