Java 中的 HMAC SHA1 签名
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/10859526/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
HMAC SHA1 Signature in Java
提问by Shane
I am trying to interface with a TransUnion web service and I need to provide a HMAC-SHA1 signature to access it.
我正在尝试与 TransUnion Web 服务交互,我需要提供 HMAC-SHA1 签名才能访问它。
This example is in the TransUnion documentation:
Input of SampleIntegrationOwner2008‐11‐18T19:14:40.293Zwith security
key xBy/2CLudnBJOxOtDhDRnsDYq9HTuDVr2uCs3FMzoxXEA/Od9tOuwSC70+mIfpjeG68ZGm/PrxFf/s/CzwxF4Q==creates output of /UhwvT/kY9HxiXaOjpIc/BarBkc=.
此示例在 TransUnion 文档中:
输入SampleIntegrationOwner2008‐11‐18T19:14:40.293Z安全密钥xBy/2CLudnBJOxOtDhDRnsDYq9HTuDVr2uCs3FMzoxXEA/Od9tOuwSC70+mIfpjeG68ZGm/PrxFf/s/CzwxF4Q==创建输出/UhwvT/kY9HxiXaOjpIc/BarBkc=。
Given that data and key, I cannot get this same result in Java. I have tried several online calculators, and none of them return this result either. Is the example in their documentation incorrect, or am I just not handling these strings correctly?
鉴于该数据和密钥,我无法在 Java 中获得相同的结果。我试过好几个在线计算器,都没有返回这个结果。他们文档中的示例是否不正确,或者我只是没有正确处理这些字符串?
Here is the code I am currently working with:
这是我目前正在使用的代码:
public static String calcShaHash (String data, String key) {
String HMAC_SHA1_ALGORITHM = "HmacSHA1";
String result = null;
try {
Key signingKey = new SecretKeySpec(key.getBytes(), HMAC_SHA1_ALGORITHM);
Mac mac = Mac.getInstance(HMAC_SHA1_ALGORITHM);
mac.init(signingKey);
byte[] rawHmac = mac.doFinal(data.getBytes());
result = Base64.encodeBase64String(rawHmac);
}
catch (Exception e) {
e.printStackTrace();
}
return result;
}
Here is my unit test code:
这是我的单元测试代码:
@Test
public void testCalcShaHash() {
String data = "SampleIntegrationOwner2008-11-18T19:14:40.293Z";
String key = "xBy/2CLudnBJOxOtDhDRnsDYq9HTuDVr2uCs3FMzoxXEA/Od9tOuwSC70+mIfpjeG68ZGm/PrxFf/s/CzwxF4Q==";
String result = Utils.calcShaHash(data, key);
assertEquals(result, "/UhwvT/kY9HxiXaOjpIc/BarBkc=");
}
采纳答案by John Watts
One thing I noticed is that the hyphens are not normal hyphens. If you copy and paste them, they are not in the ASCII character set. All I can say for sure is that the hash length appears correct. The funny thing is, I couldn't get your code to produce the correct answer, even after putting the correct hyphens in. But no matter. It solved the problem. Huzzah!
我注意到的一件事是连字符不是正常的连字符。如果您复制并粘贴它们,它们将不在 ASCII 字符集中。我只能说哈希长度看起来是正确的。有趣的是,即使输入了正确的连字符,我也无法让您的代码生成正确的答案。但没关系。它解决了这个问题。哈扎!
回答by chubbsondubs
That looks like a Base64 encoded key. So I think you're going to need to do a base64 decode on it, then pass it to the HMAC. Something like this (just for illustration I haven't tested it, any errors are an exercise for the reader):
这看起来像一个 Base64 编码的密钥。所以我认为您需要对其进行 base64 解码,然后将其传递给 HMAC。像这样的东西(只是为了说明我还没有测试过,任何错误都是读者的练习):
public String getHmacMD5(String privateKey, String input) throws Exception{
String algorithm = "HmacSHA1";
byte[] keyBytes = Base64.decode(privateKey);
Key key = new SecretKeySpec(keyBytes, 0, keyBytes.length, algorithm);
Mac mac = Mac.getInstance(algorithm);
mac.init(key);
return Base64.encode(mac.doFinal(input.getBytes()));
}
