I realise this isn't exactly what you're asking for, but there's no point in reinventing the wheel and writing a bash version.

我意识到这并不完全是您所要求的，但是重新发明轮子并编写 bash 版本是没有意义的。

You can simply use the opensslcommand to generate the hash within your script.

您可以简单地使用该openssl命令在脚本中生成哈希。

[me@home] echo -n "value" | openssl dgst -sha1 -hmac "key"
57443a4c052350a44638835d64fd66822f813319

Or simply:

或者干脆：

[me@home] echo -n "value" | openssl sha1 -hmac "key"
57443a4c052350a44638835d64fd66822f813319

Remember to use -nwith echoor else a line break character is appended to the string and that changes your data and the hash.

请记住使用-nwithecho否则换行符会附加到字符串中，这会更改您的数据和散列。

That command comes from the OpenSSL package which should already be installed (or easily installed) in your choice of Linux/Unix, Cygwin and the likes.

该命令来自 OpenSSL 包，它应该已经安装（或轻松安装）在您选择的 Linux/Unix、Cygwin 等系统中。

Do note that older versions of openssl(such as that shipped with RHEL4) may not provide the -hmacoption.

请注意，旧版本openssl（例如 RHEL4 附带的版本）可能不提供该-hmac选项。

As an alternative solution, but mainly to prove that the results are the same, we can also call PHP's hmac_sha1()from the command line:

作为替代解决方案，但主要是为了证明结果相同，我们也可以hmac_sha1()从命令行调用 PHP ：

[me@home]$ echo '<?= hash_hmac("sha1", "value", "key") ?>' | php
57443a4c052350a44638835d64fd66822f813319

Here is a bash function that works like hash_hmacfrom PHP:

这是一个类似于hash_hmacPHP的 bash 函数：

#!/bin/bash

function hash_hmac {
  digest=""
  data=""
  key=""
  shift 3
  echo -n "$data" | openssl dgst "-$digest" -hmac "$key" "$@"
}

# hex output by default
hash_hmac "sha1" "value" "key"

# raw output by adding the "-binary" flag
hash_hmac "sha1" "value" "key" -binary | base64

# other algos also work
hash_hmac "md5"  "value" "key"

Thanks for the hash_hmac function! But it was not enough for my application. In case anyone wondered, I had to re-hash stuff several times using a key that was the result of the previous hashing, and therefore is a binary input. (The Amazon AWS authentication signature is created like this.)

感谢 hash_hmac 函数！但这对我的申请来说还不够。以防万一有人想知道，我不得不使用作为先前散列结果的密钥多次重新散列内容，因此是二进制输入。（Amazon AWS 身份验证签名是这样创建的。）

So what I needed was a way to supply the binary key in some way that would not break the algorithm. Then I found this: http://openssl.6102.n7.nabble.com/command-line-hmac-with-key-in-hex-td6754.html

所以我需要的是一种以某种不会破坏算法的方式提供二进制密钥的方法。然后我发现了这个：http: //openssl.6102.n7.nabble.com/command-line-hmac-with-key-in-hex-td6754.html

Stephen Henson's reply requires the hash_hmac function to return the value in hex format. So it needs to echo the following:

Stephen Henson 的回复要求 hash_hmac 函数以十六进制格式返回值。所以它需要回显以下内容：

$ echo -n "$data" | openssl dgst "-$digest" -hmac "$key" | sed -e 's/^.* //'

Then the next call would need to provide the key as an hexit:

然后下一次调用需要提供密钥作为十六进制：

$ echo -n "$data" | openssl dgst "-$digest" -mac HMAC -macopt "hexkey:$key" | sed -e 's/^.* //'

Hopefully this helps anyone, probably someone who is trying to create bash scripts to invalidate CloudFront entries on AWS (like me!) (I haven't tested it yet, but I think this is the thing that is the cause of why my bash script does not work, and my PHP one does...)

希望这可以帮助任何人，可能是那些试图创建 bash 脚本以使 AWS 上的 CloudFront 条目无效的人（就像我一样！）（我还没有测试过，但我认为这就是我的 bash 脚本的原因不起作用，而我的 PHP 则起作用了...）

To those who like to explore more JWT on the command line: cool jwt bash script

对于那些喜欢在命令行上探索更多 JWT 的人： cool jwt bash script