dongze5043
2016-03-16 14:02
浏览 1.2k

NodeJS crypto.createHmac SHA256无法正常工作

I'm currently trying to implement the authentication part of a library we're using but I've stumbled upon a weird issue with the signing of the data, the output of crypto.createHmac in NodeJS is roughly half the size of that of hash_hmac in PHP and this is the only part of the data which differs between PHP and NodeJS (and we need to use NodeJS here)

The exact code used for creating the signature in NodeJS is,

authorization["oauth_signature"] = crypto.createHmac('SHA256', process.env.SECRET).update(toSign).digest('base64');

And for PHP it is

$authorization["oauth_signature"] = base64_encode(hash_hmac("SHA256", $signatureString . $signingKey, $secret));

However the output of the NodeJS version is

7LkQP+qKR1gSdPq/AgH/3No3ps7EtZXnqwjivMixvM8=

And for PHP it is

NmQ0MWIzYmJiMjI2YzFlMDhiYzY3NzVmMWY0MzEwNDlhNDU3NDI0ZGJlMzU3NjJhYmMwYjgwYzZjMDE4NDM4OA==

Which has more then double the data

Do I have to use a different library for the NodeJS version rather then the build in one? We're hosting our NodeJS backend on Microsoft Azure btw, not sure if this is related but seems at least valid to mention.

Edit:

I've found the issue, hash_hmac in PHP automatically exports it's data as hexidecimal data, crypto.createHmac exports it's data as raw binary data which I directly converted into base64, all I needed to do was first export the data to hex and then convert that to base64.

图片转代码服务由CSDN问答提供 功能建议

我正在尝试实现我们正在使用的库的身份验证部分,但我偶然发现了 关于数据签名的奇怪问题,NodeJS中crypto.createHmac的输出大约是PHP中hash_hmac的一半,这是PHP和NodeJS之间不同数据的唯一部分(我们需要使用NodeJS) 在

用于在NodeJS中创建签名的确切代码是,

  authorization [“oauth_signature”] = crypto.createHmac(  'SHA256',process.env.SECRET).update(toSign).digest('base64'); 
   
 
 

对于PHP,它是 \ n

  $ authorization [“oauth_signature”] = base64_encode(hash_hmac(“SHA256”,$ signatureString。$ signingKey,$ secret)); 
   
 
  

然而,NodeJS版本的输出是

  7LkQP + qKR1gSdPq / AgH / 3No3ps7EtZXnqwjivMixvM8 = 
   
 
 

对于PHP,它是

  NmQ0MWIzYmJiMjI2YzFlMDhiYzY3NzVmMWY0M  zEwNDlhNDU3NDI0ZGJlMzU3NjJhYmMwYJgwYzZjMDE4NDM4OA == 
   
 
 

哪个数据有两倍以上

我是否必须为NodeJS版本使用不同的库 而不是建立在一个? 我们在Microsoft Azure btw上托管我们的NodeJS后端,不确定这是否相关但似乎至少可以提及。

编辑:

我发现问题,PHP中的hash_hmac自动将其数据作为十六进制数据导出,crypto.createHmac将其数据导出为原始二进制数据,我直接转换为base64,我需要做的就是先将数据导出到十六进制然后转换 到base64。

  • 写回答
  • 关注问题
  • 收藏
  • 邀请回答

2条回答 默认 最新

  • doulangdang9986 2016-03-16 14:20
    已采纳

    Try this;

    var crypto = require('crypto');
    var s = 'The quick brown fox jumps over the lazy dog';
    console.log(
        new Buffer(
            crypto.createHmac('SHA256', 'SECRET').update(s).digest('hex')
        ).toString('base64')
    );
    

    DEMO

    PHP equivalent;

    base64_encode(hash_hmac("SHA256",'The quick brown fox jumps over the lazy dog', 'SECRET'))
    
    已采纳该答案
    打赏 评论
  • duancan1900 2016-09-09 14:10

    In the case of Azure you mentioned the keys are supplied in Base64 format. With the cryto library for node I found it worked when I passed in the key as a Buffer. Azure Authorization Signature header node code sample below:

    const util = require('util');
    const crypto = require('crypto');
    var accountName = "YOUR_ACCOUNT_NAME";
    var key = Buffer("YOUR_BASE64_KEY",'base64');
    var hash = crypto.createHmac('sha256',key).update(stringToSign,'utf8').digest('base64');
    var signature = util.format("%s:%s", accountName, hash);
    var authorization = util.format("SharedKey %s", signature);
    
    打赏 评论

相关推荐 更多相似问题