dongze5043 2016-03-16 14:02
浏览 1958
已采纳

NodeJS crypto.createHmac SHA256无法正常工作

I'm currently trying to implement the authentication part of a library we're using but I've stumbled upon a weird issue with the signing of the data, the output of crypto.createHmac in NodeJS is roughly half the size of that of hash_hmac in PHP and this is the only part of the data which differs between PHP and NodeJS (and we need to use NodeJS here)

The exact code used for creating the signature in NodeJS is,

authorization["oauth_signature"] = crypto.createHmac('SHA256', process.env.SECRET).update(toSign).digest('base64');

And for PHP it is

$authorization["oauth_signature"] = base64_encode(hash_hmac("SHA256", $signatureString . $signingKey, $secret));

However the output of the NodeJS version is

7LkQP+qKR1gSdPq/AgH/3No3ps7EtZXnqwjivMixvM8=

And for PHP it is

NmQ0MWIzYmJiMjI2YzFlMDhiYzY3NzVmMWY0MzEwNDlhNDU3NDI0ZGJlMzU3NjJhYmMwYjgwYzZjMDE4NDM4OA==

Which has more then double the data

Do I have to use a different library for the NodeJS version rather then the build in one? We're hosting our NodeJS backend on Microsoft Azure btw, not sure if this is related but seems at least valid to mention.

Edit:

I've found the issue, hash_hmac in PHP automatically exports it's data as hexidecimal data, crypto.createHmac exports it's data as raw binary data which I directly converted into base64, all I needed to do was first export the data to hex and then convert that to base64.

  • 写回答

2条回答 默认 最新

  • doulangdang9986 2016-03-16 14:20
    关注

    Try this;

    var crypto = require('crypto');
    var s = 'The quick brown fox jumps over the lazy dog';
    console.log(
        new Buffer(
            crypto.createHmac('SHA256', 'SECRET').update(s).digest('hex')
        ).toString('base64')
    );
    

    DEMO

    PHP equivalent;

    base64_encode(hash_hmac("SHA256",'The quick brown fox jumps over the lazy dog', 'SECRET'))
    
    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论
查看更多回答(1条)

报告相同问题?