jsSHA,CryptoJS和OpenSSL库给出不同的结果 [英] jsSHA, CryptoJS and OpenSSL libraries giving different results
问题描述
新的JS,我也学习使用加密库。我不明白为什么使用相同的密码对同一封邮件进行签名/编码会产生不同的结果。
我使用的是在此处找到jsSHA 1.3.1 和 CryptoJS 3.0.2这里描述试图创建一个base64 sha-1编码的hmac签名。这里是代码:
在html ...
script src =lib / jsSHA / src / sha1.js>< / script>
< script src =http://crypto-js.googlecode.com/svn/tags/3.0.2/build/rollups/hmac-sha1.js>< / script>
并在js ...
var message =shah me;
var secret =hide me;
var crypto = CryptoJS.HmacSHA1(message,secret).toString(CryptoJS.enc.Base64)+'=';
var shaObj = new jsSHA(message,ASCII);
var jssha = shaObj.getHMAC(secret,ASCII,B64)+'=';
returncrypto answer is+ crypto +jssha answer is+ jssha;您可以帮我解释为什么这些结果不同吗?
b
加密回答是3e929e69920fb7d423f816bfcd6654484f1f6d56 = jssha
answer是PpKeaZIPt9Qj + Ba / zWZUSE8fbVY =
digest = OpenSSL :: Digest :: Digest.new('sha1')
raw_signature = OpenSSL :: HMAC.digest(digest,hide me,shah me)
b64_signature = Base64.encode64 ).strip
(本来希望提供一个小提琴,这似乎是一个很好的常见做法
提前感谢。
。这是一个新的问题。 解决方案您的代码中有3个错误:)
您缺少 enc-base64-min.js
为 crypto-js
。没有它, CryptoJS.enc.Base64
将会是 undefined
缺少一个参数当调用 .getHMAC()
时。 .getHMAC(secret,secret_type,hash_type,output_encoding)
使用1 + 2添加 =
不必要(也不正确)
< script src =lib / jsSHA / src / sha1.js >< / script>
< script src =http://crypto-js.googlecode.com/svn/tags/3.0.2/build/rollups/hmac-sha1.js>< / script>
< script src =http://crypto-js.googlecode.com/svn/tags/3.0.2/build/components/enc-base64-min.js>< / script>
var message =shah me;
var secret =hide me;
var crypto = CryptoJS.HmacSHA1(message,secret).toString(CryptoJS.enc.Base64);
var shaObj = new jsSHA(message,ASCII);
var jssha = shaObj.getHMAC(secret,ASCII,SHA-1,B64);
returncrypto answer is+ crypto +jssha answer is+ jssha;
New to JS, I'm also learning to use crypto libraries. I don't understand why signing/encoding the same message with the same secret yields differing results.
I'm using jsSHA 1.3.1 found here, and CryptoJS 3.0.2 described here trying to create a base64 sha-1 encoded hmac signature. Here's the code:
In html...
<script src="lib/jsSHA/src/sha1.js"></script>
<script src="http://crypto-js.googlecode.com/svn/tags/3.0.2/build/rollups/hmac-sha1.js"></script>
And in js...
var message = "shah me";
var secret = "hide me";
var crypto = CryptoJS.HmacSHA1(message, secret).toString(CryptoJS.enc.Base64) + '=';
var shaObj = new jsSHA(message, "ASCII");
var jssha = shaObj.getHMAC(secret, "ASCII", "B64") + '=';
return "crypto answer is " + crypto + " jssha answer is " + jssha;
Can you help me explain why these results differ?
crypto answer is 3e929e69920fb7d423f816bfcd6654484f1f6d56= jssha
answer is PpKeaZIPt9Qj+Ba/zWZUSE8fbVY=
What's more, both of these differ with the signature I'm generating in rails, like this...
digest = OpenSSL::Digest::Digest.new('sha1')
raw_signature = OpenSSL::HMAC.digest(digest, "hide me","shah me")
b64_signature = Base64.encode64(raw_signature).strip
(would have liked to supply a fiddle, which seems to be a very good common practice, but that, too, is new to me and I was unable to get one working for this question).
Thanks in advance.
解决方案 There are 3 errors in your code :)
You're missing the enc-base64-min.js
for crypto-js
. Without it, CryptoJS.enc.Base64
will be undefined
You're missing a parameter when calling .getHMAC()
. It's .getHMAC(secret, secret_type, hash_type, output_encoding)
With 1+2 adding a =
isn't necessary (nor right)
<script src="lib/jsSHA/src/sha1.js"></script>
<script src="http://crypto-js.googlecode.com/svn/tags/3.0.2/build/rollups/hmac-sha1.js"></script>
<script src="http://crypto-js.googlecode.com/svn/tags/3.0.2/build/components/enc-base64-min.js"></script>
var message = "shah me";
var secret = "hide me";
var crypto = CryptoJS.HmacSHA1(message, secret).toString(CryptoJS.enc.Base64);
var shaObj = new jsSHA(message, "ASCII");
var jssha = shaObj.getHMAC(secret, "ASCII", "SHA-1", "B64");
return "crypto answer is " + crypto + " jssha answer is " + jssha;
这篇关于jsSHA,CryptoJS和OpenSSL库给出不同的结果的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!