为什么HMAC sha256在PHP&使用Javascript [英] Why HMAC sha256 return different value on PHP & Javascript
问题描述
我正在尝试使用CryptoJS在Javascript中构建一个HMAC SHA256字符串,我的现有代码是使用Akamai库用PHP编写的。
I am trying to build a HMAC SHA256 string in Javascript using CryptoJS, my existing code is written in PHP using the Akamai library.
在某些情况下我得到了与PHP相比,结果不同我无法理解为什么它会给我不同的结果
In some cases I am getting different results compared to PHP & I am unable to understand why it is giving me different results
/*
<php> Using native hash_hmac
Generating key by concatenating char
*/
$signature1 = hash_hmac('SHA256', "st=1453362060~exp=1453363260~acl=/*", chr(63));
$signature2 = hash_hmac('SHA256', "st=1453362060~exp=1453363260~acl=/*", chr(63) . chr(23));
$signature3 = hash_hmac('SHA256', "st=1453362060~exp=1453363260~acl=/*", chr(63) . chr(23) . chr(253));
/*
here is result from php
signature1 : 3e086bb48ab9aafa85661f9ce1b7dac49befddf117ce2a42d93c92b6abe513ce ( matched: same as JavaScript)
signature2 : 3667dd414a50f68f7ce083e540f27f68f7d0f18617b1fb1e4788bffeaeab59f6( matched: same as JavaScript)
signature3 : dd5a20041661046fdee871c8b9e77b3190fbbf85937c098090a1d524719b6aa9 ( not matched: diff from JavaScript)
*/
/*
<JavaScript> using CryptoJS
Generating key by concatenating three char
*/
var signature1 = CryptoJS.HmacSHA256("st=1453362060~exp=1453363260~acl=/*", String.fromCharCode(63));
var signature2 = CryptoJS.HmacSHA256("st=1453362060~exp=1453363260~acl=/*", String.fromCharCode(63) + String.fromCharCode(23));
var signature3 = CryptoJS.HmacSHA256("st=1453362060~exp=1453363260~acl=/*", String.fromCharCode(63) + String.fromCharCode(23) + String.fromCharCode(253));
/*
here is result from JavaScript
signature1 : 3e086bb48ab9aafa85661f9ce1b7dac49befddf117ce2a42d93c92b6abe513ce ( matched: same as php)
signature2 : 3667dd414a50f68f7ce083e540f27f68f7d0f18617b1fb1e4788bffeaeab59f6 ( matched: same as php)
signature3 : 28075dc75de9f22f83e87772f09a89efb007f2e298167686832eff122ef6eb08 ( not matched: diff from php)
*/
前两个HMAC值是匹配的但是当我追加第三个字符时它产生不同的结果,任何人都可以解释为什么这样。
First two HMAC values are matching but when I append the third char it produces different results, Can anyone please explain why this is.
推荐答案
CryptoJS在创建哈希sha256时在Key中添加UTF8编码,以便我们获得不同的值。
CryptoJS add UTF8 encoding in "Key" while creating hash sha256 so that we are getting different value.
如果我将utf8_encode包装在PHP方面然后我们将获得与JavaScript相比相同的hmac值
If i wrap utf8_encode in PHP side then we will get same hmac value as compare to JavaScript
// <php>
$key = chr(63) . chr(23) . chr(253);
signature3 = hash_hmac('SHA256', "st=1453362060~exp=1453363260~acl=/*", utf8_encode($key));
这篇关于为什么HMAC sha256在PHP&使用Javascript的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!