WinRT上的Amazon REST调用的HMAC签名不正确 [英] HMAC signature for Amazon REST call incorrect on WinRT

问题描述

亚马逊有一些示例他们与HMAC的REST调用.但是，在Metro/WinRT应用程序中使用以下代码时，签名不匹配.

Amazon have some examples of signing their REST calls with HMAC. However using the following code in a Metro / WinRT app the signatures don't match up.

计算HMAC的方法:

internal string CreateHMAC(
        string message,
        string algorithmName,
        string key)
    {
        MacAlgorithmProvider macAlgorithmProvider = MacAlgorithmProvider.OpenAlgorithm(algorithmName);
        var binaryMessage = CryptographicBuffer.ConvertStringToBinary(message, BinaryStringEncoding.Utf8);
        var binaryKeyMaterial = CryptographicBuffer.ConvertStringToBinary(key, BinaryStringEncoding.Utf8);
        var hmacKey = macAlgorithmProvider.CreateKey(binaryKeyMaterial);
        var binarySignedMessage = CryptographicEngine.Sign(hmacKey, binaryMessage);
        var signedMessage = CryptographicBuffer.EncodeToBase64String(binarySignedMessage);
        return signedMessage;
    }

测试以检查示例:

var hmac = this.Amazon.CreateHMAC("GET\nwebservices.amazon.com\n/onca/xml\nAWSAccessKeyId=AKIAIOSFODNN7EXAMPLE&ItemId=0679722769&Operation=ItemLookup&ResponseGroup=ItemAttributes%2COffers%2CImages%2CReviews&Service=AWSECommerceService&Timestamp=2009-01-01T12%3A00%3A00Z&Version=2009-01-06", "HMAC_SHA256", "1234567890");
var encoded = WebUtility.UrlEncode(hmac);
Assert.AreEqual("Nace%2BU3Az4OhN7tISqgs1vdLBHBEijWcBeCqL5xN9xg%3D", encoded);

实际结果是:

M%2fy0%2bEAFFGaUAp4bWv%2fWEuXYah99pVsxvqtAuC8YN7I%3d

是否有人在WinRT上成功创建了HMAC?还是可以看到我在做什么错了?

Has any one else successfully created an HMAC on WinRT? Or can you see what I'm doing wrong?

推荐答案

亚马逊中的密钥是Base64字符串，因此您需要将此字符串转换为IBuffer对象，但要从已公开为Base 64字符串的二进制内容开始.您不是将普通字符串转换为二进制. 试试这个

The key in amazon is a Base64 string, so you need to convert this string to IBuffer object, but starting from already binary content exposed as Base 64 string. You are converting a normal string to binary wich is not the case. try this

var algorithmProvider = MacAlgorithmProvider.OpenAlgorithm(algorithmName);

var binaryKeyMaterial = CryptographicBuffer.DecodeFromBase64String(key);
var hmacKey = algorithmProvider.CreateKey(binaryKeyMaterial );

在此博客文章中，我写了关于

In this blog article I've wrote about how to create the signature from WinRT is in spanish but code is universal and you can translate it via bing translator or some others.

这篇关于WinRT上的Amazon REST调用的HMAC签名不正确的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！