设备的激活码最佳实践 [英] Device’s Activation Code best practice
问题描述
引用文档:
预注册后,设备可以通过向 Xively API 发送激活码来激活.这向 Xively 发出信号,表明设备已第一次唤醒,并请求提供它可以使用的 Feed ID 和 API 密钥.设备的激活码是使用 HMAC-SHA1 哈希生成的,该哈希将设备的序列号与其父产品的产品密钥相结合,使某人实际上无法从激活码中提取产品密钥,或在配置中以欺诈方式冒充设备过程.
Once pre-registered, a Device can Activate by sending an Activation Code to the Xively API. This signals to Xively that the Device has woken up for the first time, and is requesting to be provisioned with a Feed ID and API Key that it can use. A Device’s Activation Code is generated using an HMAC-SHA1 hash that combines the Device’s Serial Number with its parent Product’s Product Secret to makes it effectively impossible for someone to extract the Product Secret from the activation code, or to fraudulently impersonate a Device in the provisioning process.
什么是最佳实践:
- 将激活码保存在每个设备内存中:在出厂时编程非常耗时
- 通过
HMAC-SHA1(serialnumber, productid)计算设备唤醒时的激活码.
- keeping the Activation Code on each device memory: very time consuming to program at factory time
- computing the Activation code on device wakeup via
HMAC-SHA1(serialnumber, productid).
在我的情况下,第二个更有意义,但是我无法从 API 文档中找到 HMAC 的计算方式.它只是一个字符串连接吗?填充呢?
In my case the second make more sense, however I cannot find how the HMAC is calculated from the API docs. Is it just a string concatenation? What about padding?
推荐答案
所有错误开发者所说的都是绝对正确的.
Everything errordeveloper said is absolutely correct.
另外要记住的一点是,产品(或设备)页面上列出的产品机密已经是十六进制对格式.您不需要将字符串转换为十六进制,而是将当前字符串用作十六进制字符串.您可以在 errordeveloper 发布的 Arduino 代码中看到这是如何完成的.
One additional thing to keep in mind is that the product secret listed on the product (or device) page is already in hex pair format. You do not need to convert the string to hex, but rather use the current string as a hex string. You can see how this is done in the Arduino code posted by errordeveloper.
这篇关于设备的激活码最佳实践的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
