德的base64 code - 字符串NUL [英] base64 decode - nul in string
问题描述
我试图创建将运行一些网站上的私人API调用功能。
所有这些网站在PHP如下方式使用认证通过API调用的签名:
base64_en code(hash_hmac('SHA512',$ post_data,base64_de code($秘密),真))
使用包消化RCurl我可以轻松地为写:
base64En code(HMAC(键= base64De code(秘密),对象= post_data,算法中='SHA512',生= TRUE))
我打一整天的HMAC 键参数输入:
键= base64De code(秘密)
问题是,HMAC函数只接受字符串值,但base64De code可能返回的东西不仅仅是字符串更多:
STR(base64De code(秘密))
CHRIAľÂÜĄ\\ VZL \\ 022?| __truncated__
本 __ __截断是关键的问题在这里。所以我试了下事情是采取从德code函数和rawToChar一个原始输出就可以了:
STR(base64De code(秘密,模式='原始'))
生[1:64] EE E3 3f中是...rawToChar(base64De code(秘密,模式='原始'))
错误rawToChar(base64De code(秘密,模式='原始')):嵌入在NUL
串:
'îă?ľÂÜĄ\\vŽĺ\\022\\0!^\\026Č‹¶©wŚˇ0Î\\035ë\\026\\r\\001ňKÍ„Rř\\003j„7¤Ň\
ťä_\\004m@ß\\0Ă\"c\\0271˝ZnĚ55’v'
块引用>我们现在可以看到,有一个神秘的 NUL 的事情在我的(甚至没有)串的地方。我不那么在意完全无效,我只需要这一块数据的传递,作为HMAC输入。
- 是否有可能来处理字符串NUL,只是将它推得更远输入上的功能?
- 是否有可能有HMAC功能的键参数接受原始对象也是这样吗?
我也试过base64enc包没有成功。我试过很多很多不同的转化率,但一切都可以追溯到这个简单的'NUL字符串。
这些网站是相当新的,这个验证过程看起来像其中的一个标准API权威性。应该有某种方式来处理R中的过程。
如果有人想测试一下,
秘密< - '7uM / vsLcpQuOmOUSACFeFsiLtql3jKEwzh3rFg0B8kvNhFL4A2qEN6TSCp3kXwRtQN8AwyJjFzG9Wm7MNTWSdg =='
解决方案回答问题2是:
的 HMAC功能已经接受原始对象,而不是字符串。的
这是解决方案:
HMAC(键= base64De code(秘密,模式='原始'),
对象= post_data,
ALGO ='SHA512',
原料= TRUE)I'm trying to create function that will run private API calls on some sites. All those sites are using authentication by signature of the API call as follows in php:
base64_encode( hash_hmac('sha512', $post_data, base64_decode($secret), true) )
Using package digest and RCurl I can easily write as:
base64Encode( hmac(key = base64Decode(secret), object = post_data, algo = 'sha512', raw = TRUE) )
I'm fighting whole day with the hmac key parameter input:
key = base64Decode(secret)
The issue is that hmac function accept only string value but base64Decode might return something more than just string:
str(base64Decode(secret)) chr "îă?ľÂÜĄ\vŽĺ\022""| __truncated__
This __truncated__ is the key issue here. So the next thing I've tried was take a raw output from decode function and rawToChar on it:
str(base64Decode(secret,mode='raw')) raw [1:64] ee e3 3f be ... rawToChar(base64Decode(secret,mode='raw'))
Error in rawToChar(base64Decode(secret,mode='raw')) : embedded nul in string: 'îă?ľÂÜĄ\vŽĺ\022\0!^\026Č‹¶©wŚˇ0Î\035ë\026\r\001ňKÍ„Rř\003j„7¤Ň\nťä_\004m@ß\0Ă"c\0271˝ZnĚ55’v'
As we can see now, there is a mystery nul thing somewhere in my (not even yet) string. I don't care much about the nuls, I just need to pass this piece of data as input for hmac.
- Is there any possibility to handle string with nul, just for pushing it farther as input upper function?
- Is there any possibility to have hmac function key parameter accept raw object like this?
I tried also base64enc package with no success. I tried many many different conversions but everything is going back this simple 'nul in string'.
These sites are rather new and this authentication process looks like a standard API auth among them. There should be some way to handle that process in R.
If anyone want to test,
secret <- '7uM/vsLcpQuOmOUSACFeFsiLtql3jKEwzh3rFg0B8kvNhFL4A2qEN6TSCp3kXwRtQN8AwyJjFzG9Wm7MNTWSdg=='
解决方案Answer for the question 2. is:
hmac function already accept raw object instead of string.
This is the solution:
hmac(key = base64Decode(secret, mode='raw'), object = post_data, algo = 'sha512', raw = TRUE)
这篇关于德的base64 code - 字符串NUL的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!