Please help! I have been pulling out my hair over this one. :)
I have a site that I need to HMAC SHA1 for authentication. It currently works with another language but now I need to move it to ColdFusion. For the life of me I cannot get the strings to match. Any assistance would be much appreciated.
Data: https%3A%2F%2Fwww%2Etestwebsite%2Ecom%3Fid%3D5447
265D5C01D1B4C8FA28DC55C113B4D21005BB2B348859F674977B24E开发者_如何学Go0F37C81B05FAE85FB75EA9CF53ABB9A174C59D98C7A61E2985026D2AA70AE4452A6E3F2F9
Correct answer: WJd%2BKxmFxGWdbw4xQJZXd3%2FHkFQ%3d
knIVr6wIt6%2Fl7mBJPTTbwQoTIb8%3d
Both are Base64 encoded and then URL encoded.
Doing an HMAC-SHA1 thing myself. Best I can say is that I found this old function. Has worked great for what I am doing thus far. Forgot where I found it though so I can't credit the author.
For your Base 64 stuff... run this function on your encryption, then just do a cfset newString = toBase64(oldString) on what is returned.
<cffunction name="hmacEncrypt" returntype="binary" access="public" output="false">
<cfargument name="signKey" type="string" required="true" />
<cfargument name="signMessage" type="string" required="true" />
<cfargument name="algorithm" type="string" default="HmacSHA1" />
<cfargument name="charset" type="string" default="UTF-8" />
<cfset var msgBytes = charsetDecode(arguments.signMessage, arguments.charset) />
<cfset var keyBytes = charsetDecode(arguments.signKey, arguments.charset) />
<cfset var keySpec = createObject("java","javax.crypto.spec.SecretKeySpec") />
<cfset var mac = createObject("java","javax.crypto.Mac") />
<cfset key = keySpec.init(keyBytes, arguments.algorithm) />
<cfset mac = mac.getInstance(arguments.algorithm) />
<cfset mac.init(key) />
<cfset mac.update(msgBytes) />
<cfreturn mac.doFinal() />
</cffunction>
A shorter encryption method (based on Barney's method) that outputs a string:
<cffunction name="CFHMAC" output="false" returntype="string">
<cfargument name="signMsg" type="string" required="true" />
<cfargument name="signKey" type="string" required="true" />
<cfargument name="encoding" type="string" default="utf-8" />
<cfset var key = createObject("java", "javax.crypto.spec.SecretKeySpec").init(signKey.getBytes(arguments.encoding), "HmacSHA1") />
<cfset var mac = createObject("java", "javax.crypto.Mac").getInstance("HmacSHA1") />
<cfset mac.init(key) />
<cfreturn toBase64(mac.doFinal(signMsg.getBytes(arguments.encoding))) />
</cffunction>
In addition
- ColdFusion 10 supports HMAC-SHA1 for Encrypting and Hashing natively.
- There is a library called CF_HMAC distributed by Adobe
- There are several libraries that deal with HMAC in relation while signing files for Amazon. Among them are cf-amazon-s3, Barney's S3 URL Builder, and RIAForge S3
Steve - Thanks for your response. I actually was using the hmacEncrypt function already. I did figure out my issue though. I was passing in a HEX key instead of a string. It accepted the key because technically it was a string. To get it back to a string I used another function along with the one above. The one below changes the HEX into a string. I didn't write the function below nor do I remember where it came from to get the author credit, but it worked great.
<cffunction name="Hex2Bin" returntype="any" hint="Converts a Hex string to binary">
<cfargument name="inputString" type="string" required="true" hint="The hexadecimal string to be written.">
<cfset var outStream = CreateObject("java", "java.io.ByteArrayOutputStream").init()>
<cfset var inputLength = Len(arguments.inputString)>
<cfset var outputString = "">
<cfset var i = 0>
<cfset var ch = "">
<cfif inputLength mod 2 neq 0>
<cfset arguments.inputString = "0" & inputString>
</cfif>
<cfloop from="1" to="#inputLength#" index="i" step="2">
<cfset ch = Mid(inputString, i, 2)>
<cfset outStream.write(javacast("int", InputBaseN(ch, 16)))>
</cfloop>
<cfset outStream.flush()>
<cfset outStream.close()>
<cfreturn outStream.toByteArray()>
</cffunction>
精彩评论