将 C# 转换为 ColdFusion
Converting C# to ColdFusion
我没有使用 C# 的经验,想知道是否有人可以帮助将此 C# 片段转换为 ColdFusion。
string inputString = "abccde";
string securityKey = "abcdefghijk...";
// Convert security key into ASCII bytes using utf8 encoding
byte[] securityKeyBytes = UTF8Encoding.ASCII.GetBytes(securityKey);
// Create an HMACSHA1 hashing object that has been seeded with the security key bytes
HMACSHA1 hasher = new HMACSHA1(securityKeyBytes);
// Convert input string into ASCII bytes using utf8 encoding
byte[] inputBytes = UTF8Encoding.ASCII.GetBytes(inputString.ToCharArray());
// Compute the has value
byte[] hash = hasher.ComputeHash(inputBytes);
// Convert back to a base 64 string
string securityToken = Convert.ToBase64String(hash);
return securityToken;
我在 Whosebug 上找到了 this,这里是我目前所拥有的。我正朝着正确的方向前进吗?任何见解将不胜感激!
<cffunction name="CFHMAC" output="false" returntype="string">
<cfargument name="signMsg" type="string" required="true" />
<cfargument name="signKey" type="string" required="true" />
<cfset var key = createObject("java", "javax.crypto.spec.SecretKeySpec").init(signKey.getBytes(), "HmacSHA1") />
<cfset var mac = createObject("java", "javax.crypto.Mac").getInstance("HmacSHA1") />
<cfset mac.init(key) />
<cfreturn toBase64(mac.doFinal(signMsg.getBytes())) />
</cffunction>
<cfset signMsg= "abccde">
<cfset signatureString = "abcdefghijk...">
<cfset result = CFHMAC(signMsg=signMsg, signKey=signatureString) />
<cfdump var="#result#" />
(根据评论展开)
CF11 有一个 HMAC function already built in, so it is possible you may not need that UDF. I would suggest giving it a try. Take note that the C# code uses UTF8Encoding.ASCII:
ASCII characters are limited to the lowest 128 Unicode characters,
from U+0000 to U+007F....
Note that the ASCII encoding has an 8th bit ambiguity that can allow
malicious use, but the UTF-8 encoding removes ambiguity about the 8th
bit. ... It uses replacement fallback to replace each string that it
cannot encode and each byte that it cannot decode with a question mark
("?") character.
假设您需要保持与其他应用程序的兼容性,并且必须保持相同的编码,UTF8Encoding.ASCII 应该对应于"US-ASCII"中的编码CF/Java,但做一些测试来验证无效字符的处理。如果您可以灵活地更改编码,我建议改用 UTF-8。请记住,CF 函数总是 returns 十六进制。如果您需要 base64 字符串,则必须使用 binaryEncode() and binaryDecode().
进行转换
示例:
<!--- Only required when hard coding UTF8 characters into a script --->
<cfprocessingdirective pageEncoding="utf-8">
<cfset message = "Pi π and Sigma Σ.">
<cfset key = "abcdefghijk">
<cfset hexHash = hmac(message, key, "HMACSHA1", "US-ASCII")>
<cfset base64Hash = binaryEncode(binaryDecode(hexHash, "hex"), "base64")>
<cfdump var="#base64Hash#">
结果:
HMACSHA1 = J2AZf+zhrebIA/tK3i5PYb4b/Fo=
旁注,关于 CFHMAC UDF:在提取字符串的字节时要非常小心编码。正如我在评论中指出的那样,最好避免使用 getBytes() 因为它采用默认编码,无论是什么。这意味着它可能并不总是 return 期望的结果,并且可能因一个 jvm 而异。相反,最好始终明确提供字符集,即 getBytes("UTF-8")、getBytes("US-ASCII") 等。
我没有使用 C# 的经验,想知道是否有人可以帮助将此 C# 片段转换为 ColdFusion。
string inputString = "abccde";
string securityKey = "abcdefghijk...";
// Convert security key into ASCII bytes using utf8 encoding
byte[] securityKeyBytes = UTF8Encoding.ASCII.GetBytes(securityKey);
// Create an HMACSHA1 hashing object that has been seeded with the security key bytes
HMACSHA1 hasher = new HMACSHA1(securityKeyBytes);
// Convert input string into ASCII bytes using utf8 encoding
byte[] inputBytes = UTF8Encoding.ASCII.GetBytes(inputString.ToCharArray());
// Compute the has value
byte[] hash = hasher.ComputeHash(inputBytes);
// Convert back to a base 64 string
string securityToken = Convert.ToBase64String(hash);
return securityToken;
我在 Whosebug 上找到了 this,这里是我目前所拥有的。我正朝着正确的方向前进吗?任何见解将不胜感激!
<cffunction name="CFHMAC" output="false" returntype="string">
<cfargument name="signMsg" type="string" required="true" />
<cfargument name="signKey" type="string" required="true" />
<cfset var key = createObject("java", "javax.crypto.spec.SecretKeySpec").init(signKey.getBytes(), "HmacSHA1") />
<cfset var mac = createObject("java", "javax.crypto.Mac").getInstance("HmacSHA1") />
<cfset mac.init(key) />
<cfreturn toBase64(mac.doFinal(signMsg.getBytes())) />
</cffunction>
<cfset signMsg= "abccde">
<cfset signatureString = "abcdefghijk...">
<cfset result = CFHMAC(signMsg=signMsg, signKey=signatureString) />
<cfdump var="#result#" />
(根据评论展开)
CF11 有一个 HMAC function already built in, so it is possible you may not need that UDF. I would suggest giving it a try. Take note that the C# code uses UTF8Encoding.ASCII:
ASCII characters are limited to the lowest 128 Unicode characters, from U+0000 to U+007F....
Note that the ASCII encoding has an 8th bit ambiguity that can allow malicious use, but the UTF-8 encoding removes ambiguity about the 8th bit. ... It uses replacement fallback to replace each string that it cannot encode and each byte that it cannot decode with a question mark ("?") character.
假设您需要保持与其他应用程序的兼容性,并且必须保持相同的编码,UTF8Encoding.ASCII 应该对应于"US-ASCII"中的编码CF/Java,但做一些测试来验证无效字符的处理。如果您可以灵活地更改编码,我建议改用 UTF-8。请记住,CF 函数总是 returns 十六进制。如果您需要 base64 字符串,则必须使用 binaryEncode() and binaryDecode().
进行转换示例:
<!--- Only required when hard coding UTF8 characters into a script --->
<cfprocessingdirective pageEncoding="utf-8">
<cfset message = "Pi π and Sigma Σ.">
<cfset key = "abcdefghijk">
<cfset hexHash = hmac(message, key, "HMACSHA1", "US-ASCII")>
<cfset base64Hash = binaryEncode(binaryDecode(hexHash, "hex"), "base64")>
<cfdump var="#base64Hash#">
结果:
HMACSHA1 = J2AZf+zhrebIA/tK3i5PYb4b/Fo=
旁注,关于 CFHMAC UDF:在提取字符串的字节时要非常小心编码。正如我在评论中指出的那样,最好避免使用 getBytes() 因为它采用默认编码,无论是什么。这意味着它可能并不总是 return 期望的结果,并且可能因一个 jvm 而异。相反,最好始终明确提供字符集,即 getBytes("UTF-8")、getBytes("US-ASCII") 等。