如何在 Node.js 中将 HMAC 密钥和消息指定为十六进制
How to specify HMAC key and message as hexadecimal in Node.js
我在 node.js 中有此代码:
crypto = require('crypto');
secret = 'e8f32e723decf4051aefac8e2c93c9c5b214313817cdb01a1494b917c8436b35';
secret2 = 'E8F32E723DECF4051AEFAC8E2C93C9C5B214313817CDB01A1494B917C8436B35'; // upper case
theString = "800C28FCA386C7A227600B2FE50B7CAE11EC86D3BF1FBE471BE89827E19D72AA1D"; // upper case
theString2 = "800c28fca386c7a227600b2fe50b7cae11ec86d3bf1fbe471be89827e19d72aa1d";
hmac = crypto.createHmac('sha512', secret)
.update(theString, 'hex')
.digest('hex');
console.log("HMAC : " + hmac);
使用 secret 和 theString
HMAC = 588cf3e244ae6a6fa3db9761a32f715dc50e080b1b427229654af67e453c3f0d6456975095e32e3c8e68af386e19cb1ef3c1d8b546a8af0279be2fe43bf91c08
使用 secret 和 theString2
HMAC = 588cf3e244ae6a6fa3db9761a32f715dc50e080b1b427229654af67e453c3f0d6456975095e32e3c8e68af386e19cb1ef3c1d8b546a8af0279be2fe43bf91c08
hmac 相同 => theString 被解释为十六进制
使用 secret2 和 theString
HMAC = 1cc29c3b964ac964a960e3d9b82b9db6b4df3cc3675d60e25fdd9dee64672a9ce2dfa86afb25c8684416f88b47f6e16981029574fcc144e4be05114e2c059e23
hmac 不同 => secret 被解释为字符串(ASCII 或 unicode...)
问题:有没有办法将secret指定为十六进制?
如果你不想传入一个二进制字符串,你总是可以传入一个缓冲区:
hmac = crypto.createHmac('sha512', new Buffer(secret, 'hex'))
.update(new Buffer(theString, 'hex'))
.digest('hex');
根据文档 Hmac#update 没有编码选项,所以不要使用未记录的功能。
更新:备注
According to the documentation Hmac#update doesn't have an encoding
option, so don't use an undocumented feature.
-如果我不在更新
中使用选项'hex'
与字符串
crypto.createHmac('sha512', new Buffer(secret, 'hex'))
.update(theString)
hmac = 8df515ab391531d68e5bc29c91fc21771b10dbdf29f24d0eaa92d40a48d8faa2ee432356d72d771d2eb97b2be071b235056df8707327869f0c9830ea5814158b
与字符串2
crypto.createHmac('sha512', new Buffer(secret, 'hex'))
.update(theString2)
hmac = 5ba6e9eaea4e28a9ad197b519ba72d8f5070ac8208dd135ec6adc17cbaa70ed6279c698c95feeaf55b2b936d02f92c05901ff7c786b70c74fb2bb8beefdb6e65
hmac 不同 => theString 和 theString2 被解释为字符串
-如果我在更新
中使用选项'hex'
与字符串
crypto.createHmac('sha512', new Buffer(secret, 'hex'))
.update(theString, 'hex')
hmac = 4135e2908192c404f776a273b0877437417da0605b385ced1cdf0ffe9446877436896baf8f5439848c1c6fa095d1a2fb01ef2a077db58b15fb4ef63dbc92a6e5
与字符串2
crypto.createHmac('sha512', new Buffer(secret, 'hex'))
.update(theString2, 'hex')
hmac = 4135e2908192c404f776a273b0877437417da0605b385ced1cdf0ffe9446877436896baf8f5439848c1c6fa095d1a2fb01ef2a077db58b15fb4ef63dbc92a6e5
hmac 相同 => theString 和 theString2 被解释为十六进制
=> 该选项似乎有效!!!
但我会改用缓冲区
我在 node.js 中有此代码:
crypto = require('crypto');
secret = 'e8f32e723decf4051aefac8e2c93c9c5b214313817cdb01a1494b917c8436b35';
secret2 = 'E8F32E723DECF4051AEFAC8E2C93C9C5B214313817CDB01A1494B917C8436B35'; // upper case
theString = "800C28FCA386C7A227600B2FE50B7CAE11EC86D3BF1FBE471BE89827E19D72AA1D"; // upper case
theString2 = "800c28fca386c7a227600b2fe50b7cae11ec86d3bf1fbe471be89827e19d72aa1d";
hmac = crypto.createHmac('sha512', secret)
.update(theString, 'hex')
.digest('hex');
console.log("HMAC : " + hmac);
使用 secret 和 theString
HMAC = 588cf3e244ae6a6fa3db9761a32f715dc50e080b1b427229654af67e453c3f0d6456975095e32e3c8e68af386e19cb1ef3c1d8b546a8af0279be2fe43bf91c08
使用 secret 和 theString2
HMAC = 588cf3e244ae6a6fa3db9761a32f715dc50e080b1b427229654af67e453c3f0d6456975095e32e3c8e68af386e19cb1ef3c1d8b546a8af0279be2fe43bf91c08
hmac 相同 => theString 被解释为十六进制
使用 secret2 和 theString
HMAC = 1cc29c3b964ac964a960e3d9b82b9db6b4df3cc3675d60e25fdd9dee64672a9ce2dfa86afb25c8684416f88b47f6e16981029574fcc144e4be05114e2c059e23
hmac 不同 => secret 被解释为字符串(ASCII 或 unicode...)
问题:有没有办法将secret指定为十六进制?
如果你不想传入一个二进制字符串,你总是可以传入一个缓冲区:
hmac = crypto.createHmac('sha512', new Buffer(secret, 'hex'))
.update(new Buffer(theString, 'hex'))
.digest('hex');
根据文档 Hmac#update 没有编码选项,所以不要使用未记录的功能。
更新:备注
According to the documentation Hmac#update doesn't have an encoding option, so don't use an undocumented feature.
-如果我不在更新
中使用选项'hex'与字符串
crypto.createHmac('sha512', new Buffer(secret, 'hex'))
.update(theString)
hmac = 8df515ab391531d68e5bc29c91fc21771b10dbdf29f24d0eaa92d40a48d8faa2ee432356d72d771d2eb97b2be071b235056df8707327869f0c9830ea5814158b
与字符串2
crypto.createHmac('sha512', new Buffer(secret, 'hex'))
.update(theString2)
hmac = 5ba6e9eaea4e28a9ad197b519ba72d8f5070ac8208dd135ec6adc17cbaa70ed6279c698c95feeaf55b2b936d02f92c05901ff7c786b70c74fb2bb8beefdb6e65
hmac 不同 => theString 和 theString2 被解释为字符串
-如果我在更新
中使用选项'hex'与字符串
crypto.createHmac('sha512', new Buffer(secret, 'hex'))
.update(theString, 'hex')
hmac = 4135e2908192c404f776a273b0877437417da0605b385ced1cdf0ffe9446877436896baf8f5439848c1c6fa095d1a2fb01ef2a077db58b15fb4ef63dbc92a6e5
与字符串2
crypto.createHmac('sha512', new Buffer(secret, 'hex'))
.update(theString2, 'hex')
hmac = 4135e2908192c404f776a273b0877437417da0605b385ced1cdf0ffe9446877436896baf8f5439848c1c6fa095d1a2fb01ef2a077db58b15fb4ef63dbc92a6e5
hmac 相同 => theString 和 theString2 被解释为十六进制 => 该选项似乎有效!!! 但我会改用缓冲区