使用 python 重新创建 CryptoJS Hmac
Recreating a CryptoJS Hmac using python
场景是我有一个 JS 脚本,它为用户提供的输入创建一个 HMAC,我想使用 python 为相同的输入计算相同的 HMAC。为了使事情更清楚,请考虑以下 JS 和 Python 代码片段。
Javascript
<script src="https://cdnjs.cloudflare.com/ajax/libs/crypto-js/3.1.9-1/crypto-js.min.js"></script>
<script src="https://cdnjs.cloudflare.com/ajax/libs/crypto-js/3.1.9-1/hmac-sha256.min.js"></script>
<script src="https://cdnjs.cloudflare.com/ajax/libs/crypto-js/3.1.9-1/enc-base64.min.js"></script>
<script>
var secretAccessKey = "bAvW5O18eSrxke4I7eFcrnrDJkN+wKQmx9aSHuMZQ0w=";
var stringtoSign = "Test";
// Generate HMAC SHA256 signature
var secretAccessKeyBase64 = CryptoJS.enc.Base64.parse(secretAccessKey);
var hash = CryptoJS.HmacSHA256(stringtoSign, secretAccessKeyBase64);
var signature = CryptoJS.enc.Base64.stringify(hash);
</script>
Python
stringToSign = "Test"
secretAccessKey = "bAvW5O18eSrxke4I7eFcrnrDJkN+wKQmx9aSHuMZQ0w="
secretAccessKeyBase64 = base64.b64decode(secretAccessKey).hex()
keyBytes = bytes(secretAccessKeyBase64, 'utf-8')
stringToSignBytes = bytes(stringToSign, 'utf-8')
signatureHash = hmac.new(keyBytes, stringToSignBytes, digestmod=hashlib.sha256).digest()
signature = base64.b64encode(signatureHash)
print(signature)
Javascript 代码给出 b+1wRzDODA85vyDZkXByPIKO5qmnjCRNF5gZFi33/Ic=,而 python 给出值 b'SsZ4bcYe3op1nGU6bySzlSc9kgg9Kgp37qzF15s2zNc= '
为什么我的 python 代码会为提供给 JS 脚本的(看似)相同的输入生成不同的 HMAC?有没有办法通过python获取JS代码输出的HMAC值?
您在 Javascript 中使用 Base64 编码值作为机密,而在 Python 中您使用纯文本机密。
<script>
var secretAccessKeyBase64 = "secret";
var hash = CryptoJS.HmacSHA256("Message", secretAccessKeyBase64);
var hashInBase64 = CryptoJS.enc.Base64.stringify(hash);
document.write(hashInBase64);
</script>
这会打印出与 Python 代码相同的值:
qnR8UCqJggD55PohusaBNviGoOJ67HC6Btry4qXLVZc=
编辑:
base64 returns 字节对象,无需将其转换为 hex()
:
stringToSign = "Test"
secretAccessKey = "bAvW5O18eSrxke4I7eFcrnrDJkN+wKQmx9aSHuMZQ0w="
secretAccessKeyBase64 = base64.b64decode(secretAccessKey)
keyBytes = secretAccessKeyBase64
stringToSignBytes = bytes(stringToSign, 'utf-8')
signatureHash = hmac.new(keyBytes, stringToSignBytes, digestmod=hashlib.sha256).digest()
signature = base64.b64encode(signatureHash)
print(signature)
正确打印:
b'b+1wRzDODA85vyDZkXByPIKO5qmnjCRNF5gZFi33/Ic='
场景是我有一个 JS 脚本,它为用户提供的输入创建一个 HMAC,我想使用 python 为相同的输入计算相同的 HMAC。为了使事情更清楚,请考虑以下 JS 和 Python 代码片段。
Javascript
<script src="https://cdnjs.cloudflare.com/ajax/libs/crypto-js/3.1.9-1/crypto-js.min.js"></script>
<script src="https://cdnjs.cloudflare.com/ajax/libs/crypto-js/3.1.9-1/hmac-sha256.min.js"></script>
<script src="https://cdnjs.cloudflare.com/ajax/libs/crypto-js/3.1.9-1/enc-base64.min.js"></script>
<script>
var secretAccessKey = "bAvW5O18eSrxke4I7eFcrnrDJkN+wKQmx9aSHuMZQ0w=";
var stringtoSign = "Test";
// Generate HMAC SHA256 signature
var secretAccessKeyBase64 = CryptoJS.enc.Base64.parse(secretAccessKey);
var hash = CryptoJS.HmacSHA256(stringtoSign, secretAccessKeyBase64);
var signature = CryptoJS.enc.Base64.stringify(hash);
</script>
Python
stringToSign = "Test"
secretAccessKey = "bAvW5O18eSrxke4I7eFcrnrDJkN+wKQmx9aSHuMZQ0w="
secretAccessKeyBase64 = base64.b64decode(secretAccessKey).hex()
keyBytes = bytes(secretAccessKeyBase64, 'utf-8')
stringToSignBytes = bytes(stringToSign, 'utf-8')
signatureHash = hmac.new(keyBytes, stringToSignBytes, digestmod=hashlib.sha256).digest()
signature = base64.b64encode(signatureHash)
print(signature)
Javascript 代码给出 b+1wRzDODA85vyDZkXByPIKO5qmnjCRNF5gZFi33/Ic=,而 python 给出值 b'SsZ4bcYe3op1nGU6bySzlSc9kgg9Kgp37qzF15s2zNc= '
为什么我的 python 代码会为提供给 JS 脚本的(看似)相同的输入生成不同的 HMAC?有没有办法通过python获取JS代码输出的HMAC值?
您在 Javascript 中使用 Base64 编码值作为机密,而在 Python 中您使用纯文本机密。
<script>
var secretAccessKeyBase64 = "secret";
var hash = CryptoJS.HmacSHA256("Message", secretAccessKeyBase64);
var hashInBase64 = CryptoJS.enc.Base64.stringify(hash);
document.write(hashInBase64);
</script>
这会打印出与 Python 代码相同的值:
qnR8UCqJggD55PohusaBNviGoOJ67HC6Btry4qXLVZc=
编辑:
base64 returns 字节对象,无需将其转换为 hex()
:
stringToSign = "Test"
secretAccessKey = "bAvW5O18eSrxke4I7eFcrnrDJkN+wKQmx9aSHuMZQ0w="
secretAccessKeyBase64 = base64.b64decode(secretAccessKey)
keyBytes = secretAccessKeyBase64
stringToSignBytes = bytes(stringToSign, 'utf-8')
signatureHash = hmac.new(keyBytes, stringToSignBytes, digestmod=hashlib.sha256).digest()
signature = base64.b64encode(signatureHash)
print(signature)
正确打印:
b'b+1wRzDODA85vyDZkXByPIKO5qmnjCRNF5gZFi33/Ic='