在 JavaScript 中使用 SubtleCrypto 进行 HMAC 验证的错误结果

Wrong result with HMAC verification using SubtleCrypto in JavaScript

我正在尝试使用 SubtleCrypto API 验证 HMAC 签名。整个事情应该在 Cloudflare Workers 中 运行,我正在使用他们的 wrangler 工具在本地测试它。

到目前为止,这是我的代码,但它生成了错误的签名。

const message = "(query params from an url)";
const given_signature = "(extracted from the query params)";
const SECRET = "...";

const algorithm = { name: 'HMAC', hash: 'SHA-256' };
const encoder = new TextEncoder();

const key = await crypto.subtle.importKey(
    'raw',
    encoder.encode(SECRET),
    algorithm,
    false,
    ['sign', 'verify']
);

const signature = await crypto.subtle.sign(
    algorithm.name,
    key,
    encoder.encode(message)
);

const digest = btoa(String.fromCharCode(...new Uint8Array(signature)));
// The digest does not match the signature extracted from the query params

// If I, for example, want to verify the signature directly, the result is still false.
const verify = await crypto.subtle.verify(
    algorithm.name,
    key,
    encoder.encode(given_signature),
    encoder.encode(message)
);

如果我在在线 HMAC 测试工具中使用相同的秘密和消息,我得到的结果是正确的,所以我确定我的代码中一定有错误。

我发现有趣的是,我的代码生成的签名比给定的签名短得多(例如 3fn0mhrebHTJMhtOyvRP5nZIhogX/M1OKQ5GojniZTM= vs ddf9f49a1ade6c74c9321b4ecaf44fe67648868817fccd4e290e46a239e26533)。

有人知道我哪里出错了吗?

感谢有用的评论!简而言之,问题是提供的签名被编码为 HEX 字符串,而生成的签名是 base64 编码的字符串。

为了保持整洁,这是一个使用 crypto.subtle.verify 函数的工作版本:

const message = "(query params from an url w/o the hmac signature)";
const given_signature = "(the given hmac signature extracted from the query params)";
const SECRET = "(my secret key)";

const hexToBuffer = (hex: string) => {
  const matches = hex.match(/[\da-f]{2}/gi) ?? [];
  const typedArray = new Uint8Array(
    matches.map(function (h) {
      return parseInt(h, 16);
    })
  );
  return typedArray.buffer;
};

const algorithm = { name: "HMAC", hash: "SHA-256" };
const encoder = new TextEncoder();

const key = await crypto.subtle.importKey(
  "raw",
  encoder.encode(SECRET),
  algorithm,
  false,
  ["sign", "verify"]
);

const result: boolean = await crypto.subtle.verify(
  algorithm.name,
  key,
  hexToBuffer(given_signature),
  encoder.encode(message)
);