[英]Hmac Sha256 incorrect result value AWS-Java
public static void main(String[] args) throws SignatureException {
String data = "GET"+"\n"+"webservices.amazon.com"+"\n"+"/onca/xml"+"\n"+"AWSAccessKeyId=AKIAIOSFODNN7EXAMPLE&ItemId=0679722769&Operation=ItemLookup&ResponeGroup=ItemAttributes%2COffers%2CImages%2CReviews&Service=AWSECommerceService&Timestamp=2009-01-01T12%3A00%3A00Z&Version=2009-01-06";
String key = "1234567890";
String result = calculateRFC2104HMAC(data, key);
System.out.println(result);
}
private static final String HMAC_SHA_ALGORITHM = "HmacSHA256";
public static String calculateRFC2104HMAC(String data, String key)throws java.security.SignatureException{
String result;
try {
// get an hmac_sha256 key from the raw key bytes
SecretKeySpec signingKey = new SecretKeySpec(key.getBytes("UTF-8"), HMAC_SHA_ALGORITHM);
// get an hmac_sha256 Mac instance and initialize with the signing key
Mac mac = Mac.getInstance(HMAC_SHA_ALGORITHM);
mac.init(signingKey);
// compute the hmac256 on input data bytes
byte[] rawHmac = mac.doFinal(data.getBytes("UTF-8"));
// base64-encode the hmac256
result = Base64.encodeBase64String(rawHmac);
} catch (Exception e) {
throw new SignatureException("Failed to generate HMAC : " + e.getMessage());
}
return result;
}
So I am trying to calculate this hmac with sha256 for AWS, but I do not get the excpected result, even though this example is taken from official AWS docs: http://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/AuthJavaSampleHMACSignature.html And the only thing changed is the algorithm, which did not break the program, so it should work, but it does not. 因此,我尝试使用sha256为AWS计算此hmac,但即使这个示例取自官方AWS文档,也无法得到预期的结果: http ://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide /AuthJavaSampleHMACSignature.html唯一改变的是算法,它不会破坏程序,因此它应该可以工作,但不会。
The result I get: k1T/qvVoXgEvmdFhTEh71vLDznqEVCyKcslA5RRSB6s= The result I expect: M/y0+EAFFGaUAp4bWv/WEuXYah99pVsxvqtAuC8YN7I= 我得到的结果是:k1T / qvVoXgEvmdFhTEh71vLDznqEVCyKcslA5RRSB6s =我期望的结果是:M / y0 + EAFFGaUAp4bWv / WEuXYah99pVsxvqtAuC8YN7I =
Does anyone have any idea what is wrong? 有人知道哪里出了问题吗?
It may have to do with how the newline character is interpreted. 可能与换行符的解释方式有关。 \\n can be a cr, lf, or cr-lf depending on your OS.
\\ n可以是cr,lf或cr-lf,具体取决于您的操作系统。
AWS uses to two different HMAC functions, the first returns the string representation, the other returns the binary representation. AWS使用了两个不同的HMAC函数,第一个返回字符串表示形式,另一个返回二进制表示形式。 This is from my C++ implementation using OpenSSL, hope it helps:
这来自我使用OpenSSL的C ++实现,希望对您有所帮助:
string hmacHex(string key, string msg)
{
unsigned char hash[32];
HMAC_CTX hmac;
HMAC_CTX_init(&hmac);
HMAC_Init_ex(&hmac, &key[0], key.length(), EVP_sha256(), NULL);
HMAC_Update(&hmac, (unsigned char*)&msg[0], msg.length());
unsigned int len = 32;
HMAC_Final(&hmac, hash, &len);
HMAC_CTX_cleanup(&hmac);
std::stringstream ss;
ss << std::hex << std::setfill('0');
for (int i = 0; i < len; i++)
{
ss << std::hex << std::setw(2) << (unsigned int)hash[i];
}
return (ss.str());
}
the string implementation 字符串实现
string hmac(string key, string msg)
{
unsigned char hash[32];
HMAC_CTX hmac;
HMAC_CTX_init(&hmac);
HMAC_Init_ex(&hmac, &key[0], key.length(), EVP_sha256(), NULL);
HMAC_Update(&hmac, ( unsigned char* )&msg[0], msg.length());
unsigned int len = 32;
HMAC_Final(&hmac, hash, &len);
HMAC_CTX_cleanup(&hmac);
std::stringstream ss;
ss << std::setfill('0');
for (int i = 0; i < len; i++)
{
ss << hash[i];
}
return (ss.str());
}
If you are using Java, I'd recommend using the corresponding SDK. 如果您使用的是Java,建议您使用相应的SDK。 I my experience the API's tend to change rather quickly.
我的经验是,API的变化往往相当快。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.