[英]Different hashes with same input values
I'm building a api and I'm having trouble generating a hash with CryptoJs in the client-side interface 我正在构建一个api,但在客户端界面中使用CryptoJs生成哈希时遇到了麻烦
My js function does this: 我的js函数执行此操作:
console.log(" username: '" + $rootScope.username + "'");
console.log("timestamp: '" + timestamp + "'");
console.log(" request: '" + req + "'");
console.log(" entropy: '" + "dragonsahead" + "'");
console.log(" password: '" + $rootScope.password + "'");
var message = $rootScope.username+timestamp+req+"dragonsahead";
console.log(" message: '" + message +"'");
var hash = CryptoJS.HmacSHA1(message, $rootScope.password).toString();
console.log(" HASH: '" + hash + "'");
return hash;
$rootScope.username
and $rootScope.password
are user inputs; $rootScope.username
和$rootScope.password
是用户输入;
JS Log: JS日志:
username: 'admin'
timestamp: '1394643128.478'
request: '/login'
entropy: 'dragonsahead'
password: 'e1a47a0407d876c8187b1e984a6813abde8160af'
message: 'admin1394643128.478/logindragonsahead'
HASH: '5061875265279c7378c95c9536feade1c610492d'
I could see in the server-side logs that the hashes did not match. 我可以在服务器端日志中看到哈希值不匹配。 PHP server Log: PHP服务器日志:
2014-03-12 16:52:08 - INFO --> username: 'admin'
2014-03-12 16:52:08 - INFO --> timestamp: '1394643128.478'
2014-03-12 16:52:08 - INFO --> request: '/login'
2014-03-12 16:52:08 - INFO --> entropy: 'dragonsahead'
2014-03-12 16:52:08 - INFO --> password: 'e1a47a0407d876c8187b1e984a6813abde8160af'
2014-03-12 16:52:08 - INFO --> message: 'admin1394643128.478/logindragonsahead'
2014-03-12 16:52:08 - INFO --> HASH: '4c34a29aa05059d5016bd74796407de3d2e5428c'
2014-03-12 16:52:08 - INFO -->CLIENTOKEN: '5061875265279c7378c95c9536feade1c610492d'
After this I checked i this site and the hash built by the server was the right one. 之后,我检查了这个站点 ,服务器构建的哈希值是正确的。 So, I decided lo load CryptoJS to a blank page (google, for example) and see what could happen: 因此,我决定将CryptoJS加载到空白页(例如Google),然后看看会发生什么:
> var jq = document.createElement('script');
> jq.src = "https://crypto-js.googlecode.com/svn/tags/3.1.2/build/rollups/hmac-sha1.js";
> document.getElementsByTagName('head')[0].appendChild(jq);
<script src="https://crypto-js.googlecode.com/svn/tags/3.1.2/build/rollups/hmac-sha1.js"></script>
>var test = CryptoJS.HmacSHA1("admin1394643128.478/logindragonsahead",'e1a47a0407d876c8187b1e984a6813abde8160af')
undefined
>test.toString()
"4c34a29aa05059d5016bd74796407de3d2e5428c"
As CryptoJS returned the right hash, It can only be that I am messing up with my javascript vars. 当CryptoJS返回正确的哈希值时,只能是我弄乱了我的javascript vars。 I don't know what could possibly be messing up my variables... 我不知道什么可能会弄乱我的变量...
It happens that I was storing the password in a angularjs's "$rootScope". 碰巧我将密码存储在angularjs的“ $ rootScope”中。
I need to do $rootScope.password.tostring()
instead of $rootScope.password
; 我需要做$rootScope.password.tostring()
而不是$rootScope.password
;
Solved. 解决了。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.