Python HMAC-SHA1与Java HMAC-SHA1的结果不同
[英]Python HMAC-SHA1 vs Java HMAC-SHA1 different results
问题描述
I borrowed the HMAC-SHA1 Java code from http://tools.ietf.org/html/rfc6238 and adapted slightly to hardcode it to use one known key/message pair with known output. 
我从http://tools.ietf.org/html/rfc6238借用了HMAC-SHA1 Java代码,并略微修改它以使用已知输出的已知密钥/消息对进行硬编码。
I then tried to write the same code in Python to verify the results, however I'm getting different values in Python and Java. 然后我尝试在Python中编写相同的代码来验证结果,但是我在Python和Java中获得了不同的值。
The Java values are known to be good. 已知Java值很好。
Java code: Java代码:
import java.lang.reflect.UndeclaredThrowableException;
import java.security.GeneralSecurityException;
import java.text.DateFormat;
import java.text.SimpleDateFormat;
import java.util.Date;
import javax.crypto.Mac;
import javax.crypto.spec.SecretKeySpec;
import java.math.BigInteger;
import java.util.TimeZone;
import java.util.Arrays;
public class make_hmac {
private make_hmac() {}
private static byte[] hmac_sha(String crypto, byte[] keyBytes,
byte[] text){
try {
System.out.println("Key is..." + bytesToHex(keyBytes) + "\n");
Mac hmac;
hmac = Mac.getInstance(crypto);
SecretKeySpec macKey =
new SecretKeySpec(keyBytes, "RAW");
hmac.init(macKey);
return hmac.doFinal(text);
} catch (GeneralSecurityException gse) {
throw new UndeclaredThrowableException(gse);
}
}
private static byte[] hexStr2Bytes(String hex){
// Adding one byte to get the right conversion
// Values starting with "0" can be converted
byte[] bArray = new BigInteger("10" + hex,16).toByteArray();
// Copy all the REAL bytes, not the "first"
byte[] ret = new byte[bArray.length - 1];
for (int i = 0; i < ret.length; i++)
ret[i] = bArray[i+1];
return ret;
}
private static final int[] DIGITS_POWER
// 0 1 2 3 4 5 6 7 8
= {1,10,100,1000,10000,100000,1000000,10000000,100000000 };
public static String generateTOTP(String key,
String time,
String returnDigits,
String crypto){
int codeDigits = Integer.decode(returnDigits).intValue();
String result = null;
// Using the counter
// First 8 bytes are for the movingFactor
// Compliant with base RFC 4226 (HOTP)
while (time.length() < 16 )
time = "0" + time;
// Get the HEX in a Byte[]
byte[] msg = hexStr2Bytes(time);
byte[] k = hexStr2Bytes(key);
byte[] hash = hmac_sha(crypto, k, msg);
System.out.println("I hashed key " + bytesToHex(k) + " against message " + bytesToHex(msg) + " and got...\n");
System.out.println("HASHED: " + bytesToHex(hash) + "\n");
// put selected bytes into result int
int offset = hash[hash.length - 1] & 0xf;
int binary =
((hash[offset] & 0x7f) << 24) |
((hash[offset + 1] & 0xff) << 16) |
((hash[offset + 2] & 0xff) << 8) |
(hash[offset + 3] & 0xff);
int otp = binary % DIGITS_POWER[codeDigits];
result = Integer.toString(otp);
while (result.length() < codeDigits) {
result = "0" + result;
}
return result;
}
public static String bytesToHex(byte[] bytes) {
final char[] hexArray = {'0','1','2','3','4','5','6','7','8','9','A','B','C','D','E','F'};
char[] hexChars = new char[bytes.length * 2];
int v;
for ( int j = 0; j < bytes.length; j++ ) {
v = bytes[j] & 0xFF;
hexChars[j * 2] = hexArray[v >>> 4];
hexChars[j * 2 + 1] = hexArray[v & 0x0F];
}
return new String(hexChars);
}
public static void main(String[] args) {
// Seed for HMAC-SHA1 - 20 bytes
String seed = "3132333435363738393031323334353637383930";
long T0 = 0;
long X = 30;
long testTime = 1111111109L;
String steps = "0";
long T = (testTime - T0)/X;
steps = Long.toHexString(T).toUpperCase();
while (steps.length() < 16) steps = "0" + steps;
System.out.println(generateTOTP(seed, steps, "8",
"HmacSHA1"));
}
}
Python code: Python代码:
import hmac
from hashlib import sha1
k = "3132333435363738393031323334353637383930"
msg = "00000000023523EC"
print "I hashed key", k, "against msg", msg, "and got...\n"
a = hmac.new(k, msg, sha1)
print a.digest().encode('hex')
Results of running Java: 运行Java的结果:
Key is...3132333435363738393031323334353637383930
I hashed key 3132333435363738393031323334353637383930 against message 00000000023523EC and got...
HASHED: 278C02E53610F84C40BD9135ACD4101012410A14
07081804
Results of running Python: 运行Python的结果:
I hashed key 3132333435363738393031323334353637383930 against msg 00000000023523EC and got...
fa9362e87c80a1ac61f705b5f9d5095adaec9525
The "key" and "message" are the same, but the Java version gets a different HMAC than the Python implementation does. “密钥”和“消息”是相同的,但Java版本获得的HMAC与Python实现的不同。
I suspect there's a subtle error somewhere in the Python code(because the Java version matches the expected results from the RFC) but I'm not sure where. 我怀疑Python代码中某处有一个微妙的错误(因为Java版本符合RFC的预期结果),但我不知道在哪里。 It looks so straightforward. 它看起来很简单。
1 个解决方案
解决方案1
8 已采纳 2012-10-22 20:53:41
I think the problem is that in Java, you're using the raw bytes as the key (only converting them to a hex string for output): 我认为问题是在Java中,您使用原始字节作为键(仅将它们转换为十六进制字符串以进行输出):
System.out.println("Key is..." + bytesToHex(keyBytes) + "\n");
// ...
SecretKeySpec macKey = new SecretKeySpec(keyBytes, "RAW");
But in Python, you're using the hex string: 但在Python中,您使用的是十六进制字符串:
k = "3132333435363738393031323334353637383930"
It looks like you can decode the hex string with: 看起来你可以解码十六进制字符串 :
raw_key = k.decode('hex')
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.