stackoom
  简体   繁体   中英

Google-App-Script vs php in encoding base64

 原文  2018-03-13 08:58:47       php/ google-apps-script/ base64/ encode/ hmac

Question

This php code decodes the secret key before hashing with SHA 512 

$API_SECRET_KEY="W0+m0Dc9GMN9yDVeq3GMDsJ49WasEhQHkNHNuDw3wNg=";
$BDAPI_SECRET_KEY=base64_decode($API_SECRET_KEY);
$HMAC_SIGN = base64_encode(hash_hmac('sha512',$MESSAGE,$BDAPI_SECRET_KEY,true));
echo $HMAC_SIGN;

BfVNi21gY09c8M18cWBRBgo1W9pAlXM99ZVoF7Kz2ETFnIuvXjj8NRvRgn/GaT/m6YJ8efsr5s9EDbIhznAaag==

I want to replicate this in google app script 

var Secret = "W0+m0Dc9GMN9yDVeq3GMDsJ49WasEhQHkNHNuDw3wNg="  
var BDSecret= Utilities.base64Decode(Secret)
var hmac = Utilities.base64Encode(Utilities.computeHmacSignature(Utilities.MacAlgorithm.HMAC_SHA_512, message, BDSecret ));
    Logger.log(hmac)

ew5KhLWSJixn8zw4s6VkpYIwvGBjrmjY3LhNWZr9CVEw6W22LOGg+lVzA3uQgOVyICSCffw2bzTepnBdoYtldw==

If I do not decode the API before hashing they return the same result. But for this particular purpose, the key needs to be decoded. The message variable is just my first name "Parit" in case someone wants to replicate.

1 answers

solution1
 2  2018-03-13 23:16:10

I thought that Utilities.computeHmacSignature() might not be able to use []byte for the value. So as a workaround, how about using jsSHA? I think that in your case, you can use https://github.com/Caligatio/jsSHA/blob/master/src/sha512.js .

The flow for using jsSHA is as follows.

Flow :

  1. Download sha512.js.
  2. On script editor, create new script as for example, the filename of sha512.js .
    • Copy and paste the script of sha512.js to the created script.
  3. Copy and paste the sample script to Code.gs of the script editor.
  4. Run myFunction() of the sample script.

Sample script : 

function myFunction() {
  var message = "Parit";
  var secret = "W0+m0Dc9GMN9yDVeq3GMDsJ49WasEhQHkNHNuDw3wNg=";
  var obj = new jsSHA("SHA-512", "TEXT");
  obj.setHMACKey(secret, "B64");
  obj.update(message);
  Logger.log(obj.getHMAC("B64"))
}

Note :

  • When I tested Parit for message , I got BfVNi21gY09c8M18cWBRBgo1W9pAlXM99ZVoF7Kz2ETFnIuvXjj8NRvRgn/GaT/m6YJ8efsr5s9EDbIhznAaag== .

It this was not useful for you, I'm sorry.

Update :

By the Google's update at June 19, 2018 , Utilities.computeHmacSignature() got to be able to use the byte arrays. By this, using only native Google Apps Scvript, the result can be retrieved without using jsSHA. So I would like to update my answer.

Modified script : 

function myFunction() {
  var message = "Parit";
  var secret = "W0+m0Dc9GMN9yDVeq3GMDsJ49WasEhQHkNHNuDw3wNg=";

  var value = Utilities.base64Decode(Utilities.base64Encode(message));
  var key = Utilities.base64Decode(secret);
  var out = Utilities.computeHmacSignature(Utilities.MacAlgorithm.HMAC_SHA_512, value, key);
  var res = Utilities.base64Encode(out)
  Logger.log(res)
}

Result : 

BfVNi21gY09c8M18cWBRBgo1W9pAlXM99ZVoF7Kz2ETFnIuvXjj8NRvRgn/GaT/m6YJ8efsr5s9EDbIhznAaag==

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question CryptoPP vs PHP Base64 Encoding/Decoding Google encoding issue base64 and PHP decode Detect base64 encoding in PHP? base64 encoding in javascript decoding in php Image to base64 encoding issue - PHP Base64 encoding in PHP not working for '&' and '#'? base64 encoding/decoding in php PHP Alter Base64 Encoding of image PHP base64 encoding custom alphabet Base64 image encoding vs. regular linking for emails?
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM