[removed] Equivalent of PHP's hash_hmac() with

2020-06-03 03:07发布

问题:

I am connecting to the Amazon Product Advertising API, and to sign my request I need to base64-encode the raw binary output of an HMAC-SHA256 hash.

In the PHP documentation for hash_hmac, the fourth parameter bool $raw_output controls whether the output is raw binary data (true) or lowercase hexits (false). My program works in PHP by simply setting that parameter to true.

However, I am now trying to port this over to Javascript. I tried using the CryptoJS.HmacSHA256() function, but it seems to be returning the lowercase hexits. How can I convert this to binary?

I have tried the following according to the CryptoJS documentation, but both outputs are identical:

var hash = CryptoJS.HmacSHA256("hello", "key");
console.log(hash.toString());
console.log(hash.toString(CryptoJS.enc.Base64));

回答1:

This is explained in their documentation. Try this:

var hash = CryptoJS.HmacSHA256("Message", "Secret Passphrase");

var base64 = hash.toString(CryptoJS.enc.Base64);

You need to include http://crypto-js.googlecode.com/svn/tags/3.0.2/build/components/enc-base64-min.js for this. If you didn't include this, CryptoJS.enc.Base64 will be undefined and fallback to the default.

Working demo: http://jsfiddle.net/ak5Qm/



回答2:

php code

echo base64_encode(hash_hmac('SHA1', 'shanghai', '0', true).'beijing');

php output

xvBv49PpaYvXAIfy3iOSDWNQj89iZWlqaW5n

node code

var crypto = require('crypto');
var buf1 = crypto.createHmac("sha1", "0").update("shanghai").digest();
var buf2 = Buffer.from('beijing');
console.log(Buffer.concat([buf1, buf2]).toString('base64'));    

node output

xvBv49PpaYvXAIfy3iOSDWNQj89iZWlqaW5n


回答3:

PHP:

base64_encode(hash_hmac('sha256', $value, $key, true));

Nodejs equivalent:

const crypto = require('crypto');
let token = crypto.createHmac("sha256", key).update(value).digest().toString('base64');


回答4:

You can also use this npm package to do the same in Javascript.

var jsSHA = require('jssha');

hmac_sha1(string, key){
    let shaObj = new jsSHA("SHA-1", "TEXT");
    shaObj.setHMACKey(key, "TEXT");
    shaObj.update(string);
    let hmac = shaObj.getHMAC("B64");
    return hmac;
};


回答5:

This worked for me :

var CryptoJS = require("crypto-js");
const raw_signature = hmacSHA1(baseString, signingKey);
const signature = raw_signature.toString(CryptoJS.enc.Base64);

It's giving the exact same result as, in PHP, :

$rawSignature = hash_hmac("sha1", $baseString, $signingKey, true);
$signature    = base64_encode($rawSignature);