java equivalent to php's hmac-SHA1
I'm looking for a java equivalent to this php call:
hash_hmac('sha1', "test", "secret")
I tried this, using java.crypto.Mac, but the two do not agree:
String mykey = "secret";
String test = "test";
try {
Mac mac = Mac.getInstance("HmacSHA1");
SecretKeySpec secret = new SecretKeySpec(mykey.getBytes(),"HmacSHA1");
mac.init(secret);
byte[] digest = mac.doFinal(test.get开发者_Python百科Bytes());
String enc = new String(digest);
System.out.println(enc);
} catch (Exception e) {
System.out.println(e.getMessage());
}
The outputs with key = "secret" and test = "test" do not seem to match.
In fact they do agree.
As Hans Doggen already noted PHP outputs the message digest using hexadecimal notation unless you set the raw output parameter to true.
If you want to use the same notation in Java you can use something like
for (byte b : digest) {
System.out.format("%02x", b);
}
System.out.println();
to format the output accordingly.
You can try this in Java:
private static String computeSignature(String baseString, String keyString) throws GeneralSecurityException, UnsupportedEncodingException {
SecretKey secretKey = null;
byte[] keyBytes = keyString.getBytes();
secretKey = new SecretKeySpec(keyBytes, "HmacSHA1");
Mac mac = Mac.getInstance("HmacSHA1");
mac.init(secretKey);
byte[] text = baseString.getBytes();
return new String(Base64.encodeBase64(mac.doFinal(text))).trim();
}
This is my implementation :
String hmac = "";
Mac mac = Mac.getInstance("HmacSHA1");
SecretKeySpec secret = new SecretKeySpec(llave.getBytes(), "HmacSHA1");
mac.init(secret);
byte[] digest = mac.doFinal(cadena.getBytes());
BigInteger hash = new BigInteger(1, digest);
hmac = hash.toString(16);
if (hmac.length() % 2 != 0) {
hmac = "0" + hmac;
}
return hmac;
Seems to me that PHP uses HEX notation for the bytes that Java produces (1a = 26) - but I didn't check the whole expression.
What happens if you run the byte array through the method on this page?
My implementation for HmacMD5 - just change algorithm to HmacSHA1:
SecretKeySpec keySpec = new SecretKeySpec("secretkey".getBytes(), "HmacMD5");
Mac mac = Mac.getInstance("HmacMD5");
mac.init(keySpec);
byte[] hashBytes = mac.doFinal("text2crypt".getBytes());
return Hex.encodeHexString(hashBytes);
This way I could get the exact same string as I was getting with hash_hmac in php
String result;
try {
String data = "mydata";
String key = "myKey";
// Get an hmac_sha1 key from the raw key bytes
byte[] keyBytes = key.getBytes();
SecretKeySpec signingKey = new SecretKeySpec(keyBytes, "HmacSHA1");
// Get an hmac_sha1 Mac instance and initialize with the signing key
Mac mac = Mac.getInstance("HmacSHA1");
mac.init(signingKey);
// Compute the hmac on input data bytes
byte[] rawHmac = mac.doFinal(data.getBytes());
// Convert raw bytes to Hex
byte[] hexBytes = new Hex().encode(rawHmac);
// Covert array of Hex bytes to a String
result = new String(hexBytes, "ISO-8859-1");
out.println("MAC : " + result);
}
catch (Exception e) {
}
Haven't tested it, but try this:
BigInteger hash = new BigInteger(1, digest);
String enc = hash.toString(16);
if ((enc.length() % 2) != 0) {
enc = "0" + enc;
}
This is snapshot from my method that makes java's md5 and sha1 match php.
精彩评论