如何在android中生成HMAC-SHA1签名？

发布于 2024-11-07 20:05:34 字数 1820 浏览 0 评论 0原文

这是我的基本字符串：

        String args ="oauth_consumer_key="+enc(consumerkey) +
                   "&oauth_nonce="+enc(generateNonce()) +
                   "&oauth_signature_method=HMAC-SHA1" +
                   "&oauth_timestamp="+ timestamp +
                   "&oauth_token="+enc(Home.consToken) +
                   "&oauth_verifier="+verifier+"&oauth_version=1.0";
                    String base ="POST&"+enc("https://api.linkedin.com/uas/oauth   /accessToken") +"&"+ enc(args);

       String signature =computeHmac(base,consumer_secret+"&"+secretToken);

这是我的标头：

        String header = "OAuth " +
       "oauth_consumer_key=\""+ enc(consumerkey)+ "\"," +
       "oauth_nonce=\""+ enc(generateNonce()) + "\"," +
       "oauth_signature_method=\"HMAC-SHA1\"," +
       "oauth_timestamp=\""+ timestamp + "\"," +
       "oauth_token=\""+Home.consToken + "\"," +
       "oauth_signature=\""+enc(signature)+"\","+
       "oauth_verifier=\""+verifier +"\","+ 
       "oauth_version=\""+1.0+"\"" ;

我正在使用以下方法生成签名：

public String computeHmac(String baseString, String key)
    throws NoSuchAlgorithmException, InvalidKeyException, IllegalStateException,  UnsupportedEncodingException
{
    Mac mac = Mac.getInstance("HmacSHA1");
    SecretKeySpec secret = new SecretKeySpec(key.getBytes(), mac.getAlgorithm());
    mac.init(secret);
    byte[] digest = mac.doFinal(baseString.getBytes());
    byte[] result=Base64.encodeBase64(digest);
    return new String(result);
}

在执行此代码时，我收到以下错误...

oauth_problem=signature_invalid&    
oauth_problem_advice=com.linkedin.security.auth.pub.LoginDeniedInvalidAuthTokenException

任何人都可以帮我解决这个问题吗？

谢谢...

原文

This is my base String:

        String args ="oauth_consumer_key="+enc(consumerkey) +
                   "&oauth_nonce="+enc(generateNonce()) +
                   "&oauth_signature_method=HMAC-SHA1" +
                   "&oauth_timestamp="+ timestamp +
                   "&oauth_token="+enc(Home.consToken) +
                   "&oauth_verifier="+verifier+"&oauth_version=1.0";
                    String base ="POST&"+enc("https://api.linkedin.com/uas/oauth   /accessToken") +"&"+ enc(args);

       String signature =computeHmac(base,consumer_secret+"&"+secretToken);

This is my Header:

        String header = "OAuth " +
       "oauth_consumer_key=\""+ enc(consumerkey)+ "\"," +
       "oauth_nonce=\""+ enc(generateNonce()) + "\"," +
       "oauth_signature_method=\"HMAC-SHA1\"," +
       "oauth_timestamp=\""+ timestamp + "\"," +
       "oauth_token=\""+Home.consToken + "\"," +
       "oauth_signature=\""+enc(signature)+"\","+
       "oauth_verifier=\""+verifier +"\","+ 
       "oauth_version=\""+1.0+"\"" ;

I am using following method to generate Signature:

public String computeHmac(String baseString, String key)
    throws NoSuchAlgorithmException, InvalidKeyException, IllegalStateException,  UnsupportedEncodingException
{
    Mac mac = Mac.getInstance("HmacSHA1");
    SecretKeySpec secret = new SecretKeySpec(key.getBytes(), mac.getAlgorithm());
    mac.init(secret);
    byte[] digest = mac.doFinal(baseString.getBytes());
    byte[] result=Base64.encodeBase64(digest);
    return new String(result);
}

while executing this code i am getting the following error...

oauth_problem=signature_invalid&    
oauth_problem_advice=com.linkedin.security.auth.pub.LoginDeniedInvalidAuthTokenException

can anybody help me out this?

Thanks...

分享到QQ

分享到微博

如果你对这篇内容有疑问，欢迎到本站社区发帖提问参与讨论，获取更多帮助，或者扫码二维码加入 Web 技术交流群。

发布评论

需要登录才能够评论，你可以免费注册一个本站的账号。

咆哮 2024-11-14 20:05:34

Femi 的答案是绝对正确的，但是，我并不清楚 intval(b) 到底是什么。据我了解，这是 b & 0xFF。

我还应用了一些优化（我发现这里）这是我的代码：

private static String hmacSha1(String value, String key)
        throws UnsupportedEncodingException, NoSuchAlgorithmException,
        InvalidKeyException {
    String type = "HmacSHA1";
    SecretKeySpec secret = new SecretKeySpec(key.getBytes(), type);
    Mac mac = Mac.getInstance(type);
    mac.init(secret);
    byte[] bytes = mac.doFinal(value.getBytes());
    return bytesToHex(bytes);
}

private final static char[] hexArray = "0123456789abcdef".toCharArray();

private static String bytesToHex(byte[] bytes) {
    char[] hexChars = new char[bytes.length * 2];
    int v;
    for (int j = 0; j < bytes.length; j++) {
        v = bytes[j] & 0xFF;
        hexChars[j * 2] = hexArray[v >>> 4];
        hexChars[j * 2 + 1] = hexArray[v & 0x0F];
    }
    return new String(hexChars);
}

Femi's answer is absolutely correct, however, it wasn't obvious for me what exactly is intval(b). As i understood it's b & 0xFF.

Also I applied some optimizations (that I found here) and here is my code:

private static String hmacSha1(String value, String key)
        throws UnsupportedEncodingException, NoSuchAlgorithmException,
        InvalidKeyException {
    String type = "HmacSHA1";
    SecretKeySpec secret = new SecretKeySpec(key.getBytes(), type);
    Mac mac = Mac.getInstance(type);
    mac.init(secret);
    byte[] bytes = mac.doFinal(value.getBytes());
    return bytesToHex(bytes);
}

private final static char[] hexArray = "0123456789abcdef".toCharArray();

private static String bytesToHex(byte[] bytes) {
    char[] hexChars = new char[bytes.length * 2];
    int v;
    for (int j = 0; j < bytes.length; j++) {
        v = bytes[j] & 0xFF;
        hexChars[j * 2] = hexArray[v >>> 4];
        hexChars[j * 2 + 1] = hexArray[v & 0x0F];
    }
    return new String(hexChars);
}

回复收藏 0 原文

大海や 2024-11-14 20:05:34

凌乱，但我正在使用这个：

static String hash_hmac(String type, String value, String key)
    {
    try {
        javax.crypto.Mac mac = javax.crypto.Mac.getInstance(type);
        javax.crypto.spec.SecretKeySpec secret = new javax.crypto.spec.SecretKeySpec(key.getBytes(), type);
        mac.init(secret);
        byte[] digest = mac.doFinal(value.getBytes());
        StringBuilder sb = new StringBuilder(digest.length*2);
        String s;
        for (byte b : digest){
        s = Integer.toHexString(intval(b));
        if(s.length() == 1) sb.append('0');
        sb.append(s);
        }
        return sb.toString();
    } catch (Exception e) {
        android.util.Log.v("TAG","Exception ["+e.getMessage()+"]", e);
    }
        return "";
    }

然后你像这样调用它：

hash_hmac("HmacSHA1", value, key);

Messy, but I'm using this:

static String hash_hmac(String type, String value, String key)
    {
    try {
        javax.crypto.Mac mac = javax.crypto.Mac.getInstance(type);
        javax.crypto.spec.SecretKeySpec secret = new javax.crypto.spec.SecretKeySpec(key.getBytes(), type);
        mac.init(secret);
        byte[] digest = mac.doFinal(value.getBytes());
        StringBuilder sb = new StringBuilder(digest.length*2);
        String s;
        for (byte b : digest){
        s = Integer.toHexString(intval(b));
        if(s.length() == 1) sb.append('0');
        sb.append(s);
        }
        return sb.toString();
    } catch (Exception e) {
        android.util.Log.v("TAG","Exception ["+e.getMessage()+"]", e);
    }
        return "";
    }

You then invoke it like this: