Base64 中的 SHA1 和十六进制输出中的 HMAC 问题 ios iphone
我很享受在 iPhone Applecation 中实现 SHA1 和 HMAC 方法的过程。我需要访问 Web 服务(我无法控制),并且它们需要 SHA1 和 HMAC 加密。
对于 Base64 中的 SHA1,我使用以下方法。
-(NSString*)sha1ith64Base:(NSString *)stringtoencode
{
unsigned char result[CC_SHA1_DIGEST_LENGTH];
const char *cStr = [stringtoencode UTF8String];
CC_SHA1(cStr, strlen(cStr), result);
NSData *pwHashData = [[NSData alloc] initWithBytes:result length: sizeof result];
NSString *base64 = [Base64 encode:pwHashData];
NSLog(@"SHA1 in base64 %@",base64);
return base64;
}
对于我的 HMAC,我使用以下方法:
- (NSString *) encodeWithHmacsha1:(NSString *)k0:(NSString*)m0
{
const char *cKey = [k0 cStringUsingEncoding:NSASCIIStringEncoding];
const char *cData = [m0 cStringUsingEncoding:NSASCIIStringEncoding];
unsigned char cHMAC[CC_SHA1_DIGEST_LENGTH];
CCHmac(kCCHmacAlgSHA1, cKey, strlen(cKey), cData, strlen(cData), cHMAC);
NSString *s = [NSString stringWithFormat:
@"%02X%02X%02X%02X%02X%02X%02X%02X%02X%02X%02X%02X%02X%02X%02X%02X%02X%02X%02X%02X",
cHMAC[0], cHMAC[1], cHMAC[2], cHMAC[3], cHMAC[4],
cHMAC[5], cHMAC[6], cHMAC[7],
cHMAC[8], cHMAC[9], cHMAC[10], cHMAC[11], cHMAC[12],
cHMAC[13], cHMAC[14], cHMAC[15],
cHMAC[16], cHMAC[17], cHMAC[18], cHMAC[19]
];
NSLog(@"HMAC in hex %@",s);
return s;
}
但我实际上的问题是,有什么方法可以在本地测试这些方法,而不是通过 Web 服务 - 这样我就可以排除来自 wbservice 的错误。
问候
已解决: 为了测试我的实现,我使用以下方法 - 希望有一天这可以帮助某人。
-(void)testEncryptions
{
NSString *key = @"Jefe";
NSString *data = @"what do ya want for nothing?";
NSString *digestAnswerHMAC =@"effcdf6ae5eb2fa2d27416d5f184df9c259a7c79";
NSString *digestAnswerSHA1HEX =@"cb5551f403fac5fd3d6d1b6329993c3848c468ce";
NSString *disgest64base=@"SmVmZQ==";
NSData *stringBytes = [key dataUsingEncoding: NSUTF8StringEncoding];
NSString *hash = [Base64 encode:stringBytes];
//////
NSLog(@"testing encryptions");
NSLog(@"testing HMAC encryptions is :%@ should be :%@",[self encodeWithHmacsha1:key :data],digestAnswerHMAC);
NSLog(@"testing SHA1 in HEX encryption is :%@ should be :%@",[self sha1:key],digestAnswerSHA1HEX);
NSLog(@"testing base64 is :%@ should be :%@",hash,disgest64base);
NSLog(@"testing sha1 in 64 1234 is %@ and should be cRDtpNCeBiql5KOQsKVyrA0sAiA=",[self sha1ith64Base:@"1234"]);
}
Iam having a fun time with implementing SHA1 and HMAC methods in a iPhone Applecation. I need to access a webservice(which i do not controll) and they require both SHA1 and HMAC encryption.
For my SHA1 in base64 I use the following approach.
-(NSString*)sha1ith64Base:(NSString *)stringtoencode
{
unsigned char result[CC_SHA1_DIGEST_LENGTH];
const char *cStr = [stringtoencode UTF8String];
CC_SHA1(cStr, strlen(cStr), result);
NSData *pwHashData = [[NSData alloc] initWithBytes:result length: sizeof result];
NSString *base64 = [Base64 encode:pwHashData];
NSLog(@"SHA1 in base64 %@",base64);
return base64;
}
For my HMAC I am using the following approach:
- (NSString *) encodeWithHmacsha1:(NSString *)k0:(NSString*)m0
{
const char *cKey = [k0 cStringUsingEncoding:NSASCIIStringEncoding];
const char *cData = [m0 cStringUsingEncoding:NSASCIIStringEncoding];
unsigned char cHMAC[CC_SHA1_DIGEST_LENGTH];
CCHmac(kCCHmacAlgSHA1, cKey, strlen(cKey), cData, strlen(cData), cHMAC);
NSString *s = [NSString stringWithFormat:
@"%02X%02X%02X%02X%02X%02X%02X%02X%02X%02X%02X%02X%02X%02X%02X%02X%02X%02X%02X%02X",
cHMAC[0], cHMAC[1], cHMAC[2], cHMAC[3], cHMAC[4],
cHMAC[5], cHMAC[6], cHMAC[7],
cHMAC[8], cHMAC[9], cHMAC[10], cHMAC[11], cHMAC[12],
cHMAC[13], cHMAC[14], cHMAC[15],
cHMAC[16], cHMAC[17], cHMAC[18], cHMAC[19]
];
NSLog(@"HMAC in hex %@",s);
return s;
}
But my actually question is there any way I can test these methods locally and not up gainst the webservice - so I can rule out errors from the wbservice.
regards
SOLVED:
for testing my implementations I use the following method - hopes this can help someone, one day.
-(void)testEncryptions
{
NSString *key = @"Jefe";
NSString *data = @"what do ya want for nothing?";
NSString *digestAnswerHMAC =@"effcdf6ae5eb2fa2d27416d5f184df9c259a7c79";
NSString *digestAnswerSHA1HEX =@"cb5551f403fac5fd3d6d1b6329993c3848c468ce";
NSString *disgest64base=@"SmVmZQ==";
NSData *stringBytes = [key dataUsingEncoding: NSUTF8StringEncoding];
NSString *hash = [Base64 encode:stringBytes];
//////
NSLog(@"testing encryptions");
NSLog(@"testing HMAC encryptions is :%@ should be :%@",[self encodeWithHmacsha1:key :data],digestAnswerHMAC);
NSLog(@"testing SHA1 in HEX encryption is :%@ should be :%@",[self sha1:key],digestAnswerSHA1HEX);
NSLog(@"testing base64 is :%@ should be :%@",hash,disgest64base);
NSLog(@"testing sha1 in 64 1234 is %@ and should be cRDtpNCeBiql5KOQsKVyrA0sAiA=",[self sha1ith64Base:@"1234"]);
}
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
为了测试您的密钥哈希方法,您需要建立一组已知的测试数据。这样您就可以知道基于某些匹配输入的预期输出是什么。您可以从 RFC2202 获得许多不同的标准测试数据,
因此测试您的实现将是通过比较这些众所周知的数据集的一些单元测试可以轻松处理。
如果您想测试您是否确实将查询编码到 Web 服务并正确处理响应,您可以查看某种存根或模拟测试。同样,您将需要建立一组已知的输入数据和预期输出。
一旦你有了这个参考测试集,你就可以实现一个自定义的 NSURLProtocol ,它将充当真正的 Web 服务,但为你提供“参考”响应。我的博客上对此主题有详细描述:
In order to test your key hashing methods you will need to establish a known set of test data. That way you know what the expected output will be based on some matching input. You can get a lot of different standard test data from RFC2202
Testing your implementations would therefore be easily handled by a few unit tests which compares these well-known data sets.
If you want to test that you are actually encoding the query to the webservice and handling the response correctly you could look into some kind of stub or mock testing. Again you will need to establish a known set of input data and expected output.
Once you have this reference test set you can implement a custom NSURLProtocol which will act as the real webservice but instead provide you with the "reference" response. I have a detailed description of this topic on my blog: