我可以使用以下代码成功地通过nodejs创建HMAC:
(稍微更改的示例:)
Crypto.createHmac('sha256', Crypto.randomBytes(16))
.update('I love cupcakes')
.digest('hex');
That results in a value like the following (hex-based string Hmac signature):
fb2937ca821264812d511d68ae06a643915931375633173ba64af9425f2ffd53
How do I use that signature to verify that the data was not altered ? (当然,使用nodejs)。
我的假设
我假设有一个方法调用您提供数据和签名,并且您会得到一个布尔值,可以告诉您数据是否已更改 - 或类似的东西。
另一个解决方案?
哦,等等,当我写的时候,我开始思考...
我需要存储我生成的原始随机字节(crypto.randombytes(16))并将它们传递给接收器因此,他们只能再次生成HMAC并验证结果是否相同( fb2937ca821264812d511d68ae Aae06a64391593137563173173173173173173ba6429425f9425f2ff2ffd53 )?
如果那是真的,那是奇怪的,因为加密的参数(16)被命名为necret(在官方示例中)*。似乎需要保密吗?
请让我知道是否有一种方法可以验证接收方上的签名&我怎么做。
官方文档:有点困惑
这是官方文档中定义的功能:
crypto.createhmac(算法,键[,options])
在功能定义中,您可以看到第二个参数命名为 key 。
但是,在示例中,它们将其称为秘密
const secret = 'abcdefg';
const hash = crypto.createHmac('sha256', secret)
.update('I love cupcakes')
.digest('hex');
console.log(hash);
I can successfully create an Hmac via NodeJS using the following code:
(slightly altered example from : https://nodejs.org/api/crypto.html#cryptocreatehmacalgorithm-key-options)
Crypto.createHmac('sha256', Crypto.randomBytes(16))
.update('I love cupcakes')
.digest('hex');
That results in a value like the following (hex-based string Hmac signature):
fb2937ca821264812d511d68ae06a643915931375633173ba64af9425f2ffd53
How do I use that signature to verify that the data was not altered? (using NodeJS, of course).
My Assumption
I'm assuming there is a method call where you supply the data and the signature and you get a boolean that tells you if the data was altered or not -- or something similar.
Another Solution?
Oh, wait, as I was writing that I started thinking...
Do I need to store the original random bytes I generated (Crypto.randomBytes(16)) and pass them to the receiver so they can just generate the HMac again and verify that the result is the same (fb2937ca821264812d511d68ae06a643915931375633173ba64af9425f2ffd53)?
If that is true that would be odd, because the parameter for Crypto.randomBytes(16) is named secret (in the official example)*. Seems like that needs to be kept secret??
Please let me know if there is a way to verify the signature on the receiving side & how I do that.
Official Documentation : A Bit Confusing
Here's the function as it is defined in the official docs:
crypto.createHmac(algorithm, key[, options])
In the function definition, you can see the second param is named key.
However, in the example they refer to it as secret
const secret = 'abcdefg';
const hash = crypto.createHmac('sha256', secret)
.update('I love cupcakes')
.digest('hex');
console.log(hash);
发布评论
评论(1)
只需发布答案,如果将来有人会看到这一点,他们将能够得到确定的答案。
正如评论员(Topaco)指出的那样,简单的答案是:
想要验证HMAC的接收器只需要使用相同的
keyvalue&数据并将其应用于方法并检索哈希值。原始的HMAC创建方必须为验证方提供三件事:
data:(可以从AES256加密数据)键:原始密钥传递到<<代码> createHmac()方法 - 注释:此项目在nodejs(上)中的示例代码中称为秘密。hash:(clearText)Hash调用createHmac()方法时生成的hash。有了这三件事,验证方现在可以调用
createHmac()方法,并确定它们是否获得了匹配原始HMAC创建方生成的哈希。这样做证明了发送的数据尚未损坏或更改。
关于键(秘密)的其他注释
在考虑了HMAC之后,我回来了。
双方都必须知道钥匙(又称秘密),但 并不意味着应该将其暴露于他人。
必须将其保密(如《代码所暗示》),因为如果邪恶类型知道该值并可以更改它,那么他们也可以更改数据并生成新密钥(秘密)并将其传递给它,就像原始创建者将其发送给它沿着(MITM-中间攻击中的人)。
因此,这里的重点是,是的,双方都必须知道钥匙(秘密)价值,但是不应在邪恶类型发现的地方共享它。
相反,它必须同意或基于秘密密码等。
Just posting the answer so if anyone in future sees this they will be able to have the definitive answer.
As the commentor (Topaco) pointed out, the simple answer is that:
The receiver who want wants to validate the Hmac simply needs to use the same
keyvalue &dataand apply it to the method and retrieve the hash value.The original Hmac-creating party must provide three things for the verifying party:
data: (could be encrypted data from AES256, for example)key: original key passed into thecreateHmac()method -- note: this item is calledsecretin the sample code by NodeJS (above).hash:the (clearText) hash which the original creator generated when calling thecreateHmac()method.With those three things the verifying party can now call the
createHmac()method and determine if the hash they get matches the hash that the original hmac-creating party generated.Doing this validates that the Data which was sent has not been corrupted or altered.
Additional Note On Key (secret)
I've come back after thinking about the Hmac a bit more.
It is required that both parties know the key (aka secret) but it does not mean that it should be exposed to others.
This must be kept secret (as the code implies) because if a nefarious type knew the value and could alter it, then they could also alter the data and generate a new key (secret) and pass it along as if the original creator sent it along (MITM - man in the middle attack).
So, the point here is that yes, both parties have to know the key (secret) value, but it should not be shared where it might be discovered by nefarious types.
Instead, it will have to be agreed upon or based upon a secret password, etc.