问题
This php code decodes the secret key before hashing with SHA 512
$API_SECRET_KEY="W0+m0Dc9GMN9yDVeq3GMDsJ49WasEhQHkNHNuDw3wNg=";
$BDAPI_SECRET_KEY=base64_decode($API_SECRET_KEY);
$HMAC_SIGN = base64_encode(hash_hmac('sha512',$MESSAGE,$BDAPI_SECRET_KEY,true));
echo $HMAC_SIGN;
BfVNi21gY09c8M18cWBRBgo1W9pAlXM99ZVoF7Kz2ETFnIuvXjj8NRvRgn/GaT/m6YJ8efsr5s9EDbIhznAaag==
I want to replicate this in google app script
var Secret = "W0+m0Dc9GMN9yDVeq3GMDsJ49WasEhQHkNHNuDw3wNg="
var BDSecret= Utilities.base64Decode(Secret)
var hmac = Utilities.base64Encode(Utilities.computeHmacSignature(Utilities.MacAlgorithm.HMAC_SHA_512, message, BDSecret ));
Logger.log(hmac)
ew5KhLWSJixn8zw4s6VkpYIwvGBjrmjY3LhNWZr9CVEw6W22LOGg+lVzA3uQgOVyICSCffw2bzTepnBdoYtldw==
If I do not decode the API before hashing they return the same result. But for this particular purpose, the key needs to be decoded. The message variable is just my first name "Parit" in case someone wants to replicate.
回答1:
I thought that Utilities.computeHmacSignature() might not be able to use []byte for the value. So as a workaround, how about using jsSHA? I think that in your case, you can use https://github.com/Caligatio/jsSHA/blob/master/src/sha512.js.
The flow for using jsSHA is as follows.
Flow :
- Download sha512.js.
- On script editor, create new script as for example, the filename of
sha512.js.- Copy and paste the script of sha512.js to the created script.
- Copy and paste the sample script to
Code.gsof the script editor. - Run
myFunction()of the sample script.
Sample script :
function myFunction() {
var message = "Parit";
var secret = "W0+m0Dc9GMN9yDVeq3GMDsJ49WasEhQHkNHNuDw3wNg=";
var obj = new jsSHA("SHA-512", "TEXT");
obj.setHMACKey(secret, "B64");
obj.update(message);
Logger.log(obj.getHMAC("B64"))
}
Note :
- When I tested
Paritformessage, I gotBfVNi21gY09c8M18cWBRBgo1W9pAlXM99ZVoF7Kz2ETFnIuvXjj8NRvRgn/GaT/m6YJ8efsr5s9EDbIhznAaag==.
It this was not useful for you, I'm sorry.
Update :
By the Google's update at June 19, 2018, Utilities.computeHmacSignature() got to be able to use the byte arrays. By this, using only native Google Apps Scvript, the result can be retrieved without using jsSHA. So I would like to update my answer.
Modified script :
function myFunction() {
var message = "Parit";
var secret = "W0+m0Dc9GMN9yDVeq3GMDsJ49WasEhQHkNHNuDw3wNg=";
var value = Utilities.base64Decode(Utilities.base64Encode(message));
var key = Utilities.base64Decode(secret);
var out = Utilities.computeHmacSignature(Utilities.MacAlgorithm.HMAC_SHA_512, value, key);
var res = Utilities.base64Encode(out)
Logger.log(res)
}
Result :
BfVNi21gY09c8M18cWBRBgo1W9pAlXM99ZVoF7Kz2ETFnIuvXjj8NRvRgn/GaT/m6YJ8efsr5s9EDbIhznAaag==
来源:https://stackoverflow.com/questions/49251949/google-app-script-vs-php-in-encoding-base64