Question

我尝试设置应用以使用我的网址进行签名，以便他们进行身份验证，但我似乎无法弄清楚如何复制我在下一页中尝试的代码： https://help.sendowl.com/help/signed-urls#example

order_id=12345&buyer_name=Test+Man&buyer_email=test%40test.com&product_id=123&signature=QpIEZjEmEMZV%2FHYtinoOj5bqAFw%3D

buyer_email=test@test.com&buyer_name=Test Man&order_id=12345&product_id=123

buyer_email=test@test.com&buyer_name=Test Man&order_id=12345&product_id=123&secret=t0ps3cr3t

publicStr&t0ps3cr3t

这是步骤：

首先订购参数（删除签名）和unescape 它们：
接下来添加您的签名密码：
生成用于签名的密钥：
使用Base 64编码执行HMAC-SHA1摘要： QpIEZjEmEMZV / HYtinoOj5bqAFw =

以下是我尝试但最终没有得到相同的结果：

$signKey = "t0ps3cr3t";
$signData = "buyer_email=test@test.com&buyer_name=Test Man&order_id=12345&product_id=123&secret=t0ps3cr3t";

$passData = hash_hmac("sha1", $signData, base64_decode(strtr($signKey)), true);
$passData = base64_encode($passData);

echo $passData;

我不断获得x8NXmAmkNBPYCXwtj65mdVJ8lPc=

Answer 1

我能够用以下内容进行复制：带我一点点弄清楚这么简单的事情......直接编写了11个小时。

感谢。

$data = "buyer_email=test@test.com&buyer_name=Test Man&order_id=12345&product_id=123&secret=t0ps3cr3t";
$key = "publicStr&t0ps3cr3t";

$pass1 = hash_hmac('sha1', $data, $key, true);
$pass = base64_encode($pass1);

echo $pass;

$pass will return "QpIEZjEmEMZV/HYtinoOj5bqAFw=", the correct value.

Answer 2

$current_timestamp = Carbon::now()->timestamp;
    $signstring = "z001-line-anime-gif." . $current_timestamp . ".aaaabbbbccccdddd";
    $secret = 'STG-7f*(:hsM-1_eQ_ZD175QgEoJhI$:oR.zEQ<z';

    $sig = hash_hmac('sha1', $signstring, $secret);

    $signature = hex2bin($sig);

    $signature = base64_encode($signature);
    return $signature;

如何使用Base64 Encode执行HMAC-SHA1？

2 个答案: