HMACSHA256.ComputeHash - 意外结果

时间:2017-10-17 18:06:51

标签: .net hmac

我正在尝试使用以下供应商文档作为参考指南在VB.NET中生成签名:

https://shuttle.support.signiant.com/customer/en/portal/articles/2807676-media-shuttle-metadata-developer-s-guide#AppendixA

他们还提供了此示例JS代码:

https://github.com/Signiant/mediashuttle-metadata-webtask/blob/master/form.js

我第二次做HMACSHA256.ComputeHash时遇到了正确的结果。我认为它与我生成'stringToSign'的方式有关,但我现在已经没有想法了。任何帮助将不胜感激!

Public Shared Function GenerateSignature() As String
    Dim encoding = New System.Text.UTF8Encoding()
    ' ALSO TRIED
    'Dim encoding = New System.Text.ASCIIEncoding()
    'Dim encoding = New System.Text.UnicodeEncoding()

    ' TEST PARAMS
    Dim registrationKey = "2e751ce9-5684-4925-9cc3-0665802ebc55"
    Dim requestTimestamp = "2015-01-20T01:07:18.763Z"
    Dim stringToSign = "2015-01-20T01:07:18.763Z\nhttps://submit-portal.mediashuttle.com/metadata/v3.0/portal/submit-portal/package/4eMv\nX-Sig-Algorithm%3dSIG1-HMAC-SHA256&X-Sig-Date%3d2015-01-20T01%3a07%3a18.763Z\ne3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855"
    'ALSO TRIED:
    'Dim stringToSign As String = requestTimestamp + "\r\n" + requestUrl + "\r\n" + canonicalQueryString + "\r\n" + requestBodyHash
    'Dim stringToSign As String = requestTimestamp + Environment.NewLine + requestUrl + Environment.NewLine + canonicalQueryString + Environment.NewLine + requestBodyHash

    ' Generate the signing key
    Dim signingKey As Byte()
    Using HMACSHA256 As New System.Security.Cryptography.HMACSHA256(encoding.GetBytes(registrationKey))
        signingKey = HMACSHA256.ComputeHash(encoding.GetBytes(requestTimestamp))
    End Using
    Dim signingKeyString = Replace(BitConverter.ToString(signingKey), "-", "").ToLower()
    Console.Write("signingKeyString: '" + signingKeyString + "'" + Environment.NewLine + Environment.NewLine)

    ' RESULT OK: 'ebf870730d4d914fd8c24761433524171e948cd851830e785343b5f9d0d0f56a'

    ' Generate request signature
    Dim signature As Byte()
    Using HMACSHA256 As New System.Security.Cryptography.HMACSHA256(signingKey)
        signature = HMACSHA256.ComputeHash(encoding.GetBytes(stringToSign))
    End Using
    Dim signatureString = Replace(BitConverter.ToString(signature), "-", "").ToLower()
    Console.Write("signatureString: '" + signatureString + "'" + Environment.NewLine + Environment.NewLine)

    ' RESULT BAD: '5f0b42c5cebf1158d9154586522489884fb642b6e7cc544aff8fa79e4f2c5a57'
    ' According to reference doc, should be: '139319aec19208168aaea515d0110b75d36c73de852c3265fc9758834d1b78ec'

    Return signatureString
End Function

1 个答案:

答案 0 :(得分:0)

原来问题涉及多个问题:

  1. 新线分离器必须是ChrW(10)。谢谢Hans Passant!
  2. Url编码stringToSign中的原始组件需要使用大写字符。
  3. 编码必须是UTF8。
  4. 我的工作职能:

    Imports Rework '3rd Party Library: https://www.nuget.org/packages/Rework/
    Imports System.Web
    Imports System.Text
    Imports System.Text.RegularExpressions
    
    Public Class Signiant
    Public Shared Function GenerateSignedUrl(requestUrl, requestBody, registrationKey) As String
        Dim requestTimestamp = DateTime.UtcNow.ToString("o")
    
        ' TEMP TEST PARAMS
        requestUrl = "https://submit-portal.mediashuttle.com/metadata/v3.0/portal/submit-portal/package/4eMv"
        requestBody = ""
        registrationKey = "2e751ce9-5684-4925-9cc3-0665802ebc55"
        requestTimestamp = "2015-01-20T01:07:18.763Z"
    
        ' Generate canonical query String
        Dim algorithmParam = "X-Sig-Algorithm=SIG1-HMAC-SHA256"
        Dim dateParam = "X-Sig-Date=" + requestTimestamp
        Dim canonicalQueryString = HttpUtility.UrlEncode(algorithmParam) + "&" + HttpUtility.UrlEncode(dateParam)
        canonicalQueryString = Regex.Replace(canonicalQueryString, "(%[0-9a-f][0-9a-f])", Function(c) c.Value.ToUpper())
    
        ' Generate the string to sign
        Dim requestBodyHash = Crypto.ToSHA(requestBody, Crypto.SHA_Type.SHA256).ToLower()
        Dim stringToSign As String = requestTimestamp + ChrW(10) + requestUrl + ChrW(10) + canonicalQueryString + ChrW(10) + requestBodyHash
    
        ' Generate the signing key
        Dim signingKey As Byte()
        Using HMACSHA256 As New System.Security.Cryptography.HMACSHA256(Encoding.UTF8.GetBytes(registrationKey))
            signingKey = HMACSHA256.ComputeHash(Encoding.UTF8.GetBytes(requestTimestamp))
        End Using
    
        ' Generate request signature
        Dim signature As Byte()
        Using HMACSHA256 As New System.Security.Cryptography.HMACSHA256(signingKey)
            signature = HMACSHA256.ComputeHash(Encoding.UTF8.GetBytes(stringToSign))
        End Using
        Dim signatureHex = Replace(BitConverter.ToString(signature), "-", "").ToLower()
    
        ' Generate the signed URL
        Dim signatureParam = "X-Sig-Signature=" + signatureHex
        Dim signedUrl = requestUrl + "?" + algorithmParam + "&" + dateParam + "&" + signatureParam
    
        Return signedUrl
    End Function
    End Class