jsSha HMAC与加密不匹配-OTP算法

时间:2018-10-23 16:43:36

标签: javascript node.js cryptojs

这2个代码未返回相同的代码。抱歉,我不是这两个图书馆的专家。

const jsSHA = require("jssha");

const time = "00000000030f7141"
const key = "101010"
var shaObj = new jsSHA("SHA-1", "HEX");
shaObj.setHMACKey(key, "HEX");
shaObj.update(time);
const hmac = shaObj.getHMAC("HEX");
console.log(hmac) 
// returns '536d6eed86796085f8ec2ead742c52fd73995f27'
---------------
const crypto = require('crypto')

const time = "00000000030f7141"
const key = "101010"
crypto.createHmac('sha1', new Buffer(key, 
'HEX')).update(time).digest('HEX')
// returns '8a3df92d2a68b32b2b571a1b71bfea03556e0df4'

我的观点是避免使用外部库将OTP与Google Authenticator一起使用。 最好,

1 个答案:

答案 0 :(得分:0)

您的nodejs update()没什么不同。您还需要在此处使用十六进制。

附带示例代码

const jsSHA = require("jssha");

const time = "00000000030f7141"
const key = "101010"
var shaObj = new jsSHA("SHA-1", "HEX");
shaObj.setHMACKey(key, "HEX");
shaObj.update(time);
const hmac = shaObj.getHMAC("HEX");
console.log(hmac) 
// returns '536d6eed86796085f8ec2ead742c52fd73995f27'
const crypto = require('crypto')

let out = crypto.createHmac('sha1', new Buffer(key, 'hex')).update(new Buffer(time,'hex')).digest('hex')
// returns '536d6eed86796085f8ec2ead742c52fd73995f27'
console.log(out)