Geek Answers Handbook

HMAC SHA1 ColdFusion

Please, help! I am pulling my hair over it. :)

I have a site that I need for HMAC SHA1 authentication. It currently works with a different language, but now I need to move it to ColdFusion. For life, I can't get the strings to fit. Any help would be greatly appreciated.

Data: https%3A%2F%2Fwww%2Etestwebsite%2Ecom%3Fid%3D5447
Key: 265D5C01D1B4C8FA28DC55C113B4D21005BB2B348859F674977B24E0F37C81B05FAE85FB75EA9CF53ABB9A174C59D98C7A61E2985026D2AA70AE4452A6E3F2F9

Correct answer: WJd%2BKxmFxGWdbw4xQJZXd3%2FHkFQ%3d
My answer: knIVr6wIt6%2Fl7mBJPTTbwQoTIb8%3d

Both are Base64 encoded and then URL encoded.

+5
coldfusion hmac sha1
source share
3 answers

Doing the thing itself HMAC-SHA1. It’s best to say that I found this old function. Worked great on what I'm doing so far. I forgot where I found it, although I can’t find the author.

For your base 64 ... run this function on your encryption, and then just type cfset newString = toBase64 (oldString) on ​​what is returned.

 <cffunction name="hmacEncrypt" returntype="binary" access="public" output="false"> <cfargument name="signKey" type="string" required="true" /> <cfargument name="signMessage" type="string" required="true" /> <cfargument name="algorithm" type="string" default="HmacSHA1" /> <cfargument name="charset" type="string" default="UTF-8" /> <cfset var msgBytes = charsetDecode(arguments.signMessage, arguments.charset) /> <cfset var keyBytes = charsetDecode(arguments.signKey, arguments.charset) /> <cfset var keySpec = createObject("java","javax.crypto.spec.SecretKeySpec") /> <cfset var mac = createObject("java","javax.crypto.Mac") /> <cfset key = keySpec.init(keyBytes, arguments.algorithm) /> <cfset mac = mac.getInstance(arguments.algorithm) /> <cfset mac.init(key) /> <cfset mac.update(msgBytes) /> <cfreturn mac.doFinal() /> </cffunction>
+9
source share

A shorter encryption method (based on the Barney method ) that outputs a string:

 <cffunction name="CFHMAC" output="false" returntype="string"> <cfargument name="signMsg" type="string" required="true" /> <cfargument name="signKey" type="string" required="true" /> <cfargument name="encoding" type="string" default="utf-8" /> <cfset var key = createObject("java", "javax.crypto.spec.SecretKeySpec").init(signKey.getBytes(arguments.encoding), "HmacSHA1") /> <cfset var mac = createObject("java", "javax.crypto.Mac").getInstance("HmacSHA1") /> <cfset mac.init(key) /> <cfreturn toBase64(mac.doFinal(signMsg.getBytes(arguments.encoding))) /> </cffunction>

Besides,

+4
source share

Steve - Thanks for your reply. I have already used the hmacEncrypt function. However, I found out my problem. I switched to a HEX key instead of a string. He accepted the key, because technically it was a string. To return it to a string, I used another function along with the one above. The following is the value of HEX per line. I did not write the function below and I don’t remember where it came from in order to get the author’s credit, but it did a great job.

 <cffunction name="Hex2Bin" returntype="any" hint="Converts a Hex string to binary"> <cfargument name="inputString" type="string" required="true" hint="The hexadecimal string to be written."> <cfset var outStream = CreateObject("java", "java.io.ByteArrayOutputStream").init()> <cfset var inputLength = Len(arguments.inputString)> <cfset var outputString = ""> <cfset var i = 0> <cfset var ch = ""> <cfif inputLength mod 2 neq 0> <cfset arguments.inputString = "0" & inputString> </cfif> <cfloop from="1" to="#inputLength#" index="i" step="2"> <cfset ch = Mid(inputString, i, 2)> <cfset outStream.write(javacast("int", InputBaseN(ch, 16)))> </cfloop> <cfset outStream.flush()> <cfset outStream.close()> <cfreturn outStream.toByteArray()> </cffunction>
+1
source share

More articles:


All Articles