[KONG series eight] HMAC certification HMAC-Auth plugin

HMACAuthentication

< /p>

hmac plugin

Construct signatureheader

Authorization: hmac username=”userhmac”, algorithm=”hmac-sha1″, headers=”X-Date Content-md5 “, signature=”LqkezHTAuk/Sk3RTbguHHYZGt/8=”

X-Date: Mon, 31 Jul 2017 07:23:02 GMT

Content-md5: IgWlVHazOsGgHGVlcKvQDA==

Execution result: successful

Detailed explanation:Base64(HMAC-SHA1 (signing string))Encryption details:

1. Prepare encryption tools in advanceHmacSha1Util and Md5Util.

1).WriteHMacSha1Util.java , Please refer to appendix1content.

2).writeMd5Util, reference Attached2content.

3).PreparemacUsers and Key: username=userhmac,[email protected]

Second, calculate hmacSignature

1).Calculationbody Content-md5.

2).Build a message to be signedString content = stb.append(“X-Date: “).append(hdate) .append(”
“).append(“Content-md5: “).append(contentMD5).toString();//Note X-Date: There is a space after , followed by USsystem GMTtime.

3).Build signatureString signature = BASE64.encode< /em>(HmacSha1Util.signatureReturnBytes(content, secret));

please See attached3 HmacTest.java

according toHmacTest.test1()Method execution result output:

15:25:07.774 [main] INFO com.kong.test.hmac .HmacTest-Content-md5: IgWlVHazOsGgHGVlcKvQDA==

15:25:07.793 [main] INFO com.kong.test.hmac.HmacTest-X- Date: Mon, 31 Jul 2017 07:25:07 GMT

15:25:07.794 [main] INFO com.kong.test.hmac.HmacTest –Content before signature: X-Date: Mon, 31 Jul 2017 07:25:07 GMT

Content-md5: IgWlVHazOsGgHGVlcKvQDA= =

15:25:08.557 [main] INFO com.kong.test.hmac.HmacTest –Display the specified code [Recommended]: p4sGy3B+J/Zqt7gaLJVZCzVY5/Y=

< p class="p4"> Output the result of the above content and construct the request report in the following format Arts.

Three, buildrequestmessage:

Settingsheaders:

Authorization:hmac username =”userhmac”, algorithm=”hmac-sha1″, headers=”X-Date Content-md5″, signature=”p4sGy3B+J/Zqt7gaLJVZCzVY5/Y=”

X- Date:Mon, 31 Jul 2017 07:25:07 GMT

Content-md5:IgWlVHazOsGgHGVlcKvQDA==

Four. Verification result

As shown in the figure below, normal return, hamc encryption authentication is successful.

Attach1 HmacSha1Util.java:

package com.kong.test.hmac;import javax.crypto.Mac;import javax.crypto.spec.SecretKeySpec;import java .security.InvalidKeyException;import java.security.NoSuchAlgorithmException;import java.util.Formatter;/** * @Author changle * @Time 17/7/23. * @Desc calculate hmac signature*/public class HmacSha1Util {private static final String HMAC_SHA1_ALGORITHM = "HmacSHA1"; private static String toHexString(byte[] bytes) {Formatter formatter = new Formatter(); for (byte b: bytes) {formatter.format("%02x", b);} return formatter. toString();} public static String sig nature(String data, String key) throws NoSuchAlgorithmException, InvalidKeyException {SecretKeySpec signingKey = new SecretKeySpec(key.getBytes(), HMAC_SHA1_ALGORITHM); Mac mac = Mac.getInstance(HMAC_SHA1_ALGORITHM); mac.init(signingKey); return toHexString(mac. doFinal(data.getBytes()));} public static byte[] signatureReturnBytes(String data, String key) throws NoSuchAlgorithmException, InvalidKeyException {SecretKeySpec signingKey = new SecretKeySpec(key.getBytes(), HMAC_SHA1_ALGORITHM); Mac mac = Mac.getInstance (HMAC_SHA1_ALGORITHM); mac.init(signingKey); return mac.doFinal(data.getBytes());} public static void main(String[] args) throws Exception {String hmac = signature("data", "f96384947e0f4de39d3ffef6bd12c551") ;        assert hmac.equals("104152c5bfdca07bc633eebd46199f0255c9f49d");    }}

Attached2 Md5Util.java:

package com. kong.test.hmac;import org.apache.commons.codec.binary.Base64;import org.apache.commons.lang.StringUtils;import java.io.UnsupportedEncodingException;import java.security.MessageDigest;import java.security.NoSuchAlgorithmException ;public class Md5Util {public static String md5(String param) {if (StringUtils.isBlank(param)) {throw new IllegalArgumentException("param can not be null");} try {byte[] bytes = param.getBytes(" utf-8"); final MessageDigest md = MessageDigest.getInstance("MD5"); md.reset(); md.update(bytes); final Base64 base64 = new Base64(); final byte[] enbytes = base64.encode (md.digest()); return new String(enbytes);} catch (final NoSuchAlgorithmException e) {throw new IllegalArgumentException("un known algorithm MD5");        } catch (UnsupportedEncodingException e) {            throw new RuntimeException(e);        }    }}


attached3 HmacTest.java calculationmacSignature:

package com. kong.test.hmac;import lombok.extern.slf4j.Slf4j;import java.text.DateFormat;import java.text.SimpleDateFormat;import java.util.Base64;import java.util.Date;import java.util.Locale; import java.util.TimeZone;/** * @Author changle * @Time 17/7/19. * @Desc HMac encrypted signature verification. */@Slf4jpublic class HmacTest {public static void main(String[] args) {test1 ();} static void test1(){ String queryParam = "/testHmac/qryParam=test1&pageNo=1"; String contentMD5 = Md5Util.md5(queryParam); log.info("Content-md5: {}", contentMD5); Date d=new Date(); DateFormat format=new SimpleDateFormat("EEE, dd MMM yyyy HH:mm:ss z", Locale.US); format.setTimeZone(TimeZone.getTimeZone("GMT")); String hdate = format.format(d); log .info("X-Date: {}",hdate); StringBuilder stb = new StringBuilder(); String content = stb.append("X-Date: ").append(hdate).append("
") .append("Content-md5: ").append(contentMD5).toString(); log.info("Content before signing: "+content); String secret = "[email protected]"; //User userhmac's secret key try {String signature2 = new String(Base64.getEncoder().encode(HmacSha1Util.signatureReturnBytes(content, secret)), "US-ASCII"); log.info("Display specified encoding [recommended]: {}", signature2 );} catch (Exception e) {e.printStackTrace();} }}

Leave a Comment

Your email address will not be published.