更新时间:2023-02-08 23:19:37
我能够让它工作.这段代码有两个问题,第一,正如帕特里克帕克指出的那样,用 printf
替换了 echo -n
.第二个是用 openssl 上的 -binary
选项替换 sed
魔法.
I was able to get it working.
There were two things wrong with this code, the first, as Patrick Park noted, was replacing the echo -n
with printf
. The second was replacing the sed
magic with the -binary
option on openssl.
对比原文:
signature=$(echo -n "$string_to_sign" | openssl dgst -sha256 -mac HMAC -macopt "hexkey:$decoded_hex_key" -binary | sed 's/^.*= //' | base64 -w0)
固定:
signature=$(printf "$string_to_sign" | openssl dgst -sha256 -mac HMAC -macopt "hexkey:$decoded_hex_key" -binary | base64 -w0)
需要更改 echo,因为 echo -n
不会将
转换为实际的换行符.
The echo change is needed because echo -n
will not convert the
into actual newlines.
-binary
更改是必需的,因为即使您剥离了坏部分,openssl 仍然以 ascii-encoded-hex 格式输出签名,而不是二进制格式.因此,在将其传递给 base64
之后,结果是十六进制表示的 b64 编码版本,而不是原始值.
The -binary
change is needed because even though you are stripping off the bad part, openssl was still outputting the signature in ascii-encoded-hex, not in binary. So after it was passed to base64
, the result was the b64 encoded version of the hex representation, instead of the raw value.