PHP中P_SHA1算法的实现
我们正在尝试实现一个函数 P_SHA1 表示 PHP.用 Python 编写的函数的模式.但是,不幸的是,有些东西不能正常工作.下面是JAVA中的实现函数:http://ws.apache.org/wss4j/xref/org/apache/ws/security/conversation/dkalgo/P_SHA1.html
we are trying to implement a function P_SHA1 means PHP. The pattern of the function written in Python. But, unfortunately, something is not working properly. Here is the implementation function in JAVA: http://ws.apache.org/wss4j/xref/org/apache/ws/security/conversation/dkalgo/P_SHA1.html
我们的代码:
<?php
$newSeed = $label . $seed; // concat as strings
// $p_sha1
$psha1 = p_hash('sha1', $secret, $newSeed, $length);
$string = arrayToBytes($psha1);
/**
* P_SHA1 crypto alg calculation
*
* @return array of bytes - key
**/
function p_hash($algo, $secret, $seed, $length) {
$bytes = array_fill(0, $length, 0);
$tmp = null;
$A = $seed;
$index = 0;
while (1) {
// hmac sha1: secret + seed
$A = hash_hmac($algo, $secret, $A, true);
// hmac sha1: secret + 1st hash + seed
$output = hash_hmac($algo, $secret, ($A . $seed), true);
foreach (bytesToArray($output) as $c) {
if ($index >= $length) {
return $bytes;
}
$bytes[$index] = $c;
$index++;
}
}
return $bytes;
}
function bytesToArray($bytes) { return unpack('C*', $bytes); }
function arrayToBytes($array) { return call_user_func_array("pack", array_merge(array("C*"), $array)); }
?>
也许有人知道我在哪里可以找到现成的解决方案?或者任何人都可以帮助编写脚本以使其正常工作?
Maybe someone knows where I can find a ready-made solution? Or anyone can help make a script to work properly?
推荐答案
这是基于 回复通过签名 FS" SOAP 消息请求.我已经成功地使用它来签署 SOAP 请求并获得我想要的响应.
This is based on the C# method included in a reply to "signing SOAP message request via ADFS". I have successfully used it to sign SOAP requests and get the response I want.
function psha1($clientSecret, $serverSecret, $sizeBits = 256)
{
$sizeBytes = $sizeBits / 8;
$hmacKey = $clientSecret;
$hashSize = 160; // HMAC_SHA1 length is always 160
$bufferSize = $hashSize / 8 + strlen($serverSecret);
$i = 0;
$b1 = $serverSecret;
$b2 = "";
$temp = null;
$psha = array();
while ($i < $sizeBytes) {
$b1 = hash_hmac('SHA1', $b1, $hmacKey, true);
$b2 = $b1 . $serverSecret;
$temp = hash_hmac('SHA1', $b2, $hmacKey, true);
for ($j = 0; $j < strlen($temp); $j++) {
if ($i < $sizeBytes) {
$psha[$i] = $temp[$j];
$i++;
} else {
break;
}
}
}
return implode("", $psha);
}
需要注意的重要一点是,客户端机密和服务器机密在传递给此函数之前应该进行 base64 解码.
One thing of importance to note is that the client secret and server secret should be base64 decoded before being passed to this function.
相关文章