1. The concept of HMACSHA1
HMACSHA1 is a keyed hash algorithm constructed from the SHA1 hash function. It is used as HMAC (based on hash function). Hope's message verification code). This HMAC
process mixes the key with the message data, hashes the mixed result using a hash function, mixes the resulting hash value with the key, and then applies the hash function again. The output hash value is 160 bits long and can be converted to a specified number of bits.
The above is Microsoft's standard definition. I didn't quite understand it after reading it. Its function can be understood in one sentence: it is to confirm whether the requested URL or parameters have been tampered with, so as to use QQ
Signature is an example: the sender (itself) performs HMAC algorithm calculation on the parameters, etc., and submits the obtained hash value (i.e. signature value) together with the requested parameters to the receiver (QQ end), and then the receiver submits the parameters, etc. again Value
Perform HMAC algorithm calculation, check and verify the hash value obtained with the hash value you passed. If they are the same, it means that the request is correct and the verification has passed. Go to the next step. If they are not the same, will return an error.
(The following is detailed enough. If you still don’t understand, please leave me a message)
2. The hash algorithm used in QQ OAuth 1.0
///
/// HMACSHA1 algorithm encrypts and returns ToBase64String
///
/// Signature parameter string
/// Key parameter
///
public static string ToBase64hmac(string strText, string strKey)
{
HMACSHA1 myHMACSHA1 = new HMACSHA1(Encoding.UTF8.GetBytes(strKey));
byte[] byteText = myHMACSHA1.ComputeHash(Encoding.UTF8.GetBytes(strText));
return System.Convert .ToBase64String(byteText);
}
Or write it as, the principle is the same:
public static string HMACSHA1Text(string EncryptText, string EncryptKey)
< p>{//HMACSHA1 encryption
string message;
string key;
message = EncryptText;
< p> key = EncryptKey;System.Text.ASCIIEncoding encoding = new System.Text.ASCIIEncoding();
byte[] keyByte = encoding.GetBytes(key);
p>HMACSHA1 hmacsha1 = new HMACSHA1(keyByte);
byte[] messageBytes = encoding.GetBytes(message);
byte[] hashmessage = hmacsha1.ComputeHash(messageBytes );
return ByteToString(hashmessage);
}
The meaning of the parameters has been commented before and will not be explained again.
COPY can be used
Note: Please cite the page
using System.Security.Cryptography;
3. Introduce another way to write the HMACSHA1 algorithm
p>public static string HMACSHA1Text(string EncryptText, string EncryptKey)
{
//HMACSHA1 encryption
HMACSHA1 hmacsha1 = new HMACSHA1();
hmacsha1.Key = System.Text.Encoding.UTF8.GetBytes(EncryptKey);
byte[] dataBuffer = System.Text.Encoding.UTF8.GetBytes(EncryptText);< /p>
byte[] hashBytes = hmacsha1.ComputeHash(dataBuffer);
return Convert.ToBase64String(hashBytes);
}