这是服务器 HMAC的算法,我不知道怎么在Android实现。
/**
* Calculate the HMAC for the http request.
* This function signs an api request using the information provided. The signature returned
* has been base64 encoded and then url encoded.
*
* @param string $algo The HMAC algorithm used
* @param string $time String representation of unix time
* @param string $nonce Nonce
* @param string $api_key Your api key
* @param string $secret_key Your private key
* @param string $get_variables URLEncoded string representation of the get variable parameters,
* eg "method=user&guid=2"
* @param string $post_hash Optional sha1 hash of the post data.
*
* @return string The HMAC signature
* @access private
*/
function calculate_hmac($algo, $time, $nonce, $api_key, $secret_key,
$get_variables, $post_hash = "") {
global $CONFIG;
elgg_log("HMAC Parts: $algo, $time, $api_key, $secret_key, $get_variables, $post_hash");
$ctx = hash_init(map_api_hash($algo), HASH_HMAC, $secret_key);
hash_update($ctx, trim($time));
hash_update($ctx, trim($nonce));
hash_update($ctx, trim($api_key));
hash_update($ctx, trim($get_variables));
if (trim($post_hash) != "") {
hash_update($ctx, trim($post_hash));
}
return urlencode(base64_encode(hash_final($ctx, true)));
}
这是我实现的方法,但是就是通过不了服务器的验证:
try {
MessageDigest sha1 = MessageDigest.getInstance("SHA-1");
sha1.update(EncodingUtils.getAsciiBytes(PUBLIC_API_KEY));
sha1.update(EncodingUtils.getAsciiBytes(time));
sha1.update(EncodingUtils.getAsciiBytes(nonce));
sha1.update(EncodingUtils.getAsciiBytes(PRIVATE_API_KEY));
hmac = new String(Base64.encode(sha1.digest(), 0));
} catch (NoSuchAlgorithmException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
本版专家分:0结帖率 100%
