3
我想这里描述我的用户自动登录到assistly.com与他们多次通过登录assistly.com使用as3crypto,显然没有成功。多道登录与as3crypto
这是我有:
package
{
import com.adobe.crypto.SHA1;
import com.adobe.serialization.json.JSON;
import com.hurlant.crypto.*
import com.hurlant.util.Base64;
import flash.utils.ByteArray;
public class AssistlySingleSignOn
{
protected static var API_SITE_KEY:String = "YOUR SITE KEY"
protected static var MULTIPASS_KEY:String = "YOUR MULTIPASS API KEY"
public function AssistlySingleSignOn()
{
}
public static function generateMultipass(uid:String, username:String, email:String):String
{
var o:Object = {};
o.uid = uid;
o.expires = "2012-12-29T10:25:28-08:00";
o.customer_email = email;
o.customer_name = username;
var salted:String = API_SITE_KEY + MULTIPASS_KEY;
var hash:String = SHA1.hash(salted);
var saltedHash:String = hash.substr(0, 16);
var iv:String = "OpenSSL for Ruby";
var ivByteArray:ByteArray = new ByteArray();
ivByteArray.writeUTFBytes(iv);
var key:ByteArray = new ByteArray();
key.writeUTFBytes(saltedHash);
key.position = 0;
var json:String = JSON.encode(o);
var jsonByteArray:ByteArray = new ByteArray();
jsonByteArray.writeUTFBytes(json);
var padding:IPad = new PKCS5(16);
ivByteArray.position = 0;
key.position = 0;
var cyphered:CBCMode = Crypto.getCipher("aes-128-cbc", key, padding) as CBCMode;
jsonByteArray.position = 0;
cyphered.IV = ivByteArray;
cyphered.encrypt(jsonByteArray);
jsonByteArray.position = 0;
var base64:String = Base64.encode(jsonByteArray.readUTFBytes(jsonByteArray.length));
/*Convert to a URL safe string by performing the following
Remove any newlines
Remove trailing equal (=) characters
Change any plus (+) characters to dashes (-)
Change any slashes (/) characters to underscores (_)*/
base64 = base64.replace(/\n/g, "");
base64 = base64.replace(/=/g, "");
base64 = base64.replace(/+/g, "-");
base64 = base64.replace(/\//g, "_");
return base64;
}
}
}
我假设我做错了与IV东西或填充,因为我不太明白它;-)
谢谢,但我不认为as3crypto是问题。在另一篇文章中,解决方案是使用writeUTFBytes而不是writeUTF。 writeUTF在开始处添加字节数,因此它也会产生不同的散列值。按照您的建议,我的下一步将是在PHP版本旁边追踪它。 – iddqd
所以我最终做了与Java加密和工作。我猜想as3crypto毕竟做了一些不同的事情。谢谢! – iddqd