There is an example HMAC-SHA1 here that works in javascript
Text to encrypt
vibaHBXwUXFqVSg-+kTrqYJZEJkbVeqLc=bo.LlXGET12505351831husu9039http://api.tineye.com/rest/search/image_url=http%3a%2f%2ftineye.com%2fimages%2ftineye_logo_big.png&limit=30&offset=10
Key
vibaHBXwUXFqVSg-+kTrqYJZEJkbVeqLc=bo.LlX
Output
9e734661c9e8b6dc9b6b4b3def9769c00e8843b8
Issue
I can't however duplicate the output in Coldfusion. I'm using a function from a previous Stackoverflow.com question
<cffunction name="hmacEncrypt" returntype="binary" access="public" output="false">
<cfargument name="signKey" type="string" required="true" />
<cfargument name="signMessage" type="string" required="true" />
<cfset var jMsg = JavaCast("string",arguments.signMessage).getBytes("iso-8859-1") />
<cfset var jKey = JavaCast("string",arguments.signKey).getBytes("iso-8859-1") />
<cfset var key = createObject("java","javax.crypto.spec.SecretKeySpec") />
<cfset var mac = createObject("java","javax.crypto.Mac") />
<cfset key = key.init(jKey,"HmacSHA1") />
<cfset mac = mac.getInstance(key.getAlgorithm()) />
<cfset mac.init(key) />
<cfset mac.update(jMsg) />
<cfreturn mac.doFinal() />
</cffunction>
<cfset result = hmacEncrypt("vibaHBXwUXFqVSg-+kTrqYJZEJkbVeqLc=bo.LlX", "vibaHBXwUXFqVSg-+kTrqYJZEJkbVeqLc=bo.LlXGET12505351831husu9039http://api.tineye.com/rest/search/image_url=http%3a%2f%2ftineye.com%2fimages%2ftineye_logo_big.png&limit=30&offset=10")>
<cfset x1 = toString(tobase64(result))>
This returns
nnNGYcnottyba0s975dpwA6IQ7g=
Any help appreciated.
<cfset x1 = toString(tobase64(result))>
The other function is returning hex, not base64. Other than that it seems to work fine for me:
<cfset x1 = binaryEncode(result, "hex")>
The clue is in your expected output string: it contains only digits and lowercase letters. If you look closer, all the letters are in the range a-f. Therefore it is extremely likely that it is a hexadecimal string.
The last line of your example code encodes the result as base64, not hexadecimal. You can encode the result as hexadecimal by changing the last line to this:
<cfset x1 = binaryEncode(result,"hex")>
I ran the modified code and got
9E734661C9E8B6DC9B6B4B3DEF9769C00E8843B8
which is the uppercase version of your expected string.
来源:https://stackoverflow.com/questions/9186773/coldfusion-hmac-sha1-encryption