> If you split up your "nonce created secret" as partial strings of "The > quick brown fox jumps over the lazy dog", then you know > what hex'ified digest to expect, and helps you to track-down/eliminate errors.
That is a good tip and I'll use it in the future. On Mar 4, 3:58 pm, Frank Siebenlist <frank.siebenl...@gmail.com> wrote: > Hi Larry, > > One approach that helps a lot when trying to figure out where the issue is > with all that message digesting, is by using well-known test cases. If you > look at: > > http://en.wikipedia.org/wiki/SHA-1 > > you will find the test cases: > > SHA1("The quick brown fox jumps over the lazy dog") = > 2fd4e1c6 7a2d28fc ed849ee1 bb76e739 1b93eb12 > > and > > SHA1("") = > da39a3ee 5e6b4b0d 3255bfef 95601890 afd80709 > > If you split up your "nonce created secret" as partial strings of "The quick > brown fox jumps over the lazy dog", then you know what hex'ified digest to > expect, and helps you to track-down/eliminate errors. > > The empty string digest is also important to have, because the initial > MessageDigest object, or any reset one, or after a call to .digest, will > generate that particular digest value. In other words, if you see that digest > then you're probably working with a (accidentally?) reset MessageDigest > object. > > Hope that helps. > > -FrankS. > > On Mar 4, 2013, at 12:38 PM, larry google groups <lawrencecloj...@gmail.com> > wrote: > > > > > > > > > To be clear about an earlier point, if I do this: > > > digest-as-string (apply str nonce created secret) > > > and then print this to the terminal, I can see it really is just a > > string made of these 3 items. Just a plain string, exactly what I > > assumed. > > > On Mar 4, 2:25 pm, Frank Siebenlist <frank.siebenl...@gmail.com> > > wrote: > >>> digest (-> (java.security.MessageDigest/getInstance "sha1") > >>> .reset > >>> (.update nonce-bytes) > >>> (.update create-bytes) > >>> (.update secret-bytes) > >>> .digest) > > >> There may be an issue with this snippet of code as ".update" does not > >> return anything… i.e. nil. > > >> -FS. > > >> On Mar 4, 2013, at 11:06 AM, larry google groups > >> <lawrencecloj...@gmail.com> wrote: > > >>>> ;; Should "UsernameToken Username" really be unquoted in the following > >>>> line? > >>>> ;; All the other variable names are quoted > > >>> Apparently, yes. The developer at Omniture reviewed it and said my > >>> only problem was the way the passwordDigest was created. > > >>> On Mar 4, 2:02 pm, Aaron Cohen <aa...@assonance.org> wrote: > >>>> I think you should try to avoid the string concatenation games. I'm not > >>>> sure what your current code is, but I suspect you're still ending up with > >>>> array toString's slipping in. > > >>>> How about the following? > > >>>> On Mon, Mar 4, 2013 at 1:31 PM, larry google groups < > > >>>> lawrencecloj...@gmail.com> wrote: > >>>>> So, right now I am using this code: > > >>>>> (let [username (get-in @um/interactions [:omniture-api- > >>>>> credentials :username]) > >>>>> secret (get-in @um/interactions [:omniture-api-credentials :shared- > >>>>> secret]) > >>>>> nonce (DigestUtils/md5Hex (str (math/round (* (rand 1 ) 1000000)))) > >>>>> nonce-encoded-base64 (Base64/encodeBase64 (.getBytes nonce)) > >>>>> date-formatter (new SimpleDateFormat "yyyy-MM-dd'T'HH:mm:ss") > >>>>> formatter gmt-timezone) > >>>>> created (.format date-formatter (new Date)) > > >>>> nonce-bytes (.getBytes nonce) > >>>> created-bytes (.getBytes created) > >>>> secret-bytes (.getBytes secret) > >>>> digest (-> (java.security.MessageDigest/getInstance "sha1") > >>>> .reset > >>>> (.update nonce-bytes) > >>>> (.update create-bytes) > >>>> (.update secret-bytes) > >>>> .digest) > >>>> digest-base64 (Base64/encodeBase64 digest) > > >>>> ;; Should "UsernameToken Username" really be unquoted in the following > >>>> line? > >>>> ;; All the other variable names are quoted > >>>> header (apply str " UsernameToken Username=\"" username > > >>>> ;; You may want digest-base64 here? > >>>> "\"PasswordDigest=\"" digest > > >>>> "\" Nonce=\"" nonce-encoded-base64 > >>>> "\"Created=\"" created "\"")] > >>>> header) > > >>> -- > >>> -- > >>> You received this message because you are subscribed to the Google > >>> Groups "Clojure" group. > >>> To post to this group, send email to clojure@googlegroups.com > >>> Note that posts from new members are moderated - please be patient with > >>> your first post. > >>> To unsubscribe from this group, send email to > >>> clojure+unsubscr...@googlegroups.com > >>> For more options, visit this group at > >>>http://groups.google.com/group/clojure?hl=en > >>> --- > >>> You received this message because you are subscribed to the Google Groups > >>> "Clojure" group. > >>> To unsubscribe from this group and stop receiving emails from it, send an > >>> email to clojure+unsubscr...@googlegroups.com. > >>> For more options, visithttps://groups.google.com/groups/opt_out. > > > -- > > -- > > You received this message because you are subscribed to the Google > > Groups "Clojure" group. > > To post to this group, send email to clojure@googlegroups.com > > Note that posts from new members are moderated - please be patient with > > your first post. > > To unsubscribe from this group, send email to > > clojure+unsubscr...@googlegroups.com > > For more options, visit this group at > >http://groups.google.com/group/clojure?hl=en > > --- > > You received this message because you are subscribed to the Google Groups > > "Clojure" group. > > To unsubscribe from this group and stop receiving emails from it, send an > > email to clojure+unsubscr...@googlegroups.com. > > For more options, visithttps://groups.google.com/groups/opt_out. -- -- You received this message because you are subscribed to the Google Groups "Clojure" group. To post to this group, send email to clojure@googlegroups.com Note that posts from new members are moderated - please be patient with your first post. To unsubscribe from this group, send email to clojure+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/clojure?hl=en --- You received this message because you are subscribed to the Google Groups "Clojure" group. To unsubscribe from this group and stop receiving emails from it, send an email to clojure+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/groups/opt_out.
