Reputation: 487
NodeJS crypto.createHmac SHA256 not working properly
I'm currently trying to implement the authentication part of a library we're using but I've stumbled upon a weird issue with the signing of the data, the output of crypto.createHmac in NodeJS is roughly half the size of that of hash_hmac in PHP and this is the only part of the data which differs between PHP and NodeJS (and we need to use NodeJS here)
The exact code used for creating the signature in NodeJS is,
authorization["oauth_signature"] = crypto.createHmac('SHA256', process.env.SECRET).update(toSign).digest('base64');
And for PHP it is
$authorization["oauth_signature"] = base64_encode(hash_hmac("SHA256", $signatureString . $signingKey, $secret));
However the output of the NodeJS version is
7LkQP+qKR1gSdPq/AgH/3No3ps7EtZXnqwjivMixvM8=
And for PHP it is
NmQ0MWIzYmJiMjI2YzFlMDhiYzY3NzVmMWY0MzEwNDlhNDU3NDI0ZGJlMzU3NjJhYmMwYjgwYzZjMDE4NDM4OA==
Which has more then double the data
Do I have to use a different library for the NodeJS version rather then the build in one? We're hosting our NodeJS backend on Microsoft Azure btw, not sure if this is related but seems at least valid to mention.
Edit:
I've found the issue, hash_hmac in PHP automatically exports it's data as hexidecimal data, crypto.createHmac exports it's data as raw binary data which I directly converted into base64, all I needed to do was first export the data to hex and then convert that to base64.
Upvotes: 2
Views: 10667
Answers (2)
Reputation: 10503
In the case of Azure you mentioned the keys are supplied in Base64 format. With the cryto library for node I found it worked when I passed in the key as a Buffer. Azure Authorization Signature header node code sample below:
const util = require('util');
const crypto = require('crypto');
var accountName = "YOUR_ACCOUNT_NAME";
var key = Buffer("YOUR_BASE64_KEY",'base64');
var hash = crypto.createHmac('sha256',key).update(stringToSign,'utf8').digest('base64');
var signature = util.format("%s:%s", accountName, hash);
var authorization = util.format("SharedKey %s", signature);
Upvotes: 0
Reputation: 249
Try this;
var crypto = require('crypto');
var s = 'The quick brown fox jumps over the lazy dog';
console.log(
new Buffer(
crypto.createHmac('SHA256', 'SECRET').update(s).digest('hex')
).toString('base64')
);
PHP equivalent;
base64_encode(hash_hmac("SHA256",'The quick brown fox jumps over the lazy dog', 'SECRET'))
Upvotes: 6
Related Questions
- Add SHA256 Digests to RPM Packages
- What is "require" in JavaScript and NodeJS?
- Reference - What does this error mean in PHP?
- PHP array delete by value (not key)
- WebCrypto JS SHA256 HMAC Mismatch
- How long is the SHA256 hash?
- Calculate hmac value with base64 encode using sha256 python
- NodeJS crypto.createHmac SHA512 not working as expected
- Calculate HMAC-SHA256 digest in ColdFusion using Java
- CryptoJS (HMAC Sha256) giving incorrect output?