HMAC SHA1 + base64
3,554 views
Skip to first unread message
rtweed
Sep 26, 2010, 2:18:44 PM9/26/10
to nodejs
I'm nearly there on this but having a mental block - I'm sure what I
need to do is possible with the available libraries in node but
there's a step I can't figure out, and wonder if anyone else can help.
I'm trying to perform the signing necessary for Amazon SimpleDB. This
involves creating an HMACSHA1 digest from the data and a secret key,
and then Base64 encoding the result.
I've installed hashlib and node-base64. I can get the HMACSHA1
digest, but it returns the result as a hex string, eg
var key = "1234567" ;
var data = "hello world" ;
var hash = hashlib.hmac_sha1(data, key);
hash = 73a8e6a0d7966cf3257cbe3c5a6ec7cf06a7cda4
What I need to create is the Base64 result of the binary value
represented by this hex string. So I need to be able to get the
result:
c6jmoNeWbPMlfL48Wm7HzwanzaQ=
So, in other words, I can't just pass the value of hash into
base64.encode (that would give me
NzNhOGU2YTBkNzk2NmNmMzI1N2NiZTNjNWE2ZWM3Y2YwNmE3Y2RhNA==)
What's the intermediate step I need to get the right result?
Many thanks!
Rob
need to do is possible with the available libraries in node but
there's a step I can't figure out, and wonder if anyone else can help.
I'm trying to perform the signing necessary for Amazon SimpleDB. This
involves creating an HMACSHA1 digest from the data and a secret key,
and then Base64 encoding the result.
I've installed hashlib and node-base64. I can get the HMACSHA1
digest, but it returns the result as a hex string, eg
var key = "1234567" ;
var data = "hello world" ;
var hash = hashlib.hmac_sha1(data, key);
hash = 73a8e6a0d7966cf3257cbe3c5a6ec7cf06a7cda4
What I need to create is the Base64 result of the binary value
represented by this hex string. So I need to be able to get the
result:
c6jmoNeWbPMlfL48Wm7HzwanzaQ=
So, in other words, I can't just pass the value of hash into
base64.encode (that would give me
NzNhOGU2YTBkNzk2NmNmMzI1N2NiZTNjNWE2ZWM3Y2YwNmE3Y2RhNA==)
What's the intermediate step I need to get the right result?
Many thanks!
Rob
rtweed
Sep 26, 2010, 2:40:45 PM9/26/10
to nodejs
I'll answer my own post!
Turned out I didn't need anything but node.js itself - just use the
crypto module:
var crypto = require("crypto");
sys.puts("Node.js HMACSHA1 test");
var key = "1234567" ;
var data = "hello world" ;
var hmac = crypto.createHmac("sha1", key);
var hash2 = hmac.update(data);
var digest = hmac.digest(encoding="base64");
sys.puts("digest=" + digest);
Out pops
digest=c6jmoNeWbPMlfL48Wm7HzwanzaQ=
Rob
Turned out I didn't need anything but node.js itself - just use the
crypto module:
var crypto = require("crypto");
sys.puts("Node.js HMACSHA1 test");
var key = "1234567" ;
var data = "hello world" ;
var hash2 = hmac.update(data);
var digest = hmac.digest(encoding="base64");
sys.puts("digest=" + digest);
Out pops
digest=c6jmoNeWbPMlfL48Wm7HzwanzaQ=
Rob
Jorge
Sep 26, 2010, 2:51:24 PM9/26/10
to nod...@googlegroups.com
hash= "73a8e6a0d7966cf3257cbe3c5a6ec7cf06a7cda4";
if (hash.length % 2) hash= "0"+ hash;
btoa(hash.replace(/[a-f0-9][a-f0-9]/g, function (c, i) { return String.fromCharCode(parseInt(c, 16)) }));
-> "c6jmoNeWbPMlfL48Wm7HzwanzaQ="
if (hash.length % 2) hash= "0"+ hash;
btoa(hash.replace(/[a-f0-9][a-f0-9]/g, function (c, i) { return String.fromCharCode(parseInt(c, 16)) }));
-> "c6jmoNeWbPMlfL48Wm7HzwanzaQ="
--
Jorge.
> --
> You received this message because you are subscribed to the Google Groups "nodejs" group.
> To post to this group, send email to nod...@googlegroups.com.
> To unsubscribe from this group, send email to nodejs+un...@googlegroups.com.
> For more options, visit this group at http://groups.google.com/group/nodejs?hl=en.
>
Jorge
Sep 26, 2010, 2:55:20 PM9/26/10
to nod...@googlegroups.com
D'oh
Micheil Smith
Sep 26, 2010, 9:03:50 PM9/26/10
to nod...@googlegroups.com
I should note that you also had the following:
var digest = hmac.digest(encoding="base64");
It should have been:
var digest = hmac.digest("base64");
Was it written like this in the documentation? If so, this needs to be fixed.
Yours,
Micheil Smith
--
BrandedCode.com
tjholowaychuk
Sep 26, 2010, 11:36:05 PM9/26/10
to nodejs
I think he is writing it pythonic..-ish lol for some reason, and
creating a global instead
> >> For more options, visit this group athttp://groups.google.com/group/nodejs?hl=en.
creating a global instead
rtweed
Sep 27, 2010, 3:12:45 AM9/27/10
to nodejs
Yes I used the documentation at http://nodejs.org/api.html
I quote:
hash.digest(encoding='binary')
Calculates the digest of all of the passed data to be hashed. The
encoding can be 'hex', 'binary' or 'base64'.
> >> For more options, visit this group athttp://groups.google.com/group/nodejs?hl=en.
I quote:
hash.digest(encoding='binary')
Calculates the digest of all of the passed data to be hashed. The
encoding can be 'hex', 'binary' or 'base64'.
rtweed
Sep 27, 2010, 3:13:12 AM9/27/10
to nodejs
No I RTFM
rtweed
Sep 27, 2010, 3:28:50 AM9/27/10
to nodejs
In fact I now realise that the documentation is written so that it
tells you what the default values of parameters are, so yes I was
being somewhat dumb, especially since I work in Javascript most of my
time! In my defence:
1) The documentation does not make that clear (more examples would
help clarify that). I suspect this aspect of the documentation may
confuse others.
2) I was trying to get this working quickly last night and didn't want
to plough through copious amounts of documentation in detail. So I
just took what I read at face value , did some cut and pasting and.
woohoo it just worked :-) Now, in the cold light of morning, what I
used does look pretty daft :-)
To be honest the documentation on the crypto module is pretty,
well....cryptic. Some examples would definitely help, but then that's
true of many of the modules and I know how much time and effort it
takes to write examples. However most developers, from my experience,
work from examples first and then follow-up by consulting the
documentation which then makes perfect sense.
Anyway the bottom line is I now have the critical piece I needed for
my project in place. The rest should hopefully be pretty
straightforward.
On 27 Sep, 08:12, rtweed <rob.tw...@gmail.com> wrote:
> Yes I used the documentation athttp://nodejs.org/api.html
tells you what the default values of parameters are, so yes I was
being somewhat dumb, especially since I work in Javascript most of my
time! In my defence:
1) The documentation does not make that clear (more examples would
help clarify that). I suspect this aspect of the documentation may
confuse others.
2) I was trying to get this working quickly last night and didn't want
to plough through copious amounts of documentation in detail. So I
just took what I read at face value , did some cut and pasting and.
woohoo it just worked :-) Now, in the cold light of morning, what I
used does look pretty daft :-)
To be honest the documentation on the crypto module is pretty,
well....cryptic. Some examples would definitely help, but then that's
true of many of the modules and I know how much time and effort it
takes to write examples. However most developers, from my experience,
work from examples first and then follow-up by consulting the
documentation which then makes perfect sense.
Anyway the bottom line is I now have the critical piece I needed for
my project in place. The rest should hopefully be pretty
straightforward.
On 27 Sep, 08:12, rtweed <rob.tw...@gmail.com> wrote:
> Yes I used the documentation athttp://nodejs.org/api.html
Micheil Smith
Sep 27, 2010, 4:13:02 AM9/27/10
to nod...@googlegroups.com
Okay, that's on the todo list to work on then. No harm done.
– Micheil Smith
Reply all
Reply to author
Forward
0 new messages