I have some sample code for an API, but it's in Ruby, whereas I'd prefer to use nodeJS. Could you any of you kind ruby/JS chaps let me know what the JS equivalent would be, and any npm libraries I would need to install.
hmac = OpenSSL::HMAC.new(sharedsecret, OpenSSL::Digest::SHA512.new)
signature = hmac.update(url)
Try this one
var crypto = require('crypto');
hmac = crypto.createHmac('SHA512', sharedsecret);
hmac.update(url);
signature = hmac.digest('hex');
Related
I am looking for standard utility for supporting the encryption & decryption based on the below algorithm in node server side.
algorithm: aes-256-gcm
using the createCipheriv, createDecipheriv from nodejs crypto module.
Please suggest some working references
The utility need to build it from your side, and based on your needs below are the small code may help you to build the utility:
const crypto = require('crypto');
// This two value (ivValueEn , ivValueDe) should be same, to decode the text properly!
// you can generate any strong value and past it at the same place of you can have it from the config value.
const ivValueEn = "c5949f09a7e67318888c5949f09a7e6c09ca51e602867318888c5949f09a7e6c09ca51e602867318888";
const ivValueDe = "c5949f09a7e6c09ca51e602867318888c5949f09a7e6c09ca51e602867319ca51e602867318888";
// insert your key here, better to chose a strong key
const keyValue = "c5949f09a7e6c09a7e6c09ca51e602867318888c5949f09a7e6c09ca51e602867318888";
// slicing are not required you can remove the slice(0,64) part & the console.log as well
const alog = 'aes-256-gcm'
const ivEn = ivValueEn.toString('hex').slice(0,64); console.log(ivEn);
const ivDe = ivValueDe.toString('hex').slice(0,64); console.log(ivDe);
// The one that working with me correctly is to slicing the key to (32) characters.
const key = keyValue.slice(0,32);
const cipher = crypto.createCipheriv(alog,key,ivEn);
const decipher = crypto.createDecipheriv (alog,key,ivDe);
I have some code that was created for me by a past contractor that provided a working implementation of CryptoJS between a Unity3D client and NodeJS server app (as in encryption of client-server messages).
I am working on an implementation that needs to call the same server endpoints from a React web app. Basically, I need to be able to ensure that the React app provides the same results when encrypting and decrypting messages as the server (and hence the Unity3D implementation) does.
The existing encrypt/decrypt functions in the NodeJS app are shown below. They are somewhat more advanced than the standard CryptoJS examples and when I attempt to use them as-is in React, I get this error:
TypeError: cryptoJS.createHash is not a function. (In 'cryptoJS.createHash('md5')', 'cryptoJS.createHash' is undefined)
After some researching, I understand that potentially the 'use as-is' approach will fail because it's using a server side library on the client side, but I have been able to find anything that would explain how I would recreate the same code to work client-side.
encrypt(text, key, iv) {
const keyBuffer = Buffer.from(cryptoJS.createHash('md5').update(key).digest('hex'), "hex")
const ivBuffer = Buffer.from(cryptoJS.createHash('md5').update(iv).digest('hex'), "hex")
const textBuffer = Buffer.from(text, 'utf8')
let cipher = cryptoJS.createCipheriv(algorithm, keyBuffer, ivBuffer)
let encryptedText = Buffer.concat([cipher.update(textBuffer), cipher.final()])
return encryptedText.toString("base64")
}
decrypt(text, key, iv) {
const keyBuffer = Buffer.from(cryptoJS.createHash('md5').update(key).digest('hex'), "hex")
const ivBuffer = Buffer.from(cryptoJS.createHash('md5').update(iv).digest('hex'), "hex")
let decipher = cryptoJS.createDecipheriv(algorithm, keyBuffer, ivBuffer)
const textBuffer = Buffer.from(text, 'base64')
var decipheredContent = Buffer.concat([decipher.update(textBuffer), decipher.final()])
return decipheredContent.toString("utf8")
}
So, I need to figure out how to replace these encrypt/decrypt functions with ones that compile and function in client side in React web. Any help in steering me in the right direction or assisting with the code would be greatly appreciated. Thanks for taking the time to read my question.
I have to represent this node.js code in Microsoft Jscript. How can I do that?
const crypto = require('crypto');
var value = 'helloworld';
var hash = crypto.createHash('sha256').update(value).digest('hex')
When using Node.js crypto module
const crypto = require('crypto');
HMACseed = crypto.createHmac('sha512', 'a55e3e55ff89d1cfeab1c85ac4dc7517d8d3228bb41a7d86de9cdf5587126de7').update('02de498327ba9544ba3b5c3d855a56a6761737a399d099b46b2a1d69491ca64ae400000001').digest('hex');
console.log(HMACseed)
result
08b87c15c5cc62ebcdb8cf5bf6a61cd168387fcc59db119e19ecd8deb67380dda98dd5faf7409face6ebcb187929176636f593dadbe7d7aa44a1ed59bbe0dff6
But using https://caligatio.github.io/jsSHA/
result
6b1312b3706844b11dd50012dd31be8d77f2f7cd9ec0624f730ee24bc4246084cbcaf10f63610cca1b4cc86e8b32a29b6c495a3b8bd28de4d3fd0b98df483530
key = 'a55e3e55ff89d1cfeab1c85ac4dc7517d8d3228bb41a7d86de9cdf5587126de7'
data = '02de498327ba9544ba3b5c3d855a56a6761737a399d099b46b2a1d69491ca64ae400000001'
I wonder why the jsSHA will result different value of HMAC-256.
You need to using hex as input or it will regard it as text input.
HMACseed = crypto.createHmac('sha512', Buffer.from('a55e3e55ff89d1cfeab1c85ac4dc7517d8d3228bb41a7d86de9cdf5587126de7', 'hex')).update(Buffer.from('02de498327ba9544ba3b5c3d855a56a6761737a399d099b46b2a1d69491ca64ae400000001','hex')).digest('hex');
console.log(HMACseed)
I want to use nodeJS to sign a file. I got one p12 certificate (which includes the private key), a passphrase and a pem certificate.
This here shows how it is been done in ruby:
https://gist.github.com/de4b602a213b4b264706
Thanks in advance!
You should be able to use createSign in the crypto module (see http://nodejs.org/docs/v0.4.2/api/all.html#crypto) to do what you want. The code will end up looking something like this (from http://chimera.labs.oreilly.com/books/1234000001808/ch05.html#chap7_id35952189):
var crypto = require('crypto');
var fs = require('fs');
var pem = fs.readFileSync('key.pem');
var key = pem.toString('ascii');
var sign = crypto.createSign('RSA-SHA256');
sign.update('abcdef'); // data from your file would go here
var sig = sign.sign(key, 'hex');