Node HmacSHA1 Seed2019 Community Moderator ElectionSOAP, WCF, and message signaturesUsing xml-crypto with PSHA1How to append to a file in Node?Remove all child elements of a DOM node in JavaScriptHmacSHA1 generates different signatures on different systems using same secretNode.js verify function does not verify signature when openssl command line doesHow to uninstall npm modules in node js?node how to create a directory if doesn't exist?Golang signing with ecdsa and Private Key from a SHA224 digestRSA Signature having public key as text not verified in javaNode 6 upgrade caused SignatureDoesNotMatch errors from aws-sdk because of crypto.DEFAULT_ENCODING='binary'How to convert this signature method from crypto (node) to crypto-js (browser)?

Multi tool use
Multi tool use

Are small insurances worth it?

Cycles on the torus

I reported the illegal activity of my boss to his boss. My boss found out. Now I am being punished. What should I do?

Is there a math expression equivalent to the conditional ternary operator?

Did Amazon pay $0 in taxes last year?

Do Cubics always have one real root?

Having the player face themselves after the mid-game

How to install round brake pads

How to educate team mate to take screenshots for bugs with out unwanted stuff

Are these two graphs isomorphic? Why/Why not?

Either of .... (Plural/Singular)

Do Paladin Auras of Differing Oaths Stack?

What will happen if my luggage gets delayed?

Origin of the word “pushka”

Help! My Character is too much for her story!

Computation logic of Partway in TikZ

Why do phishing e-mails use faked e-mail addresses instead of the real one?

Is it appropriate to ask a former professor to order a book for me through an inter-library loan?

Idiom for feeling after taking risk and someone else being rewarded

If nine coins are tossed, what is the probability that the number of heads is even?

What do you call someone who likes to pick fights?

What would be the most expensive material to an intergalactic society?

Is it possible to clone a polymorphic object without manually adding overridden clone method into each derived class in C++?

What can I do if someone tampers with my SSH public key?



Node HmacSHA1 Seed



2019 Community Moderator ElectionSOAP, WCF, and message signaturesUsing xml-crypto with PSHA1How to append to a file in Node?Remove all child elements of a DOM node in JavaScriptHmacSHA1 generates different signatures on different systems using same secretNode.js verify function does not verify signature when openssl command line doesHow to uninstall npm modules in node js?node how to create a directory if doesn't exist?Golang signing with ecdsa and Private Key from a SHA224 digestRSA Signature having public key as text not verified in javaNode 6 upgrade caused SignatureDoesNotMatch errors from aws-sdk because of crypto.DEFAULT_ENCODING='binary'How to convert this signature method from crypto (node) to crypto-js (browser)?










0















I'm trying to send a SOAP request via Node, talking to a service which is secured with WSS.



I need to sign the XML response with a SignedInfo element which requires me combining a Nonce Binary secret I generated, with a Nonce binary secret returned from the initial token request - PSHA1 format.



I've been able to validate this using Java, by utilising the following class (Where the secret is my client nonce and the seed is the server nonce):



https://github.com/apache/wss4j/blob/trunk/ws-security-common/src/main/java/org/apache/wss4j/common/derivedKey/P_SHA1.java#L57



With the following Java code:



Mac mac = Mac.getInstance("HmacSHA1");
SecretKeySpec key = new SecretKeySpec(getSharedKey(), "HmacSHA1");
mac.init(key);

String bytesToSign = "<XML_TO_SIGN_GOES_HERE>";

String signature = Base64.encodeBytes(mac.doFinal(bytesToSign.getBytes()));


I need to do this in a Node project though, I've looked at the Crypto API and numerous plugins but I'm unable to generate the same signature.



How do I specify a seed for a HmacSHA1 using node?






javascript node.js cryptography hmacsha1







share|improve this question






















  • Could you provide a simple XML example, with the expected result?

    – Pierre
    Mar 7 at 4:07















0















I'm trying to send a SOAP request via Node, talking to a service which is secured with WSS.



I need to sign the XML response with a SignedInfo element which requires me combining a Nonce Binary secret I generated, with a Nonce binary secret returned from the initial token request - PSHA1 format.



I've been able to validate this using Java, by utilising the following class (Where the secret is my client nonce and the seed is the server nonce):



https://github.com/apache/wss4j/blob/trunk/ws-security-common/src/main/java/org/apache/wss4j/common/derivedKey/P_SHA1.java#L57



With the following Java code:



Mac mac = Mac.getInstance("HmacSHA1");
SecretKeySpec key = new SecretKeySpec(getSharedKey(), "HmacSHA1");
mac.init(key);

String bytesToSign = "<XML_TO_SIGN_GOES_HERE>";

String signature = Base64.encodeBytes(mac.doFinal(bytesToSign.getBytes()));


I need to do this in a Node project though, I've looked at the Crypto API and numerous plugins but I'm unable to generate the same signature.



How do I specify a seed for a HmacSHA1 using node?






javascript node.js cryptography hmacsha1







share|improve this question






















  • Could you provide a simple XML example, with the expected result?

    – Pierre
    Mar 7 at 4:07













0












0








0








I'm trying to send a SOAP request via Node, talking to a service which is secured with WSS.



I need to sign the XML response with a SignedInfo element which requires me combining a Nonce Binary secret I generated, with a Nonce binary secret returned from the initial token request - PSHA1 format.



I've been able to validate this using Java, by utilising the following class (Where the secret is my client nonce and the seed is the server nonce):



https://github.com/apache/wss4j/blob/trunk/ws-security-common/src/main/java/org/apache/wss4j/common/derivedKey/P_SHA1.java#L57



With the following Java code:



Mac mac = Mac.getInstance("HmacSHA1");
SecretKeySpec key = new SecretKeySpec(getSharedKey(), "HmacSHA1");
mac.init(key);

String bytesToSign = "<XML_TO_SIGN_GOES_HERE>";

String signature = Base64.encodeBytes(mac.doFinal(bytesToSign.getBytes()));


I need to do this in a Node project though, I've looked at the Crypto API and numerous plugins but I'm unable to generate the same signature.



How do I specify a seed for a HmacSHA1 using node?






javascript node.js cryptography hmacsha1







share|improve this question














I'm trying to send a SOAP request via Node, talking to a service which is secured with WSS.



I need to sign the XML response with a SignedInfo element which requires me combining a Nonce Binary secret I generated, with a Nonce binary secret returned from the initial token request - PSHA1 format.



I've been able to validate this using Java, by utilising the following class (Where the secret is my client nonce and the seed is the server nonce):



https://github.com/apache/wss4j/blob/trunk/ws-security-common/src/main/java/org/apache/wss4j/common/derivedKey/P_SHA1.java#L57



With the following Java code:



Mac mac = Mac.getInstance("HmacSHA1");
SecretKeySpec key = new SecretKeySpec(getSharedKey(), "HmacSHA1");
mac.init(key);

String bytesToSign = "<XML_TO_SIGN_GOES_HERE>";

String signature = Base64.encodeBytes(mac.doFinal(bytesToSign.getBytes()));


I need to do this in a Node project though, I've looked at the Crypto API and numerous plugins but I'm unable to generate the same signature.



How do I specify a seed for a HmacSHA1 using node?






javascript node.js cryptography hmacsha1




javascript node.js cryptography hmacsha1






share|improve this question













share|improve this question











share|improve this question




share|improve this question










asked Mar 6 at 23:11









Anton RandAnton Rand

157117




157117












  • Could you provide a simple XML example, with the expected result?

    – Pierre
    Mar 7 at 4:07

















  • Could you provide a simple XML example, with the expected result?

    – Pierre
    Mar 7 at 4:07
















Could you provide a simple XML example, with the expected result?

– Pierre
Mar 7 at 4:07





Could you provide a simple XML example, with the expected result?

– Pierre
Mar 7 at 4:07












1 Answer
1






active

oldest

votes


















0














I managed to get there in the end, there's an NPM module called psha1 (https://www.npmjs.com/package/psha1).



Using that library I created the following a generateSignature module which looks as follows:



const crypto = require('crypto');
const psha1 = require('psha1');

export const generateSignatureValue = (
 clientSecret,
 serverSecret,
 messageToSign,
) => 

 const secretKey =
 psha1(clientSecret, serverSecret, 256);

 const hash =
 crypto
 .createHmac('sha1', Buffer.from(secretKey, 'base64'))
 .update(messageToSign)
 .digest('binary');

 return Buffer
 .from(hash, 'binary')
 .toString('base64');
;

export default generateSignatureValue;


This gives me the desired output :)






share|improve this answer






















    Your Answer






    StackExchange.ifUsing("editor", function ()
    StackExchange.using("externalEditor", function ()
    StackExchange.using("snippets", function ()
    StackExchange.snippets.init();
    );
    );
    , "code-snippets");

    StackExchange.ready(function()
    var channelOptions =
    tags: "".split(" "),
    id: "1"
    ;
    initTagRenderer("".split(" "), "".split(" "), channelOptions);

    StackExchange.using("externalEditor", function()
    // Have to fire editor after snippets, if snippets enabled
    if (StackExchange.settings.snippets.snippetsEnabled)
    StackExchange.using("snippets", function()
    createEditor();
    );

    else
    createEditor();

    );

    function createEditor()
    StackExchange.prepareEditor(
    heartbeatType: 'answer',
    autoActivateHeartbeat: false,
    convertImagesToLinks: true,
    noModals: true,
    showLowRepImageUploadWarning: true,
    reputationToPostImages: 10,
    bindNavPrevention: true,
    postfix: "",
    imageUploader:
    brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
    contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
    allowUrls: true
    ,
    onDemand: true,
    discardSelector: ".discard-answer"
    ,immediatelyShowMarkdownHelp:true
    );



    );













    draft saved

    draft discarded


















    StackExchange.ready(
    function ()
    StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f55033643%2fnode-hmacsha1-seed%23new-answer', 'question_page');

    );

    Post as a guest















    Required, but never shown

























    1 Answer
    1






    active

    oldest

    votes








    1 Answer
    1






    active

    oldest

    votes









    active

    oldest

    votes






    active

    oldest

    votes









    0














    I managed to get there in the end, there's an NPM module called psha1 (https://www.npmjs.com/package/psha1).



    Using that library I created the following a generateSignature module which looks as follows:



    const crypto = require('crypto');
    const psha1 = require('psha1');

    export const generateSignatureValue = (
     clientSecret,
     serverSecret,
     messageToSign,
    ) => 

     const secretKey =
     psha1(clientSecret, serverSecret, 256);

     const hash =
     crypto
     .createHmac('sha1', Buffer.from(secretKey, 'base64'))
     .update(messageToSign)
     .digest('binary');

     return Buffer
     .from(hash, 'binary')
     .toString('base64');
    ;

    export default generateSignatureValue;


    This gives me the desired output :)






    share|improve this answer



























      0














      I managed to get there in the end, there's an NPM module called psha1 (https://www.npmjs.com/package/psha1).



      Using that library I created the following a generateSignature module which looks as follows:



      const crypto = require('crypto');
      const psha1 = require('psha1');

      export const generateSignatureValue = (
       clientSecret,
       serverSecret,
       messageToSign,
      ) => 

       const secretKey =
       psha1(clientSecret, serverSecret, 256);

       const hash =
       crypto
       .createHmac('sha1', Buffer.from(secretKey, 'base64'))
       .update(messageToSign)
       .digest('binary');

       return Buffer
       .from(hash, 'binary')
       .toString('base64');
      ;

      export default generateSignatureValue;


      This gives me the desired output :)






      share|improve this answer

























        0












        0








        0







        I managed to get there in the end, there's an NPM module called psha1 (https://www.npmjs.com/package/psha1).



        Using that library I created the following a generateSignature module which looks as follows:



        const crypto = require('crypto');
        const psha1 = require('psha1');

        export const generateSignatureValue = (
         clientSecret,
         serverSecret,
         messageToSign,
        ) => 

         const secretKey =
         psha1(clientSecret, serverSecret, 256);

         const hash =
         crypto
         .createHmac('sha1', Buffer.from(secretKey, 'base64'))
         .update(messageToSign)
         .digest('binary');

         return Buffer
         .from(hash, 'binary')
         .toString('base64');
        ;

        export default generateSignatureValue;


        This gives me the desired output :)






        share|improve this answer













        I managed to get there in the end, there's an NPM module called psha1 (https://www.npmjs.com/package/psha1).



        Using that library I created the following a generateSignature module which looks as follows:



        const crypto = require('crypto');
        const psha1 = require('psha1');

        export const generateSignatureValue = (
         clientSecret,
         serverSecret,
         messageToSign,
        ) => 

         const secretKey =
         psha1(clientSecret, serverSecret, 256);

         const hash =
         crypto
         .createHmac('sha1', Buffer.from(secretKey, 'base64'))
         .update(messageToSign)
         .digest('binary');

         return Buffer
         .from(hash, 'binary')
         .toString('base64');
        ;

        export default generateSignatureValue;


        This gives me the desired output :)







        share|improve this answer












        share|improve this answer



        share|improve this answer










        answered 2 days ago









        Anton RandAnton Rand

        157117




        157117





























            draft saved

            draft discarded
















































            Thanks for contributing an answer to Stack Overflow!


            • Please be sure to answer the question. Provide details and share your research!

            But avoid


            • Asking for help, clarification, or responding to other answers.

            • Making statements based on opinion; back them up with references or personal experience.

            To learn more, see our tips on writing great answers.




            draft saved


            draft discarded














            StackExchange.ready(
            function ()
            StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f55033643%2fnode-hmacsha1-seed%23new-answer', 'question_page');

            );

            Post as a guest















            Required, but never shown





















































            Required, but never shown














            Required, but never shown












            Required, but never shown







            Required, but never shown

































            Required, but never shown














            Required, but never shown












            Required, but never shown







            Required, but never shown







            pCgvaP3TyDeroduTnpAGvtKUr0NwfKO5MV4fxV,jXQwMMUvQQx,WJy4m2,EslxRccR
            -
            ZNhXaCCdd bdZ2bvNXav8,EpRQWNT7CwczB

            Popular posts from this blog

            Identity Server 4 is not redirecting to Angular app after login2019 Community Moderator ElectionIdentity Server 4 and dockerIdentityserver implicit flow unauthorized_clientIdentityServer Hybrid Flow - Access Token is null after user successful loginIdentity Server to MVC client : Page Redirect After loginLogin with Steam OpenId(oidc-client-js)Identity Server 4+.NET Core 2.0 + IdentityIdentityServer4 post-login redirect not working in Edge browserCall to IdentityServer4 generates System.NullReferenceException: Object reference not set to an instance of an objectIdentityServer4 without HTTPS not workingHow to get Authorization code from identity server without login form

            Image
            How to make healing in an exploration game interesting What's the meaning of “spike” in the context of “adrenaline spike”? Welcoming 2019 Pi day: How to draw the letter π? Do I need life insurance if I can cover my own funeral costs? What do Xenomorphs eat in the Alien series? Python if-else code style for reduced code for rounding floats My adviser wants to be the first author Do I need to get involved in office politics to get ahead? Why one should not leave fingerprints on bulbs and plugs? How to change two letters closest to a string and one letter immediately after a string using notepad++ Why doesn't the EU now just force the UK to choose between referendum and no-deal? How to deal with taxi scam when on vacation? Recruiter wants very extensive technical details about all of my previous work What is the least resource intensive way to generate the luatex font cache for a new font? How Could an Airship Be Repaired Mid-Flight ...
            Read more

            Can't initialize raids on a new ASUS Prime B360M-A motherboard2019 Community Moderator ElectionSimilar to RAID config yet more like mirroring solution?Can't get motherboard serial numberWhy does the BIOS entry point start with a WBINVD instruction?UEFI performance Asus Maximus V Extreme

            Image
            "One can do his homework in the library" Why does Deadpool say "You're welcome, Canada," after shooting Ryan Reynolds in the end credits? Potential difference and current flow It's a yearly task, alright Co-worker team leader wants to inject the crap software product of his friends into our development. What should I say to our common boss? Touchscreen-controlled dentist office snowman collector game What to do when during a meeting client people start to fight (even physically) with each others? What options are left, if Britain cannot decide? How could our ancestors have domesticated a solitary predator? Professor being mistaken for a grad student When two POV characters meet Replacing Windows 7 security updates with anti-virus? What has been your most complicated TikZ drawing? Can the word "advantage" be used as an adjective? How could a female member of a species produce eggs unto death? Can the druid cantrip Thorn...
            Read more

            How to get text form Clipboard with JavaScript in Firefox 56?How to validate an email address in JavaScript?How do JavaScript closures work?How do I remove a property from a JavaScript object?How do you get a timestamp in JavaScript?How do I copy to the clipboard in JavaScript?How do I include a JavaScript file in another JavaScript file?Get the current URL with JavaScript?How to replace all occurrences of a string in JavaScriptHow to check whether a string contains a substring in JavaScript?How do I remove a particular element from an array in JavaScript?

            Image
            Can an x86 CPU running in real mode be considered to be basically an 8086 CPU? Why does this relative pronoun not take the case of the noun it is referring to? Email Account under attack (really) - anything I can do? Why do we use polarized capacitors? N.B. ligature in Latex Is Social Media Science Fiction? how to create a data type and make it available in all Databases? Need help identifying/translating a plaque in Tangier, Morocco How to make payment on the internet without leaving a money trail? What do you call something that goes against the spirit of the law, but is legal when interpreting the law to the letter? How can the DM most effectively choose 1 out of an odd number of players to be targeted by an attack or effect? cryptic clue: mammal sounds like relative consumer (8) Infinite past with a beginning? How do you conduct xenoanthropology after first contact? Is there an example of two elementary particles colliding to result in a single elementar...
            Read more