Node HmacSHA1 Seed2019 Community Moderator ElectionSOAP, WCF, and message signaturesUsing xml-crypto with PSHA1How to append to a file in Node?Remove all child elements of a DOM node in JavaScriptHmacSHA1 generates different signatures on different systems using same secretNode.js verify function does not verify signature when openssl command line doesHow to uninstall npm modules in node js?node how to create a directory if doesn't exist?Golang signing with ecdsa and Private Key from a SHA224 digestRSA Signature having public key as text not verified in javaNode 6 upgrade caused SignatureDoesNotMatch errors from aws-sdk because of crypto.DEFAULT_ENCODING='binary'How to convert this signature method from crypto (node) to crypto-js (browser)?

Are small insurances worth it?

Cycles on the torus

I reported the illegal activity of my boss to his boss. My boss found out. Now I am being punished. What should I do?

Is there a math expression equivalent to the conditional ternary operator?

Did Amazon pay $0 in taxes last year?

Do Cubics always have one real root?

Having the player face themselves after the mid-game

How to install round brake pads

How to educate team mate to take screenshots for bugs with out unwanted stuff

Are these two graphs isomorphic? Why/Why not?

Either of .... (Plural/Singular)

Do Paladin Auras of Differing Oaths Stack?

What will happen if my luggage gets delayed?

Origin of the word “pushka”

Help! My Character is too much for her story!

Computation logic of Partway in TikZ

Why do phishing e-mails use faked e-mail addresses instead of the real one?

Is it appropriate to ask a former professor to order a book for me through an inter-library loan?

Idiom for feeling after taking risk and someone else being rewarded

If nine coins are tossed, what is the probability that the number of heads is even?

What do you call someone who likes to pick fights?

What would be the most expensive material to an intergalactic society?

Is it possible to clone a polymorphic object without manually adding overridden clone method into each derived class in C++?

What can I do if someone tampers with my SSH public key?



Node HmacSHA1 Seed



2019 Community Moderator ElectionSOAP, WCF, and message signaturesUsing xml-crypto with PSHA1How to append to a file in Node?Remove all child elements of a DOM node in JavaScriptHmacSHA1 generates different signatures on different systems using same secretNode.js verify function does not verify signature when openssl command line doesHow to uninstall npm modules in node js?node how to create a directory if doesn't exist?Golang signing with ecdsa and Private Key from a SHA224 digestRSA Signature having public key as text not verified in javaNode 6 upgrade caused SignatureDoesNotMatch errors from aws-sdk because of crypto.DEFAULT_ENCODING='binary'How to convert this signature method from crypto (node) to crypto-js (browser)?










0















I'm trying to send a SOAP request via Node, talking to a service which is secured with WSS.



I need to sign the XML response with a SignedInfo element which requires me combining a Nonce Binary secret I generated, with a Nonce binary secret returned from the initial token request - PSHA1 format.



I've been able to validate this using Java, by utilising the following class (Where the secret is my client nonce and the seed is the server nonce):



https://github.com/apache/wss4j/blob/trunk/ws-security-common/src/main/java/org/apache/wss4j/common/derivedKey/P_SHA1.java#L57



With the following Java code:



Mac mac = Mac.getInstance("HmacSHA1");
SecretKeySpec key = new SecretKeySpec(getSharedKey(), "HmacSHA1");
mac.init(key);

String bytesToSign = "<XML_TO_SIGN_GOES_HERE>";

String signature = Base64.encodeBytes(mac.doFinal(bytesToSign.getBytes()));


I need to do this in a Node project though, I've looked at the Crypto API and numerous plugins but I'm unable to generate the same signature.



How do I specify a seed for a HmacSHA1 using node?






javascript node.js cryptography hmacsha1







share|improve this question






















  • Could you provide a simple XML example, with the expected result?

    – Pierre
    Mar 7 at 4:07















0















I'm trying to send a SOAP request via Node, talking to a service which is secured with WSS.



I need to sign the XML response with a SignedInfo element which requires me combining a Nonce Binary secret I generated, with a Nonce binary secret returned from the initial token request - PSHA1 format.



I've been able to validate this using Java, by utilising the following class (Where the secret is my client nonce and the seed is the server nonce):



https://github.com/apache/wss4j/blob/trunk/ws-security-common/src/main/java/org/apache/wss4j/common/derivedKey/P_SHA1.java#L57



With the following Java code:



Mac mac = Mac.getInstance("HmacSHA1");
SecretKeySpec key = new SecretKeySpec(getSharedKey(), "HmacSHA1");
mac.init(key);

String bytesToSign = "<XML_TO_SIGN_GOES_HERE>";

String signature = Base64.encodeBytes(mac.doFinal(bytesToSign.getBytes()));


I need to do this in a Node project though, I've looked at the Crypto API and numerous plugins but I'm unable to generate the same signature.



How do I specify a seed for a HmacSHA1 using node?






javascript node.js cryptography hmacsha1







share|improve this question






















  • Could you provide a simple XML example, with the expected result?

    – Pierre
    Mar 7 at 4:07













0












0








0








I'm trying to send a SOAP request via Node, talking to a service which is secured with WSS.



I need to sign the XML response with a SignedInfo element which requires me combining a Nonce Binary secret I generated, with a Nonce binary secret returned from the initial token request - PSHA1 format.



I've been able to validate this using Java, by utilising the following class (Where the secret is my client nonce and the seed is the server nonce):



https://github.com/apache/wss4j/blob/trunk/ws-security-common/src/main/java/org/apache/wss4j/common/derivedKey/P_SHA1.java#L57



With the following Java code:



Mac mac = Mac.getInstance("HmacSHA1");
SecretKeySpec key = new SecretKeySpec(getSharedKey(), "HmacSHA1");
mac.init(key);

String bytesToSign = "<XML_TO_SIGN_GOES_HERE>";

String signature = Base64.encodeBytes(mac.doFinal(bytesToSign.getBytes()));


I need to do this in a Node project though, I've looked at the Crypto API and numerous plugins but I'm unable to generate the same signature.



How do I specify a seed for a HmacSHA1 using node?






javascript node.js cryptography hmacsha1







share|improve this question














I'm trying to send a SOAP request via Node, talking to a service which is secured with WSS.



I need to sign the XML response with a SignedInfo element which requires me combining a Nonce Binary secret I generated, with a Nonce binary secret returned from the initial token request - PSHA1 format.



I've been able to validate this using Java, by utilising the following class (Where the secret is my client nonce and the seed is the server nonce):



https://github.com/apache/wss4j/blob/trunk/ws-security-common/src/main/java/org/apache/wss4j/common/derivedKey/P_SHA1.java#L57



With the following Java code:



Mac mac = Mac.getInstance("HmacSHA1");
SecretKeySpec key = new SecretKeySpec(getSharedKey(), "HmacSHA1");
mac.init(key);

String bytesToSign = "<XML_TO_SIGN_GOES_HERE>";

String signature = Base64.encodeBytes(mac.doFinal(bytesToSign.getBytes()));


I need to do this in a Node project though, I've looked at the Crypto API and numerous plugins but I'm unable to generate the same signature.



How do I specify a seed for a HmacSHA1 using node?






javascript node.js cryptography hmacsha1




javascript node.js cryptography hmacsha1






share|improve this question













share|improve this question











share|improve this question




share|improve this question










asked Mar 6 at 23:11









Anton RandAnton Rand

157117




157117












  • Could you provide a simple XML example, with the expected result?

    – Pierre
    Mar 7 at 4:07

















  • Could you provide a simple XML example, with the expected result?

    – Pierre
    Mar 7 at 4:07
















Could you provide a simple XML example, with the expected result?

– Pierre
Mar 7 at 4:07





Could you provide a simple XML example, with the expected result?

– Pierre
Mar 7 at 4:07












1 Answer
1






active

oldest

votes


















0














I managed to get there in the end, there's an NPM module called psha1 (https://www.npmjs.com/package/psha1).



Using that library I created the following a generateSignature module which looks as follows:



const crypto = require('crypto');
const psha1 = require('psha1');

export const generateSignatureValue = (
 clientSecret,
 serverSecret,
 messageToSign,
) => 

 const secretKey =
 psha1(clientSecret, serverSecret, 256);

 const hash =
 crypto
 .createHmac('sha1', Buffer.from(secretKey, 'base64'))
 .update(messageToSign)
 .digest('binary');

 return Buffer
 .from(hash, 'binary')
 .toString('base64');
;

export default generateSignatureValue;


This gives me the desired output :)






share|improve this answer






















    Your Answer






    StackExchange.ifUsing("editor", function ()
    StackExchange.using("externalEditor", function ()
    StackExchange.using("snippets", function ()
    StackExchange.snippets.init();
    );
    );
    , "code-snippets");

    StackExchange.ready(function()
    var channelOptions =
    tags: "".split(" "),
    id: "1"
    ;
    initTagRenderer("".split(" "), "".split(" "), channelOptions);

    StackExchange.using("externalEditor", function()
    // Have to fire editor after snippets, if snippets enabled
    if (StackExchange.settings.snippets.snippetsEnabled)
    StackExchange.using("snippets", function()
    createEditor();
    );

    else
    createEditor();

    );

    function createEditor()
    StackExchange.prepareEditor(
    heartbeatType: 'answer',
    autoActivateHeartbeat: false,
    convertImagesToLinks: true,
    noModals: true,
    showLowRepImageUploadWarning: true,
    reputationToPostImages: 10,
    bindNavPrevention: true,
    postfix: "",
    imageUploader:
    brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
    contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
    allowUrls: true
    ,
    onDemand: true,
    discardSelector: ".discard-answer"
    ,immediatelyShowMarkdownHelp:true
    );



    );













    draft saved

    draft discarded


















    StackExchange.ready(
    function ()
    StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f55033643%2fnode-hmacsha1-seed%23new-answer', 'question_page');

    );

    Post as a guest















    Required, but never shown

























    1 Answer
    1






    active

    oldest

    votes








    1 Answer
    1






    active

    oldest

    votes









    active

    oldest

    votes






    active

    oldest

    votes









    0














    I managed to get there in the end, there's an NPM module called psha1 (https://www.npmjs.com/package/psha1).



    Using that library I created the following a generateSignature module which looks as follows:



    const crypto = require('crypto');
    const psha1 = require('psha1');

    export const generateSignatureValue = (
     clientSecret,
     serverSecret,
     messageToSign,
    ) => 

     const secretKey =
     psha1(clientSecret, serverSecret, 256);

     const hash =
     crypto
     .createHmac('sha1', Buffer.from(secretKey, 'base64'))
     .update(messageToSign)
     .digest('binary');

     return Buffer
     .from(hash, 'binary')
     .toString('base64');
    ;

    export default generateSignatureValue;


    This gives me the desired output :)






    share|improve this answer



























      0














      I managed to get there in the end, there's an NPM module called psha1 (https://www.npmjs.com/package/psha1).



      Using that library I created the following a generateSignature module which looks as follows:



      const crypto = require('crypto');
      const psha1 = require('psha1');

      export const generateSignatureValue = (
       clientSecret,
       serverSecret,
       messageToSign,
      ) => 

       const secretKey =
       psha1(clientSecret, serverSecret, 256);

       const hash =
       crypto
       .createHmac('sha1', Buffer.from(secretKey, 'base64'))
       .update(messageToSign)
       .digest('binary');

       return Buffer
       .from(hash, 'binary')
       .toString('base64');
      ;

      export default generateSignatureValue;


      This gives me the desired output :)






      share|improve this answer

























        0












        0








        0







        I managed to get there in the end, there's an NPM module called psha1 (https://www.npmjs.com/package/psha1).



        Using that library I created the following a generateSignature module which looks as follows:



        const crypto = require('crypto');
        const psha1 = require('psha1');

        export const generateSignatureValue = (
         clientSecret,
         serverSecret,
         messageToSign,
        ) => 

         const secretKey =
         psha1(clientSecret, serverSecret, 256);

         const hash =
         crypto
         .createHmac('sha1', Buffer.from(secretKey, 'base64'))
         .update(messageToSign)
         .digest('binary');

         return Buffer
         .from(hash, 'binary')
         .toString('base64');
        ;

        export default generateSignatureValue;


        This gives me the desired output :)






        share|improve this answer













        I managed to get there in the end, there's an NPM module called psha1 (https://www.npmjs.com/package/psha1).



        Using that library I created the following a generateSignature module which looks as follows:



        const crypto = require('crypto');
        const psha1 = require('psha1');

        export const generateSignatureValue = (
         clientSecret,
         serverSecret,
         messageToSign,
        ) => 

         const secretKey =
         psha1(clientSecret, serverSecret, 256);

         const hash =
         crypto
         .createHmac('sha1', Buffer.from(secretKey, 'base64'))
         .update(messageToSign)
         .digest('binary');

         return Buffer
         .from(hash, 'binary')
         .toString('base64');
        ;

        export default generateSignatureValue;


        This gives me the desired output :)







        share|improve this answer












        share|improve this answer



        share|improve this answer










        answered 2 days ago









        Anton RandAnton Rand

        157117




        157117





























            draft saved

            draft discarded
















































            Thanks for contributing an answer to Stack Overflow!


            • Please be sure to answer the question. Provide details and share your research!

            But avoid


            • Asking for help, clarification, or responding to other answers.

            • Making statements based on opinion; back them up with references or personal experience.

            To learn more, see our tips on writing great answers.




            draft saved


            draft discarded














            StackExchange.ready(
            function ()
            StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f55033643%2fnode-hmacsha1-seed%23new-answer', 'question_page');

            );

            Post as a guest















            Required, but never shown





















































            Required, but never shown














            Required, but never shown












            Required, but never shown







            Required, but never shown

































            Required, but never shown














            Required, but never shown












            Required, but never shown







            Required, but never shown







            -

            Popular posts from this blog

            Identity Server 4 is not redirecting to Angular app after login2019 Community Moderator ElectionIdentity Server 4 and dockerIdentityserver implicit flow unauthorized_clientIdentityServer Hybrid Flow - Access Token is null after user successful loginIdentity Server to MVC client : Page Redirect After loginLogin with Steam OpenId(oidc-client-js)Identity Server 4+.NET Core 2.0 + IdentityIdentityServer4 post-login redirect not working in Edge browserCall to IdentityServer4 generates System.NullReferenceException: Object reference not set to an instance of an objectIdentityServer4 without HTTPS not workingHow to get Authorization code from identity server without login form

            Image
            How to make healing in an exploration game interesting What's the meaning of “spike” in the context of “adrenaline spike”? Welcoming 2019 Pi day: How to draw the letter π? Do I need life insurance if I can cover my own funeral costs? What do Xenomorphs eat in the Alien series? Python if-else code style for reduced code for rounding floats My adviser wants to be the first author Do I need to get involved in office politics to get ahead? Why one should not leave fingerprints on bulbs and plugs? How to change two letters closest to a string and one letter immediately after a string using notepad++ Why doesn't the EU now just force the UK to choose between referendum and no-deal? How to deal with taxi scam when on vacation? Recruiter wants very extensive technical details about all of my previous work What is the least resource intensive way to generate the luatex font cache for a new font? How Could an Airship Be Repaired Mid-Flight ...
            Read more

            Can't initialize raids on a new ASUS Prime B360M-A motherboard2019 Community Moderator ElectionSimilar to RAID config yet more like mirroring solution?Can't get motherboard serial numberWhy does the BIOS entry point start with a WBINVD instruction?UEFI performance Asus Maximus V Extreme

            Image
            "One can do his homework in the library" Why does Deadpool say "You're welcome, Canada," after shooting Ryan Reynolds in the end credits? Potential difference and current flow It's a yearly task, alright Co-worker team leader wants to inject the crap software product of his friends into our development. What should I say to our common boss? Touchscreen-controlled dentist office snowman collector game What to do when during a meeting client people start to fight (even physically) with each others? What options are left, if Britain cannot decide? How could our ancestors have domesticated a solitary predator? Professor being mistaken for a grad student When two POV characters meet Replacing Windows 7 security updates with anti-virus? What has been your most complicated TikZ drawing? Can the word "advantage" be used as an adjective? How could a female member of a species produce eggs unto death? Can the druid cantrip Thorn...
            Read more

            2005 Ahvaz unrest Contents Background Causes Casualties Aftermath See also References Navigation menue"At Least 10 Are Killed by Bombs in Iran""Iran"Archived"Arab-Iranians in Iran to make April 15 'Day of Fury'"State of Mind, State of Order: Reactions to Ethnic Unrest in the Islamic Republic of Iran.10.1111/j.1754-9469.2008.00028.x"Iran hangs Arab separatists"Iran Overview from ArchivedConstitution of the Islamic Republic of Iran"Tehran puzzled by forged 'riots' letter""Iran and its minorities: Down in the second class""Iran: Handling Of Ahvaz Unrest Could End With Televised Confessions""Bombings Rock Iran Ahead of Election""Five die in Iran ethnic clashes""Iran: Need for restraint as anniversary of unrest in Khuzestan approaches"Archived"Iranian Sunni protesters killed in clashes with security forces"Archived

            Image
            Sheikh Khazal (1924)Unrest (1925)Unrest (1928)Unrest (1940)1943 revolt1945 revoltInsurgency (1956-70)Insurgency (1979)Embassy siege (1980)Unrest (2005)2005–06 Ahvaz bombingsDay of Rage (2011)Uprising of Dignity (2018) Arab rebellionsProtests in Iran2005 riotsPolitical riots2005 in IranAhvazKhuzestan conflictHuman rights in IranAhwazi Arabs Iranian ArabsAhvazKhuzestanbombingsPersian GulfKhuzestanShadeganHoveyzehSusangerdMahshahrKhorramshahrAbadanAhvazConstitution of IranPersianofficial languageconstitution of the Islamic RepublicconstitutionIranian ArabsAmnesty InternationalConstitution of the Islamic Republic of IranMohammad-Ali AbtahiMohammad KhatamiAmnesty InternationalAli ShamkhaniAhvazIranian ArabsprotestAhvazNobel Peace PrizeShirin Ebadi 2005 Ahvaz unrest Part of Arab separatism in Khuzestan Iranian Khuzestan province Date 15–18 April 2005 Methods demonstrations, riots Status Unrest quelled Parties to the civil conflict Iranian Arabs Iranian Government Lead figures ...
            Read more