Using Nodejs, I'm attempting to generate a HMAC SHA256, base64-encoded signature of an XML message. I currently have the signature generation working using PHP.
The process seems fairly straightforward, and I'm able to generate base64-encoded value with Nodejs but, for some reason, the value does not match and is much shorter than what I get using PHP.
Below, I've included an example PHP script and result as well as the Nodejs implementation and result. With Nodejs, I'm using the native crypto module.
// PHP implementation
$xml = <<<EOD
<?xml version='1.0' encoding='UTF-8'?>
<dataset>
<record>
<id>1</id>
<first_name>Carlos</first_name>
<last_name>Ruiz</last_name>
<email>[email protected]</email>
<gender>Male</gender>
<ip_address>156.225.191.154</ip_address>
</record>
</dataset>
EOD;
$secret = 'secret';
$sig = base64_encode(hash_hmac('sha256', $xml, $secret));
echo $sig;
Result:
ODhkYTc1YmQzNzc0NWUyNDJlNjY3YTY1NzZhYzFhZGYwOTJlMTIxODdjNzYxOWYyNGQxNGExOGVkYTIyZDQ0ZQ==
// Nodejs implementation
var crypto = require('crypto');
fs.readFile('example.xml', 'utf-8', function(err, data) {
function sig(str, key) {
return crypto.createHmac('sha256', key)
.update(str)
.digest('base64');
}
console.log(sig(data, 'secret'));
});
Result:
iNp1vTd0XiQuZnpldqwa3wkuEhh8dhnyTRShjtoi1E4=
I've spent the day trying to figure this out and after a year+ of using Stack Overflow, this is my first question.
Any assistance would be greatly appreciated!
example.xml
? That said, a sha256 print is 256 bits, or 32 bytes, which base64 conversion makes about 4/3rd larger, so we should expect the base64 HMAC print to be around 42 character long. As such, the result from Node.js certainly looks the right length (43 characters with a padding=
to align to 4 bytes), whereas the PHP string absolutely does not. It's waaaaay too long. – Mike 'Pomax' Kamermans