function getAppSecretPath(authData, options = {}) { const appSecret = options.appSecret; if (!appSecret) { return ''; } const appsecret_proof = crypto .createHmac('sha256', appSecret) .update(authData.access_token) .digest('hex'); return `&appsecret_proof=${appsecret_proof}`; }
/** * @private */ HMAC(key, data) { return crypto .createHmac(this.digestDefinition.type, key) .update(data) .digest() }
api.post('/hook', function (req, res) { var signature = req.get('X-PDF-Signature', 'sha1=') var bodyCrypted = require('crypto') .createHmac('sha1', '12345') .update(JSON.stringify(req.body)) .digest('hex') if (bodyCrypted !== signature) { res.status(401).send() return } console.log('PDF webhook received', JSON.stringify(req.body)) res.status(204).send() })
// GitHub things // @TODO: get these in to their own files at some point const verifyGitHubSignature = (req = {}, secret = '') => { const sig = _.get(req.headers, 'x-hub-signature', null); const hmac = crypto.createHmac('sha1', secret); const digest = Buffer.from('sha1=' + hmac.update(JSON.stringify(req.body)).digest('hex'), 'utf8'); const checksum = Buffer.from(sig, 'utf8'); if (checksum.length !== digest.length || !crypto.timingSafeEqual(digest, checksum)) { return false; } else { return true; } }
const hmacSHA1 = (key: string, data: string) => { // hmac.digest([encoding]) // If encoding is provided a string is returned; otherwise a Buffer is returned; return crypto.createHmac('sha1', key).update(data).digest().toString('base64'); }
function generateSignature (payload, key) { return crypto.createHmac('sha1', key).update(payload).digest('hex') }
let rawBody = req.rawBody; let hash = crypto.createHmac('sha256', LINE_CHANNEL_SECRET).update( rawBody).digest('base64');
const hmac = crypto.createHmac('sha256', secret); hmac.update(body); return hmac.digest('hex'); };
getSignature(method, time, endpoint, params) { method = method.toUpperCase(); const paramStr = method === 'GET' ? Utils.getQueryString(params) : JSON.stringify(params); const sign = method === 'GET' ? '?' : ''; const totalStr = [`${time}${method}/api/${endpoint}`, paramStr].filter(d => d).join(sign);// paramStr return crypto.createHmac('sha256', this.apiSecret).update(totalStr).digest('base64');// .toString('base64'); }
const facebookComputeSignature = (rawBody, appSecret) => { const properAppSecret = appSecret || getAppSecret() const hmac = createHmac('sha1', properAppSecret) hmac.update(rawBody, 'utf-8') const digest = hmac.digest('hex') return `sha1=${digest}` }
getSignature(path, queryStr, nonce) { const message = {}; return crypto .createHmac('sha512', this.apiSecret) .update(message) .digest('hex'); }
function getAppSecretPath(authData, options = {}) { const appSecret = options.appSecret; if (!appSecret) { return ''; } const appsecret_proof = crypto.createHmac('sha256', appSecret).update(authData.access_token).digest('hex'); return `&appsecret_proof=${appsecret_proof}`; }
// GitHub things // @TODO: get these in to their own files at some point const verifyGitHubSignature = (req = {}, secret = '') => { const sig = _.get(req.headers, 'x-hub-signature', null); const hmac = crypto.createHmac('sha1', secret); const digest = Buffer.from('sha1=' + hmac.update(JSON.stringify(req.body)).digest('hex'), 'utf8'); const checksum = Buffer.from(sig, 'utf8'); if (checksum.length !== digest.length || !crypto.timingSafeEqual(digest, checksum)) { return false; } else { return true; } }