// Create signature using method, path, host access key and query function generateHmacSignature(method, path, host, keys, params) { const paramsCopy = clone(params); const signatureData = `${method.toUpperCase()};${host.toLowerCase()};${path};${buildSortedQuery( paramsCopy )}`; //console.log(`Signature data: ${signatureData}`); const hmac = crypto.createHmac('sha256', keys.secretKey.toUpperCase()); hmac.update(signatureData); return hmac.digest('base64'); }
/** * @param {string} secret The secret to use for calculating further HMACs * @returns {function(string)} A function that calculates the HMAC for a given string */ const createHmac = secret => string => { const hmac = crypto.createHmac('sha256', secret); hmac.update(string); return hmac.digest('hex'); }
const generateSignature = (_url, httpMethod, timestamp, nonce) => { const key = `${encodeURIComponent(canopyConfig.consumerSecret)}&${encodeURIComponent(canopyConfig.tokenSecret)}`; const requestParams = buildSignatureQueryParams(_url, timestamp, nonce); const url = new URL(_url); const normalizedUrl = `${url.protocol}//${url.hostname}${getPort(url.protocol, url.port)}${url.pathname}`; const signature = `${httpMethod.toUpperCase()}&${encodeURIComponent(normalizedUrl)}&${encodeURIComponent(requestParams)}`; const keyBuffer = Buffer.from(key, 'utf8'); const hmac = crypto.createHmac('sha1', keyBuffer); hmac.update(signature); return hmac.digest('base64'); }
function validateSignedRequest (app_secret, hash) { let signed_request = hash.split('.'); let signature = Buffer.from(signed_request[0].replace('-','+').replace('_', '/'), 'base64').toString('hex'); let payload = Buffer.from(signed_request[1], 'base64').toString('ascii'); let expected_signature = crypto.createHmac('sha256', app_secret) .update(signed_request[1]) .digest('hex'); // Confirm the signature if (signature !== expected_signature) { console.error('Cannot validate signed request: invalid request signature'); return null; } return JSON.parse(payload); }
auth(netstoragePath, actionHeaders) { var acs_auth_data = '' var acs_auth_sign = '' try { acs_auth_data = `5, 0.0.0.0, 0.0.0.0, ${Math.floor(Date.now() / 1000)}, ${Math.floor((Math.random() * 100000))}, ${this.opts.keyName}` const sign_string = `${netstoragePath}\nx-akamai-acs-action:${actionHeaders}\n` const message = acs_auth_data + sign_string acs_auth_sign = crypto.createHmac('sha256', this.opts.key) .update(message) .digest('base64') } catch (err) { throw new Error(`[Auth Error] ${err}`) } return { acs_auth_data: acs_auth_data, acs_auth_sign: acs_auth_sign } }
/** * sign * * @description * Create a MAC * * @param {CryptoKey} key * @param {BufferSource} data * * @return {string} */ sign (key, data) { let alg = key.algorithm.hash.name.replace('-', '').toLowerCase() let hmac = crypto.createHmac(alg, key.handle) hmac.update(Buffer.from(data)) return new Uint8Array(hmac.digest()).buffer }
function calculateSignature(req, options = {}) { const ts = req.headers['x-slack-request-timestamp']; const given = req.headers['x-slack-signature']; const hmac = crypto.createHmac('sha256', options.signing_secret); const data = `${options.signing_version}:${ts}:${req.body}`; const computed = `${options.signing_version}=${hmac.update(data).digest('hex')}`; const delta = Math.abs(new Date() / 1000 - ts); const res = { given: given, computed: computed, delta: delta, }; logger.debug(`SIGNING DATA ${data}`); logger.debug(`SIGNATURES ${JSON.stringify(res)}`); return res; }
_getSignature(query, variables) { const { accessKey, accessSecret } = this.config; if (!accessKey || !accessSecret) { return ''; } const timestamp = Math.floor(Date.now() / 1000); const hmac = crypto.createHmac('sha256', accessSecret); // Force param order to achieve consistent signature const params = { accessKey, query: { query, variables }, timestamp }; const sortedParams = sortObjectKeys(params); sortedParams.query = JSON.stringify(sortedParams.query); hmac.update(qs.stringify(sortedParams)); const digest = hmac.digest('base64'); return `AB1-HMAC-SHA256 access_key=${accessKey},timestamp=${timestamp},signature=${digest}`; }
function sign(str, key) { return crypto.createHmac('sha256', key).update(str).digest('base64'); }
let hmac = crypto.createHmac('sha256', 'fake'); let data = `v0:${ts}:payload=%7B%22type%22%3A%22block_actions%22%7D`; let sig = `v0=${hmac.update(data).digest('hex')}`; let exp = { slack: {
return crypto.createHash('md5').update(utf8.encode(username)).update(utf8.encode(password)).digest('hex') var hash = crypto.createHash('md5').update(utf8.encode(seed) + utf8.encode(volatile_seed)).digest('hex') return 'android-' + hash.substring(0, 16) else parsedData = data var hash = crypto.createHmac('sha256', utf8.encode(self.IG_SIG_KEY)).update(utf8.encode(data)).digest('hex') return 'ig_sig_key_version=' + self.SIG_KEY_VERSION + '&signed_body=' + hash + '.' + parsedData
_getSignature(query, variables) { const { accessKey, accessSecret } = this.config; if (!accessKey || !accessSecret) { return ''; } const timestamp = Math.floor(Date.now() / 1000); const hmac = crypto.createHmac('sha256', accessSecret); // Force param order to achieve consistent signature const params = { accessKey, query: { query, variables }, timestamp }; const sortedParams = sortObjectKeys(params); sortedParams.query = JSON.stringify(sortedParams.query); hmac.update(qs.stringify(sortedParams)); const digest = hmac.digest('base64'); return `AB1-HMAC-SHA256 access_key=${accessKey},timestamp=${timestamp},signature=${digest}`; }