This repository was archived by the owner on Jan 22, 2025. It is now read-only.
This repository was archived by the owner on Jan 22, 2025. It is now read-only.
HMAC.finalize( word_array ) doesn't appear to update properly? #62
Description
const triplesec = require('triplesec');
const HMAC = triplesec.HMAC;
...snip...
getSecretKey() {
let secret_key = new triplesec.WordArray( this.secret );
let plaintext = new triplesec.WordArray(
this.id + "|" + this.name
);
console.log( 'secret_key: ', secret_key );
console.log( 'plaintext: ', plaintext );
let hm = new HMAC( secret_key );
console.log( 'hm: ', hm );
let out = hm.finalize( plaintext );
console.log( 'out: ', out );
return out.to_hex().substring( 0, 10 );
}
let x = new module.exports( "one", "two", "three" );
console.log( x );
console.log( x.getSecretKey() );
console.log( '-----------------------------------------' );
let y = new module.exports( "four", "five", "six" );
console.log( y );
console.log( y.getSecretKey() );
Maybe this is a real dumb issue, but I'm finding it impossible to get the above code to work (simple HMAC signing).
{ id: 'one', name: 'two', secret: 'three' }
secret_key: WordArray { words: 'three', sigBytes: 20 }
plaintext: WordArray { words: 'one|two', sigBytes: 28 }
hm: HMAC {
key: WordArray { words: 'three', sigBytes: 20 },
hasher:
SHA512 {
_data: WordArray { words: [], sigBytes: 0 },
_nDataBytes: 128,
_hash: X64WordArray { sigBytes: 64, words: [Array] } },
hasherBlockSize: 32,
hasherBlockSizeBytes: 128,
_oKey: WordArray { words: 'three', sigBytes: 128 },
_iKey: WordArray { words: 'three', sigBytes: 128 } }
out: WordArray {
words:
[ 1547129211,
439626697,
306711733,
2734092130,
-1219207254,
357078697,
-1089194041,
580722509,
-157960372,
4031738300,
1144976117,
79357941,
1308807098,
4134728090,
446849896,
-2016523090 ],
sigBytes: 64 }
5c37517b1a
-----------------------------------------
{ id: 'four', name: 'five', secret: 'six' }
secret_key: WordArray { words: 'six', sigBytes: 12 }
plaintext: WordArray { words: 'four|five', sigBytes: 36 }
hm: HMAC {
key: WordArray { words: 'six', sigBytes: 12 },
hasher:
SHA512 {
_data: WordArray { words: [], sigBytes: 0 },
_nDataBytes: 128,
_hash: X64WordArray { sigBytes: 64, words: [Array] } },
hasherBlockSize: 32,
hasherBlockSizeBytes: 128,
_oKey: WordArray { words: 'six', sigBytes: 128 },
_iKey: WordArray { words: 'six', sigBytes: 128 } }
out: WordArray {
words:
[ 1547129211,
439626697,
306711733,
2734092130,
-1219207254,
357078697,
-1089194041,
580722509,
-157960372,
4031738300,
1144976117,
79357941,
1308807098,
4134728090,
446849896,
-2016523090 ],
sigBytes: 64 }
5c37517b1a
I've been through the project README's, the CODA docs, the hmac.iced code, etc. and am able to get EXACTLY the same thing working via node's built-in crypto (which unfortunately doesn't work in the browser). I'm smart enough about crypto that I know I should be using HMAC for digest validation (not MD5/SHA) but what is going on here? Why isn't "triplesec" working the way I think it should? I've already got it working it working with triplesec.encrypt, triplesec.decrypt, new triplesec.Buffer( key / ciphertext ), etc. but I am going mad trying to figure out how I'm incorrectly calling this HMAC function!!?
$ yarn list | grep triple
warning package.json: No license field
warning No license field
├─ triplesec@3.0.26
const crypto = require('crypto');
// server side only!!! :_(
getSecretKeyNodeServer() {
const hmac = crypto.createHmac( 'sha256', this.secret );
hmac.update( this.id + "|" + this.name );
let out = hmac.digest('hex').substring(0,10);
return out;
}
let z = new module.exports( "one", "two", "three" );
console.log( z );
console.log( z.getSecretKeyNodeServer() );
console.log( '-----------------------------------------' );
let a = new module.exports( "four", "five", "six" );
console.log( a );
console.log( a.getSecretKeyNodeServer() );
...and the "somewhat proper" output I'm expecting for use of crypto / HMAC / signing.
{ id: 'one', name: 'two', secret: 'three' }
8aaa5db897
-----------------------------------------
{ id: 'four', name: 'five', secret: 'six' }
7a395acafe
```