I'm trying to take the process of converting a secret hmac string to allow me to test my api in postman. Postman comes pre-installed with cryptojs. This is the process I've got on my test server using crypto:
const crypto = require('crypto');
const generateHmac = (privateKey, ts) => {
const hmac = crypto.createHmac('sha256', privateKey);
hmac.update(ts);
const signature = hmac.digest('hex');
return signature;
}
This does not match the string generated with cryptojs within postman:
const createHmacString = (privateKey, ts) => {
const hmac = CryptoJS.HmacSHA256(ts, privateKey).toString(CryptoJS.enc.Hex)
return hmac;
}
Not sure what I'm doing wrong here. Thanks in advance!
Okay finally figured it out - crypto-js does not provide actual bytes so encoding everything is necessary:
const createHmacString = (privateKey, ts) => {
const key = CryptoJS.enc.Utf8.parse(privateKey)
const timestamp = CryptoJS.enc.Utf8.parse(ts)
const hmac = CryptoJS.enc.Hex.stringify(CryptoJS.HmacSHA256(timestamp, key))
// const hmac = CryptoJS.HmacSHA256(ts, privateKey).toString(CryptoJS.enc.Hex)
return hmac;
}
let ts = new Date().getTime();
const signature = createHmacString("your-private-key", ts);