5

Recently, I have a task to make HMAC to communicate API server. I got a sample code of node.js version which makes HMAC of message. Using concept and sample, I've got to make a python code which is equivalent with node.js version but result is different, but I have no idea why.

Please review both code and help finding the difference.

Python 3.0

import hmac
import string
import hashlib
import base64

secret = 'PYPd1Hv4J6'
message = '1515928475.417'
key = base64.b64encode(secret.encode('utf-8'))

hmac_result = hmac.new(key, message.encode('utf-8'), hashlib.sha512)
print(base64.b64encode(hmac_result.digest()))

Result (Python 3.6)

b'7ohDRJGMGYjfHojnrvNpM3YM9jb+GLJjbQvblzrE17h2yoKfIRGEBSjfOqQFO4iKD7owk+gSciFxFkNB+yPP4g=='

Node.JS

var crypto = require('crypto');

var secret = 'PYPd1Hv4J6';
var message = '1515928475.417'
var key = Buffer(secret, 'base64');

var hmac = crypto.createHmac('sha512', key);
var hmac_result = hmac.update(message).digest('base64');
console.log(hmac_result)

Result (Node.JS 6.11)

m6Z/FxI492VXKDc16tO5XDNvty0Tmv0b1uksSbiwh87+4rmg43hEXM0WmWzkTP3aXB1s5rhm05Hu3g70GTrdEQ==
Improve this question
0

3 Answers 3

Reset to default
5

I was able to get them to match by stripping out the base64ing of everything:

Python:

import hmac
import string
import hashlib
import base64

secret = 'PYPd1Hv4J6'
message = '1515928475.417'
key = secret.encode('utf-8')

hmac_result = hmac.new(key, message.encode('utf-8'), hashlib.sha512)
print(base64.b64encode(hmac_result.digest()))

Output:

b'jezLNuBz37FoACm4LdLSqOQ5C93cuGID9a8MQmOZntXklDV3SvWdNfqndzK0a54awKeHY+behFiv4FYyILRoGQ=='

Javascript:

var crypto = require('crypto');

var secret = 'PYPd1Hv4J6';
var message = '1515928475.417'

var hmac = crypto.createHmac('sha512', secret);
var hmac_result = hmac.update(message).digest('base64');
console.log(hmac_result)

Output:

jezLNuBz37FoACm4LdLSqOQ5C93cuGID9a8MQmOZntXklDV3SvWdNfqndzK0a54awKeHY+behFiv4FYyILRoGQ==
Improve this answer
Sign up to request clarification or add additional context in comments.

2 Comments

Sample Node.JS code has var key = Buffer(secret, 'base64'); which looks like important. Can Python follow that convention ?
Buffer(secret, 'base64') meant decode secret as 'base64'. I misunderstood the code and spent some time. Now I can fix it.
4

Your input keys are different, so the outputs will be different.

Node:

var secret = 'PYPd1Hv4J6';
var message = '1515928475.417'
var key = Buffer(secret, 'base64'); // buffer of bytes from the base64-encoded string 'PYPd1Hv4J6'
                                    //  <Buffer 3d 83 dd d4 7b f8 27>

Python:

secret = 'PYPd1Hv4J6'
message = '1515928475.417'
key = base64.b64encode(secret.encode('utf-8')) # did you mean b64decode here?
Improve this answer

8 Comments

I tried to make base64 encoded secret so I used base64.b64encode. And b64decode has an error as binascii.Error: Incorrect padding
base64 strings must be a multiple of 3 characters long, so changing secret to 'PYPd1Hv4J6==' should work with b64decode. Node's Buffer doesn't seem to care that it received incorrect padding :)
secret = 'PYPd1Hv4J6==' key = base64.b64decode(secret.encode('utf-8')) works, thanks. I can step ahead.
Node's malfunction of padding calculation was amazed to me that python could check. It is a kind of bug?
RFC 4648 says " Implementations MUST include appropriate pad characters at the end of encoded data unless the specification referring to this document explicitly states otherwise." So it depends on how Node documented its behavior.
|
0

Equivalent/Expected python code's is below.

import hmac
import string
import hashlib
import base64

secret = 'PYPd1Hv4J6=='
message = '1515928475.417'
key = base64.b64decode (secret.encode('utf-8'))

hmac_result = hmac.new(key, message.encode('utf-8'), hashlib.sha512)
print(base64.b64encode(hmac_result.digest()))

Padding '=' to targeted and decoding part was important. Thank you.

Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.