I am trying to convert a javascript program into python but I am getting different results, after creating the hash they are the same but after encoding the results they are way off the python one as it is much longer then the javascript version.
Javascript result: ‘DqnyGCG5qW5DPceKe1p7fFyFxqdXrqZhQiN2Ukp-2h0’
Python result: ‘NGQ4MWNiYWY3NzgyZmIyZjE3YWEzNWQyNGE1Mjg4M2M2ZmI1MmQxNGE4MDFmNDMxM2FkZWRlOTE1NjVhZGU0YQ’
Javascript
var hash = CryptoJS.HmacSHA256(token.join("."), secret);
// Same hash on both
var base64Hash = CryptoJS.enc.Base64.stringify(hash);
document.write(urlConvertBase64(base64Hash));
// Results are different now
function urlConvertBase64(input) {
var output = input.replace(/=+$/, '');
output = output.replace(/+/g, '-');
output = output.replace(///g, '_');
return output;
}
Python
signatureHash = hmac.new(secret.encode(), tokenHB, hashlib.sha256).hexdigest()
// Same hash on both
signature = base64.urlsafe_b64encode(signatureHash.encode())
signature = signature.rstrip('='.encode())
// Results are different now
print(signature)
Advertisement
Answer
You encoded two different things between the Node.js and Python. In Node.js you directly used the raw (bytes value of the) hash, while in Python you used the hex encoded value of the same hash. Depending on which output you desire, you will need to either stringify the hex output in Node.js, or base64 encode the raw hash in Python.
The Node.js code that will replicate both versions of the output (your urlConvertBase64 implementation omitted from example, but is used):
const CryptoJS = require('crypto-js');
var token = 'the token';
var data_to_hash = 'thesecretx00x00x02';
var hashed = CryptoJS.HmacSHA256(data_to_hash, token);
var hexdigest = hashed.toString(CryptoJS.enc.Hex);
var raw_base64 = urlConvertBase64(CryptoJS.enc.Base64.stringify(hashed));
var hex_base64 = urlConvertBase64(Buffer.from(hexdigest).toString('base64'));
console.log(`raw + base64: ${raw_base64}`);
console.log(`hex + base64: ${hex_base64}`);
The Python code that will replicate the above:
import hashlib
import hmac
from base64 import urlsafe_b64encode
token = b'the token'
data_to_hash = b'thesecretx00x00x02'
hashed = hmac.new(token, data_to_hash, hashlib.sha256)
hexdigest = hashed.hexdigest().encode()
raw_base64 = urlsafe_b64encode(hashed.digest()).decode().rstrip('=')
hex_base64 = urlsafe_b64encode(hexdigest).decode().rstrip('=')
print(f'raw + base64: {raw_base64}')
print(f'hex + base64: {hex_base64}')
Both versions produce the following output:
raw + base64: R1oLspOvlQ6X_rzaudD8dk8Kqo-nu9pgij-f_-4tnxo hex + base64: NDc1YTBiYjI5M2FmOTUwZTk3ZmViY2RhYjlkMGZjNzY0ZjBhYWE4ZmE3YmJkYTYwOGEzZjlmZmZlZTJkOWYxYQ