Does Crypto node performs an UTF8 encoding internally (?)

Anexon · February 21, 2023, 2:12pm

I’m not getting the expected signature from the Crypto node

One third party API provider is requesting us to generate a signature to send it along with the http request for security reasons.
They gave us a working example in Postman. In the example they do a Hmac SHA256 encoded in base64. For that they use CryptoJS.
However, I noticed they also add a UTF8 encoding during the action. The code is like this:

import CryptoJS from 'crypto-js';

const _method = "GET";
const _host = "mycustom.domain.com";
const _resourceUri = "/api/resource/11058723";
const _requestBody = "";
const _apiVersion = "1.5";
const _timeStamp = "2023-02-21T13:54:10Z";

let stringToSign = _method +
    "\n" +
    _host +
    "\n" +
    _resourceUri +
    "\n" +
    _requestBody +
    "\n" +
    _apiVersion +
    "\n" +
    _timeStamp +
    "\n";

const _secretKey = "this_is_a_secret_key"
const sig = CryptoJS.HmacSHA256(stringToSign, _secretKey);
const sigBase64 = CryptoJS.enc.Base64.stringify(CryptoJS.enc.Utf8.parse(sig));

console.log(sigBase64);
// output: YmVhZWZlMTQ3MzQxODRjYWViY2I1MWVhMDUxMDk3OTlkODgyZTEyNjQ0OGFiNTM3NTgwM2ExOTg0OGEwZDRjOQ==

However, I couldn’t get the same result using the Crypto node. I tried to replicate the same settings but the result it is not the same. This is the configuration of ours:

The output is:

vq7+FHNBhMrry1HqBRCXmdiC4SZEirU3WAOhmEig1Mk=

Do you know why I’m not getting the same result? Is there any other option I could be missing?

MutedJam · February 21, 2023, 5:14pm

Hi @Anexon, I am not sure what exactly this 3rd party npm module does, so I won’t be able to compare it with the n8n Crypto node unfortunately.

Do you have any documentation for the API your arecalling? Perhaps you can use the default Node.js crypto module instead of the crypto-js? In the Code node you could simply require it using const crypto = require('crypto'); (this works out of the box on cloud, on self-hosted n8n instances you might need to allow it first as described here for example).

Anexon · February 23, 2023, 12:23pm

Hi @MutedJam,
Thank you for your replay, I was able to generate the signature using the crypto librery (nodejs).

It seems that I needed to encode the Buffer to HEX before encoding it to Base64

Here is the working example that I got in a node block now:

var crypto = require("crypto");

const _method = "GET";
const _host = "mycustom.domain.com";
const _resourceUri = "/api/resource/11058723";
const _requestBody = "";
const _apiVersion = "1.5";
const _timeStamp = "2023-02-21T13:54:10Z";

const stringToSign = _method +
    "\n" +
    _host +
    "\n" +
    _resourceUri +
    "\n" +
    _requestBody +
    "\n" +
    _apiVersion +
    "\n" +
    _timeStamp +
    "\n";

const _secretKey = "this_is_a_secret_key";

const hmac = crypto.createHmac('sha256', _secretKey);
const sig = hmac.update(stringToSign);
const sigHex = sig.digest('hex');
const sigBase64 = Buffer.from(sigHex).toString('base64');

$input.item.json.stringToSign = stringToSign;
$input.item.json.timeStamp = _timeStamp;
$input.item.json.signature = sigBase64;


return $input.item;

MutedJam · February 23, 2023, 12:48pm

Amazing, so glad to hear this works for you and thank you so much for sharing your solution!

system · March 2, 2023, 12:48pm

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.