stackoom
  简体   繁体   中英

Is there any equivalent JavaScript function for PHP`s hash_hmac()?

 原文  2021-05-10 17:09:44       javascript/ php/ amazon-web-services

Question

We are developing an online course website.
Courses have audio and text (no video).
Audio files are stored on Amazon S3 and delivered via AWS CloudFront.

Every time a user wants to play a course audio file,
website (server side) sends a request to CloudFront to get the audio file.
Each request also includes a signature and a random number.

We use PHP hash_hmac to generate the signature as follows:

$signature = hash_hmac('sha256', $random_number, $secret, true);

Both sides (website and CloudFront function) have the secret key hard-coded.

Once CloudFront receives the request,
a "CloudFront Function" (new AWS feature) is validating the token.
CloudFront Function can only use JavaScript (not NodeJS nor Python).
https://aws.amazon.com/blogs/aws/introducing-cloudfront-functions-run-your-code-at-the-edge-with-low-latency-at-any-scale/

We want CloudFront function to simply run hash_hmac() using JavaScript
 and then compare the signatures but we could not find an equivalent JS function.

We checked extensively on StackOverflow but could not find an equivalent JS function.
Our findings:
Google`s Crypto-JS library is deprecated.
NodeJS Crypto module cannot be used since we use plain JavaScript.

Can someone PLEASE share a link or a code snippet on how to run hash_hmac on JavaScript?

2 answers

solution1
 1  2021-05-10 17:19:14

Yes there is a native API for that: 

 (async function () { const someData = 'Very genuine data'; const key = await window.crypto.subtle.generateKey({ name: "HMAC", hash: { name: "SHA-256" } }, true, ["sign", "verify"]); let enc = new TextEncoder().encode(someData); const signature = await crypto.subtle.sign('HMAC', key, enc); console.log(signature); // ArrayBuffer(32) const valid = await crypto.subtle.verify('HMAC', key, signature, enc); console.log(valid); })();

solution2
 0 ACCPTED  

So one way is to use JS crypto.subtle.sign as @Guerric P mentioned above.

It turns out there is another way to achieve it.
After reading the complete CloudFront developer guide,
I found the following:

NodeJS has a great module called Crypto.

In general, we cannot add a NodeJS module to JavaScript code.

However, CloudFront Function (who use plain JS only) supports also NodeJS Crypto module:
https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/functions-javascript-runtime-features.html#writing-functions-javascript-features-builtin-modules-crypto

The cryptographic module (crypto) provides standard hashing and hash-based message authentication code (HMAC) helpers. You can load the module using require('crypto'). The module provides the following methods that behave exactly as their Node.js counterparts.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Javascript: Equivalent of PHP's hash_hmac() with RAW BINARY output? is there any method in javascript to genetare hash_hmac code. (Just like hash_hmac in php) hash_hmac (PHP) vs hex_hmac_sha1 (Javascript) PHP hash_hmac to JS Hmac Hash_hmac equivalent in Node.js hash_hmac() with RAW Binary OUTPUT in JavaScript Convert PHP hash_hmac(sha512) to NodeJS Transcription of hash_hmac and hex2bin PHP functions to NodeJS How to get CryptoJS result as hash_hmac PHP (SHA1) is there a javascript counterpart to php's native hash() function?
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM