go to post Jukka Pitkänen · Apr 6, 2022 Solution was easier than I thought. Set key = "secretkey"Set message = "messageinabottle"Set secretByteArray = ##class(%SYSTEM.Encryption).Base64Decode(key)Set signatureBytes = $SYSTEM.Encryption.HMACSHA(256, message, secretByteArray) Set requestSignatureBase64String = ##class(%SYSTEM.Encryption).Base64Encode(signatureBytes)
go to post Jukka Pitkänen · Apr 5, 2022 As you can see I get same requestSignatureBase64String if I use string values in js and objectscript examples. Unfortunately web service is expecting value QxYkJH+b0xo+pCLMBMXgKhMqjMSV+mqQbNvPf7kX2k4= I get same signature and secretByteArray values in js and objectscript, but difference is that objectscript value is String and js value is 32-bit WordArray. How do I get correct signature and secretByteArray values that I can pass to the $SYSTEM.Encryption.HMACSHA method? Cryptojs example var key = "secretkey"var message = "messageinabottle" var signature = CryptoJS.enc.Utf8.parse(message) //6d657373616765696e61626f74746c65var secretByteArray = CryptoJS.enc.Base64.parse(key) //b1e72b7ad91e var signatureBytes = CryptoJS.HmacSHA256(signature, secretByteArray) //431624247f9bd31a3ea422cc04c5e02a132a8cc495fa6a906cdbcf7fb917da4evar requestSignatureBase64String = CryptoJS.enc.Base64.stringify(signatureBytes) //QxYkJH+b0xo+pCLMBMXgKhMqjMSV+mqQbNvPf7kX2k4= var signatureBytes = CryptoJS.HmacSHA256(message, key) //3ab515868d9a93d73025789510f9fc4089d3fb48722fb909f7331cc7e13f6719var requestSignatureBase64String = CryptoJS.enc.Base64.stringify(signatureBytes) //OrUVho2ak9cwJXiVEPn8QInT+0hyL7kJ9zMcx+E/Zxk= ObjectScript example Set key = "secretkey"Set message = "messageinabottle" Set signature = $ZCONVERT(##class(%xsd.hexBinary).LogicalToXSD(message),"L") //6d657373616765696e61626f74746c65Set secretByteArray = $ZCONVERT(##class(%xsd.hexBinary).LogicalToXSD(##class(%SYSTEM.Encryption).Base64Decode(key)),"L") //b1e72b7ad91e Set signatureBytes = $SYSTEM.Encryption.HMACSHA(256, signature, secretByteArray)Set requestSignatureBase64String = ##class(%SYSTEM.Encryption).Base64Encode(signatureBytes) //kQeBc7Gu4SRUeicA7xVeN6V9sWX5b1bCLX9rUBK+lGA= Set signatureBytes = $SYSTEM.Encryption.HMACSHA(256, message, key)Set requestSignatureBase64String = ##class(%SYSTEM.Encryption).Base64Encode(signatureBytes) //OrUVho2ak9cwJXiVEPn8QInT+0hyL7kJ9zMcx+E/Zxk=
go to post Jukka Pitkänen · Mar 23, 2022 Hi Jorge and thanks for the answer! Yes there is external system where I try to authenticate and with Postman that javasript works just fine. I can get correct tSecretByteArray with this Set tSecretByteArray = ..hex(##class(%SYSTEM.Encryption).Base64Decode(keyUTF8)) So do I have to get 32-bit wordArray like in JS var signature = CryptoJS.enc.Utf8.parse(rawData); If do some hardcoding and set "signature" value from Postman, I won't get right values from Set tSignature = ..hex($SYSTEM.Encryption.HMACSHA(256, wordArray, tSecretByteArray)) Set tSignatureBase64 = ##class(%SYSTEM.Encryption).Base64Encode(tSignature) And yes, to_hmac was copy-paste error ;)
go to post Jukka Pitkänen · May 6, 2021 Problem solved! XML file is UTF-8 and I read attachment file name from there. So I needed to use ZCONVERT function and that resolved this. $ZCONVERT(AttachFileName,"O","UTF8")