We can calculate a hmac with CryptoJS.HmacSHA256(message, key)

But I want to implement it with the formula Sha256( concat ( key xor opad, Sha256( concat( key xor ipad, message ) )

I did the following

const key   = "e9058ab198f6908f702111b0c0fb5b36f99d00554521886c40e2891b349dc7a1";
const ipad  = "3636363636363636363636363636363636363636363636363636363636363636";
const opad  = "5c5c5c5c5c5c5c5c5c5c5c5c5c5c5c5c5c5c5c5c5c5c5c5c5c5c5c5c5c5c5c5c";
const mess  = "2cf24dba5fb0a30e26e83b2ac5b9e29e1b161e5c1fa7425e73043362938b9824";

const alpha = "b559d6edc4aaccd32c7d4dec9ca7076aa5c15c09197dd4301cbed54768c19bfd"; // key xor opad
const beta  = "df33bc87aec0a6b946172786f6cd6d00cfab36637317be5a76d4bf2d02abf197"; // key xor ipad

const hmac  = CryptoJS.SHA256( alpha + String ( CryptoJS.SHA256( ( beta + mess ) ) ) ) ;

But it doesnt work, any help ?

for example, with the code below I found
hmac = "594b7b8b1dea8dd016c1702c5b2d8b75ba20d744423b08e8897f02454000abad"

but the real one is : "fc7e0b4417a84790035480f97f9a792d8328a497039ae483b4b85197c008669e" and it's calculated with CryptoJS.HmacSHA256(CryptoJS.enc.Hex.parse(mess), key))

We can calculate a hmac with CryptoJS.HmacSHA256(message, key)

But I want to implement it with the formula Sha256( concat ( key xor opad, Sha256( concat( key xor ipad, message ) )

I did the following

const key   = "e9058ab198f6908f702111b0c0fb5b36f99d00554521886c40e2891b349dc7a1";
const ipad  = "3636363636363636363636363636363636363636363636363636363636363636";
const opad  = "5c5c5c5c5c5c5c5c5c5c5c5c5c5c5c5c5c5c5c5c5c5c5c5c5c5c5c5c5c5c5c5c";
const mess  = "2cf24dba5fb0a30e26e83b2ac5b9e29e1b161e5c1fa7425e73043362938b9824";

const alpha = "b559d6edc4aaccd32c7d4dec9ca7076aa5c15c09197dd4301cbed54768c19bfd"; // key xor opad
const beta  = "df33bc87aec0a6b946172786f6cd6d00cfab36637317be5a76d4bf2d02abf197"; // key xor ipad

const hmac  = CryptoJS.SHA256( alpha + String ( CryptoJS.SHA256( ( beta + mess ) ) ) ) ;

But it doesnt work, any help ?

for example, with the code below I found
hmac = "594b7b8b1dea8dd016c1702c5b2d8b75ba20d744423b08e8897f02454000abad"

but the real one is : "fc7e0b4417a84790035480f97f9a792d8328a497039ae483b4b85197c008669e" and it's calculated with CryptoJS.HmacSHA256(CryptoJS.enc.Hex.parse(mess), key))

• javascript
• node.js
• cryptography
• cryptojs

Share Improve this question Follow edited Apr 6, 2022 at 11:25 Topaco 49.8k44 gold badges4545 silver badges8080 bronze badges asked Apr 5, 2022 at 5:51 besbessadbesbessad 1311 gold badge11 silver badge33 bronze badges 2

• Why do you want to implement the HMAC yourself, existing implementations are usually more secure. Or is this a homework/out of interest? Then a look at the CryptoJS implementation of HMAC might help (since you seem to want to use CryptoJS). – Topaco Commented Apr 5, 2022 at 6:51
• I dont necessary have to use CryptoJS. I wanted to implement HMAC to see how it works really. – besbessad Commented Apr 5, 2022 at 8:02

Add a ment  | 

1 Answer 1

Sorted by: Reset to default 0

The reference implementation CryptoJS.HmacSHA256(CryptoJS.enc.Hex.parse(mess), key)) generates an HMAC using the SHA256 digest. Thereby the message is hex decoded and the key UTF8 encoded. The UTF8 encoding results in a key of 64 bytes, which is exactly the block size of SHA256. Therefore neither padding with 0x00 values to 64 bytes nor hashing with SHA256 is necessary.

In your code I mean to see the following problems: Nowhere are the different encodings taken into account, which are crucial for the result. Also, it seems to me that the block size of SHA256 has not been considered properly or at all. And as for the XOR operation, it can be easily done with CryptoJS, no other tool is needed.

The calculation of HMAC can be performed in three steps:

1. determination of (K xor opad) and (K xor ipad).
2. determination of P = H( (K xor ipad) || M )
3. determination of HMAC = H( (K xor opad) || P ), which corresponds to the final result.

All steps can be done with CryptoJS. Thereby crypto-js/src/hmac.js is a helpful blueprint. Note that CryptoJS works internally with WordArrays. Regarding the XOR operation, this means that words are processed, i.e. iterated over 64/4 = 16 words.

A possible implementation is:

// Key is UTF8 encoded 64 bytes -> no padding / no hashing required
const key = "e9058ab198f6908f702111b0c0fb5b36f99d00554521886c40e2891b349dc7a1"
const mess  = "2cf24dba5fb0a30e26e83b2ac5b9e29e1b161e5c1fa7425e73043362938b9824";

// Step 1: determine K xor opad (oKeyWA), K xor ipad (iKeyWA)
//
var hasherBlockSizeBytes = 64; // in bytes
var hasherBlockSize = hasherBlockSizeBytes/4; // in words
var keyWA = CryptoJS.enc.Utf8.parse(key);
var oKeyWA = keyWA.clone();
var iKeyWA = keyWA.clone();
var oKeyWords = oKeyWA.words;
var iKeyWords = iKeyWA.words;
for (var i = 0; i < hasherBlockSize; i++) {
    oKeyWords[i] ^= 0x5c5c5c5c;
    iKeyWords[i] ^= 0x36363636;
}

// Step 2: determine P = H( (K xor ipad) || M )
//
var messWA = CryptoJS.enc.Hex.parse(mess); 
var iKeyMessWA = iKeyWA.concat(messWA); 
var iKeyMessHashWA = CryptoJS.SHA256(iKeyMessWA);

// Step 3: determine HMAC = H ( (K xor opad) || P) 
// 
var oKeyiKeyMessHashWA = oKeyWA.concat(iKeyMessHashWA);
var hmacWA = CryptoJS.SHA256(oKeyiKeyMessHashWA);
document.getElementById("hmac").innerHTML = hmacWA.toString(CryptoJS.enc.Hex);

// Comparison with built-in function
var hmacDirectWA = CryptoJS.HmacSHA256(messWA, keyWA);
document.getElementById("hmacDir").innerHTML = hmacDirectWA.toString(CryptoJS.enc.Hex);

<script src="https://cdnjs.cloudflare./ajax/libs/crypto-js/4.1.1/crypto-js.min.js">
</script>
<p style="font-family:'Courier New', monospace;" id="hmac"></p>
<p style="font-family:'Courier New', monospace;" id="hmacDir"></p>