1

I'm building a api and I'm having trouble generating a hash with CryptoJs in the client-side interface

My js function does this:

console.log(" username: '" + $rootScope.username + "'");
console.log("timestamp: '" + timestamp + "'");  
console.log("  request: '" + req + "'");
console.log("  entropy: '" + "dragonsahead" + "'");
console.log(" password: '" + $rootScope.password + "'");
var message = $rootScope.username+timestamp+req+"dragonsahead";
console.log("  message: '" + message +"'");
var hash = CryptoJS.HmacSHA1(message, $rootScope.password).toString();
console.log("     HASH: '" + hash + "'");
return hash;

$rootScope.username and $rootScope.password are user inputs;

JS Log:

 username: 'admin' 
timestamp: '1394643128.478' 
  request: '/login' 
  entropy: 'dragonsahead' 
 password: 'e1a47a0407d876c8187b1e984a6813abde8160af' 
  message: 'admin1394643128.478/logindragonsahead' 
     HASH: '5061875265279c7378c95c9536feade1c610492d'

I could see in the server-side logs that the hashes did not match. PHP server Log:

2014-03-12 16:52:08 - INFO -->  username: 'admin' 
2014-03-12 16:52:08 - INFO --> timestamp: '1394643128.478' 
2014-03-12 16:52:08 - INFO -->   request: '/login' 
2014-03-12 16:52:08 - INFO -->   entropy: 'dragonsahead' 
2014-03-12 16:52:08 - INFO -->  password: 'e1a47a0407d876c8187b1e984a6813abde8160af' 
2014-03-12 16:52:08 - INFO -->   message: 'admin1394643128.478/logindragonsahead' 
2014-03-12 16:52:08 - INFO -->      HASH: '4c34a29aa05059d5016bd74796407de3d2e5428c' 
2014-03-12 16:52:08 - INFO -->CLIENTOKEN: '5061875265279c7378c95c9536feade1c610492d'

After this I checked i this site and the hash built by the server was the right one. So, I decided lo load CryptoJS to a blank page (google, for example) and see what could happen:

> var jq = document.createElement('script');
> jq.src = "https://crypto-js.googlecode.com/svn/tags/3.1.2/build/rollups/hmac-sha1.js";
> document.getElementsByTagName('head')[0].appendChild(jq);
<script src=​"https:​/​/​crypto-js.googlecode.com/​svn/​tags/​3.1.2/​build/​rollups/​hmac-sha1.js">​</script>​
>var test = CryptoJS.HmacSHA1("admin1394643128.478/logindragonsahead",'e1a47a0407d876c8187b1e984a6813abde8160af')
undefined
>test.toString()
"4c34a29aa05059d5016bd74796407de3d2e5428c"

As CryptoJS returned the right hash, It can only be that I am messing up with my javascript vars. I don't know what could possibly be messing up my variables...

Improve this question

1 Answer 1

Reset to default
1

It happens that I was storing the password in a angularjs's "$rootScope".

I need to do $rootScope.password.tostring() instead of $rootScope.password;

Solved.

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.