Node HmacSHA1 Seed

I'm trying to send a SOAP request via Node, talking to a service which is secured with WSS.

I need to sign the XML response with a SignedInfo element which requires me combining a Nonce Binary secret I generated, with a Nonce binary secret returned from the initial token request - PSHA1 format.

I've been able to validate this using Java, by utilising the following class (Where the secret is my client nonce and the seed is the server nonce):

With the following Java code:

Mac mac = Mac.getInstance("HmacSHA1");
SecretKeySpec key = new SecretKeySpec(getSharedKey(), "HmacSHA1");

String bytesToSign = "<XML_TO_SIGN_GOES_HERE>";

String signature = Base64.encodeBytes(mac.doFinal(bytesToSign.getBytes())); 

I need to do this in a Node project though, I've looked at the Crypto API and numerous plugins but I'm unable to generate the same signature.

How do I specify a seed for a HmacSHA1 using node?



I managed to get there in the end, there's an NPM module called psha1 (

Using that library I created the following a generateSignature module which looks as follows:

const crypto = require('crypto');
const psha1 = require('psha1');

export const generateSignatureValue = ({
}) => {

  const secretKey =
    psha1(clientSecret, serverSecret, 256);

  const hash =
      .createHmac('sha1', Buffer.from(secretKey, 'base64'))

  return Buffer
    .from(hash, 'binary')

export default generateSignatureValue;

This gives me the desired output :)


Recent Questions

Top Questions

Home Tags Terms of Service Privacy Policy DMCA Contact Us Javascript

©2020 All rights reserved.