Home > Software design >  different in signature in Dart & node
different in signature in Dart & node

Time:05-07

am trying to make a signature for a HTTP request , using flutter/dart for the app and the server in NodeJs but i have a problem there is little different between the two signature any idea what cause that

EEFSxb_coHvGM-69RhmfAlXJ9J0=  //signature in dart
EEFSxb/coHvGM 69RhmfAlXJ9J0=  //signature in nodejs

signature.dart

var key = "key";
var data = "data";
List<int> signingKey = utf8.encode("key");
List<int> signatureBaseString = utf8.encode("data");
var hmacSha1 = Hmac(sha1, signingKey);
var digest = hmacSha1.convert(signatureBaseString);
var hashInBase = base64Url.encode(digest.bytes);

print(hashInBase) ; // result : EEFSxb_coHvGM-69RhmfAlXJ9J0=

signature.js

 var data = "data" ;
 var key = "key" ;
 var output = encodeURIComponent(data);
 var keyO = encodeURIComponent(key);
 var hashed = CryptoJS.HmacSHA1(output , keyO);
 var hashInBase = CryptoJS.enc.Base64.stringify(hashed);
 
 console.log(hashInBase); // result : EEFSxb/coHvGM 69RhmfAlXJ9J0=

CodePudding user response:

There are two styles of Base64 encoding which use slightly different character sets for the 64 characters. (You get 52 from the upper and lower case letters and ten more from the numbers, so a couple more ascii chars are needed to make up the 64 - plus the special trailing equals.)

The / and characters have special meanings in URLs, so can be replaced in the alternative "URL safe" encoding with _ and -. Note also that the trailing equals can be dropped.

It seems you may be trying to compare base64 encoded strings to test for equality. It's safer to decode from base 64 and compare the byte arrays.

Anyway, to solve you problem, don't use the Dart URL safe version, use the regular version: base64.encode()

  • Related