How do I convert this JS signature generator function into Ruby?

Question

I'am trying to integrate the Zoom SDK into my application and I am having trouble figuring out how to convert their example code for generating the signature into ruby.

Example Code -

const base64JS = require('js-base64');
const hmacSha256 = require('crypto-js/hmac-sha256');
const encBase64 = require('crypto-js/enc-base64');

function generateSignature(data) {
    let signature = '';
    const ts = new Date().getTime();
    const msg = base64JS.Base64.encode(data.apiKey + data.meetingNumber + ts + data.role);
    const hash = hmacSha256(msg, data.apiSecret);
    signature = base64JS.Base64.encodeURI(`${data.apiKey}.${data.meetingNumber}.${ts}.${data.role}.${encBase64.stringify(hash)}`);
    return signature;
}

const data = {apiKey: "" ,
apiSecret: "",
meetingNumber: 888,
role: 0}

console.log(generateSignature(data));

How would the generateSignature function look like in ruby?

I've tried a few times but the outputted signature differed when I tried writing this in Ruby. I suspect that I'am encoding and decoding improperly.

This is the javascript code above that I modified slightly to cross reference

const base64JS = require('js-base64');
const hmacSha256 = require('crypto-js/hmac-sha256');
const encBase64 = require('crypto-js/enc-base64');

function generateSignature(data) {
  let signature = '';
  const ts = "1569600658561"
  const msg = base64JS.Base64.encode(data.apiKey + data.meetingNumber + ts + data.role);

  console.log(msg); // This matches the ruby

  const hash = hmacSha256(msg, data.apiSecret);
  signature = base64JS.Base64.encodeURI(`${data.apiKey}.${data.meetingNumber}.${ts}.${data.role}.${encBase64.stringify(hash)}`);
  return signature;
}

data = {
  apiKey: 'api_key',
  apiSecret: 'secret',
  meetingNumber: '1000',
  role: '0'
}


console.log(generateSignature(data));

This is my attempt in ruby

class ZoomSignatureGenerator

  def self.generate
    data = {
      api_key: 'api_key',
      api_secret: 'secret',
      meeting_number: '1000',
      role: '0'
    }

    ts = "1569600658561"
    msg = Base64.encode64(data[:api_key] + data[:meeting_number] + ts + data[:role]);
    puts(msg)
    hash = OpenSSL::HMAC.hexdigest(OpenSSL::Digest.new('sha256'), data[:api_secret], msg)
    signature = Base64.urlsafe_encode64("#{data[:api_key]}.#{data[:meeting_number]}.#{ts}.#{data[:role]}.#{Base64.encode64(hash)}");
    return signature
  end
end

I expected them to be the same output. But they end up being different.

Hope someone can help me :)

Can you put the hash and signature generated with the JS script and the generated with the Ruby script? — Gustavo Toro, Sep 27 '19 at 17:25

Vijay Suryawanshi · Answer 1 · 2020-05-08T07:39:49.400

the output of Base64.encode64(value) is separated by a newline character, use Base64.strict_encode64(value) to generates the same result as Node.js.

require "base64"
require "openssl"

def generate_signature(api_key, api_secrete, meeting_number, role)
  timestamp = 1544683367752

  message = Base64.strict_encode64("#{api_key}#{meeting_number}#{timestamp}#{role}")

  hash = Base64.strict_encode64(OpenSSL::HMAC.digest('sha256', api_secrete, message))

  signature = Base64.strict_encode64("#{api_key}.#{meeting_number}.#{timestamp}.#{role}.#{hash}")
end

generate_signature("key", "secret", 123456, 0)

score 1 · Answer 2 · edited Apr 18 '20 at 19:16

1

Encountered the same problem, apparently Zoom uses base 64 encoded binary string, so instead of using HMAC.hexdigest try this

hmac = OpenSSL::HMAC.new(API_KEY, 'sha256')
hmac << data
hash = Base64.encode64(hmac.digest)

digest method returns the authentication code as a binary string, hexdigest returns the authentication code as a hex-encoded string

edited Apr 18 '20 at 19:16

mohammed wazeem

1,310
1
10
26

answered Apr 18 '20 at 18:08

Dmalyshev

51
6

How do I convert this JS signature generator function into Ruby?

2 Answers2