What is the JavaScript/node.js function HMACSHA256()?

Question

I am trying to find information about this JavaScript/node.js function:

HMACSHA256()

Its mentioned e.g. here:

https://jwt.io/introduction (scroll to section "Signature")
https://hirosht.medium.com/customized-jwt-encoded-with-hmac-sha256-hs256-267574bd7639 (scroll to section "Signature;")

It's mentioned in other places too.

Neither node.js nor any browser JavaScript provides any function with that name.

So what is it? Is it pseudo code or is it a dummy function or simply a mistake everybody copies and pastes?

It appears to be (have been?) a function provided by the CryptoJS library, according to [How to get digest representation of CryptoJS.HmacSHA256 in JS](https://stackoverflow.com/q/29432506/215552)... — Heretic Monkey, Mar 07 '22 at 14:56

score 1 · Answer 1 · answered Mar 07 '22 at 14:56

1

You need a plugin named "crypto" It has "createHmac" function where you can give "sha256" as an argument.

https://nodejs.org/api/crypto.html#cryptocreatehmacalgorithm-key-options

answered Mar 07 '22 at 14:56

aymcg31

599
3
12

score 1 · Accepted Answer · answered Mar 07 '22 at 14:56

1

It is a standard algorithum.

The JWT documentation is providing psuedo-code (and also links off to JWT specific libraries that you should probably be using instead of writing your own implementation).

The blog you've found has code examples using Crypto-JS

answered Mar 07 '22 at 14:56

Quentin

914,110
126
1,211
1,335

Thanks for clarifying. I was confused because everything else e.g. in the blog article is concrete JS/node code. – LongHike Mar 07 '22 at 15:04

What is the JavaScript/node.js function HMACSHA256()?

2 Answers2