Welcome to Community Week 2025! Join us to learn, connect, and be recognized as we celebrate the spirit of Community and the power of AI. Get the details  

Problem getting HmacSHA512 with CryptoJS to work

Go to solution
Simon Larsson
Tera Contributor

‎04-08-2022 07:20 AM

Hello,

I've tried to implement some variant of CryptoJS for making an authentication token. The problem is when i run the code snippet below I encounter this error:

Evaluator.evaluateString() problem: java.lang.SecurityException: Encountered scriptable of unknown type Object

 

var key = "sample_key"; 
var secret = CryptoJS.enc.Base64.parse(key);
var str = CryptoJS.HmacSHA512("sample_data", secret);
str = CryptoJS.enc.Base64.stringify(str);

I think the error is occuring when trying to create the HmacSHA512 encoding. The code works fine running in a node.js environment.
I have created a Script Include called CryptoJS with the code attached in the file.
find_real_file.png

Anyone have some experience working with HmacSHA512, any help is appriciated.

Labels:
Preview file
163 KB
Preview file
52 KB
0 Helpfuls
  • 6,366 Views
1 ACCEPTED SOLUTION

Go to solution
-O-
Kilo Patron
In response to Simon Larsson

‎04-13-2022 01:11 AM

Not sure why that is. However I'll attach your file modified by me as described; I've tested it in both San Diego and Quebec. I assume if it works in those two, it should also work in Rome.

View solution in original post

Preview file
150 KB
0 Helpfuls
11 REPLIES 11

Go to solution
-O-
Kilo Patron

‎04-09-2022 04:31 PM

Maybe it's because the object has not been created with Class.create(). At least one of the problems. If I remember correctly, when in scope one has to use the Class.create() for the objects to be correctly created.

0 Helpfuls

Go to solution
-O-
Kilo Patron
In response to -O-

‎04-10-2022 01:08 PM

Indeed after modifying the attached code so that it conforms to the outlined requirements it works.

What I did was to

- loose all the package b....t, remove

;(function (root, factory) {
	if (typeof exports === "object") {
		// CommonJS
		module.exports = exports = factory();
	}
	else if (typeof define === "function" && define.amd) {
		// AMD
		define([], factory);
	}
	else {
		// Global (browser)
		root.CryptoJS = factory();
	}
}(this, function () {

	/**
	 * CryptoJS core components.
	 */
	var CryptoJS = CryptoJS ||

from the beginning and replace it with:

var CryptoJS = Class.create();

(function () {

- replace line (originally 42)

var C = {};

with

var C = CryptoJS;

- replace the very last line

}));

with

})();

And that's it basically.

After those changes the library "integrates" with the ServiceNow run-time and it can be used. Running code

var key = "sample_key";
var secret = CryptoJS.enc.Base64.parse(key);

var str = CryptoJS.HmacSHA1("sample_data", secret);
str = CryptoJS.enc.Base64.stringify(str);
gs.debug(str);
gs.debug(str == 'pf/igwxG5LGhO1BmFGwrSc7VkSk=');

var str = CryptoJS.HmacSHA224("sample_data", secret);
str = CryptoJS.enc.Base64.stringify(str);
gs.debug(str);
gs.debug(str == '+OTuKzoSTITyyWLfsPdodAVR7oMDMitZfIWMqQ==');

var str = CryptoJS.HmacSHA256("sample_data", secret);
str = CryptoJS.enc.Base64.stringify(str);
gs.debug(str);
gs.debug(str == 'f7Kqu0xm6mloRRX+18eI/5yT7137Y6LIYXVRUeQ/ChY=');

var str = CryptoJS.HmacSHA384("sample_data", secret);
str = CryptoJS.enc.Base64.stringify(str);
gs.debug(str);
gs.debug(str == '95T6tnov0jlrCdSOeI8gsIzjQUsM6TL1niUEKU/+2wL65LqlSeYNIP4QPq0rHJm7');

var str = CryptoJS.HmacSHA512("sample_data", secret);
str = CryptoJS.enc.Base64.stringify(str);
gs.debug(str);
gs.debug(str == 'zFdnLe956Fe1nYT79GL3eCiAu/yhx00flNB3/nMYDXVAk1ZjL0ANikHvyltwOAbPzZdwgYew7QVoccLHDKT/Rw==');

var str = CryptoJS.HmacSHA3("sample_data", secret);
str = CryptoJS.enc.Base64.stringify(str);
gs.debug(str);
gs.debug(str == 'jeoUe+hHGchUlaQWhTYkCKjullbwLG7xb2LyIJPt5XABUfgFXPyPPv6Gxwh66kxeM0D9JgDf5swEMcW/N6xaYA==');

var str = CryptoJS.HmacRIPEMD160("sample_data", secret);
str = CryptoJS.enc.Base64.stringify(str);
gs.debug(str);
gs.debug(str == 'aBTw4oZSD4Rw7ItWygf7iQ5tZP4=');

In Scripts - Background, produces the output:

x_???_crypto: pf/igwxG5LGhO1BmFGwrSc7VkSk= (sys.scripts extended logging)
x_???_crypto: true (sys.scripts extended logging)
x_???_crypto: +OTuKzoSTITyyWLfsPdodAVR7oMDMitZfIWMqQ== (sys.scripts extended logging)
x_???_crypto: true (sys.scripts extended logging)
x_???_crypto: f7Kqu0xm6mloRRX+18eI/5yT7137Y6LIYXVRUeQ/ChY= (sys.scripts extended logging)
x_???_crypto: true (sys.scripts extended logging)
x_???_crypto: 95T6tnov0jlrCdSOeI8gsIzjQUsM6TL1niUEKU/+2wL65LqlSeYNIP4QPq0rHJm7 (sys.scripts extended logging)
x_???_crypto: true (sys.scripts extended logging)
x_???_crypto: zFdnLe956Fe1nYT79GL3eCiAu/yhx00flNB3/nMYDXVAk1ZjL0ANikHvyltwOAbPzZdwgYew7QVoccLHDKT/Rw== (sys.scripts extended logging)
x_???_crypto: true (sys.scripts extended logging)
x_???_crypto: jeoUe+hHGchUlaQWhTYkCKjullbwLG7xb2LyIJPt5XABUfgFXPyPPv6Gxwh66kxeM0D9JgDf5swEMcW/N6xaYA== (sys.scripts extended logging)
x_???_crypto: true (sys.scripts extended logging)
x_???_crypto: aBTw4oZSD4Rw7ItWygf7iQ5tZP4= (sys.scripts extended logging)
x_???_crypto: true (sys.scripts extended logging)
0 Helpfuls

Go to solution
Simon Larsson
Tera Contributor
In response to -O-

‎04-13-2022 12:24 AM

This looks exactly like what i need, despite your documentation i failed to make this work for my self.
 i think i failed to replace the packageing in the beginging of the script. Can you take a look at my code?


I replaced the following:

;(function (root, factory) {
	if (typeof exports === "object") {
		// CommonJS
		module.exports = exports = factory();
	}
	else if (typeof define === "function" && define.amd) {
		// AMD
		define([], factory);
	}
	else {
		// Global (browser)
		root.CryptoJS = factory();
	}
}(this, function () {

	/**
	 * CryptoJS core components.
	 */
	var CryptoJS = CryptoJS || || (function (Math, undefined) {
		/*
	     * Local polyfil of Object.create
	     */
		var create = Object.create || (function () {
			function F() {};

			return function (obj) {
				var subtype;

				F.prototype = obj;

				subtype = new F();

				F.prototype = null;

				return subtype;
			};
		}())

		/**
	     * CryptoJS namespace.
	     */
		var C = {};

with this, based of what i could read out from your earlier post.

var CryptoJS = Class.create();

(function () {

	/**
	 * CryptoJS core components.
	 */
	(function (Math, undefined) {
		/*
	     * Local polyfil of Object.create
	     */
		var create = Object.create || (function () {
			function F() {};

			return function (obj) {
				var subtype;

				F.prototype = obj;

				subtype = new F();

				F.prototype = null;

				return subtype;
			};
		}())

		/**
	     * CryptoJS namespace.
	     */
		var C = CryptoJS;

 

I still get some errors when running the code.

Javascript compiler exception: Primitive type expected (had org.mozilla.javascript.Undefined instead) (sys_script_include.b35e260207320110f83cf87e7c1ed0ff.script; line 68)

this is line 68:

if (overrides) {
    subtype.mixIn(overrides);
}
0 Helpfuls

Go to solution
-O-
Kilo Patron
In response to Simon Larsson

‎04-13-2022 01:11 AM

Not sure why that is. However I'll attach your file modified by me as described; I've tested it in both San Diego and Quebec. I assume if it works in those two, it should also work in Rome.

Preview file
150 KB
0 Helpfuls