I have to do a native JWT Key Method, and i have to use RSA256 method, but when i try this :
$getPrivate = openssl_pkey_get_private(".../rsa_private.pem", $passphrase);
openssl_sign($data, $partialSignature, $getPrivate, sha256WithRSAEncryption);
$signature .= $partialSignature;
$function_rsa = base64_encode($signature);
or that
$encrypt_rsa = openssl_private_encrypt($data, $partialEncrypted, $privateKey, OPENSSL_PKCS1_PADDING);
$encrypted .= $partialEncrypted;
$function_rsa = base64_encode($encrypted);
it won't work correctly, it return me that for the case 1 :
F/BXtAkMLK7W/2wGw2Gi/s1XT+2UphCafVug/oa/OQ62IXwblaS7vVyx5jyB1HTNMz/hlTGmr0ukj3J9lyDAunbP/2nmgWOGMjv2o52WGGaoVsLfJHPyrp7uLuYsq3VrLnnMRyaIrfSw/au2kiVX4HUhvBFOd5GHiRqXSfMiRqd4sj+DLSLlMMSw+LtyWWhlX1Sr4pcTFqa9EDrwdDuhpTWoagTVQP/4FTLl2pncd/zZso5MB+tjX72T/YjUnBuQyPqtjQPDiNMgm+M4lz6d3GZZvOHV05gWXr+aTgCAnTKPje8DBwNFLs5XgBIascUqRVz1k1v8n7B8lRxg1yOlqg==
or that for the case 2 :
e0Gm+MnmGvpFXhNDoj0Vsdl+1v+xxqW7uFFLBeGTjrcAr+ON7CadR0KFQ6lffEiZ17PAA584gDdLOtvpOH3q8V1UIqhbLQhJwEPstkBZRMNsplJse+eBsHNPnev2JYBDABbnAhE7I+xM9mI8iTCjW0DTcAecXahN+UctzBlKveZBMOcnJsRhgfYGZ7SKPySysIc6QoTkiNEJCgb68S8mfsiX9KSDgCwfc50Rql2nKEc15nO83OtkFvuLAjGxsQdSytzQ3hUuLXKqvEqeZsIgYYwQwbKWpLlJuFFQWL3VyjhupnBIO0tDRbZ/Lhqr62DhAoWkKjFtQiHdGdDv407xPQ==
I have correct privateKey.
Can you guys help me ? Thank you :)
Related
I have the following decrypted message, which has previously been encrypted using AES-256-CBC
240dcbefc0f82fadc00ef8494488aaa81400000c2def01e79fec6c4d9a822358dd8a910cac606e8afcb607793cb442093a56b7b40b0b0b0b0b0b0b0b0b0b0b0b
I derive the following 20 BYTE HMAC from this message:
dd8a910cac606e8afcb607793cb442093a56b7b4
My goal is to re-create this HMAC using PHP, I attempt with the following code:
$iv = hex2bin('240dcbefc0f82fadc00ef8494488aaa8'); // random iv - first 16 bytes of the message
$message = hex2bin('1400000c2def01e79fec6c4d9a822358'); // the actual message being decrypted - next 16 bytes
$key = hex2bin('b109124b62e2c8b8248e9865990325fddcc61143'); // encryption key
$hmac = hash_hmac('sha1', $iv.$message, $key);
print($hmac); // 03634ba3f4a0c854a0b791d27f331ecdfad1e87e
$attempt2 = hash('sha256', $iv.$message, true);
$hmac = hash_hmac('sha1', $attempt2, $key);
print($hmac); // 39ad1fb94ab251cdaf3f21cf8673e070733f4e16
I know I'm missing something but I'm struggling to understand the HMAC process as it's very confusing to me. Any help or advise is appreciated, thanks.
I found a solution on a random blog post online :D
here is what worked for me:
function check_mac($seq, $type, $msg, $key) {
$SequenceNumber = pack("NN", 0, $seq);
$Type = pack("Cnn", $type, 0x0303, strlen($msg));
$data = $SequenceNumber . $Type . $msg;
$calculated_mac = hash_hmac("sha1", $data, $key, true);
print(bin2hex($calculated_mac) . "\n");
}
Also, the IV does not need to be included, just the message by itself as the $msg variable
Blog Post:
https://adayinthelifeof.nl/2013/12/30/decoding-tls-with-php/
case 1 -> $data = '{"EmployeeCode":"demo2","PartnerCode":"abcd","FlexUser":"false","Role":"INV"}'<br/>
case 2 -> $data =
'{"EmployeeCode":"demo2","PartnerCode":"abcd","FlexUser":"false","Role":"INV","CheckupEligibility" :
"true"}';
$method = "aes-256-cbc";
$first_key = "A1HS8CUR1TY#9812";
$iv = "A1HS8CUR1TY#9812";
$secret = "A1HREW30SEC#1720";
$first_encrypted = openssl_encrypt($data,$method,$first_key, OPENSSL_ZERO_PADDING,$iv);
I'm trying to encrypt the above json string using aes-256-cbc but not getting any output in case2, whereas getting a proper output in case 1.Could you please help me out.
I'm trying to setup an app to sign with my URLs so they may authenticate but I can't seem to figure out how to replicate the code that I'm trying from the following page: https://help.sendowl.com/help/signed-urls#example
order_id=12345&buyer_name=Test+Man&buyer_email=test%40test.com&product_id=123&signature=QpIEZjEmEMZV%2FHYtinoOj5bqAFw%3D
buyer_email=test#test.com&buyer_name=Test Man&order_id=12345&product_id=123
buyer_email=test#test.com&buyer_name=Test Man&order_id=12345&product_id=123&secret=t0ps3cr3t
publicStr&t0ps3cr3t
This is the steps:
First order the parameters (removing the signature) and unescape
them:
Next append your Signing secret:
Generate the key to sign with:
Perform the HMAC-SHA1 digest with Base 64 encode: QpIEZjEmEMZV/HYtinoOj5bqAFw=
The following is what I tried but end up not getting the same result:
$signKey = "t0ps3cr3t";
$signData = "buyer_email=test#test.com&buyer_name=Test Man&order_id=12345&product_id=123&secret=t0ps3cr3t";
$passData = hash_hmac("sha1", $signData, base64_decode(strtr($signKey)), true);
$passData = base64_encode($passData);
echo $passData;
I keep getting x8NXmAmkNBPYCXwtj65mdVJ8lPc=
I was able to replicate with the following: took me a bit to figure out something so simple.. been coding for 11 hours straight.
Thanks.
$data = "buyer_email=test#test.com&buyer_name=Test Man&order_id=12345&product_id=123&secret=t0ps3cr3t";
$key = "publicStr&t0ps3cr3t";
$pass1 = hash_hmac('sha1', $data, $key, true);
$pass = base64_encode($pass1);
echo $pass;
$pass will return "QpIEZjEmEMZV/HYtinoOj5bqAFw=", the correct value.
$current_timestamp = Carbon::now()->timestamp;
$signstring = "z001-line-anime-gif." . $current_timestamp . ".aaaabbbbccccdddd";
$secret = 'STG-7f*(:hsM-1_eQ_ZD175QgEoJhI$:oR.zEQ<z';
$sig = hash_hmac('sha1', $signstring, $secret);
$signature = hex2bin($sig);
$signature = base64_encode($signature);
return $signature;
I have written a PHP code which take list id from get request and encrypt and return. This working fine when I run from command prompt in ubuntu but giving single same output every time when I am trying it from URL request. Its also not giving single error. cant understand. Any one can help ?
<?php
if( $_GET["list"]) {
$encryptionMethod = "AES-256-CBC";
$api_key ="2lYVdI37JfbUgys5kOAu";
$encrypted = version_compare(PHP_VERSION, '5.3.3') >= 0 ? openssl_encrypt($in, $encryptionMethod, $api_key, 0, '3j9hwG7uj8uvpRAT') : openssl_encrypt($in, $encryptionMethod, $api_key, 0);
$encrypted = str_replace('/', '892', $encrypted);
$encrypted = str_replace('+', '763', $encrypted);
$encrypted = str_replace('=', '', $encrypted);
echo $encrypted;
exit();
}
?>
Thanks in Advance.!
Got it. THanks #Volkerk.
I have assigned value and got it worked.
Thanks a Lot.
Background
I am trying to create a signed url to fetch a resource from AWS S3. There are several examples in aws s3 documentation , and as a first step I am trying to replicate the last example on that page.
My code is :
$access_key = "AKIAIOSFODNN7EXAMPLE";
$secret_key = "wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY";
$string_to_sign = "GET\n\n\n1175139620\n/johnsmith/photos/puppy.jpg";
$encode = hash_hmac('sha1', utf8_encode($string_to_sign) , $secret_key) ;
echo base64_encode($encode). "\r\n" ;
The above code outputs
MzY5ODAyOGU3MGYzYWNjZjk2MTczYTA0MzU3OWE5MzQzNTJjNGE3Zg==
According to the example, the result should be
NpgCjnDzrM%2BWFzoENXmpNDUsSn8%3D&
I do understand that the result needs to be url encoded , but I think I am still far off. Can I get some help please ?
I found the solution
$encode = hash_hmac('sha1', utf8_encode($string_to_sign), $secret_key);
is replaced by
$encode = hash_hmac('sha1', utf8_encode($string_to_sign), $secret_key, true );
Final script to simulate the example is :
$access_key = "AKIAIOSFODNN7EXAMPLE";
$secret_key = "wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY";
$string_to_sign = "GET\n\n\n1175139620\n/johnsmith/photos/puppy.jpg";
$encode = hash_hmac('sha1', utf8_encode($string_to_sign), $secret_key , true ) ;
echo urlencode(base64_encode($encode)) . "\r\n" ;