I am using java to do some post with AWS signature header. The signing process is below
private String calculateSignature(String stringToSign) {
try {
byte[] signatureKey = getSignatureKey(secretAccessKey, currentDate, regionName, serviceName);
byte[] signature = HmacSHA256(stringToSign, signatureKey);
String strHexSignature = bytesToHex(signature);
return strHexSignature;
} catch (Exception ex) {
ex.printStackTrace();
}
return null;
}
private byte[] HmacSHA256(String data, byte[] key) throws Exception {
String algorithm = "HmacSHA256";
Mac mac = Mac.getInstance(algorithm);
mac.init(new SecretKeySpec(key, algorithm));
return mac.doFinal(data.getBytes("UTF8"));
}
private byte[] getSignatureKey(String key, String date, String regionName, String serviceName) throws Exception {
byte[] kSecret = ("AWS4" + key).getBytes("UTF8");
byte[] kDate = HmacSHA256(date, kSecret);
byte[] kRegion = HmacSHA256(regionName, kDate);
byte[] kService = HmacSHA256(serviceName, kRegion);
byte[] kSigning = HmacSHA256(aws4Request, kService);
return kSigning;
}
private String bytesToHex(byte[] bytes) {
final StringBuilder hexString = new StringBuilder();
for(byte b : bytes)
hexString.append(String.format("%02x", b));
return hexString.toString().toLowerCase().trim();
}
However, when I send use this signature, it does not match the signature calculated by the server. The server is written in PHP, and it us Crypto-JS to calculate the signature. I have compared two strings need to sign and Canonical Request between Java and PHP. They are matching.
I have checked space, command and other characteries. but cannot figure out why. Are Java HmacSHA256 and crypto-js HmacSHA256 different? Or something wrong with bytesToHex method?
The Java output of Canonical Request
POST
/
content-length:667
content-type:application/json
host:host.name.com
x-amz-date:20171205T012629Z
x-amz-target:_20141201.XXXXXXX
content-length;content-type;host;x-amz-date;x-amz-target
c5b31b699700e6debe4548836a723f89b73ffcef6570e1bed4c534c0f247dc26
The PHP returns:
POST
/
content-length:667
content-type:application/json
host:host.name.com
x-amz-date:20171205T012629Z
x-amz-target:_20141201.XXXXXXX
content-length;content-type;host;x-amz-date;x-amz-target
c5b31b699700e6debe4548836a723f89b73ffcef6570e1bed4c534c0f247dc26
Any help or any idea will be appreciated.
Found the issue. The reason was the algorithm of the secret key was changed, but i was not aware of that change
Related
I am working on translating an API from Java into Javascript (nodeJs). The problem is that the signatures generated by the Java code are much shorter than the one in javascript. The results from the getSignature function have different length and as such whenever I generate a signature in javascript the server won't recognize it but it will when it is generated in Java.
I have verified that the values in getSignatureKey are the same in both functions and the getSignature function uses the output from getSignatureKey to encrypt "SOME MESSAGE TO ENCRYPT" which will be the request body in plain text (verified both have the same content and format).
Is there any reason why the output differs in length? Perhaps some encoding problem or something else I'm not seeing.
Using the native crypto library in nodeJs as follows:
var getSignatureKey = function(key, api_key, dateStamp){
let kUser = HMACSHA256("CAS"+api_key, key);
let kDate = HMACSHA256(dateStamp, kUser);
let kService = HMACSHA256(SERVICE_NAME, kDate);
let kSigning = HMACSHA256("cas_request", kService);
return kSigning;
}
var getSignature = function(signature_key){
let signature_bytes = HMACSHA256("SOME MESSAGE TO ENCRYPT", signature_key);
let signature = Buffer.from(signature_bytes).toString('base64');
return signature;
}
var HMACSHA256 = function(message, secret){
let key_bytes = encoder.encode(secret);
let message_bytes = encoder.encode(message);
let hash = crypto.createHmac('sha256', key_bytes).update(message_bytes).digest();
return Uint8Array.from(hash);
}
While in java I have the following code:
public static byte[] getSignatureKey(String key, String apiKey, String dateStamp, String serviceName)
throws Exception {
byte[] kSecret = key.getBytes("UTF8");
byte[] kUser = HmacSHA256("CAS" + apiKey, kSecret);
byte[] kDate = HmacSHA256(dateStamp, kUser);
byte[] kService = HmacSHA256(serviceName, kDate);
byte[] kSigning = HmacSHA256("cas_request", kService);
return kSigning;
}
public static String getSignature(byte[] signature_key) throws Exception {
return Base64.encodeBase64String(HmacSHA256("SOME MESSAGE TO ENCRYPT", signature_key));
}
public static byte[] HmacSHA256(String data, byte[] key) throws Exception {
String algorithm = "HmacSHA256";
Mac mac = Mac.getInstance(algorithm);
mac.init(new SecretKeySpec(key, algorithm));
return mac.doFinal(data.getBytes("UTF8"));
}
I'm attempting with little success to port over Google's code to generate a secure token for their captcha (https://github.com/google/recaptcha-java/blob/master/appengine/src/main/java/com/google/recaptcha/STokenUtils.java):
The original utility has the following:
private static final String CIPHER_INSTANCE_NAME = "AES/ECB/PKCS5Padding";
private static String encryptAes(String input, String siteSecret) {
try {
SecretKeySpec secretKey = getKey(siteSecret);
Cipher cipher = Cipher.getInstance(CIPHER_INSTANCE_NAME);
cipher.init(Cipher.ENCRYPT_MODE, secretKey);
return BaseEncoding.base64Url().omitPadding().encode(cipher.doFinal(input.getBytes("UTF-8")));
} catch (Exception e) {
e.printStackTrace();
}
return null;
}
private static SecretKeySpec getKey(String siteSecret){
try {
byte[] key = siteSecret.getBytes("UTF-8");
key = Arrays.copyOf(MessageDigest.getInstance("SHA").digest(key), 16);
return new SecretKeySpec(key, "AES");
} catch (NoSuchAlgorithmException | UnsupportedEncodingException e) {
e.printStackTrace();
}
return null;
}
public static void main(String [] args) throws Exception {
//Hard coded the following to get a repeatable result
String siteSecret = "12345678";
String jsonToken = "{'session_id':'abf52ca5-9d87-4061-b109-334abb7e637a','ts_ms':1445705791480}";
System.out.println(" json token: " + jsonToken);
System.out.println(" siteSecret: " + siteSecret);
System.out.println(" Encrypted stoken: " + encryptAes(jsonToken, siteSecret));
Given the values I hardcoded, I get Irez-rWkCEqnsiRLWfol0IXQu1JPs3qL_G_9HfUViMG9u4XhffHqAyju6SRvMhFS86czHX9s1tbzd6B15r1vmY6s5S8odXT-ZE9A-y1lHns" back as my encrypted token.
My Java and crypto skills are more than a little rusty, and there aren't always direct analogs in C#. I attempted to merge encrypeAes() and getKey() with the following, which isn't correct:
public static string EncryptText(string PlainText, string siteSecret)
{
using (RijndaelManaged aes = new RijndaelManaged())
{
aes.Mode = CipherMode.ECB;
aes.Padding = PaddingMode.PKCS7;
var bytes = Encoding.UTF8.GetBytes(siteSecret);
SHA1 sha1 = SHA1.Create();
var shaKey = sha1.ComputeHash(bytes);
byte[] targetArray = new byte[16];
Array.Copy(shaKey, targetArray, 16);
aes.Key = targetArray;
ICryptoTransform encrypto = aes.CreateEncryptor();
byte[] plainTextByte = ASCIIEncoding.UTF8.GetBytes(PlainText);
byte[] CipherText = encrypto.TransformFinalBlock(plainTextByte, 0, plainTextByte.Length);
return HttpServerUtility.UrlTokenEncode(CipherText); //Equivalent to java's BaseEncoding.base64Url()?
}
}
The C# version produces the incorrect value of: Ye+fySvneVUZJXth67+Si/e8fBUV4Sxs7wEXVDEOJjBMHl1encvt65gGIj8CiFzBGp5uUgKYJZCuQ4rc964vZigjlrJ/430LgYcathLLd9U=
Your code almost works as expected. It's just that you somehow mixed up the outputs of the Java version (and possibly the C# version).
If I execute your Java code (JDK 7 & 8 with Guava 18.0), I get
Ye-fySvneVUZJXth67-Si_e8fBUV4Sxs7wEXVDEOJjBMHl1encvt65gGIj8CiFzBGp5uUgKYJZCuQ4rc964vZigjlrJ_430LgYcathLLd9U
and if I execute your C# code (DEMO), I get
Ye-fySvneVUZJXth67-Si_e8fBUV4Sxs7wEXVDEOJjBMHl1encvt65gGIj8CiFzBGp5uUgKYJZCuQ4rc964vZigjlrJ_430LgYcathLLd9U1
So, the C# version has an additional "1" at the end. It should be a padding character, but isn't. This means that HttpServerUtility.UrlTokenEncode() doesn't provide a standards conform URL-safe Base64 encoding and you shouldn't use it. See also this Q&A.
The URL-safe Base64 encoding can be easily derived from the normal Base64 encoding (compare tables 1 and 2 in RFC4648) as seen in this answer by Marc Gravell:
string returnValue = System.Convert.ToBase64String(toEncodeAsBytes)
.TrimEnd(padding).Replace('+', '-').Replace('/', '_');
with:
static readonly char[] padding = { '=' };
That's not all. If we take your Java output of
Ye+fySvneVUZJXth67+Si/e8fBUV4Sxs7wEXVDEOJjBMHl1encvt65gGIj8CiFzBGp5uUgKYJZCuQ4rc964vZigjlrJ/430LgYcathLLd9U=
and decrypt it, then we get the following token:
{"session_id":"4182e173-3a24-4c10-b76c-b85a36be1173","ts_ms":1445786965574}
which is different from the token that you have in your code:
{'session_id':'abf52ca5-9d87-4061-b109-334abb7e637a','ts_ms':1445705791480}
The main remaining problem is that you're using invalid JSON. Strings and keys in JSON need to be wrapped in " and not '.
Which means that the encrypted token actually should have been (using a valid version of the token from your code):
D9rOP07fYgBfza5vbGsvdPe8fBUV4Sxs7wEXVDEOJjBMHl1encvt65gGIj8CiFzBsAWBDgtdSozv4jS_auBU-CgjlrJ_430LgYcathLLd9U
Here's a C# implementation that reproduces the same result as your Java code:
class Program
{
public static byte[] GetKey(string siteSecret)
{
byte[] key = Encoding.UTF8.GetBytes(siteSecret);
return SHA1.Create().ComputeHash(key).Take(16).ToArray();
}
public static string EncryptAes(string input, string siteSecret)
{
var key = GetKey(siteSecret);
using (var aes = AesManaged.Create())
{
if (aes == null) return null;
aes.Mode = CipherMode.ECB;
aes.Padding = PaddingMode.PKCS7;
aes.Key = key;
byte[] inputBytes = Encoding.UTF8.GetBytes(input);
var enc = aes.CreateEncryptor(key, new byte[16]);
return UrlSafeBase64(enc.TransformFinalBlock(inputBytes,0,input.Length));
}
}
// http://stackoverflow.com/a/26354677/162671
public static string UrlSafeBase64(byte[] bytes)
{
return Convert.ToBase64String(bytes).TrimEnd('=')
.Replace('+', '-')
.Replace('/', '_');
}
static void Main(string[] args)
{
string siteSecret = "12345678";
string jsonToken = "{'session_id':'abf52ca5-9d87-4061-b109-334abb7e637a','ts_ms':1445705791480}";
Console.WriteLine(" json token: " + jsonToken);
Console.WriteLine(" siteSecret: " + siteSecret);
Console.WriteLine(EncryptAes(jsonToken, siteSecret));
Console.ReadLine();
}
}
I don't know why you said you're getting Irez-rWkCEqnsiRLWfol0IXQu1JPs3qL_G_9HfUViMG9u4XhffHqAyju6SRvMhFS86czHX9s1tbzd6B15r1vmY6s5S8odXT-ZE9A-y1lHns from the Java program because I'm not getting that output. The output I'm getting from both the C# version and the Java version is this:
Ye-fySvneVUZJXth67-Si_e8fBUV4Sxs7wEXVDEOJjBMHl1encvt65gGIj8CiFzBGp5uUgKYJZCuQ4rc964vZigjlrJ_430LgYcathLLd9U
As you can see here:
The code for both versions is available here
Live demo of the C# version.
The Java version was copy/pasted from your code and is using guava-18.0 and compiled with JDK8 x64 (I'm not a java expert so I'm just adding these in case it makes any difference).
I am porting part of an iOS app to Android, and I'm having trouble porting the following signature generating code in iOS to Android. The iOS code is:
+ (NSString *)hashedBase64ValueOfData:(NSString *) data WithSecretKey:(NSString*)secret {
// ascii convirsion
const char *cKey = [secret cStringUsingEncoding:NSASCIIStringEncoding];
const char *cData = [data cStringUsingEncoding:NSASCIIStringEncoding];
// HMAC Data structure initializtion
unsigned char cHMAC[CC_SHA256_DIGEST_LENGTH];
CCHmac(kCCHmacAlgSHA256, cKey, strlen(cKey), cData, strlen(cData), cHMAC);
// Gerating hased value
NSData *da = [[NSData alloc] initWithBytes:cHMAC length:sizeof(cHMAC)];
return [da base64EncodedString];// conversion to base64 string & returns
}
The Android Java code I have written and tried is:
private static String hashedBase64ValueOfDataWithSecretKey(String data, String secret) {
try {
SecretKeySpec signingKey = new SecretKeySpec(secret.getBytes(), HMAC_SHA1_ALGORITHM);
Mac mac = Mac.getInstance(HMAC_SHA1_ALGORITHM);
mac.init(signingKey);
byte[] rawHmac = mac.doFinal(data.getBytes());
return Base64.encodeToString(rawHmac, 0);
} catch (Exception e) {
e.printStackTrace();
}
return null;
}
Upon testing, the Android function is not outputting the same thing as the iOS function (given the same input), and I'm not sure why.
Not an expert at this, but NSASCIIStringEncoding seems to imply that you want data and secret interpreted as ASCII, whereas String.getBytes() uses the default character set by default (i.e. UTF-8).
You probably need to use a different charset:
data.getBytes(StandardCharsets.US_ASCII);
secret.getBytes(StandardCharsets.US_ASCII);
For Java pre-1.7, you'll need to use this and catch the UnsupportedEncodingException:
data.getBytes("US-ASCII");
secret.getBytes("US-ASCII");
You might use extras org.apache.commons.codec.binary.Base64. Google it and find it, then you can fellow the codes below. I think the hashed value will be generated by "private key" and appended behind a "public key" being sent to server with a "http-head" together. If no, you can just remove them. Anyway the codes might give you some suggestions. :)
private String getAppendedHeader(String str) {
try {
String hash = getHash(str);
String signature = new String(Base64.encodeBase64(hash.getBytes()));
StringBuilder sb = new StringBuilder();
sb.append(PUBLIC_KEY).append(' ').append(signature);
return sb.toString();
} catch (NoSuchAlgorithmException _e) {
LL.e("Get mac error: " + _e.getMessage());
return null;
} catch (InvalidKeyException _e) {
LL.e("Init mac error: " + _e.getMessage());
return null;
}
}
private String getHash(String str) throws NoSuchAlgorithmException, InvalidKeyException {
Mac mac = Mac.getInstance("HmacSHA256");
SecretKeySpec secret = new SecretKeySpec(PRIVATE_KEY.getBytes(), "HmacSHA256");
mac.init(secret);
byte[] digest = mac.doFinal(str.getBytes());
BigInteger hash = new BigInteger(1, digest);
String hmac = hash.toString(16);
if (hmac.length() % 2 != 0) {
hmac = "0" + hmac;
}
return hmac;
}
Hi I'm having problems creating a Gygia signature. I've tryed everything on this post and I am almost sure my problem resides in wich Base64 I'm using.
Here is what i got right now.
Both methods give me wrong keys
static String sign(String timestamp, String uid, String key) {
String baseString = timestamp + "_" + uid;
String lRet = "";
byte[] baseBytes;
try {
baseBytes = baseString.getBytes("UTF-8");
byte[] secretKeyBytes = org.apache.commons.codec.binary.Base64
.decodeBase64(key.getBytes());
Mac mac = Mac.getInstance("HmacSHA1");
mac.init(new SecretKeySpec(secretKeyBytes, "HmacSHA1"));
byte[] signatureBytes = mac.doFinal(baseBytes);
byte[] encodedSign = org.apache.commons.codec.binary.Base64
.encodeBase64(signatureBytes);
lRet = new String(encodedSign, "UTF-8");
} catch (Exception e) {
e.printStackTrace();
}
return lRet;
}
The other implementation I tried is this one but my signature includes characters like '/' and '+' and Gigya kicks it back.
private String constructSignature(String timestamp, String UID, String pKey) {
// Construct a "base string" for signing
String baseString = timestamp + "_" + UID;
// Convert the base string into a binary array
byte[] binaryBaseString = ConvertUTF8ToBytes(baseString);
// Convert secretKey from BASE64 to a binary array
byte[] binaryKey = ConvertFromBase64ToBytes(pKey);
// Use the HMAC-SHA1 algorithm to calculate the signature
byte[] binarySignature = hmacsha1(baseString, binaryKey);
// Convert the signature to a BASE64
String signature = ConvertToBase64(binarySignature);
return signature;
}
private byte[] ConvertUTF8ToBytes(String pString) {
try {
return pString.getBytes("UTF-8");
} catch (UnsupportedEncodingException e) {
e.printStackTrace();
}
return null;
}
private byte[] ConvertFromBase64ToBytes(String pBase64String) {
return android.util.Base64.decode(pBase64String,
android.util.Base64.DEFAULT);
}
private String ConvertToBase64(byte[] data) {
String retString = android.util.Base64.encodeToString(data, android.util.Base64.DEFAULT);
return retString;
}
I've gone up and down this code quite a bit, I've used commons.codec Base64 and also the Gigya version with no luck.
Any pointers will be greatly apreciated.
Regards
The error I get back from Gigya with the bad key is:
errorCode:400006
errorMessage:Invalid parameter value
errorDetails:Invalid argument: invalid signature
data:{"statusCode":400,"errorMessage":"Invalid parameter
value","errorCode":400006,"callId":"0106c32c05e14afba1fc93ae0659bb69",
"errorDetails":"Invalid argument: invalid signature","statusReason":"Bad Request"}
Well after reading the post I mentioned I found on the accepted answer the SigUtils class wich basically does all the work for you... took me a while and I hope i didn't waste anyones time. Heres how to generate the key:
String lSig = SigUtils.getOAuth1Signature(query+"_"+expTime, lHashedKey);
And to validate:
boolean valid = SigUtils.validateUserSignature(expTime, query, lHashedKey, lSig);
I am currently writing a program in Java that will accept strings from PHP and either encrypt or decrypt them depending on need. The mechanism of encryption is AES-256 and I am using the BouncyCastle API to do it. To ensure that there are fewer problems in transferring the data back and forth, I use Base64 to encode the strings. The problem I am experiencing is that randomly, I cannot decrypt a string-some string can be decrypted ok, others cannot. I found a great article here at stackoverflow I thought could help here.
But I could not really see how it could fit my circumstances (I am not an encryption expert). Here's my current code. Thanks for your help.
class AES {
private final BlockCipher AESCipher = new AESEngine();
private PaddedBufferedBlockCipher pbbc;
private KeyParameter key;
AES()
{
init();
}
private void init()
{
try
{
KeyGenerator kg = KeyGenerator.getInstance("AES");
kg.init(256);
SecretKey sk = kg.generateKey();
key=new KeyParameter(sk.getEncoded());
pbbc=new PaddedBufferedBlockCipher(AESCipher, new PKCS7Padding());
}
catch (Exception e)
{
//Take care of later
}
}
private byte[] processing(byte[] input, boolean encrypt)
throws DataLengthException, InvalidCipherTextException {
pbbc.init(encrypt, key);
byte[] output = new byte[pbbc.getOutputSize(input.length)];
int bytesWrittenOut = pbbc.processBytes(
input, 0, input.length, output, 0);
pbbc.doFinal(output, bytesWrittenOut);
return output;
}
private byte[] _encrypt(byte[] input)
throws DataLengthException, InvalidCipherTextException {
return processing(input, true);
}
private byte[] _decrypt(byte[] input)
throws DataLengthException, InvalidCipherTextException {
return processing(input, false);
}
public String Encrypt(String input)
{
try
{
byte[] ba = input.getBytes("UTF-8");
byte[] encr = _encrypt(ba);
byte[] encryptedByteValue = new Base64().encode(encr);
String encryptedValue = new String(encryptedByteValue);
return encryptedValue;//+" and decrypted is "+Decrypt(encryptedValue);
}
catch (Exception e)
{
return "ENCRYPT_ERROR "+e.getMessage();
}
}
public String Decrypt(String input)
{
try
{
byte[] decodedValue = new Base64().decode(input.getBytes());
byte[] retr = _decrypt(decodedValue);
return new String(retr, "UTF-8").replaceAll("\\u0000", "");
}
catch (Exception e)
{
return "DECRYPT_ERROR "+e.getMessage();
}
}
I figured out what the problem is, and it was two fold. This is what I wound up doing:
1) I was using cURL to communicate strings between Java and PHP and encoding encrypted text as Base64. Since the plus sign is valid in Base64 and not handled by cURL (at least by older versions), I would have mangled strings, thus leading to the error. I switched to hex encoding.
2) I had to remove carriage return (\r\n) characters from strings that went into the Java layer.
Hope this helps someone.