can anyone make a program which compute same output in AES256 ecnrption in php and java.
both output should be same and AES 256 should be there.
So the signature that I'm getting from Java doesn't match what I'm getting in openssl. Here's an example of what I'm doing:
In a terminal using openssl I'm doing this.
echo +pkCdYME5SzI7A2PV0r8/8FqYGZyvTp+4DoGkdaMYRs= hash openssl dgst -sha256 -sign "private.key" -out hash.sha256 hash base64 < hash.sha256 > hash.bin cat hash.bin results posted belowJava Code: (hash matches the one I'm using for openssl)
private String createSignature(String hash) throws ProductException { try { Signature privateSignature = Signature.getInstance("SHA256withRSA"); privateSignature.initSign(getPrivateKey()); privateSignature.update(hash.getBytes(UTF_8)); byte[] signature = privateSignature.sign(); String result = Base64.encodeBase64String(signature); System.out.println(result); //THIS RESULT SHOULD MATCH BUT DOESN'T return result; } catch (NoSuchAlgorithmException | SignatureException | InvalidKeyException e) { throw new ProductException(Codes.AUTHENTICATION_ERROR, e); } } private PrivateKey getPrivateKey() throws ProductException { try { String key = IOUtils.toString(this.getClass().getResourceAsStream("private.key")); PemObject pem = new PemReader(new StringReader(key)).readPemObject(); byte[] content = pem.getContent(); KeyFactory keyFactory = KeyFactory.getInstance("RSA"); PKCS8EncodedKeySpec ks = new PKCS8EncodedKeySpec(content); return keyFactory.generatePrivate(ks); } catch (IOException | NoSuchAlgorithmException | InvalidKeySpecException e) { throw new ProductException(Codes.AUTHENTICATION_ERROR, e); } }PLEASE HELP! I've scoured the interwebs and I don't know what I'm doing wrong.
My openssl signature = O8DRek17ySzz+p2N8brH/9CdY3b+GN5bnyaTtn+ZP3SDIBvtqkk/lp+zb1BZ80a6xCIID8CTjNU+/svrV/q/rXEqEQc3jk3ZVUo0RJB52rgW26EQWyieAdqRlIbQqPhaCIrpWrs+WImGk7cPnkTEueIm+EzxG8ptjF5cAZH3lustVLt8SM9sXjQJzxzMgF2g0XN+1GQniAdWT/oNJXv0ZG7PSFACfcoSTSdN4wHkVAG4/PF/d6H+M5eTkEu6NhXfbfBBtavGmBiDgM6FPFDJ4r+2Rzvc/vpSiglUUQgxD58PTH47Y8xMc4t4/yahrchi2if2cJ7e89RBb1IHNus+eB8zPS0MHBn2OWDUM66P1KRanwzebDfg08VhRbW8zVnmNUNzXxAdCWa3kwsDe7hx+36oHfJwoyqIFwjJi8TKZm0JLKMf0SaLh/6zK0bIdgoXw23AfJni1ewmUqZbpE6Q4A0TgxaJg1aozb06l7Nb523FqV6ScRZ0wJK3s51Dduy5j1V1jt0+YYd+0zACyYfr5a+vypEygzsZ2Rzu3Q/l4VoPlZF2dr50TLnbhTvFnyK9mvc0zaTmsuHI5UJAbcpFBTXiDWb0DoWo4PkHRVFPvIMai37UxW4c5V0ybchlQHrEKYQ8NigYHGX5j8GsFhZJgg73Het1YwoWdsz1PksoYTY=
My Java Signature = 8dKc1otqL+thKQ7yTPeHX7T5fuOgv6PmHvlP5QyEHEXZILwD/234polMSs20i4na9wCuUdcSA+mHEKpY7Dkyd8VLTcZZ8RC8AlPE5bvzXc/uZhyPpBuSA7mDDOARbg3mx5usq4ythdqxj6OvdOBAJXXFB6Jc/c1XVd8IxDnRJoz5MlwxZIp94TAyW11QbMGNZuzcbsdEdsBuXU1MR4gzVfMLJjMcIM3YTtsP3bktsPAs5W2Asp9lDg5GuIOgWgXpTlj3VY6NF64SCI1tY4LhE7zq16YXQ6ykJ490YSVX5J9z+cDvZcVgfvgKCZuk4wgnXo6PbE4Wm4FDuzu35DEQi9Y5EEHzXlb5aNFQP3S6lumyfqOCmZlQcNVS53ur1fY4P8cnOuHZelyYS1Dw54q0SDCjFuANK2Ltl8rIZOZQWbg6jo45HbpaHUgt1NMkmj/UC/rLSnofa/YYbcJ2YZbqUdyX/yTBlzEuLR0/4Bgv9zvBw8HI0h3icv7/1NYaKo/eBSki6HNyDh2pDWX6IHQTFMzdFKeoXVAQLfaJREIpMPu+rDExI6Ozl0r9D61fY+XtMrptGNTFzf1h4cwUAZAC737Ahc6qsr+jQkDWDJt6oJbgziNE4C2JZriRtvRDACpryt6MGH1QnYPGYfCVs/xSxaYEtGJsjRRkG+lkpojcJ+A=
I am generating the SHA256 of the following string
{ "billerid": "MAHA00000MUM01", "authenticators": [ { "parameter_name": "CA Number", "value": "210000336768" } ], "customer": { "firstname": "ABC", "lastname": "XYZ", "mobile": "9344895862", "mobile_alt": "9859585525", "email": "abc@billdesk.com", "email_alt": "abc2@billdesk.com", "pan": "BZABC1234L", "aadhaar": "123123123123" }, "metadata": { "agent": { "agentid": "DC01DC31MOB528199558" }, "device": { "init_channel": "Mobile", "ip": "124.124.1.1", "imei": "490154203237518", "os": "Android", "app": "AGENTAPP" } }, "risk": [ { "score_provider": "DC31", "score_value": "030", "score_type": "TXNRISK" }, { "score_provider": "BBPS", "score_value": "030", "score_type": "TXNRISK" } ]}I am getting different SHA256 output from different sources.This website: https://www.freeformatter.com/sha256-generator.html#ad-output calculates the SHA256 of the above string: 053353867b8171a8949065500d7313c69fe7517c9d69eaff11164c35fcb14457
This website(https://emn178.github.io/online-tools/sha256.html) gives the SHA256 as eae5c26759881d48a194a6b82a9d542485d6b6ce96297275c136b1fa6712f253
I am using CryptoJs library in Javascript to calculate SHA256 which also gives eae5c26759881d48a194a6b82a9d542485d6b6ce96297275c136b1fa6712f253 this result.
I want the SHA256 calculated to be: 053353867b8171a8949065500d7313c69fe7517c9d69eaff11164c35fcb14457
Why these is difference in SHA256 calculation over different places?
I'm trying to get the SHA256 hash of a string in base64 format.
I'm using DigestUtils from org.apache.commons.codec.digest. I don't know how to get the Base64 format, even though I can get the Hex format.
Sha256String = org.apache.commons.codec.digest.DigestUtils.sha256Hex(StringText);Using "a" as stringtest, this line returns
ca978112ca1bbdcafac231b39a23dc4da786eff8147c4e72b9807785afee48bbBut what I actually need is ypeBEsobvcr6wjGzmiPcTaeG7/gUfE5yuYB3ha/uSLs.
I have been reading nonstop, and can't understand how to do it.
Now I'm trying this
Byte[] digest = org.apache.commons.codec.digest.DigestUtils.sha256(StringText);And this I need to store it in a variable, so I'm trying this
String OutStr = new String(digest);With no luck. I don't know where else to search help, for I had read all the google searches a lot of times (and if the answer is there, I'm not seeing it)
I don't code in java, but this time I need this to get working! Love!
so I'm writing my own tls 1.2 implementation for learning's sake and because the server I'm connecting to use a modified version of the protocol that ask for a non random client_random anyway (TL;DR: I'm having a bad_record_mac error on finished message with my implementation and can't find where I made a mistake)
I have to precise the only cipher suite I'm concerned about is TLS_RSA_WITH_AES_128_CBC_SHA
so first I create my client random and the handshake begins with the server sending server_random and the RSA public key in the certificate
I generate a random pre_master_secret and encrypt it with the RSA public key (done by a native module of the language, so no mess up by me on this) and send it back in a client_key_exchange message
I then generate the master_secret from: PRF(pre_master_secret, "master secret", client_random+server_random) where PRF is:
class TlsMasterSecret { constructor(pre_master_secret, client_random, server_random) { this.master_secret = TlsMasterSecret.PRF(pre_master_secret, Buffer.from("master secret", "ascii"), Buffer.concat([client_random, server_random]), 48); this.master_secret = this.master_secret.slice(0, 48); this.key_block = TlsMasterSecret.PRF(this.master_secret, Buffer.from("key expansion", "ascii"),Buffer.concat([server_random, client_random]), 104); // 20 20 16 16 this.client_write_MAC_key = this.key_block.slice(0, 20); this.server_write_MAC_key = this.key_block.slice(20, 40); this.client_write_key = this.key_block.slice(40, 56); this.server_write_key = this.key_block.slice(56, 72); } static PRF(secret, label, seed, neededLength) { return TlsMasterSecret.P_hash(secret, Buffer.concat([label, seed]), neededLength) } static P_hash(secret, seed, neededLength) { const A = [seed]; let resultHash = Buffer.from("", "hex"); // HMAC_SHA256 generates 32 bytes per update const iterations = Math.ceil(neededLength / 32); // generate A for(let i = 1; i < iterations + 1; i++) { A[i] = TlsMasterSecret.HMAC_hash(secret, A[i-1]); } // calculates the hash for(let i = 1; i < iterations + 1; i++) { resultHash = Buffer.concat([resultHash, TlsMasterSecret.HMAC_hash(secret, A[i])]); } return resultHash; } static HMAC_hash(secret, seed) { const hmac = crypto.createHmac("sha256", secret); hmac.update(seed); return hmac.digest(); }}then I create the Finished message from 0x1400000c followed by 12 bytes of verify_data
verify_data is generated like this:
// I strip the record layer headers off the messagesclient_hello = 0x0100002f03032668f90d7d3b3420f7712a3004247d233d90cc63fb4b23f77912b31c8c89893b000008002f0035003c003d0100server_hello = 0x0200002603031296263fba0a7955a83b2bf9c3716c8ee1c52e9065b89ee5649b31391d7ce84700002f00certificate = 0b00034e00034b00034830820344308202ada00302.......server_hello_done = 0e000000client_key_exchange = 100000820080673f1772e35c7565a1e0c2fae5ee1b5bf92211ba9e4de14620f43856d954cf737aa04c48f8b2ffa182f652fedd68523056acda3c7cd101c5a2c3a625655df67ad9fb7ca082cf68476f174ea7b83eab980b7b15657036ad0e26883c9bfe368847a02b052817cb80dabafc6af1dac8064ea0dc676e0f8ea74f84a122135f31b612handshake_messages = client_hello + server_hello + certificate + server_hello_done + client_key_exchangeverify_data = PRF(master_secret, "client finished", sha256(handshake_messages))[0..12]then I create the MAC that will go along this message:
// hmac_sha1(secret, seed)// seq_num is a uint64 @ 0 for the first message, 0x00000000// type = 0x16// version = 0x0303// length = 0x0010// content = 0x1400000c + verify_dataMAC = hmac_sha1(client_write_MAC_key, seq_num + type + version + length + content)plaintext = content + MACIV = randomBytes(16)// aes_128_cbc(key, IV, message)ciphertext = aes_128_cbc(client_write_key, IV, plaintext)final = 0x16 + 0x0303 + 0x0040 + IV + ciphertextif you read all of this and still willing to help thank you so muchI think I followed the specification but I'm getting a bad_record_mac error in wireshark so there's something wrong somewhere, I just can't find it :(
Casa - Mappa del sito - Vita privata - Links - Copyright © 2019 Cortex IT Ltd : Contatto : admin @ cortexit.co.uk
Please note that by viewing our site you agree to our use of cookies (see Vita privata for details). You will only see this message once.