- Is there a PHP equivalent to Java MessageDigest
I have a Java method that I need to implement in PHP. It is to create an authentication string to gain access to an API. It consists of a code given by the company as well as an API key, also given by the company, and, according to the Java example below, it also includes a GMT timestamp in minutes since epoch.
According to the documentation it says "The timestamp calculated as the number of minutes passed since epoch. A GMT time zone must be used for calculating the timestamp. If the system time of a requesting server is off by more than one minute from actual current time , the call will be rejected by the server with a 400 Bad Request code".
I have to provide as parameters the code as well as the SHA-256 encrypted token that I create.
Here is the Java:
String createToken() { String token = ""; MessageDigest lclMD = null; try { lclMD = MessageDigest.getInstance("SHA-256"); } catch (NoSuchAlgorithmException e) { e.printStackTrace(); } lclMD.update((EnvConstants.code + EnvConstants.api_key + Long.toString(getEpochMinutes())).getBytes()); byte[] lclResult = lclMD.digest(); sig = new String(Hex.encodeHex(lclResult)); return token; }long getEpochMinutes () { Calendar cal = Calendar.getInstance(TimeZone.getTimeZone("GMT")); long now = System.currentTimeMillis(); cal.setTimeInMillis(now); return (cal.getTimeInMillis() / 60000L); }This is what I have tried in PHP:
$time = (string)time()/60; // to get the minutes since epoch, I have also tried it not casting it to a string$code = 'thisisthecode';$api_key = 'XXXXXXX';$hash = hash('sha256', $code . $api_key . $time);$curl = curl_init();$url = "http://api.url/user/XXXX?code=thisisthecode&token=$hash"; curl_setopt($curl, CURLOPT_URL, $url);$result = curl_exec($curl);return $result;When I run this code I always get a 400 Bad Request error.
To be clear, I don't know Java and now I'm guessing if I know PHP well enough because I can't get this to work.
Can anyone help me out with this? I'm banging my head against the concrete.
Thank you for any and all help.
- How to Windows Forms decrypt password SQL Entity Framework
I have the following question, I need to make a project in windows forms that consults data of an SQL database that was generated by Entity Framework, so I am trying to compare passwords between the one that I enter by WF with the one I have in the database, the The question is that EF encrypts the password data and therefore if I have to compare it then, I need to decrypt it. This is an assumption, there is no other way to compare this data. And this is the code I have
public partial class MainWindow : Window{ private Models.SecurityController _security; public MainWindow() { InitializeComponent(); _security = new Models.SecurityController(); } private void Button_Click(object sender, RoutedEventArgs e) { var email = EmailInput.Text; var pass = PassInput.Password; email = email.Replace(" ", ""); if (email == "" ) { EmailInput.Focus(); Errorlbl.Content = "Por favor utiliza un mail valido"; } else if (pass == "") { PassInput.Focus(); Errorlbl.Content = "Por favor utiliza una contraseña"; } else if (email != null && pass != null) { using (DBEnt db = new DBEnt()) { var item = db.AspNetUsers.Where(u => u.Email.Equals(email)).FirstOrDefault(); if (item == null) { Errorlbl.Content = "Usuario mail invalido"; } else { Errorlbl.Content = "Usuario valido"; } var query = db.AspNetUsers.Where(u => u.Email.Equals(email)).FirstOrDefault(); var hashedpassword = query.PasswordHash; var unhashed = _security.Decrypt(pass, hashedpassword); } } }}up to this point hashedpassword returns menull
And all this is the SecurityController class
class SecurityController{ public string Encrypt(string key, string data) { string encData = null; byte[][] keys = GetHashKeys(key); try { encData = EncryptStringToBytes_Aes(data, keys[0], keys[1]); } catch (CryptographicException) { } catch (ArgumentNullException) { } return encData; } public string Decrypt(string key, string data) { string decData = null; byte[][] keys = GetHashKeys(key); try { decData = DecryptStringFromBytes_Aes(data, keys[0], keys[1]); } catch (CryptographicException) { } catch (ArgumentNullException) { } return decData; } private byte[][] GetHashKeys(string key) { byte[][] result = new byte[2][]; Encoding enc = Encoding.UTF8; SHA256 sha2 = new SHA256CryptoServiceProvider(); byte[] rawKey = enc.GetBytes(key); byte[] rawIV = enc.GetBytes(key); byte[] hashKey = sha2.ComputeHash(rawKey); byte[] hashIV = sha2.ComputeHash(rawIV); Array.Resize(ref hashIV, 16); result[0] = hashKey; result[1] = hashIV; return result; } //source: https://msdn.microsoft.com/de-de/library/system.security.cryptography.aes(v=vs.110).aspx private static string EncryptStringToBytes_Aes(string plainText, byte[] Key, byte[] IV) { if (plainText == null || plainText.Length <= 0) throw new ArgumentNullException("plainText"); if (Key == null || Key.Length <= 0) throw new ArgumentNullException("Key"); if (IV == null || IV.Length <= 0) throw new ArgumentNullException("IV"); byte[] encrypted; using (AesManaged aesAlg = new AesManaged()) { aesAlg.Key = Key; aesAlg.IV = IV; ICryptoTransform encryptor = aesAlg.CreateEncryptor(aesAlg.Key, aesAlg.IV); using (MemoryStream msEncrypt = new MemoryStream()) { using (CryptoStream csEncrypt = new CryptoStream(msEncrypt, encryptor, CryptoStreamMode.Write)) { using (StreamWriter swEncrypt = new StreamWriter(csEncrypt)) { swEncrypt.Write(plainText); } encrypted = msEncrypt.ToArray(); } } } return Convert.ToBase64String(encrypted); } //source: https://msdn.microsoft.com/de-de/library/system.security.cryptography.aes(v=vs.110).aspx private static string DecryptStringFromBytes_Aes(string cipherTextString, byte[] Key, byte[] IV) { byte[] cipherText = Convert.FromBase64String(cipherTextString); if (cipherText == null || cipherText.Length <= 0) throw new ArgumentNullException("cipherText"); if (Key == null || Key.Length <= 0) throw new ArgumentNullException("Key"); if (IV == null || IV.Length <= 0) throw new ArgumentNullException("IV"); string plaintext = null; using (Aes aesAlg = Aes.Create()) { aesAlg.Key = Key; aesAlg.IV = IV; ICryptoTransform decryptor = aesAlg.CreateDecryptor(aesAlg.Key, aesAlg.IV); using (MemoryStream msDecrypt = new MemoryStream(cipherText)) { using (CryptoStream csDecrypt = new CryptoStream(msDecrypt, decryptor, CryptoStreamMode.Read)) { using (StreamReader srDecrypt = new StreamReader(csDecrypt)) { plaintext = srDecrypt.ReadToEnd(); } } } } return plaintext; }}Maybe I'm getting very complicated, does anyone know how I can do this better or if I'm doing well?
- HMAC/SHA256 Content Hash Generate
Good afternoon everyone,
I am seeking information on how to generate a content hash using HMAC/SHA156. I am very new to coding and would appreciate any feedback.
BTW- This content hash is required to call my external api function through my wix.com website but I am unsure of how to generate this code.
- SHA256 fingerprint invalid public key error in Windows
I am trying to generate the fingerprint form Public Key (PK) to SHA-256, using the command as:
ssh-keygen -lf C:/Users/UserName/.ssh/pk.asc. But got the error as:C:/Users/UserName/.ssh/pk.asc is not a public key file.
I have generated the PublicKey using:
GPG4Win, GNU privacy assistant Key MangerPublic Key Details:
Public key format:
Why is the
ssh-keygennot recongnizing the generated public key. What might i am doing wrong while exporting Public Key from the GPG application? - How does openssl perform hashing on stdin when multiple inputs are given?
How does openssl perform hashing on stdin when multiple inputs are provided?
For example if the command entered is:
openssl {enter}
sha256 {enter}
foo {enter}
bar {enter}
foobar {enter}
ctrl + dThe resulting hash I'm receiving is 3e76042553dc7a71401dea0cd9b0b38b but that doesn't match any of the hashes that result from the individual words themselves when run separately.
foo - d3b07384d113edec49eaa6238ad5ff00
bar - c157a79031e1c40f85931829bc5fc552
foobar - 14758f1afd44c09b7992073ccf00b43dHow does that work?