I want decode message where coded by AES-CBC-128 + HMAC-SHA1 encryption.
Also i have the secret key
How to decode message from OpenSSL ?
e.g.
my coded message:
(secret ky is "secret")
d5:9d:a0:23:4d:77:c4:1d:ac:4b:c0:3e:0d:b1:4f:be:a4:5a:2b:fb:19:16:1d:97:f8:60:6f:a9:a2:02:b2:1e:f7:a6:3d:7a:49:07:65:dc:d8:90:44:5d:ee:af:6d:ff:b0:35:2c:b3:cc:a4:d7:ae:a9:67:ef:c1:78:41:68:97:d3:d7:c5:44
Related
I am creating symmetrically signed Tokens with HMAC + SHA-256. As expected the header looks like this:
{
"alg": "HS256",
"typ": "JWT"
}
But when I encrypt the token with the AES_128_CBC_HMAC_SHA_256, the header changed to this:
{
"alg": "A128KW",
"enc": "A128CBC-HS256",
"typ": "JWT"
}
The "enc" parameter looks like expected, but why does the "alg" parameter change when encrypted?
From what I understand about encrypting JWTs:
The payload is signed (or symmetrically encrypted) and appended to the token;
payload + signature are encrypted with the algorithm specified in "enc" if applicable.
This does not appear to apply though. How would a potential recipient know that the decrypted token was signed with HMAC + SHA-256 now?
Isn't signing and encrypting done in this manner? I also noted that the distinct "." separating the signature and the payload is still present in the encrypted token, which seems odd considering the whole content should be encrypted as one (excluding the header).
I am using Microsoft.IdentityModel to generate the tokens if that matters.
The "enc" parameter looks like expected, but why does the "alg" parameter change when encrypted?
The header claim alg has different meanings when used in a JWS (signed token) and JWE (encrypted token).
With JWS (extract from the RFC7515 section 4.1.1)
The "alg" (algorithm) Header Parameter identifies the cryptographic
algorithm used to secure the JWS.
With JWE (extract from the RFC7516 section 4.1.1)
This parameter has the same meaning, syntax, and processing rules as
the "alg" Header Parameter defined in Section 4.1.1 of [JWS], except
that the Header Parameter identifies the cryptographic algorithm used
to encrypt or determine the value of the CEK.
About you assumption
From what I understand about encrypting JWTs:
* The payload is signed (or symmetrically encrypted) and appended to the token;
* payload + signature are encrypted with the algorithm specified in "enc" if applicable.
This is not correct. With JWE, the payload is not digitally signed by the issuer.
If you need both encryption and signature, you will have to issue a JWS (e.g. with {"alg":"HS256","typ":"JWT"}).
This JWS will be encrypted (e.g. with {"alg": "A128KW","enc": "A128CBC-HS256","typ": "JWT"}
I also noted that the distinct "." separating the signature and the payload is still present in the encrypted token
THe difference between JWS and JWE is that the number of . is not the same:
2 . for JWS
4 . for JWE
Disctinction between the 2 token types is detailed in the RFC7516 section 9
I'm searching the method(example) to decrypt message, that was encrypted in Bouncy castle Java library, through C# BC library.
I created ECC keypair(secp256k1 curve) in JAVA through BC library. And encrypted data with ECIES.
After that, I'm able to decrypt the message easily using Java BC library. This is the example I used.
ECPublicKey key = (ECPublicKey) KeyFactory.getInstance("EC").generatePublic(new X509EncodedKeySpec(pubKey));
Cipher cipher = Cipher.getInstance("ECIES", new BouncyCastleProvider());
cipher.init(Cipher.ENCRYPT_MODE, key);
byte []encryptedString = cipher.doFinal("testmessage".getBytes("UTF-8"))
PrivateKey privateKey = KeyFactory.getInstance("EC").
generatePrivate(new PKCS8EncodedKeySpec(privKeyByte));
Cipher cipher = Cipher.getInstance("ECIES", new BouncyCastleProvider());
cipher.init(Cipher.DECRYPT_MODE, privateKey);
byte[] decrypted = cipher.doFinal(encryptedString);
I'm trying to decrypt the message using C# BC library as like I did in JAVA.
But I couldn't find.
There were some examples of encryption, decryption using Bouncy castle C#.
But I couldn't find to how to decrypt the message, encrypted in java bouncy castle ECIES, through C# BC library.
Please help.
To compute the Client Key Exchange message, what method are we meant to use to encrypt the pre master secret with the server`s public key?
-----BEGIN CERTIFICATE-----
`MII423hasdhashdfxzcvbvwe1209khndasAQWRENWA............
*lots of extra contents*
-----END CERTIFICATE-----
My PreMaster Secret in SHA384(#########################) = random contents
The client key exchange will be the value of *converted value of random contents of SHA384
using ASN1 decoder or is it the .pem that needs to be converted to get client key exchange?
Here is my Signature Base String:
POST&https%3A%2F%2Faccount.api.here.com%2Foauth2%2Ftoken&grant_type%3Dclient_credentials%26oauth_consumer_key%3Dkey%26oauth_nonce%3D123456%26oauth_signature_method%3DHMAC-SHA256%26oauth_timestamp%3D1585591059%26oauth_version%3D1.0
Here is my signature:
kCGgrwFgEi85njS5WOeM88t0L70V99StMjxTXzYQEiI
Here is my Authorization Header
OAuth oauth_consumer_key="key",oauth_nonce="123456",oauth_timestamp="1585590864",oauth_signature_method="HMAC-SHA256",oauth_version="1.0",oauth_signature="kCGgrwFgEi85njS5WOeM88t0L70V99StMjxTXzYQEiI"
Here is the error:
{"errorId":"ERROR-f2dd0dcd-73e8-48e8-ae07-9d772e1b7399","httpStatus":401,"errorCode":401300,"message":"Signature mismatch. Authorization signature or client credential is wrong.","error":"invalid_client","error_description":"errorCode: '401300'. Signature mismatch. Authorization signature or client credential is wrong."}
James
The reason for signature mismatch is that the one you created is different than the one server created. Check the following –
Did you append ‘&’ at the end of access key secret to create signing
key
Did you convert the signing key and base string into bytes before
passing it to HMAC-SHA256 hashing algorithm
Did you convert the output of HMAC-SHA256 hashing algorithm into base64 string
Regarding error code, you can refer this - https://developer.here.com/documentation/authentication/dev_guide/topics/error-messages.html
I'm trying to get certificates and private keys from windows certificate store using MSCAPI provider, then i need to store them in a Java Keystore object, but i'm facing a problem of private keys format, the error says:
java.security.KeyStoreException: Cannot get key bytes, not PKCS#8 encoded
Here's my code:
SunMSCAPI providerMSCAPI = new SunMSCAPI();
Security.addProvider(providerMSCAPI);
KeyStore ks = KeyStore.getInstance("Windows-MY");
ks.load(null, null);
PrivateKey privateKey = null;
X509Certificate cert = null;
cert = (X509Certificate) ks.getCertificate("ALIAS");
if (ks.isKeyEntry("ALIAS")) {
privateKey = (PrivateKey) ks.getKey("ALIAS", null);
}
KeyStore newKs = null;
...
...
newKs .setKeyEntry("pvKey", privateKey , "pwd".toCharArray(), certifChain);
Also, the privateKey.getEncoded() returns null.
I have exactly the same issue when programatically importing a pfx file into the windows certificate store and then attempting to read this certificate and key again later. I believe the answer lies in http://www.oracle.com/technetwork/articles/javase/security-137537.html and I quote: "...the resulting PKCS#12 keystore may not be imported into applications that use only a single password for the keystore and all its key entries". Earlier in the document it also states: "Note that keys produced by the SunMSCAPI provider are wrapper objects for the native handles. Thus, they may not be accepted by other providers and may behave somewhat differently than keys produced by pure-Java providers, such as SunJCE. In particular, the RSA private keys generated by the SunMSCAPI provider cannot be serialised". Upon trying to read the private key results in null algorithm and null encoded data as you note above, though reading the certificate works fine. Alternatively you could save the PrivateKey in a separate RSA encrypted file instead of the windows certificate store or just work of the original pfx file instead of importing the pfx into the windows certificate store.
I use command such like:
Runtime.getRuntime().exec("openssl pkcs8 -topk8 -nocrypt -in "+ privateKeyPath + " -out " + pkcs8PrivateKeyPath)