I've been searching for the past few days about encrypting some data to use on the URL.
I basically have 3 strings and i need to encrypt then on a unique token.
eg: code: '12345678' email: 'teste#encrypt.com' name: 'nameTest'
This will be join together as code%email%name and i need to encrypt them.
What's the best way to do it as i need to pass the encrypted string on the URL for the other server to decrypt? The algorithms i've used all put some form of '/\=' and i guess that probably may cause problems
Thanks for the help
In 2019, URI.encode is obsolete and should not be used
If you want safely put encrypted string into url without problems with special characters then you could use CGI.escapeor ERB::Util.url_encode for this purpose.
require 'erb'
ERB::Util.url_encode("Hello world")
#=> "Hello%20world"
Rails will decode automatically when receiving
If you want something simple that encodes and hide raw data which could be decoded somewhere later and verified then you could use MessageVerifier provided by active support:
#verifier = ActiveSupport::MessageVerifier.new('s3Krit')
cookies[:remember_me] = #verifier.generate([#user.id, 2.weeks.from_now])
id, time = #verifier.verify(cookies[:remember_me])
http://api.rubyonrails.org/classes/ActiveSupport/MessageVerifier.html
http://ngauthier.com/2013/01/rails-unsubscribe-with-active-support-message-verifier.html
If you want true encryption then you could look into such project. It uses OpenSSL:
http://rocketjob.github.io/symmetric-encryption/
I'm trying to write a simple ASP.Net app that allows the users to log in with their username and password. I'm using an EF database in the .NET Framework 4, coding in C#. My problem is, when the user registers their details on the registration page, their password value does not save. That textfield is a password field.
How can I save the passwords actual value in the database, but keep the textfield as password? Would I need to encrypt it? I've never done encryption, so any help would be appreciated. Thanks
You should use some cryptographic algorithm to compute the hash for password string (see Hash string in c#). Then store it as byte array or encoded string (like hex or base64) in db.
I have two questions:
Q1: Why does OAuth2 require params to be ordered and encoded (for 2-legged)?
All it has to worry about is the matching signature in both the end for the given data(query string).
We can just check the signature generated using the query string.(e.g ?a=1&b=2). Since the signature is generated based on the secret key which is known only to the client and provider, we can only consider the query string without any ordering/encoding.
So, what's the advantage in doing ordering/encoding and then creating the signature?
Q2: How can this signature save me from man-in-the middle attack?
If I have to make a request like this to my server from a client:
increaseUserPoints?userId=1&pointsToAdd=5&appId=x&token=XYZ
Now the token XYZ will be always same, so a hacker could keep posting the same request to increase points. Since the generated token from the given appId is the same, the server will allow this. How is this case handled?
Q1: Ordering the query parameters brings sanity to the HMAC.
Let's say you have two parameters: 'pointsToAdd' and 'appId'. Using the query string pointsToAdd=X&appID=y creates a different HMAC to appID=y&pointsToAdd=X. Because both you and the server need to generate the same HMAC to verify the requests having unordered query parmeters plain fails.
Q2: This saves you from an attack because only you and the server know how to sign your request.
You have a secret key, and only you and the server knows it. This key signs the request. If the HMAC doesn't match according to this secret key, the request fails.
Because all parameters have been used to create the HMAC the request is secure from MITM attacks — a hacker can't change, add or delete any query parameters, or the server will produce a different HMAC when it attempts to authorise and the request fails.
I'm interested in url signing (e.g. http://.../?somearg=value&anotherarg=anothervalue&sig=aSKS9F3KL5xc), but I have a few requirements which have left me without a solution yet.
I'll be using either PHP or Python for pages, so I'll need to be able to sign and verify a signature using one of the two.
My plan was to use a priv/pub key scheme to sign some data, and be able to verify that the signature is valid, but here's where it gets complicated:
The data is not known when the verification is happening (it is not just somearg=value&anotherarg=anothervalue)
My first instinct was to use OpenSSL, e.g. with a RSA keypair, to do something along the lines of signing by: openssl rsautl -sign -inkey private.pem -in sensitive -out privsigned and verifying based on the privsigned data and key ONLY: openssl rsautl -verify -inkey public.pem -in privsigned -pubin.
Using PHP's openssl_get_privatekey() and openssl_sign() signs the data just fine, but I need to know the (decrypted!) data in order to verify (which I will not have): openssl_get_publickey() and openssl_verify($data, $signature, $pubkeyid); from http://php.net/openssl_verify.
Or am I missing something here?
So I looked into HMAC, but although many hash function are available in both Python and PHP, I'm baffled as to how I'd go about verifying the hash.
PHP's hash_hmac() allows me to create a hash using a "key" (or in this case a string-key). But how do I go about verifying that a hash is valid (i.e. &sig= hasn't just been manually put in by the end user &sig=abcdefg1234.
So to sum up (sorry for the long question): How can I verify that a signature/hash has been made by my server's (cert/string)key (given I can not verify by redoing the hash of said data)? And do you have any preferences as to which route I should chose, Priv/pub-key or HMAC?
Any pointers big or small is greatly appreciated!
Thanks in advance,
Josh
As Henning Makholm pointed out, HMAC is a better choice than public key. There are some best practices you should consider for your particular scenario that will impact your choices:
Do you want to consider the hostname and scheme (http/https) in the signature? Maybe.
Do you want to consider the path in the signature? Probably.
Do you want to consider the query string in the signature? Probably.
Do you want to normalize the argument order and escaping prior to signing? Usually not.
Do you want to embed signature time etc (to create time-limited URLs)?
Do you want to tie the signed URL to some other user state, such as cookie?
Are you using user-generated or user-visible content directly in the HMAC? If so, you should "salt" the key using a value that is randomized for each request.
When computing the signature, you'll need to encode it in a URL-friendly way (base64 and base32 are popular choices) and choose an HMAC algorithm (such as SHA-256), and decide how many bits of the signature you want to keep (truncating the HMAC value in half is usually safe). If you choose base64, beware of the different alphabets used by url-safe vs non-url-safe implementations.
Here is a pseudocode implementation (w/o error checking or salting etc) for signing path + query string:
const secret = ...;
def sign(path, querystring):
return path + "?" + querystring + "&sig=" + url_encode(base64_encode(hmacsha256(secret, path + "?" + querystring).truncate(16)))
def verify(path, querystring):
querystring_without_sig = remove_query_parameter(querystring, "sig")
sig = base64_decode(url_decode(get_query_parameter(querystring, "sig")))
if hmacsha256(secret, path + "?" + querystring_without_sig)[:16] != sig:
raise "invalid sig"
HMAC SHA256 is recommended and is available in all common languages.
Java:
Mac mac = Mac.getInstance("HmacSHA256");
mac.init(secret);
return mac.doFinal(value.getBytes());
Python:
hmac.new(secret, input, hashlib.sha256).digest()
PHP:
hash_hmac("sha256", value, secret);
HMAC is a symmetric algorithm, so there is no separate creation and checking algorithm. To check, you simply compute the hash as it should have been computed originally, and check that the result equals what you actually got from the client. The security rests on the HMAC key only existing on your server.
Unless you need the signatures to be verifiable by someone who doesn't know the secret key, HMAC is probably a better choice than public-key systems, for reasons of efficiency. It can take several milliseconds to create or verify a public-key signature (some years ago I timed one implementation at 15 ms per operation), whereas HMAC is quite fast.
(Oh, and you cannot verify any kind of signature without knowing the data it's supposed to sign. That wouldn't make any sense, as far as I can see).
If you want to use HMAC and Python, then:
$ pip install ska
On the client side
from ska import sign_url
signed_url = sign_url(
auth_user='user',
secret_key='your-secret_key',
url='http://e.com/api/'
)
Produced URL looks like as follows.
http://e.com/api/?valid_until=1378045287.0&auth_user=user&signature=YlZpLFsjUKBalL4x5trhkeEgqE8%3D
On the server side
Note, that in example below request.GET is given as example. It will most likely vary from what's used in your framework (unless you use Django).
from ska import validate_signed_request_data
validation_result = validate_signed_request_data(
data = request.GET, # Note, that ``request.GET`` is given as example.
secret_key = 'your-secret_key'
)
The validate_signed_request_data produces a SignatureValidationResult object, which basically holds two properties:
result (bool): True if data is valid. False otherwise.
reason (list): List of strings, indicating validation errors.
I've been asked to develop the company's backoffice for the iPad and, while developing the login screen, I've ran into an issue with the authentication process.
The passwords are concatenated with a salt, hashed using SHA-256 and stored in the database.
The backoffice is Flash-based and uses the as3crypto library to hash then password+salt and my problem is that the current implementation uses Base64 for both input and output.
This site demonstrates how this can be done: just select Hash and select Base64 for both input and output format and fire away. So far, all my attempts have yielded different results from the ones this site (and the backoffice code) give me.
While I think that in theory it should be relatively simply:
Base64 encode the pass+salt
Hash it using SHA-256
Base64 encode the result again
so far I haven't been able to do this and I'm getting quite the headache to be honest.
My code is becoming a living maze, i'll have to redo-it tomorrow I reckon.
Any ideas?
Cheers and thanks in advance
PS: Here's the Backoffice's Flash code for generating hashed passwords by the way:
var currentResult:ByteArray;
var hash:IHash = Crypto.getHash('sha256');
var data:ByteArray = Base64.decodeToByteArray(str + vatel);
currentResult = hash.hash(data);
return Base64.encodeByteArray(currentResult).toString();
The backoffice code does not do
Base64 encode the pass+salt
Hash it using SHA-256
Base64 encode the result again
(as you wrote above)
Instead, what it does is
Base64 decode the pass+salt string into a byte array
Hash the byte array using SHA-256
Base64 encode the byte array, returning a string
As per step 1 above, it's a unclear what kind of character encoding the input strings uses. You need to make sure that both systems use the same encoding for the input strings! UTF8, UTF16-LE or UTF16-BE makes a world of a difference in this case!
Start by finding out the correct character encoding to use on the iOS side.
Oh, and Matt Gallagher has written an easy to use wrapper class for hashes to use on iOS, HashValue.m, I've used it with good results.