|
Chilkat • HOME • .NET Core C# • Android™ • AutoIt • C • C# • C++ • Chilkat2-Python • CkPython • Classic ASP • DataFlex • Delphi ActiveX • Delphi DLL • Go • Java • Lianja • Mono C# • Node.js • Objective-C • PHP ActiveX • PHP Extension • Perl • PowerBuilder • PowerShell • PureBasic • Ruby • SQL Server • Swift 2 • Swift 3,4,5... • Tcl • Unicode C • Unicode C++ • VB.NET • VBScript • Visual Basic 6.0 • Visual FoxPro • Xojo Plugin
(AutoIt) Verify Signature of Alexa Custom Skill RequestThis example verifies the signature of an Alexa Custom Skill Request.
; This example assumes you have a web service that will receive requests from Alexa. ; A sample request sent by Alexa will look like the following: ; Connection: Keep-Alive ; Content-Length: 2583 ; Content-Type: application/json; charset=utf-8 ; Accept: application/json ; Accept-Charset: utf-8 ; Host: your.web.server.com ; User-Agent: Apache-HttpClient/4.5.x (Java/1.8.0_172) ; Signature: dSUmPwxc9...aKAf8mpEXg== ; SignatureCertChainUrl: https://s3.amazonaws.com/echo.api/echo-api-cert-6-ats.pem ; ; {"version":"1.0","session":{"new":true,"sessionId":"amzn1.echo-api.session.433 ... }} ; First, assume we've written code to get the 3 pieces of data we need: Local $signature = "dSUmPwxc9...aKAf8mpEXg==" Local $sCertChainUrl = "https://s3.amazonaws.com/echo.api/echo-api-cert-6-ats.pem" Local $sJsonBody = "{""version"":""1.0"",""session"":{""new"":true,""sessionId"":""amzn1.echo-api.session.433 ... }}" ; To validate the signature, we do the following: ; First, download the PEM-encoded X.509 certificate chain that Alexa used to sign the message $oHttp = ObjCreate("Chilkat.Http") $oSbPem = ObjCreate("Chilkat.StringBuilder") Local $bSuccess = $oHttp.QuickGetSb($sCertChainUrl,$oSbPem) If ($bSuccess = False) Then ConsoleWrite($oHttp.LastErrorText & @CRLF) Exit EndIf $oPem = ObjCreate("Chilkat.Pem") $bSuccess = $oPem.LoadPem($oSbPem.GetAsString(),"passwordNotUsed") If ($bSuccess = False) Then ConsoleWrite($oPem.LastErrorText & @CRLF) Exit EndIf ; The 1st certificate should be the signing certificate. Local $oCert = $oPem.GetCert(0) If ($oPem.LastMethodSuccess = False) Then ConsoleWrite($oPem.LastErrorText & @CRLF) Exit EndIf ; Get the public key from the cert. Local $oPubKey = $oCert.ExportPublicKey() If ($oCert.LastMethodSuccess = False) Then ConsoleWrite($oCert.LastErrorText & @CRLF) Exit EndIf ; Use the public key extracted from the signing certificate to decrypt the encrypted signature to produce the asserted hash value. $oRsa = ObjCreate("Chilkat.Rsa") $bSuccess = $oRsa.ImportPublicKeyObj($oPubKey) If ($bSuccess = False) Then ConsoleWrite($oCert.LastErrorText & @CRLF) Exit EndIf ; RSA "decrypt" the signature. ; (Amazon's documentation is confusing, because we're simply verifiying the signature against the SHA-1 hash ; of the request body. This happens in a single call to VerifyStringENC...) $oRsa.EncodingMode = "base64" Local $bVerified = $oRsa.VerifyStringENC($sJsonBody,"sha1",$signature) If ($bVerified = True) Then ConsoleWrite("The signature is verified against the JSON body of the request. Yay!" & @CRLF) Else ConsoleWrite("Sorry, not verified. Crud!" & @CRLF) EndIf |
||||
© 2000-2024 Chilkat Software, Inc. All Rights Reserved.