|
Chilkat • HOME • .NET Core C# • Android™ • AutoIt • C • C# • C++ • Chilkat2-Python • CkPython • Classic ASP • DataFlex • Delphi ActiveX • Delphi DLL • Go • Java • Lianja • Mono C# • Node.js • Objective-C • PHP ActiveX • PHP Extension • Perl • PowerBuilder • PowerShell • PureBasic • Ruby • SQL Server • Swift 2 • Swift 3,4,5... • Tcl • Unicode C • Unicode C++ • VB.NET • VBScript • Visual Basic 6.0 • Visual FoxPro • Xojo Plugin
(DataFlex) Verify Signature of Alexa Custom Skill RequestThis example verifies the signature of an Alexa Custom Skill Request.
Use ChilkatAx-win32.pkg Procedure Test String sSignature String sCertChainUrl String sJsonBody Handle hoHttp Variant vSbPem Handle hoSbPem Boolean iSuccess Handle hoPem Variant vCert Handle hoCert Variant vPubKey Handle hoPubKey Handle hoRsa Boolean iBVerified String sTemp1 Boolean bTemp1 // This example assumes you have a web service that will receive requests from Alexa. // A sample request sent by Alexa will look like the following: // Connection: Keep-Alive // Content-Length: 2583 // Content-Type: application/json; charset=utf-8 // Accept: application/json // Accept-Charset: utf-8 // Host: your.web.server.com // User-Agent: Apache-HttpClient/4.5.x (Java/1.8.0_172) // Signature: dSUmPwxc9...aKAf8mpEXg== // SignatureCertChainUrl: https://s3.amazonaws.com/echo.api/echo-api-cert-6-ats.pem // // {"version":"1.0","session":{"new":true,"sessionId":"amzn1.echo-api.session.433 ... }} // First, assume we've written code to get the 3 pieces of data we need: Move "dSUmPwxc9...aKAf8mpEXg==" To sSignature Move "https://s3.amazonaws.com/echo.api/echo-api-cert-6-ats.pem" To sCertChainUrl Move '{"version":"1.0","session":{"new":true,"sessionId":"amzn1.echo-api.session.433 ... }}' To sJsonBody // To validate the signature, we do the following: // First, download the PEM-encoded X.509 certificate chain that Alexa used to sign the message Get Create (RefClass(cComChilkatHttp)) To hoHttp If (Not(IsComObjectCreated(hoHttp))) Begin Send CreateComObject of hoHttp End Get Create (RefClass(cComChilkatStringBuilder)) To hoSbPem If (Not(IsComObjectCreated(hoSbPem))) Begin Send CreateComObject of hoSbPem End Get pvComObject of hoSbPem to vSbPem Get ComQuickGetSb Of hoHttp sCertChainUrl vSbPem To iSuccess If (iSuccess = False) Begin Get ComLastErrorText Of hoHttp To sTemp1 Showln sTemp1 Procedure_Return End Get Create (RefClass(cComChilkatPem)) To hoPem If (Not(IsComObjectCreated(hoPem))) Begin Send CreateComObject of hoPem End Get ComGetAsString Of hoSbPem To sTemp1 Get ComLoadPem Of hoPem sTemp1 "passwordNotUsed" To iSuccess If (iSuccess = False) Begin Get ComLastErrorText Of hoPem To sTemp1 Showln sTemp1 Procedure_Return End // The 1st certificate should be the signing certificate. Get ComGetCert Of hoPem 0 To vCert If (IsComObject(vCert)) Begin Get Create (RefClass(cComChilkatCert)) To hoCert Set pvComObject Of hoCert To vCert End Get ComLastMethodSuccess Of hoPem To bTemp1 If (bTemp1 = False) Begin Get ComLastErrorText Of hoPem To sTemp1 Showln sTemp1 Procedure_Return End // Get the public key from the cert. Get ComExportPublicKey Of hoCert To vPubKey If (IsComObject(vPubKey)) Begin Get Create (RefClass(cComChilkatPublicKey)) To hoPubKey Set pvComObject Of hoPubKey To vPubKey End Get ComLastMethodSuccess Of hoCert To bTemp1 If (bTemp1 = False) Begin Get ComLastErrorText Of hoCert To sTemp1 Showln sTemp1 Send Destroy of hoCert Procedure_Return End Send Destroy of hoCert // Use the public key extracted from the signing certificate to decrypt the encrypted signature to produce the asserted hash value. Get Create (RefClass(cComChilkatRsa)) To hoRsa If (Not(IsComObjectCreated(hoRsa))) Begin Send CreateComObject of hoRsa End Get ComImportPublicKeyObj Of hoRsa vPubKey To iSuccess If (iSuccess = False) Begin Get ComLastErrorText Of hoCert To sTemp1 Showln sTemp1 Send Destroy of hoPubKey Procedure_Return End Send Destroy of hoPubKey // RSA "decrypt" the signature. // (Amazon's documentation is confusing, because we're simply verifiying the signature against the SHA-1 hash // of the request body. This happens in a single call to VerifyStringENC...) Set ComEncodingMode Of hoRsa To "base64" Get ComVerifyStringENC Of hoRsa sJsonBody "sha1" sSignature To iBVerified If (iBVerified = True) Begin Showln "The signature is verified against the JSON body of the request. Yay!" End Else Begin Showln "Sorry, not verified. Crud!" End End_Procedure |
||||
© 2000-2024 Chilkat Software, Inc. All Rights Reserved.