|
Chilkat • HOME • .NET Core C# • Android™ • AutoIt • C • C# • C++ • Chilkat2-Python • CkPython • Classic ASP • DataFlex • Delphi ActiveX • Delphi DLL • Go • Java • Lianja • Mono C# • Node.js • Objective-C • PHP ActiveX • PHP Extension • Perl • PowerBuilder • PowerShell • PureBasic • Ruby • SQL Server • Swift 2 • Swift 3,4,5... • Tcl • Unicode C • Unicode C++ • VB.NET • VBScript • Visual Basic 6.0 • Visual FoxPro • Xojo Plugin
(PowerShell) Verify Signature of Alexa Custom Skill RequestThis example verifies the signature of an Alexa Custom Skill Request.
Add-Type -Path "C:\chilkat\ChilkatDotNet47-9.5.0-x64\ChilkatDotNet47.dll" # This example assumes you have a web service that will receive requests from Alexa. # A sample request sent by Alexa will look like the following: # Connection: Keep-Alive # Content-Length: 2583 # Content-Type: application/json; charset=utf-8 # Accept: application/json # Accept-Charset: utf-8 # Host: your.web.server.com # User-Agent: Apache-HttpClient/4.5.x (Java/1.8.0_172) # Signature: dSUmPwxc9...aKAf8mpEXg== # SignatureCertChainUrl: https://s3.amazonaws.com/echo.api/echo-api-cert-6-ats.pem # # {"version":"1.0","session":{"new":true,"sessionId":"amzn1.echo-api.session.433 ... }} # First, assume we've written code to get the 3 pieces of data we need: $signature = "dSUmPwxc9...aKAf8mpEXg==" $certChainUrl = "https://s3.amazonaws.com/echo.api/echo-api-cert-6-ats.pem" $jsonBody = "{`"version`":`"1.0`",`"session`":{`"new`":true,`"sessionId`":`"amzn1.echo-api.session.433 ... }}" # To validate the signature, we do the following: # First, download the PEM-encoded X.509 certificate chain that Alexa used to sign the message $http = New-Object Chilkat.Http $sbPem = New-Object Chilkat.StringBuilder $success = $http.QuickGetSb($certChainUrl,$sbPem) if ($success -eq $false) { $($http.LastErrorText) exit } $pem = New-Object Chilkat.Pem $success = $pem.LoadPem($sbPem.GetAsString(),"passwordNotUsed") if ($success -eq $false) { $($pem.LastErrorText) exit } # The 1st certificate should be the signing certificate. $cert = $pem.GetCert(0) if ($pem.LastMethodSuccess -eq $false) { $($pem.LastErrorText) exit } # Get the public key from the cert. $pubKey = $cert.ExportPublicKey() if ($cert.LastMethodSuccess -eq $false) { $($cert.LastErrorText) exit } # Use the public key extracted from the signing certificate to decrypt the encrypted signature to produce the asserted hash value. $rsa = New-Object Chilkat.Rsa $success = $rsa.ImportPublicKeyObj($pubKey) if ($success -eq $false) { $($cert.LastErrorText) exit } # RSA "decrypt" the signature. # (Amazon's documentation is confusing, because we're simply verifiying the signature against the SHA-1 hash # of the request body. This happens in a single call to VerifyStringENC...) $rsa.EncodingMode = "base64" $bVerified = $rsa.VerifyStringENC($jsonBody,"sha1",$signature) if ($bVerified -eq $true) { $("The signature is verified against the JSON body of the request. Yay!") } else { $("Sorry, not verified. Crud!") } |
||||
© 2000-2024 Chilkat Software, Inc. All Rights Reserved.