We use Chilkat to sign HTTP requests in our Powerbuilder 9.0.3 application (and also powerbuilder 12.6) but it's like the signature generated by Chilkat is not accepted by the API of Isabel (we already have contacted Isabel and they guess that there is a parameters issue in the signature algorithm). The documentation of the Isabel API (https://documentation.ibanity.com/http-signature)say that we have to use the RSASSA-PSS signature algorithm with the following parameters.
and so we have set the chilkat Rsa component like this:
loo_Rsa = create oleobject
li_rc = loo_Rsa.ConnectToNewObject("Chilkat_9_5_0.Rsa")
loo_Rsa.DebugLogFilePath = "c:\tmp\rsa.log"
loo_Rsa.VerboseLogging=1
li_Success=loo_Rsa.ImportPrivateKeyObj(loo_Privkey)
if li_Success <> 1 then
ls_error = "Error importPrivateKey: "+loo_Rsa.LastErrorText
destroy loo_Rsa
goto ee_error
end if
// Use RSA-PSS by setting OaepPadding = 1
loo_Rsa.OaepPadding = 1
loo_Rsa.OaepHash = "SHA-256"
loo_Rsa.EncodingMode = "base64"
ls_Signature = loo_Rsa.SignStringENC(ls_signing_string,"SHA-256")
Based on the Isabel documentation do you think we have correctly set the RSA parameters in Chilkat or we have miss something ? (we have also tried with LittleEndian = 0 but we receive the same error from the Isabel API).
For your information here is the log of chilkat :
In the log i see that Chilkat add sometime the character 3D after the characters "=" in the signing string, is it normal ? (in the log below i put the characters 3D in bold)
ImportPrivateKeyObj: DllDate: Feb 12 2018 ChilkatVersion: 9.5.0.72 UnlockPrefix: BEWANB.CB1042019 Architecture: Little Endian; 32-bit Language: ActiveX VerboseLogging: 1 toPrivKeyXml: toRsaPrivateKeyXml: toRsaPkcs1PrivateKeyDer: (leaveContext) DecodeToAsn: (leaveContext) (leaveContext) (leaveContext) importPrivateKey: loadAnyString: loadAnyXml: loadAnyXml: (leaveContext) (leaveContext) (leaveContext) (leaveContext) Success. (leaveContext 15ms) SignStringENC: DllDate: Feb 12 2018 ChilkatVersion: 9.5.0.72 UnlockPrefix: BEWANB.CB1042019 Architecture: Little Endian; 32-bit Language: ActiveX VerboseLogging: 1 hashAlgorithm: SHA-256 charset: windows-1252 Component successfully unlocked using purchased unlock code. inputBytesQP: (request-target): get /isabel-connect/account-reports?offset=3D0&size=3D100=
\nhost: api.ibanity.com\ndigest: SHA-512=3Dz4PhNX7vuL3xVChQ1m2AB9Yg5AULVxXc=
g/SpIdNs6c5H0NE8XYXysP+DGNKHfuwvY7kxvUdBeoGlODJ6+SfaPg=3D=3D\n(created): 16=
15285438\nauthorization: Bearer access_token_1615285439 hashAndSign: modulus_bitlen: 2048 hashBytes: 070D CF6B 85D6 ACE2 971F 20B3 29A0 439A FE36 9394 0D1C 10E7 513B 1447 F04D 39B2 padAndSignHash: keyType: Private hashInSize: 32 padding: PSS hashAlg: SHA-256 pss_encode: emLen: 256 autoSelectedSaltLen: 32 (leaveContext) (leaveContext 31ms) byteOrder: LittleEndian (leaveContext 47ms) signature: Te3sMFkvo26Mi5pkLsB8AwAJYynlB3xKU1Dy2AyPS4GlF1fUgTU4k5dU3mSu2dkJEbvmkUd+aPuwo+51AyNarcD7vGtFp/ze3vjCB87lZ+qrzDquEpVUNOb6tOq467odIeGPAsj4b9sa6JsdXciEGKPIZgC8+7zojm87f2MdAVVkDXTwFq7nmI+Q5czGlswLpihYn4VF+5ateKDInl1TdiekujmBh5ffkZAE43LZQX4UWIhqqlak7p2P9GyhF9n3RQRZ55Tp25vOWgPdnwz90OKnQR5aWtcHoVY+JuIl0VX49UFELU+L/Xz9tOGnilA7UcKElWMXVzcEqo3KLcGUWQ== Success. (leaveContext 47ms) ImportPrivateKeyObj: DllDate: Feb 12 2018 ChilkatVersion: 9.5.0.72 UnlockPrefix: BEWANB.CB1042019 Architecture: Little Endian; 32-bit Language: ActiveX VerboseLogging: 1 toPrivKeyXml: toRsaPrivateKeyXml: toRsaPkcs1PrivateKeyDer: (leaveContext) DecodeToAsn: (leaveContext) (leaveContext) (leaveContext) importPrivateKey: loadAnyString: loadAnyXml: loadAnyXml: (leaveContext) (leaveContext) (leaveContext) (leaveContext) Success. (leaveContext 31ms) SignStringENC: DllDate: Feb 12 2018 ChilkatVersion: 9.5.0.72 UnlockPrefix: BEWANB.CB1042019 Architecture: Little Endian; 32-bit Language: ActiveX VerboseLogging: 1 hashAlgorithm: SHA-256 charset: windows-1252 Component successfully unlocked using purchased unlock code. inputBytesQP: (request-target): get /isabel-connect/account-reports?offset=3D0&size=3D100=
\nhost: api.ibanity.com\ndigest: SHA-512=3Dz4PhNX7vuL3xVChQ1m2AB9Yg5AULVxXc=
g/SpIdNs6c5H0NE8XYXysP+DGNKHfuwvY7kxvUdBeoGlODJ6+SfaPg=3D=3D\n(created): 16=
15287272\nauthorization: Bearer access_token_1615287272 hashAndSign: modulus_bitlen: 2048 hashBytes: B22B C9AF 7041 43E4 1CFE 5898 C88C C9CE 95FC B536 AC75 1F21 996C 7E7A 7B19 80EF padAndSignHash: keyType: Private hashInSize: 32 padding: PSS hashAlg: SHA-256 pss_encode: emLen: 256 autoSelectedSaltLen: 32 (leaveContext) (leaveContext 31ms) byteOrder: LittleEndian (leaveContext 31ms) signature: 0b/fLp4xbSaGqrH7HXsP8bRuhtr9xo7oPiY1+ryhVuR4vDCdCRFc2As6RX2SazS2T2MK4P966TX1rr5Qx2VnDYN0JL6ZnZAiR/P+ILP19bJN9+f6Jv1nfmgSOUB/stxeLKNlibeMXaR6+heX/ccGY807r8MdEk3hGFwlkK611GjrHoNTH+vge2ReQo8lKBaVP1QIHCvwXUVS39GdABHFLxTQ8La514YX8qruJp6i69lDfCvh4P9rOl5pebMwknyEjJ2rs0D40MUU8z+hM5bm+hSD100S7Ww9sDwObitn4FftR60fee/f3vf9qCv0wkBTBbVP8DTR4vbpKxv/oUNXFQ== Success. (leaveContext 31ms)
and we receive this errors from the Isabel API:
{"errors":[{"code":"invalidSignature","detail":"The HTTP signature could not be verified. Please refer to https://documentation.ibanity.com/http-signature","meta":{}}]}
Here is also the original signing string:
(request-target): get /isabel-connect/account-reports?offset=0&size=100\nhost: api.ibanity.com\ndigest: SHA-512=z4PhNX7vuL3xVChQ1m2AB9Yg5AULVxXcg/SpIdNs6c5H0NE8XYXysP+DGNKHfuwvY7kxvUdBeoGlODJ6+SfaPg==\n(created): 1615287272\nauthorization: Bearer access_token_1615287272
Thank in advance for any help or suggestion.
Regards.
Guy
I created some examples, and will create a few more here: https://www.example-code.com/powerbuilder/ibanity.asp