You need to sign in to do that
Don't have an account?
sudha rani 13
Trustpilot encryption process
I am working on the Encryption process.
I need to generate encrypted payload by following instructions from the below link: https://support.trustpilot.com/hc/en-us/articles/115004145087--Business-Generated-Links-for-developers-
I tried below code below:
String text = '{"email":"sudharani256@gamil.com","name":"Sudha Rani Y","ref":"1234"}'; Blob key = Crypto.generateAesKey(128); Blob data = Blob.valueOf(text); String clearText = '{"email":"sudharani256@gmail.com","name":"Sudha Rani Y","ref":"1234"}'; String b64Data = EncodingUtil.base64Encode(data); String encryptKey = '/...................'; Blob cipherText = Crypto.encryptWithManagedIV('AES128', key, Blob.valueOf(clearText)); //note 1 add above iV in place of key blob encryptedData = Crypto.encrypt('AES256', EncodingUtil.base64Decode(encryptKey),key,data); //16 byte string. since characters used are ascii, each char is 1 byte. //encrypted blob String strMd5= EncodingUtil.base64Encode (Crypto.generateDigest('MD5',EncodingUtil.base64Decode('ekR0VlHRzQxIlNu0smkKh8sOOcfUAqwsw71g4fhHChA='))); String algorithmName = 'HmacSHA256'; Blob hmacData = Crypto.generateMac(algorithmName, EncodingUtil.base64Decode(strMd5), data); string input='...'; // what you want to sign string privateKey= '...................'; // your private key Blob keyTwo = Crypto.generateAesKey(256); //blob rs256sig = Crypto.sign('RSA', data, EncodingUtil.base64Decode(encryptKey)); system.debug(EncodingUtil.urlEncode(EncodingUtil.base64Encode(key)+EncodingUtil.base64Encode(cipherText)+EncodingUtil.base64Encode(hmacData),'UTF-8'));
From the above code, I tried rs256sig instead of hmacData but getting error like "System.SecurityException: Invalid Crypto Key".
Please help me it is very needful.
Found below links which are relavant to 'System.SecurityException: Invalid Crypto Key' error.
https://developer.salesforce.com/forums/?id=9060G0000005ZrLQAU
https://salesforce.stackexchange.com/questions/281029/crypto-verify-format-of-a-public-key
https://salesforcekings.blogspot.com/2015/10/how-to-encrypt-and-decrypt-value-in.html
Hope above information was helpful.
Please mark as Best Answer so that it can help others in the future.
Thanks,
Vinay Kumar
Apex Crypto class provides support for Digital Signatures with the sign() method. OpenSSL can be used to generate a certificate from which a private key can be extracted. The important thing to note is that the resulting private key must be in PCKS#8 format.
Found below related documentation for your reference.
https://developer.salesforce.com/page/Apex_Crypto_Class
https://salesforce.stackexchange.com/questions/275453/encrypt-with-apex-and-decrypt-with-openssl-base64-encoding-and-line-breaks
https://www.jitendrazaa.com/blog/tag/openssl/
https://developer.salesforce.com/forums/?id=906F00000008xUXIAY
https://developer.salesforce.com/docs/atlas.en-us.apexcode.meta/apexcode/apex_classes_restful_crypto.htm
Thanks,
Vinay Kumar
Here is the sample python code, they are not generating any crypto key. They are just using the encryption key and the Auth key.
https://github.com/trustpilot/python-authenticated-encryption
Here is the updated code(Modified encryption process and applied concatenation logic):
I cracked it.
String text = '{\"email\":\"sudharani256@gmail.com\",\"name\":\"Sudha Rani\",\"ref\":\"1234\"}';
Blob encryptCode = EncodingUtil.base64Decode('...........');
Blob data = Blob.valueOf(text);
Blob ciphertextAndIV = Crypto.encryptWithManagedIV('AES256', encryptCode, data);
BLob authKeyDecode = EncodingUtil.base64Decode('.............................');
String ciphertextAndIVTExt = EncodingUtil.base64Encode(ciphertextAndIV);
String algorithmName = 'hmacSHA256';
Blob hmacData = Crypto.generateMac(algorithmName,ciphertextAndIV,authKeyDecode);
String base64_payload = ciphertextAndIVTExt+EncodingUtil.base64Encode(hmacData);
String urlEncodeInfohmacData = EncodingUtil.urlEncode(base64_payload,'UTF-8');
system.debug(urlEncodeInfohmacData);