Created
January 15, 2019 10:29
-
-
Save lalilaloe/168965cafcfc6475a8e2d74362b76df3 to your computer and use it in GitHub Desktop.
Encryption Encrypted Request Bunq
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
const forge = require("node-forge"); | |
const hex2bin = str => str.match(/.{1,2}/g).reduce((str, hex) => str += String.fromCharCode(parseInt(hex, 16)), ''); | |
const ivRaw = hex2bin("9916624005aff27d337cb4710065eb84"); | |
const keyRaw = hex2bin("b4086697c4fa9af691ca18c49635e5d8930afed8051b3a10ce77d3997dcd10c2"); | |
const bodyRaw = "test" | |
const HMAC_ALGORITHM = "sha1"; | |
const AES_ENCRYPTION_METHOD = "AES-CBC"; | |
function generateHmac(key, iv, body) { | |
const content = iv + body; | |
const hmac = forge.hmac.create(); | |
hmac.start(HMAC_ALGORITHM, key); | |
hmac.update(content); | |
return hmac.digest('binary').data; | |
} | |
function encryptBody(text, key, iv) { | |
var cipher = forge.cipher.createCipher(AES_ENCRYPTION_METHOD, key); | |
cipher.start({ iv: iv }); | |
cipher.update(forge.util.createBuffer(text)); | |
cipher.finish(); | |
var encrypted = cipher.output; | |
var data = encrypted.getBytes(); | |
return data; | |
} | |
function encryptPublic(key) { | |
const keyPem = `-----BEGIN PUBLIC KEY----- | |
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyAs4Bl6kEjCxOzFXAm8u | |
HFAbmLHrfb10fQVZ4nOR7yuqvr48W+RSqOar+ILBtnk3LAqWHHohNPspGQy/s/52 | |
0GV8sBQPh5m66A/6fUBLkiN4e9y2U/8FyTPDUg4CtRfPSrYkUFlvUkCphqb1NqUp | |
Z1CgmXvoDsoG8VqFZFfV1+F+K3Yem4Wkl8xXOqUoXApi1/99vdSKMa+rTGMTqy+v | |
jCtasxJkSNKqspnirtSguqYaa+o8VyXO4q1T/vHBvqscTJia2yN8T4JmdqksE1CT | |
0Spz9zoQcr6jJXj6imb9gxJZVIKb/AFq+iaMWsToRSTIw//topwgDaYKlqpT1t2w | |
jwIDAQAB | |
-----END PUBLIC KEY-----` | |
const localKey = forge.pki.publicKeyFromPem(keyPem); | |
return localKey.encrypt(key) | |
} | |
const encryptedKey = encryptPublic(keyRaw) | |
const encryptedBody = encryptBody(bodyRaw, keyRaw, ivRaw) | |
const hmac = generateHmac(keyRaw, ivRaw, encryptedBody) | |
console.log(forge.util.encode64(encryptedKey), "\n") | |
console.log(forge.util.encode64(encryptedBody), "\n") | |
console.log(forge.util.encode64(hmac), "\n") |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<?php | |
$ivRaw = hex2bin("9916624005aff27d337cb4710065eb84"); | |
$keyRaw = hex2bin("b4086697c4fa9af691ca18c49635e5d8930afed8051b3a10ce77d3997dcd10c2"); | |
$bodyRaw = "test"; | |
const HMAC_ALGORITHM = "sha1"; | |
const AES_ENCRYPTION_METHOD = "aes-256-cbc"; | |
function generateHmac(string $key, string $iv, string $body): string{ | |
$rawData = $iv . $body; | |
return hash_hmac(HMAC_ALGORITHM, $rawData, $key, true); | |
} | |
function encryptBody(string $text, string $key, string $iv): string{ | |
return openssl_encrypt($text, AES_ENCRYPTION_METHOD, $key, OPENSSL_PKCS1_PADDING, $iv); | |
} | |
function encryptPublic(string $key) { | |
$keyPem = "-----BEGIN PUBLIC KEY-----\n". | |
"MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyAs4Bl6kEjCxOzFXAm8u\n". | |
"HFAbmLHrfb10fQVZ4nOR7yuqvr48W+RSqOar+ILBtnk3LAqWHHohNPspGQy/s/52\n". | |
"0GV8sBQPh5m66A/6fUBLkiN4e9y2U/8FyTPDUg4CtRfPSrYkUFlvUkCphqb1NqUp\n". | |
"Z1CgmXvoDsoG8VqFZFfV1+F+K3Yem4Wkl8xXOqUoXApi1/99vdSKMa+rTGMTqy+v\n". | |
"jCtasxJkSNKqspnirtSguqYaa+o8VyXO4q1T/vHBvqscTJia2yN8T4JmdqksE1CT\n". | |
"0Spz9zoQcr6jJXj6imb9gxJZVIKb/AFq+iaMWsToRSTIw//topwgDaYKlqpT1t2w\n". | |
"jwIDAQAB\n". | |
"-----END PUBLIC KEY-----"; | |
openssl_public_encrypt($key, $encrypted, $keyPem); | |
return $encrypted; | |
} | |
$encryptedKey = encryptPublic($keyRaw); | |
$encryptedBody = encryptBody($bodyRaw, $keyRaw, $ivRaw); | |
$hmac = generateHmac($keyRaw, $ivRaw, $encryptedBody); | |
echo(base64_encode($encryptedKey) . "\n\n"); | |
echo(base64_encode($encryptedBody). "\n\n"); | |
echo(base64_encode($hmac). "\n\n"); |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment