public void TestGenerateSignatureMD5() { var signingKey = "2zzXDyLUAEdT8rTcKqJuOwgPmRYBDAu4jXDi0GmoARevPdOZ1R"; var expectedSig = "666c2c1a3fe7d621ad10456c4531e702"; var request = @"{ ""msisdn"": ""447700900001"", ""to"": ""447700900000"", ""messageId"": ""0A0000000123ABCD1"", ""text"": ""Hello world"", ""type"": ""text"", ""keyword"": ""HELLO"", ""message-timestamp"": ""2020-01-01T12:00:00.000+00:00"", ""timestamp"": ""1578787200"", ""nonce"": ""aaaaaaaa-bbbb-cccc-dddd-0123456789ab"", ""concat"": ""true"", ""concat-ref"": ""1"", ""concat-total"": ""3"", ""concat-part"": ""2"", ""data"": ""abc123"", ""udh"": ""abc123"", ""sig"":""12345"" }"; var message = JsonConvert.DeserializeObject <SMS.SMSInbound>(request); var dict = JsonConvert.DeserializeObject <Dictionary <string, string> >(request); var signatureString = SMS.SMSInbound.ConstructSignatureStringFromDictionary(dict); var method = SmsSignatureGenerator.Method.md5hash; var testSig = SmsSignatureGenerator.GenerateSignature(signatureString, signingKey, method); Assert.Equal(testSig, expectedSig); }
public void TestGenerateSignatureSHA512HMAC() { var signingKey = "2zzXDyLUAEdT8rTcKqJuOwgPmRYBDAu4jXDi0GmoARevPdOZ1R"; var expectedSig = "AB1630493820A5DE881333F3320E2755212D3CF96B5E20158229B19928B380205043230F00F2E5FAE8FD4CEE8F7FD2CEF364C03086A00FF2F3644B05561CC232"; var request = @"{ ""msisdn"": ""447700900001"", ""to"": ""447700900000"", ""messageId"": ""0A0000000123ABCD1"", ""text"": ""Hello world"", ""type"": ""text"", ""keyword"": ""HELLO"", ""message-timestamp"": ""2020-01-01T12:00:00.000+00:00"", ""timestamp"": ""1578787200"", ""nonce"": ""aaaaaaaa-bbbb-cccc-dddd-0123456789ab"", ""concat"": ""true"", ""concat-ref"": ""1"", ""concat-total"": ""3"", ""concat-part"": ""2"", ""data"": ""abc123"", ""udh"": ""abc123"", ""sig"":""12345"" }"; var message = JsonConvert.DeserializeObject <SMS.SMSInbound>(request); var dict = JsonConvert.DeserializeObject <Dictionary <string, string> >(request); var signatureString = SMS.SMSInbound.ConstructSignatureStringFromDictionary(dict); var method = SmsSignatureGenerator.Method.sha512; var testSig = SmsSignatureGenerator.GenerateSignature(signatureString, signingKey, method); Assert.Equal(testSig, expectedSig); }
public void TestGenerateSignatureSHA256HMAC() { var signingKey = "2zzXDyLUAEdT8rTcKqJuOwgPmRYBDAu4jXDi0GmoARevPdOZ1R"; var expectedSig = "B5FE66C4FE808C191B27D0AFC56918B5CC1FDC4784B82528C1D0537BA8A57192"; var request = @"{ ""msisdn"": ""447700900001"", ""to"": ""447700900000"", ""messageId"": ""0A0000000123ABCD1"", ""text"": ""Hello world"", ""type"": ""text"", ""keyword"": ""HELLO"", ""message-timestamp"": ""2020-01-01T12:00:00.000+00:00"", ""timestamp"": ""1578787200"", ""nonce"": ""aaaaaaaa-bbbb-cccc-dddd-0123456789ab"", ""concat"": ""true"", ""concat-ref"": ""1"", ""concat-total"": ""3"", ""concat-part"": ""2"", ""data"": ""abc123"", ""udh"": ""abc123"", ""sig"":""12345"" }"; var message = JsonConvert.DeserializeObject <SMS.SMSInbound>(request); var dict = JsonConvert.DeserializeObject <Dictionary <string, string> >(request); var signatureString = SMS.SMSInbound.ConstructSignatureStringFromDictionary(dict); var method = SmsSignatureGenerator.Method.sha256; var testSig = SmsSignatureGenerator.GenerateSignature(signatureString, signingKey, method); Assert.Equal(testSig, expectedSig); }
private static StringBuilder BuildQueryString(IDictionary <string, string> parameters, Credentials creds = null) { var apiKey = (creds?.ApiKey ?? Configuration.Instance.Settings["appSettings:Nexmo.api_key"])?.ToLower(); var apiSecret = creds?.ApiSecret ?? Configuration.Instance.Settings["appSettings:Nexmo.api_secret"]; var securitySecret = creds?.SecuritySecret ?? Configuration.Instance.Settings["appSettings:Nexmo.security_secret"]; SmsSignatureGenerator.Method method; if (creds?.Method != null) { method = creds.Method; } else if (Enum.TryParse(Configuration.Instance.Settings["appSettings:Nexmo.signing_method"], out method)) { //left blank intentionally } else { method = SmsSignatureGenerator.Method.md5hash; } var sb = new StringBuilder(); var signature_sb = new StringBuilder(); Action <IDictionary <string, string>, StringBuilder> buildStringFromParams = (param, strings) => { foreach (var kvp in param) { strings.AppendFormat("{0}={1}&", WebUtility.UrlEncode(kvp.Key), WebUtility.UrlEncode(kvp.Value)); } }; Action <IDictionary <string, string>, StringBuilder> buildSignatureStringFromParams = (param, strings) => { foreach (var kvp in param) { strings.AppendFormat("{0}={1}&", kvp.Key.Replace('=', '_').Replace('&', '_'), kvp.Value.Replace('=', '_').Replace('&', '_')); } }; parameters.Add("api_key", apiKey); if (string.IsNullOrEmpty(securitySecret)) { // security secret not provided, do not sign parameters.Add("api_secret", apiSecret); buildStringFromParams(parameters, sb); return(sb); } parameters.Add("timestamp", ((int)(DateTime.UtcNow - new DateTime(1970, 1, 1, 0, 0, 0, DateTimeKind.Utc)).TotalSeconds).ToString(CultureInfo.InvariantCulture)); var sortedParams = new SortedDictionary <string, string>(parameters); buildStringFromParams(sortedParams, sb); buildSignatureStringFromParams(sortedParams, signature_sb); var queryToSign = "&" + signature_sb.ToString(); queryToSign = queryToSign.Remove(queryToSign.Length - 1); var signature = SmsSignatureGenerator.GenerateSignature(queryToSign, securitySecret, method); sb.AppendFormat("sig={0}", signature); return(sb); }
public bool ValidateSignature(string signatureSecret, SmsSignatureGenerator.Method method) { //use json representation to create a useable dictionary var json = JsonConvert.SerializeObject(this, Formatting.None, new JsonSerializerSettings { DefaultValueHandling = DefaultValueHandling.Ignore }); var dict = JsonConvert.DeserializeObject <Dictionary <string, string> >(json); var signatureString = ConstructSignatureStringFromDictionary(dict); var testSig = SmsSignatureGenerator.GenerateSignature(signatureString, signatureSecret, method).ToString(); System.Diagnostics.Debug.WriteLine(testSig); Console.WriteLine(testSig); return(testSig == Sig); }
public ActionResult Validate([FromQuery] SMS.SMSInbound response) { var queryDictionary = HttpContext.Request.Query.ToDictionary(x => x.Key, x => x.Value.ToString()); var signatureString = SMS.SMSInbound.ConstructSignatureStringFromDictionary(queryDictionary); var NEXMO_SECRET_SIGNATURE_KEY = "NEXMO_SECRET_SIGNATURE_KEY"; var method = SmsSignatureGenerator.Method.md5hash; var testSig = SmsSignatureGenerator.GenerateSignature(signatureString, NEXMO_SECRET_SIGNATURE_KEY, method); var match = response.sig == testSig; if (match) { Debug.WriteLine("Valid Signature"); } else { Debug.WriteLine("Invalid Signature"); } return(StatusCode(StatusCodes.Status200OK)); }