steve faleiro

Hi Angus, Thanks for your expert response. It has helped me achieve what I needed ie. to encode the JWK key to PEM format. The code in the `OverbyteIcsJoseTst` sample with ICS V9.1 allowed to save the key to PEM format by adding the following line: FVerifyPKey.PublicKeySaveToPemFile('c:\temp\out.pem'); Everything good now (I think!). Thanks again.

Angus, Thanks for pointing me in the right direction. I will try writing code to accomplish this with ICS and if I face difficulty I will post on the ICS forum. -Steve

I have this RSA public key in JWK format: I need to convert it to PEM format. This website does the conversion, but I need to do it in Delphi. I have read this StackOverflow post that asks the same question but the answer provided does not work with my data because the "d", "x" and "y" JSON keys are missing in my input data (meaning my data is a different format). In that same SO post, Arnaud Bouchez suggested using code from the Mormot2 library to do the work, and I've downloaded that library from GitHub but I can't seem to figure out how to start using it for this scenario. I have also had a look and installed "Delphi JOSE and JWT Library" but cannot figure out how to write the code to do what I need. I believe that this library may be able to do what I need. I've also posted this question on StackOverflow here: https://stackoverflow.com/questions/78073930/how-to-convert-jwk-to-pem-format-in-delphi

I've checked but its a huge library, and I'm unable to find the answer from there.

I've still not found the answer. I've now posted 2 questions on StackOverflow. If anyone has experience in this area or has solved this problem before, please reply there (or here). https://stackoverflow.com/questions/69768072/delphi-calculating-amazon-mws-signature https://stackoverflow.com/questions/69781720/delphi-amazon-mws-api-how-do-derive-the-base64-hmac-from-the-sha-256-hmac TIA!

Its nothing to do with the components. There is an error in the code in building the HTTP request. Something to do with character encoding (Unicode vs UTF8).

Using: + Delphi 10.2.3 Tokyo + IPWorks SSL and IPWorks Encrypt components I am trying to use the Amazon MWS API from Delphi to get a list of orders, but am unsuccessful in making the request to Amazon MWS. Its mandatory that I use IPWorks components, as required by my client. The response from the API says that the signature is not correct: Obviously the issue has something to do with calculating the signature, encoding it to Base64, or something wrong with the request itself. I think its the encoding to Base64 that is not working for me. Maybe something to do with Delphi Unicode and UTF-8 encoding. I've spent a whole day trying to figure this out and am stuck, so am posting it here. I hope someone can help. Below is my code: On the form I have 2 components: TipwHTTP and TipcHash object HTTPS: TipwHTTP FollowRedirects = frAlways SSLCertStore = 'MY' OnTransfer = HTTPSTransfer end object HashMaker: TipcHash Algorithm = haHMACSHA256 EncodeHash = True end function GetISO8601DateTime_URLEncodedStr(const ADateTime: TDateTime): String; var d: String; l: Integer; begin d := DateToISO8601(TTimeZone.Local.ToUniversalTime(ADateTime), True); l := Length(d); d := Copy(d, 1, l - 5) + 'Z'; // remove the milliseconds part Result := TNetEncoding.URL.Encode(d); end; const DOMAIN_NAME = 'https://mws.amazonservices.com/Orders/2013-09-01'; var sl: TStringList; param, signature, aurl: String; begin sl := TStringList.Create; try sl.Add('AWSAccessKeyId=' + edtAwsAccessKey.Text); { Index: 0 } sl.Add('&Action=ListOrders'); { Index: 1 } sl.Add('&CreatedAfter=' + GetISO8601DateTime_URLEncodedStr(dtpOrdersCreatedFrom.Date)); { Index: 2 } sl.Add('&MWSAuthToken=' + edtMarketplaceID.Text); { Index: 3 } sl.Add('&MarketplaceId.Id.1=' + edtMarketplaceID.Text); { Index: 4 } sl.Add('&SellerId=' + edtSellerID.Text); { Index: 5 } sl.Add('&SignatureMethod=HmacSHA256'); { Index: 6 } // <---- Insert Signature here sl.Add('&SignatureVersion=2'); { Index: 7 } sl.Add('&Timestamp=' + GetISO8601DateTime_URLEncodedStr(Now)); { Index: 8 } sl.Add('&Version=2013-09-01'); { Index: 9 } param := StringReplace(sl.Text, #13#10, '', [rfReplaceAll]); HashMaker.Key := edtSecretKey.Text; HashMaker.Algorithm := haHMACSHA256; HashMaker.InputMessage := 'POST\n' + 'mws.amazonservices.com\n' + '/Orders/2013-09-01\n' + param; HashMaker.ComputeHash; signature := HashMaker.HashValue; SetStatus('Signature1: ' + signature); // signature := TNetEncoding.Base64.Encode(TEncoding.UTF8.GetString(BytesOf(signature))); // SetStatus('Signature2: ' + signature); sl.Insert(6, '&Signature=' + signature); param := StringReplace(sl.Text, #13#10, '', [rfReplaceAll]); SetStatus('param: ' + param); finally sl.Free; end; with HTTPS do begin ContentType := 'application/x-www-form-urlencoded; charset=UTF-8'; Accept := 'text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8'; Timeout := 0; aurl := DOMAIN_NAME + '?' + param; Post(aurl); end; end; I would really appreciate if someone can help me solve this. -Steve

Ok great. I will 'check' it out (no pun intended) 😉. Thanks!

Hi Francois, Thanks for responding. In fact I'm using your excellent ICS components for implementing the Delphi REST client that is getting this data from PHP 🙂 I have now been able to verify that the data before encoding is the same on both sides - PHP and Delphi. PHP file_put_contents('c:\tmp\phpdata.txt', $encrypted . '::' . $iv); Delphi .. d := Base64DecodeStr(AStr); SaveTextToTxtFile('c:\tmp\delphi_data.txt', d); .. procedure SaveTextToTxtFile(ATxtFile, AText: String); var sl:TStringList; begin sl:=TStringList.Create; try sl.Add(AText); sl.SaveToFile(ATxtFile); finally sl.Free; end; end; This implies that my usage of DCPCrypt is wrong. Waiting on Delphi / DCPCrypt guru for resolution !

Hi Kas, Based on your suggestion, I've changed the code to the below, but it still does not work: function Decrypt(AStr: string): string; var d, s: string; p: Integer; iv: string; begin d := Base64DecodeStr(AStr); p := Pos('::', d); s := Copy(d, 1, p - 1); iv := Copy(d, p + 2, Length(s)); //DCP_rijndael.SetIV(iv); DCP_rijndael.Init(cPASSWORD, 256, @iv[1]); Result := DCP_rijndael.DecryptString(s); end; initialization DCP_rijndael := TDCP_rijndael.Create(nil); DCP_rijndael.Algorithm := 'Rijndael'; DCP_rijndael.CipherMode := cmCBC; //DCP_rijndael.BlockSize := 128; //DCP_rijndael.MaxKeySize := 256; finalization DCP_rijndael.Free;

I've posted my main question on StackOverflow here, and am repeating below: I'm encrypting text in PHP (openssl_encrypt / 'aes-256-cbc') and then trying to decrypt it in Delphi 7 (DCPCrypt / TDCP_rijndael). The PHP script files are saved in ANSI encoding, so that the strings being used are ANSI strings, compatible with Delphi 7. (Should be!) However the Delphi decryption is producing the wrong result, I am guessing that something is wrong in the code. I would be grateful if you could have a look, and spot my error on the Delphi side: PHP Code: function encrypt($key, $payload) { $iv = openssl_random_pseudo_bytes(openssl_cipher_iv_length('aes-256-cbc')); $encrypted = openssl_encrypt($payload, 'aes-256-cbc', $key, 0, $iv); return base64_encode($encrypted . '::' . $iv); } function decrypt($key, $garble) { list($encrypted_data, $iv) = explode('::', base64_decode($garble), 2); return openssl_decrypt($encrypted_data, 'aes-256-cbc', $key, 0, $iv); } Delphi code: var DCP_rijndael: TDCP_rijndael; const cPASSWORD = 'myownpassword'; function Decrypt(AStr: string): string; var d, s, iv: String; p: Integer; begin d := Base64DecodeStr(AStr); p := Pos('::', d); s := Copy(d, 1, p - 1); iv := Copy(d, p + 2, Length(s)); DCP_rijndael.SetIV(iv); Result := DCP_rijndael.DecryptString(s); end; initialization DCP_rijndael := TDCP_rijndael.Create(nil); DCP_rijndael.Algorithm := 'Rijndael'; DCP_rijndael.CipherMode := cmCBC; //DCP_rijndael.BlockSize := 128; {tried various values with no luck!} //DCP_rijndael.MaxKeySize := 256;{tried various values with no luck!} DCP_rijndael.Init(cPASSWORD, 256, nil); finalization DCP_rijndael.Free; TIA!

Hi David, Thanks for responding. So, the 24 significant bytes of the value in `I` will contain the numeric Ascii code values representing the string's characters. Ok great. Thanks!

I have inherited some code for use on my project, and for the first time in my Delphi programming career, I am seeing a String value being copied (using Move) into a LongInt variable. The code follows: var S: AnsiString; I: LongInt; begin S := 'rCf'; Move(S[1], I, Length(S)); In the code above, after the line with `Move` is executed, the variable I contains a numeric value. But .. I don't understand what operations are taking place on String and what the converted value represents. I am guessing that some string conversion is taking place resulting in the bit values of the string's characters being written to the memory address of I, with LongInt in Delphi 7 being 4 bytes (or 32 bits) in length. But I'm not sure! I would appreciate if any of the gurus could explain the operations or steps (algorithm) being carried out on the string that result in the number value? TIA.

Thanks Francois and Angus for the quick responses. I will explore the samples and see what I can come up with.

In order to check if an internet connection is available, I am using TWSocket to connect to an internet server on port 80, but its always returning `False`. On debugging, I found that it never steps into the event handler. I then tried with TSslWSocket (I've copied the Ssl DLLs into the EXE folder), and its the same thing. Any thing wrong with this code? type TDummy = class procedure wsocketOnSessionConnected(Sender: TObject; ErrCode: Word); end; var lInternetConnected: Boolean; procedure TDummy.wsocketOnSessionConnected(Sender: TObject; ErrCode: Word); begin lInternetConnected := (ErrCode = 0); end; function CheckInternetConnection: boolean; var wsocket: TSslWSocket; dummy: TDummy; begin Result := False; dummy := TDummy.Create; try wsocket := TSslWSocket.Create(nil); try wsocket.Proto := 'TCP'; wsocket.Port := '80'; wsocket.Addr := 'www.google.com'; wsocket.OnSessionConnected := dummy.wsocketOnSessionConnected; wsocket.Connect; finally wsocket.Free; end; finally dummy.Free; end; Result := lInternetConnected; end;