我正在使用Scribe Online API:https://dev.scribesoft.com/en/main/special_props/connection_properties.htm
对于创建新连接时发送数据的加密要求,他们有非常明确的说明,为方便起见,我在下面发布了这些说明.我正在使用PHP,并努力获取其API来接受我的加密.到目前为止,我的工作(在PHP中):
$props = [
'Url' => 'www.web.com',
'UserId' => 'abc123@hotmail.co.uk',
'Password' => 'abc123',
'SecurityToken' => '123',
'UseBulkApiRS' => 'false',
'UseBulkApiSYS' => 'false',
'RefreshMetaDataUponReconnect' => 'false',
'IncludeDeletedItemsSYS' => 'false',
];
$connector_props['connectorId'] = '8ADD76FC-525F-4B4B-B79E-945A6A762792';
$connector_props['connectorType'] = 'Salesforce';
$connector_props['color'] = '#FF00B050'; //Still Required but deprecated for Scribe Online.
$connector_props['name'] = 'Salesforce_TEST';
$connector_props['alias'] = 'Salesforce_TEST';
foreach($props as $prop_name => $val) {
//$iv = openssl_random_pseudo_bytes(16);
$iv = random_bytes(16);
$pbkdf2 = hash_pbkdf2('sha1', 'ORG_KEY', 'TIBCO_SALT_PUBLIC_KEY', 1000);
$aes = openssl_encrypt($val, 'AES-256-CBC', $pbkdf2, $options=0, $iv);
$base64_iv = base64_encode($iv);
$base64_val = base64_encode($aes);
$connector_props['properties'][] = [
'key' => $prop_name,
'value' => $base64_iv.$base64_val,
];
}
echo json_encode($connector_props, JSON_PRETTY_PRINT);
JSON中期望API调用以及一些不需要加密的其他参数-因此,我发送了类似这样的内容,其中XXX是上面的加密值:
{
"name": "Salesforce 4.0",
"alias": "Salesforce 4",
"color": "#FF00B050",
"connectorId": "8add76fc-525f-4b4b-b79e-945a6a762792",
"connectorType": "Salesforce",
"properties": [
{
"key": "Url",
"value": "XXX"
},
{
"key": "UserId",
"value": "XXX"
},
{
"key": "Password",
"value": "XXX"
},
{
"key": "SecurityToken",
"value": "XXX"
},
{
"key": "UseBulkApiRS",
"value": "XXX"
},
{
"key": "UseBulkApiSYS",
"value": "XXX"
},
{
"key": "RefreshMetaDataUponReconnect",
"value": "XXX"
},
{
"key": "IncludeDeletedItemsSYS",
"value": "XXX"
},
],
}
有人知道我要去哪里哪里吗?
从API DOCS-POST和PUT操作
POST或PUT数据时,必须对加密值进行64位基本编码,并将其附加到64位基本随机初始化矢量中.
要加密连接属性值:
1)将纯文本连接值转换为UTF-8编码.
2)生成一个16字节的随机数组.这是AES对称密钥算法的初始化向量(IV).
3)使用基于密码的密钥派生功能2(PBKDF2)标准和通过标准加密算法1(HMAC)计算的基于哈希的消息身份验证代码,从API访问令牌密钥和TIBCOScribe?API盐值生成1000个迭代派生的密钥-SHA1).
4)使用密钥大小为256,块大小为128和PKCS7填充的AES算法对UTF-8编码的Connection属性值进行加密.
5)将IV值和加密的Connection属性值都转换为Base 64编码的文本字符串.
6)将Base 64加密的文本字符串追加到Base 64 IV文本字符串.