|
This is the code I am using - with the keys changed for obvious reasons.
Note the declarations of the keys as UTF-8 - the keys are just as given by
the API supplier. I do no conversion.
Hope this helps.
Dcl-Proc GetJWTKey;
dcl-pi *N Like(jwt_token_t);
end-pi;
// This is the secret key used to sign the app.
// Value will need to be changed if we ever regen the key in the app
store
dcl-s signKey like(jwt_signKey_t) ccsid(*utf8)
inz('abciPFYZjZnUo3pVGxLYG21zmf2qxso89999');
// This is the API key used to identify the issuer (i.e. SiD)
dcl-s apiKey like(jwt_signKey_t) ccsid(*utf8)
inz('-xyz7q4QSaOZESQwPGq15A');
dcl-s payload like(jwt_token_t) ccsid(*utf8);
dcl-s token like(jwt_token_t) ccsid(*utf8);
// The JWT issue time and expiry are specified in unix epoch time
// The routine CvtTSEpoch is used to convert a timestamp to epoch time
dcl-s epochNow int(10);
dcl-s epochExpire int(10);
dcl-c EXPIRE_IN 60; // Life of token in seconds
epochNow = CvtTSEpoch(%Timestamp()); // Time now as unix epoch
epochExpire = epochNow + EXPIRE_IN; // expire token in 1 minute
// - assuming EXPIRE_IN is 60.
// Build the JWT payload
payload = '{ "iss" : "' + apiKey + '", "exp" : ' + %editc(epochExpire :
'X')
+ ', "iat" : ' + %editc(epochNow : 'X') + ' }';
// And generate the JWT using ILEastic's JWT routine/
token = jwt_sign(JWT_HS256 : payload : signKey);
return token;
end-proc;
On Dec 7, 2020, at 10:54 AM, Suren K <suren7437@xxxxxxxxx> wrote:wrote:
Hi Jon,
I just saw the ILEastic code.
In the program JWTUT1, the key can assigned as shown below
signKey = '123456789012345678901234567890AB';
I assume the signkey value is the plain text (ASCII format which we are
getting from the client).
Am i right? or do we need to convert the ASCII plain text into another
format?
Regards,
Surender K
On Mon, Dec 7, 2020 at 8:17 PM Jon Paris <jon.paris@xxxxxxxxxxxxxx>
EBCDIC
If you are using JWTs then rather than rolling your own you could try
Mihael's code (part of the ILEastic project) from here:
https://github.com/sitemule/ILEastic/tree/master/plugins/jwt <
https://github.com/sitemule/ILEastic/tree/master/plugins/jwt>
That is what I ended up using for my Zoom work after having spent some
time beating my head against the same barriers you are encountering.
Always nice to use tested code !
Jon
On Dec 7, 2020, at 7:17 AM, Thomas Raddatz <thomas.raddatz@xxxxxx>wrote:
system? I assume that you need the hmac for a PC and not for an IBM I,
Did you convert the secret key (KEYD0200) to the ccsid of the target
right? Therefore you want to use an Ascii or UTF-8 key instead of an
orkey, I assume.
system, before passing it to the Qc3CalculateHMAC() API.
In that case the key must be converted to the CCSID of the target
Suren K
Thomas.
-----Ursprüngliche Nachricht-----
Von: RPG400-L <rpg400-l-bounces@xxxxxxxxxxxxxxxxxx> Im Auftrag von
Gesendet: Montag, 7. Dezember 2020 10:15that i am planning to generate the HMAC using the header, payload and
An: RPG programming on IBM i <rpg400-l@xxxxxxxxxxxxxxxxxx>
Betreff: Reg: HMAC Calculation
Hi All,
How are you?
I am facing the following issue with Qc3CalculateHMAC API.
Currently i am trying to do the JWT token validation in iSeries, to do
signed secret key.
Header(Base64encoded).Payload(Base64encoded).
The logic i am using is Passing the input data as
wrong?
1) For Base64 decoding - SYSTOOLS.BASE64ENCODE function is used.
2) Algorithm - SHA256.
3) I am passing the Secret Key as plain character text using "KEYD0200"
But the HMAC generated by the API is not correct. Am i doing anything
message email: RPG400-L@xxxxxxxxxxxxxxxxxx To subscribe, unsubscribe,
Qc3CalculateHMAC(
%addr(headerPayload) :
%len(%trimr(headerPayload)) :
'DATA0100' :
algd0500 :
'ALGD0500' :
keyparam :
'KEYD0200' :
'0' : // crypto
*blank : // crypto dev
hash :
QUSEC);
Could anyone please help me to figure out the issue?
Regards,
Suren K
--
This is the RPG programming on IBM i (RPG400-L) mailing list To post a
https://smex12-5-en-ctp.trendmicro.com:443/wis/clicktime/v1/query?url=https%3a%2f%2flists.midrange.com%2fmailman%2flistinfo%2frpg400%2dl&umid=610e4461-c6f6-4a7e-b039-66c99e2689e4&auth=e97acd68c6deb7b858f463424a55c9ae42d5359e-b35601ec44c876b516ef29c843b5d6cb9c44d158change list options,
visit:
https://smex12-5-en-ctp.trendmicro.com:443/wis/clicktime/v1/query?url=https%3a%2f%2farchive.midrange.com%2frpg400%2dl&umid=610e4461-c6f6-4a7e-b039-66c99e2689e4&auth=e97acd68c6deb7b858f463424a55c9ae42d5359e-b01fb74cc3366396f8ce552b3fb7a7e1d77d948bor email: RPG400-L-request@xxxxxxxxxxxxxxxxxx
Before posting, please take a moment to review the archives at
https://smex12-5-en-ctp.trendmicro.com:443/wis/clicktime/v1/query?url=https%3a%2f%2famazon.midrange.com&umid=610e4461-c6f6-4a7e-b039-66c99e2689e4&auth=e97acd68c6deb7b858f463424a55c9ae42d5359e-25c69241f01dab5b20ef507ba6ee621ff83bc9a0.
related questions.
Please contact support@xxxxxxxxxxxxxxxxxxxx for any subscription
link:
Help support midrange.com by shopping at amazon.com with our affiliate
related--related questions.
This is the RPG programming on IBM i (RPG400-L) mailing list
To post a message email: RPG400-L@xxxxxxxxxxxxxxxxxx
To subscribe, unsubscribe, or change list options,
visit: https://lists.midrange.com/mailman/listinfo/rpg400-l
or email: RPG400-L-request@xxxxxxxxxxxxxxxxxx
Before posting, please take a moment to review the archives
at https://archive.midrange.com/rpg400-l.
Please contact support@xxxxxxxxxxxxxxxxxxxx for any subscription
link: https://amazon.midrange.com
Help support midrange.com by shopping at amazon.com with our affiliate
--
This is the RPG programming on IBM i (RPG400-L) mailing list
To post a message email: RPG400-L@xxxxxxxxxxxxxxxxxx
To subscribe, unsubscribe, or change list options,
visit: https://lists.midrange.com/mailman/listinfo/rpg400-l
or email: RPG400-L-request@xxxxxxxxxxxxxxxxxx
Before posting, please take a moment to review the archives
at https://archive.midrange.com/rpg400-l.
Please contact support@xxxxxxxxxxxxxxxxxxxx for any subscription
related questions.questions.--
Help support midrange.com by shopping at amazon.com with our affiliate
link: https://amazon.midrange.com
This is the RPG programming on IBM i (RPG400-L) mailing list
To post a message email: RPG400-L@xxxxxxxxxxxxxxxxxx
To subscribe, unsubscribe, or change list options,
visit: https://lists.midrange.com/mailman/listinfo/rpg400-l
or email: RPG400-L-request@xxxxxxxxxxxxxxxxxx
Before posting, please take a moment to review the archives
at https://archive.midrange.com/rpg400-l.
Please contact support@xxxxxxxxxxxxxxxxxxxx for any subscription
link: https://amazon.midrange.com
Help support midrange.com by shopping at amazon.com with our affiliate
--
This is the RPG programming on IBM i (RPG400-L) mailing list
To post a message email: RPG400-L@xxxxxxxxxxxxxxxxxx
To subscribe, unsubscribe, or change list options,
visit: https://lists.midrange.com/mailman/listinfo/rpg400-l
or email: RPG400-L-request@xxxxxxxxxxxxxxxxxx
Before posting, please take a moment to review the archives
at https://archive.midrange.com/rpg400-l.
Please contact support@xxxxxxxxxxxxxxxxxxxx for any subscription related
questions.
Help support midrange.com by shopping at amazon.com with our affiliate
link: https://amazon.midrange.com
As an Amazon Associate we earn from qualifying purchases.
This mailing list archive is Copyright 1997-2025 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].
Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.