Please enable JavaScript to view this site.

Administration manual

Navigation: Tech Doc > Advanced security functions > Create the URL for the integration of result lists

Generate URL signature

 Scroll Prev Top Next More

When directly accessing a result list using a URL generated for this task, the URL has to be validated. For this, during the generation of the URL a signature is created and attached as additional URL parameter (see section Integration of a result list without passphrase and section Integration with passphrase):

URL not using the passphrase

http://servername/JobRouter/modules/jobarchive/index.php?action=showresultlist&id=<resultListId>&q=<queryParameters>&signature=<signature>

Part of the URL that is to be signed:

<urlPartToSign> = /JobRouter/modules/jobarchive/index.php?action=showresultlist&id=<resultListId>&q=<queryParameters>

Please note: The protocol (e.g. https) and the server name have to be omitted when signing.

URL using the passphrase

http://servername/JobRouter/modules/jobarchive/index.php?action=showresultlist&id=<resultListId>&eq=<encryptedQueryParameters>&signature=<signature>

Part of the URL that is to be signed:

<urlPartToSign> =/JobRouter/modules/jobarchive/index.php?action=showresultlist&id=<resultListId>&eq=<encryptedQueryParameters>

Please note: The protocol (e.g. https) and the server name have to be omitted when signing.

The signature of the URL is generated as follows:

<signature> = HASH_HMAC(SHA256_ALGORITHM, <urlPartToSign>, SHA512(<signatureKey>))

Initially a SHA-512 hash of the signature key is generated in hexadecimal format (String of 128 chars).

Afterwards the Keyed-Hash Message Authentication Code (HMAC) of the to be signed part of the URL is generated as key by using the SHA-256 algorithm on the SHA-512 hash of the signature key.

The String displayed in the configuration of the result list in JobRouter has to be used as the value for the signature key <signatureKey>.

PHP code snippet

$signatureKeyHash = hash('sha512', $signatureKey);
$signature = hash_hmac('sha256', $urlPartToSign, $signatureKeyHash);

Java code snippet

Mac hmac = Mac.getInstance("HmacSHA256");
hmac.init(getSignKey(signatureKey));
byte[] hmacBytes = hmac.doFinal(urlPartToSign.getBytes("UTF-8"));
StringBuffer hexSignature = new StringBuffer();
for (int i = 0; i < hmacBytes.length; i++) {
    hexSignature.append(Integer.toString((hmacBytes[i] & 0xff) + 0x100, 16).substring(1));
}
String signature = hexSignature.toString();

.NET code snippet

byte[] bytesToSign = UTF8Encoding.UTF8.GetBytes(urlPartToSign);
byte[] key = getSignKey(signatureKey);
HMACSHA256 hmac = new HMACSHA256(key);
byte[] hmacBytes = hmac.ComputeHash(bytesToSign);
StringBuilder hexSignature = new StringBuilder(hmacBytes.Length * 2);
foreach (byte b in hmacBytes) {
    hexSignature.AppendFormat("{0:x2}", b);
}
string signature = hexSignature.ToString();