HERE TRAFFIC API TPEG, getmessage encryption

157 views Asked by At

I am struggling for an entire week now, failing at meeting the encryption requirements of HERE traffic api, precisely TPEG API.

Steps to do:

<?xml version="1.0" encoding="UTF-8" ?>
<get-messages>
  <locations>
     <loc lat="52.55121" lon="13.16565"/>    
  </locations>
</get-messages>

This xml body must be enrypted, HERE API documents it as follows:

Encrypt and compress all traffic information requests:

  1. Compress the XML body using gzip.

  2. Calculate the length in bytes of the gzip file.

  3. Prepend the length of the gzipped data to the compressed body as a little endian 32 bit integer.

  4. Pad the combination of gziped content and length with zeros to make it evenly divisible by 16 bytes.

  5. Using AES 128, encrypt the resultant padded combination of content and length as follows: a) Create a random integer 16 bytes long. b) AES encrypt the result of step 4, in mode CBC using the integer generated in step 5.a as the initialization vector and the key from the InitSession response. Do not apply additional padding.

  6. Send the resulting block of AES encrypted data as an HTTP POST request, prepended by the integer generated in step 5.a as content type application/octet-stream to the URL in the initsession response

So many things are just unclear here, what is the desired result of the gziped xml? Base64? binary? What is the type of the 32 little endian int, binary?

The key has a length of 32 characters. Since AES128 only fits 16 bytes long keys, I assume the key must be interpreted as hex values. Do all values need to be defined as hex values?

What is the type of the IV? Hex? Text? Binary? What is the type of the encrypted result? Hex? Binary? Text? Base64?

The http header must contain content_type appilcation/octet-stream.

0

There are 0 answers