Authentication

digital signature authentication the zide client api employs digital signature authentication to ensure that the requests are genuine and have not been tampered with during transmission clients must use their private keys to sign the requests, the zide api server verifies these signatures using the corresponding public keys ensure your zide private key used for signing requests is stored securely and is never shared or transmitted the zide client api will never ask for your private key steps for clients steps to create the headers needed for zide client api authentication create a nonce a nonce is a random string that should be unique for each request to prevent replay attacks get the current timestamp it helps in ensuring that the request is only valid for a specific time period to prevent replay attacks create the data string combine the request’s url, timestamp, and nonce to form a data string sign the data string use your private key to sign the data string the signing should be done using the rsa sha256 algorithm encode the signature base64 encode the signature header information include the following headers in the http request x client id your client’s id from the zide dashboard x signature the base64 encoded signature x timestamp the timestamp x nonce the nonce sample code to create a request package main import ( &#x9;“crypto/rand” &#x9;“crypto/rsa” &#x9;“crypto/sha256” &#x9;“crypto/x509" &#x9;“encoding/base64” &#x9;“fmt” &#x9;“strconv” &#x9;“time” ) type zideauthenticationheaders struct { xclientid string `json "x client id"` xsignature string `json "x signature"` xtimestamp string `json "x timestamp"` xnonce string `json "x nonce"` } func createauthenticationheaders(clientid, privatekeypem, url string) ( zideauthenticationheaders, error) { &#x9;// parse the private key &#x9;block, = pem decode(\[]byte(privatekeypem)) &#x9;if block == nil { &#x9; return nil, fmt errorf(“failed to parse private key”) &#x9;} privatekey, err = x509 parsepkcs1privatekey(block bytes) &#x9; &#x9;if err != nil { &#x9; return nil, err &#x9;}&#x9; &#x9; &#x9;// create a nonce &#x9;nonce = “unique string”&#x9; &#x9; &#x9;// get the current timestamp &#x9;timestamp = strconv formatint(time now() unix(), 10)&#x9; &#x9; &#x9;// create the data string to be signed &#x9;datatosign = url + timestamp + nonce&#x9; &#x9; &#x9;// hash the data string &#x9;hasheddata = sha256 sum256(\[]byte(datatosign))&#x9; &#x9; &#x9;// sign the hashed data with the private key &#x9;signature, err = rsa signpkcs1v15(rand reader, privatekey, crypto sha256, hasheddata\[ ]) &#x9;if err != nil { &#x9; return nil, err &#x9;}&#x9; &#x9; &#x9;// base64 encode the signature &#x9;encodedsignature = base64 stdencoding encodetostring(signature)&#x9; &#x9; &#x9;// create a header &#x9;headers = \&zideauthenticationheaders{ xclientid clientid, xsignature encodedsignature, xtimestamp timestamp, xnonce nonce, } &#x9;return headers }import crypto import rsa import hashlib import base64 import time import json import pem import x509 import fmt import strconv class zideauthenticationheaders def init (self) self xclientid = "" self xsignature = "" self xtimestamp = "" self xnonce = "" def createauthenticationheaders(clientid, privatekeypem, url) block, = pem decode(privatekeypem encode()) if block is none return none, fmt errorf("failed to parse private key") privatekey = x509 parse pkcs1 private key(block bytes()) nonce = "unique string" timestamp = str(int(time time())) datatosign = url + timestamp + nonce hasheddata = hashlib sha256(datatosign encode()) digest() signature = rsa sign(hasheddata, privatekey, crypto sha256) encodedsignature = base64 b64encode(signature) decode() headers = zideauthenticationheaders() headers xclientid = clientid headers xsignature = encodedsignature headers xtimestamp = timestamp headers xnonce = nonce return headersimport as crypto from 'crypto'; import as fs from 'fs'; import as util from 'util'; import as base64 from 'base64 js'; import as sha256 from 'sha256'; import as rsa from 'node rsa'; import as moment from 'moment'; interface zideauthenticationheaders { 'x client id' string; 'x signature' string; 'x timestamp' string; 'x nonce' string; } async function createauthenticationheaders(clientid string, privatekeypem string, url string) promise\<zideauthenticationheaders> { const privatekey = new rsa(privatekeypem); const nonce = 'unique string'; const timestamp = moment() unix() tostring(); const datatosign = url + timestamp + nonce; const hasheddata = sha256(datatosign); const signature = privatekey sign(hasheddata, 'buffer'); const encodedsignature = base64 frombytearray(signature); const headers zideauthenticationheaders = { 'x client id' clientid, 'x signature' encodedsignature, 'x timestamp' timestamp, 'x nonce' nonce, }; return headers; }import java security keyfactory; import java security privatekey; import java security signature; import java security spec pkcs8encodedkeyspec; import java util base64; import java util date; import java util uuid; import java nio charset standardcharsets; import java security messagedigest; class zideauthenticationheaders { private string xclientid; private string xsignature; private string xtimestamp; private string xnonce; public zideauthenticationheaders(string xclientid, string xsignature, string xtimestamp, string xnonce) { this xclientid = xclientid; this xsignature = xsignature; this xtimestamp = xtimestamp; this xnonce = xnonce; } public string getxclientid() { return xclientid; } public string getxsignature() { return xsignature; } public string getxtimestamp() { return xtimestamp; } public string getxnonce() { return xnonce; } } public class main { public static zideauthenticationheaders createauthenticationheaders(string clientid, string privatekeypem, string url) throws exception { byte\[] privatekeybytes = base64 getdecoder() decode(privatekeypem); pkcs8encodedkeyspec keyspec = new pkcs8encodedkeyspec(privatekeybytes); keyfactory keyfactory = keyfactory getinstance("rsa"); privatekey privatekey = keyfactory generateprivate(keyspec); string nonce = "unique string"; string timestamp = string valueof(new date() gettime() / 1000); string datatosign = url + timestamp + nonce; messagedigest digest = messagedigest getinstance("sha 256"); byte\[] hasheddata = digest digest(datatosign getbytes(standardcharsets utf 8)); signature signature = signature getinstance("sha256withrsa"); signature initsign(privatekey); signature update(hasheddata); byte\[] signeddata = signature sign(); string encodedsignature = base64 getencoder() encodetostring(signeddata); zideauthenticationheaders headers = new zideauthenticationheaders(clientid, encodedsignature, timestamp, nonce); return headers; } public static void main(string\[] args) { try { zideauthenticationheaders headers = createauthenticationheaders("clientid", "privatekeypem", "url"); system out println(headers getxclientid()); system out println(headers getxsignature()); system out println(headers getxtimestamp()); system out println(headers getxnonce()); } catch (exception e) { e printstacktrace(); } } } sample code usage example here is a sample code snippet that demonstrates how a client can create such a request this is just an example, and you should adapt it according to your actual needs and environment func makerequest() { &#x9;headers, err = createauthenticationheaders(“your client id”, “your private key in pem format”, “/client/v1/transfer”) }import requests def make request() headers, err = create authentication headers("your client id", "your private key in pem format", "http //example com/api/data") \# use the 'headers' dictionary to make your http request response = requests get("http //example com/api/data", headers=headers)import axios, { axiosrequestconfig } from 'axios'; async function makerequest() promise\<void> { const headers = createauthenticationheaders("your client id", "your private key in pem format", "http //example com/api/data"); const config axiosrequestconfig = { method 'get', url 'http //example com/api/data', headers, }; try { const response = await axios(config); // use the response data } catch (error) { console error('error making the request ', error); } }import java io ioexception; import java net httpurlconnection; import java net url; public void makerequest() throws ioexception { map\<string, string> headers = createauthenticationheaders("your client id", "your private key in pem format", "http //example com/api/data"); url url = new url("http //example com/api/data"); httpurlconnection connection = (httpurlconnection) url openconnection(); for (map entry\<string, string> entry headers entryset()) { connection setrequestproperty(entry getkey(), entry getvalue()); } // use the connection to make your http request // } replace “your client id” with the actual client id, “your private key in pem format” with the actual private key gotten from your zide dashboard in pem format, and “/client/v1/transfer” with the actual url path the client wants to access