Question/Issue
I called the session API for watermark embedding, but the API server responds "Hash verification failed." (Error code A1007).
Brief Description
This error occurs when the input data constituting the hash value of the API request data is incorrect or the sha256 hash processing is incorrect.
First, check the session manager API guide of PallyCon Forensic Watermarking to see whether the hash input value of the request data is configured according to the specification. If the input value is configured properly, it is most likely that the result value of the sha256 hash function was not processed according to the specification.
Resolution
Step 1: Check the hash input value
Various HTTP APIs used in the PallyCon service use the following JSON data as a base64-encoded string as the request data.
{
"data":"{aes256 cbc encryption of 'API data' for each API, and base64 encoding}",
"timestamp":"{yyyy-mm-ddThh:mm:ssZ}",
"hash":"{sha256 hash of 'hash input format' in base64 string}"
}
First, create `data` and `timestamp` values by referring to the session manager API guide on the Docs site, and combine the following four string data into one to compose the hash input value.
- Access key: Access key value assigned to the PallyCon service account (can be found in PallyCon Console)
- Site ID: 4-digit site ID value assigned to the PallyCon service account (can be found in PallyCon Console)
- 'data' value
- 'timestamp' value
Step 2: Verify processing of sha256 result
Enter the string assembled in step 1 into the sha256 function and base64-encode the resulting value. At this time, the sha256 result value should be input to the base64 function as binary data without converting to a string. The 'Hash Verification Failed' (A1007) error mainly occurs when the sha256 result value is received in the form of a string and entered into the base64 function.