A 3rd party vendor wants us to send HTML data that includes a generated token. I'm in way over my head here and am desperately in need of help since they want it now.

The token contains:
a. The encryption key version number. In case the key is changed later.
b. A random number
c. The time the token was generated (in seconds)
d. The identity of the user. This is the employee ID for that user (ie. 912345678).
e. A computed check byte that can be used to verify the token hasn’t been tampered with.

The generated token is encrypted with the shared encryption key. The key has already been generated and shared.

The token layout:

Byte     Description
index

0    Version number of the layout of this token. The version number inside of the token should match the plaintext version number in the HTML form

1..4 A random number.

5..8 The creation time of this token, which must be within a short window of time when the token is consumed. The timestamp is an unsigned 32-bit count of time since January 1, 1970 UTC (standard for time in the java api). The acceptable time window is 2 minutes by default, but may be adjusted by mutual agreement.

9..12    The identity of the user as a 32 bit unsigned number. (This can be the organizations employee id).

13 A check byte computed from the exclusive-or (“xor”) of all the previous bytes of the token. The service provider must verify that this field matches the value computed by the service provider against all the previous bytes in this token

Encryption details

Encryption is performed with the following parameters:
a. AES algorithm
b. ECB mode
c. PKCS#5 padding
d. 128-bit (16 byte) key

Encoding to hexadecimal characters is performed such that the byte at index 0 is encoded to the first character pair of the hex string, with successive bytes at higher indexes encoding into successive characters.

If anyone is up to the challenge, I would be forever grateful. Any and all help is appreciated.

In reply to pack and AES help needed by dbarstis

Title:
Use:  <p> text here (a paragraph) </p>
and:  <code> code here </code>
to format your post, it's "PerlMonks-approved HTML":


  • Posts are HTML formatted. Put <p> </p> tags around your paragraphs. Put <code> </code> tags around your code and data!
  • Titles consisting of a single word are discouraged, and in most cases are disallowed outright.
  • Read Where should I post X? if you're not absolutely sure you're posting in the right place.
  • Please read these before you post! —
  • Posts may use any of the Perl Monks Approved HTML tags:
    a, abbr, b, big, blockquote, br, caption, center, col, colgroup, dd, del, details, div, dl, dt, em, font, h1, h2, h3, h4, h5, h6, hr, i, ins, li, ol, p, pre, readmore, small, span, spoiler, strike, strong, sub, summary, sup, table, tbody, td, tfoot, th, thead, tr, tt, u, ul, wbr
  • You may need to use entities for some characters, as follows. (Exception: Within code tags, you can put the characters literally.)
            For:     Use:
    & &amp;
    < &lt;
    > &gt;
    [ &#91;
    ] &#93;
  • Link using PerlMonks shortcuts! What shortcuts can I use for linking?
  • See Writeup Formatting Tips and other pages linked from there for more info.