Examples with PowerAuthSignatureTypeInvalidException io.getlime.security.powerauth.rest.api.spring.exception.authentication.PowerAuthSignatureTypeInvalidException used on opensource projects

Search in sources :

Example 1 with PowerAuthSignatureTypeInvalidException

use of io.getlime.security.powerauth.rest.api.spring.exception.authentication.PowerAuthSignatureTypeInvalidException in project powerauth-restful-integration by lime-company.

the class PowerAuthAuthenticationProvider method validateRequestSignatureWithActivationDetails.

@Override
@Nonnull
public PowerAuthApiAuthentication validateRequestSignatureWithActivationDetails(@Nonnull String httpMethod, @Nullable byte[] httpBody, @Nonnull String requestUriIdentifier, @Nonnull String httpAuthorizationHeader, @Nonnull List<PowerAuthSignatureTypes> allowedSignatureTypes, @Nullable Integer forcedSignatureVersion) throws PowerAuthAuthenticationException {
    // Check for HTTP PowerAuth signature header
    if (httpAuthorizationHeader.equals("undefined")) {
        logger.warn("Signature HTTP header is missing");
        throw new PowerAuthHeaderMissingException();
    }
    // Parse HTTP header
    final PowerAuthSignatureHttpHeader header = new PowerAuthSignatureHttpHeader().fromValue(httpAuthorizationHeader);
    // Validate the header
    try {
        PowerAuthSignatureHttpHeaderValidator.validate(header);
    } catch (InvalidPowerAuthHttpHeaderException ex) {
        logger.warn("Signature HTTP header validation failed, error: {}", ex.getMessage());
        logger.debug(ex.getMessage(), ex);
        throw new PowerAuthSignatureInvalidException();
    }
    // Check if the signature type is allowed
    final PowerAuthSignatureTypes expectedSignatureType = PowerAuthSignatureTypes.getEnumFromString(header.getSignatureType());
    if (expectedSignatureType == null || !allowedSignatureTypes.contains(expectedSignatureType)) {
        logger.warn("Invalid signature type: {}", expectedSignatureType);
        throw new PowerAuthSignatureTypeInvalidException();
    }
    // Configure PowerAuth authentication object
    final PowerAuthSignatureAuthenticationImpl powerAuthAuthentication = new PowerAuthSignatureAuthenticationImpl();
    powerAuthAuthentication.setActivationId(header.getActivationId());
    powerAuthAuthentication.setApplicationKey(header.getApplicationKey());
    powerAuthAuthentication.setNonce(BaseEncoding.base64().decode(header.getNonce()));
    powerAuthAuthentication.setSignatureType(header.getSignatureType());
    powerAuthAuthentication.setSignature(header.getSignature());
    powerAuthAuthentication.setHttpMethod(httpMethod);
    powerAuthAuthentication.setRequestUri(requestUriIdentifier);
    powerAuthAuthentication.setData(httpBody);
    powerAuthAuthentication.setVersion(header.getVersion());
    powerAuthAuthentication.setHttpHeader(header);
    powerAuthAuthentication.setForcedSignatureVersion(forcedSignatureVersion);
    // Call the authentication based on signature authentication object
    final PowerAuthApiAuthentication auth = (PowerAuthApiAuthentication) this.authenticate(powerAuthAuthentication);
    // In case authentication is null, throw PowerAuth exception
    if (auth == null) {
        logger.debug("Signature validation failed");
        throw new PowerAuthSignatureInvalidException();
    }
    return auth;
}
Also used : PowerAuthHeaderMissingException(io.getlime.security.powerauth.rest.api.spring.exception.authentication.PowerAuthHeaderMissingException) PowerAuthSignatureAuthenticationImpl(io.getlime.security.powerauth.rest.api.spring.authentication.impl.PowerAuthSignatureAuthenticationImpl) PowerAuthSignatureInvalidException(io.getlime.security.powerauth.rest.api.spring.exception.authentication.PowerAuthSignatureInvalidException) InvalidPowerAuthHttpHeaderException(io.getlime.security.powerauth.http.validator.InvalidPowerAuthHttpHeaderException) PowerAuthSignatureTypeInvalidException(io.getlime.security.powerauth.rest.api.spring.exception.authentication.PowerAuthSignatureTypeInvalidException) PowerAuthSignatureHttpHeader(io.getlime.security.powerauth.http.PowerAuthSignatureHttpHeader) PowerAuthSignatureTypes(io.getlime.security.powerauth.crypto.lib.enums.PowerAuthSignatureTypes) PowerAuthApiAuthentication(io.getlime.security.powerauth.rest.api.spring.authentication.PowerAuthApiAuthentication) Nonnull(javax.annotation.Nonnull)

Example 2 with PowerAuthSignatureTypeInvalidException

use of io.getlime.security.powerauth.rest.api.spring.exception.authentication.PowerAuthSignatureTypeInvalidException in project powerauth-restful-integration by lime-company.

the class PowerAuthAuthenticationProvider method validateTokenWithActivationDetails.

@Nonnull
@Override
public PowerAuthApiAuthentication validateTokenWithActivationDetails(@Nonnull String tokenHeader, @Nonnull List<PowerAuthSignatureTypes> allowedSignatureTypes) throws PowerAuthAuthenticationException {
    // Check for HTTP PowerAuth signature header
    if (tokenHeader.equals("undefined")) {
        logger.warn("Token HTTP header is missing");
        throw new PowerAuthHeaderMissingException();
    }
    // Parse HTTP header
    final PowerAuthTokenHttpHeader header = new PowerAuthTokenHttpHeader().fromValue(tokenHeader);
    // Validate the header
    try {
        PowerAuthTokenHttpHeaderValidator.validate(header);
    } catch (InvalidPowerAuthHttpHeaderException ex) {
        logger.warn("Token validation failed, error: {}", ex.getMessage());
        logger.debug(ex.getMessage(), ex);
        throw new PowerAuthTokenInvalidException();
    }
    // Prepare authentication object
    final PowerAuthTokenAuthenticationImpl powerAuthTokenAuthentication = new PowerAuthTokenAuthenticationImpl();
    powerAuthTokenAuthentication.setTokenId(header.getTokenId());
    powerAuthTokenAuthentication.setTokenDigest(header.getTokenDigest());
    powerAuthTokenAuthentication.setNonce(header.getNonce());
    powerAuthTokenAuthentication.setTimestamp(header.getTimestamp());
    powerAuthTokenAuthentication.setVersion(header.getVersion());
    powerAuthTokenAuthentication.setHttpHeader(header);
    // Call the authentication based on token authentication object
    final PowerAuthApiAuthentication auth = (PowerAuthApiAuthentication) this.authenticate(powerAuthTokenAuthentication);
    // In case authentication is null, throw PowerAuth exception
    if (auth == null) {
        logger.debug("Invalid token value");
        throw new PowerAuthTokenInvalidException();
    }
    // Check if the signature type is allowed
    final PowerAuthSignatureTypes expectedSignatureType = auth.getAuthenticationContext().getSignatureType();
    if (expectedSignatureType == null || !allowedSignatureTypes.contains(expectedSignatureType)) {
        logger.warn("Invalid signature type in token validation: {}", expectedSignatureType);
        throw new PowerAuthSignatureTypeInvalidException();
    }
    return auth;
}
Also used : PowerAuthHeaderMissingException(io.getlime.security.powerauth.rest.api.spring.exception.authentication.PowerAuthHeaderMissingException) PowerAuthTokenAuthenticationImpl(io.getlime.security.powerauth.rest.api.spring.authentication.impl.PowerAuthTokenAuthenticationImpl) InvalidPowerAuthHttpHeaderException(io.getlime.security.powerauth.http.validator.InvalidPowerAuthHttpHeaderException) PowerAuthTokenInvalidException(io.getlime.security.powerauth.rest.api.spring.exception.authentication.PowerAuthTokenInvalidException) PowerAuthSignatureTypeInvalidException(io.getlime.security.powerauth.rest.api.spring.exception.authentication.PowerAuthSignatureTypeInvalidException) PowerAuthTokenHttpHeader(io.getlime.security.powerauth.http.PowerAuthTokenHttpHeader) PowerAuthApiAuthentication(io.getlime.security.powerauth.rest.api.spring.authentication.PowerAuthApiAuthentication) PowerAuthSignatureTypes(io.getlime.security.powerauth.crypto.lib.enums.PowerAuthSignatureTypes) Nonnull(javax.annotation.Nonnull)

Example 3 with PowerAuthSignatureTypeInvalidException

use of io.getlime.security.powerauth.rest.api.spring.exception.authentication.PowerAuthSignatureTypeInvalidException in project powerauth-restful-integration by lime-company.

the class SecureVaultService method vaultUnlock.

/**
 * Unlock secure vault.
 * @param signatureHeader PowerAuth signature HTTP header.
 * @param request Vault unlock request.
 * @param httpServletRequest HTTP servlet request.
 * @return Vault unlock response.
 * @throws PowerAuthSecureVaultException In case vault unlock fails.
 * @throws PowerAuthAuthenticationException In case authentication fails.
 */
public VaultUnlockResponse vaultUnlock(String signatureHeader, VaultUnlockRequest request, HttpServletRequest httpServletRequest) throws PowerAuthSecureVaultException, PowerAuthAuthenticationException {
    try {
        // Parse the header
        final PowerAuthSignatureHttpHeader header = new PowerAuthSignatureHttpHeader().fromValue(signatureHeader);
        // Validate the header
        try {
            PowerAuthSignatureHttpHeaderValidator.validate(header);
        } catch (InvalidPowerAuthHttpHeaderException ex) {
            logger.warn("Signature HTTP header validation failed, error: {}", ex.getMessage());
            logger.debug(ex.getMessage(), ex);
            throw new PowerAuthSignatureTypeInvalidException();
        }
        final SignatureTypeConverter converter = new SignatureTypeConverter();
        final String activationId = header.getActivationId();
        final String applicationId = header.getApplicationKey();
        final String signature = header.getSignature();
        final SignatureType signatureType = converter.convertFrom(header.getSignatureType());
        if (signatureType == null) {
            logger.warn("Invalid signature type: {}", header.getSignatureType());
            throw new PowerAuthSignatureTypeInvalidException();
        }
        final String nonce = header.getNonce();
        String reason = null;
        byte[] requestBodyBytes;
        if ("2.0".equals(header.getVersion())) {
            // Version 2.0 requires null data in signature for vault unlock.
            requestBodyBytes = null;
        } else if ("2.1".equals(header.getVersion())) {
            // Version 2.1 or higher requires request data in signature (POST request body) for vault unlock.
            if (request != null) {
                // Send vault unlock reason, in case it is available.
                if (request.getReason() != null) {
                    reason = request.getReason();
                }
            }
            // Use POST request body as data for signature.
            requestBodyBytes = authenticationProvider.extractRequestBodyBytes(httpServletRequest);
        } else {
            logger.warn("Invalid protocol version in secure vault: {}", header.getVersion());
            throw new PowerAuthSecureVaultException();
        }
        final String data = PowerAuthHttpBody.getSignatureBaseString("POST", "/pa/vault/unlock", BaseEncoding.base64().decode(nonce), requestBodyBytes);
        final com.wultra.security.powerauth.client.v2.VaultUnlockResponse paResponse = powerAuthClient.v2().unlockVault(activationId, applicationId, data, signature, signatureType, reason);
        if (!paResponse.isSignatureValid()) {
            logger.debug("Signature validation failed");
            throw new PowerAuthSignatureInvalidException();
        }
        final VaultUnlockResponse response = new VaultUnlockResponse();
        response.setActivationId(paResponse.getActivationId());
        response.setEncryptedVaultEncryptionKey(paResponse.getEncryptedVaultEncryptionKey());
        return response;
    } catch (PowerAuthAuthenticationException ex) {
        throw ex;
    } catch (Exception ex) {
        logger.warn("PowerAuth vault unlock failed, error: {}", ex.getMessage());
        logger.debug(ex.getMessage(), ex);
        throw new PowerAuthSecureVaultException();
    }
}
Also used : PowerAuthSignatureInvalidException(io.getlime.security.powerauth.rest.api.spring.exception.authentication.PowerAuthSignatureInvalidException) InvalidPowerAuthHttpHeaderException(io.getlime.security.powerauth.http.validator.InvalidPowerAuthHttpHeaderException) PowerAuthSignatureTypeInvalidException(io.getlime.security.powerauth.rest.api.spring.exception.authentication.PowerAuthSignatureTypeInvalidException) PowerAuthAuthenticationException(io.getlime.security.powerauth.rest.api.spring.exception.PowerAuthAuthenticationException) SignatureType(com.wultra.security.powerauth.client.v2.SignatureType) VaultUnlockResponse(io.getlime.security.powerauth.rest.api.model.response.v2.VaultUnlockResponse) InvalidPowerAuthHttpHeaderException(io.getlime.security.powerauth.http.validator.InvalidPowerAuthHttpHeaderException) PowerAuthAuthenticationException(io.getlime.security.powerauth.rest.api.spring.exception.PowerAuthAuthenticationException) PowerAuthSignatureTypeInvalidException(io.getlime.security.powerauth.rest.api.spring.exception.authentication.PowerAuthSignatureTypeInvalidException) PowerAuthSecureVaultException(io.getlime.security.powerauth.rest.api.spring.exception.PowerAuthSecureVaultException) PowerAuthSignatureInvalidException(io.getlime.security.powerauth.rest.api.spring.exception.authentication.PowerAuthSignatureInvalidException) SignatureTypeConverter(io.getlime.security.powerauth.rest.api.spring.converter.v2.SignatureTypeConverter) PowerAuthSecureVaultException(io.getlime.security.powerauth.rest.api.spring.exception.PowerAuthSecureVaultException) PowerAuthSignatureHttpHeader(io.getlime.security.powerauth.http.PowerAuthSignatureHttpHeader)

Example 4 with PowerAuthSignatureTypeInvalidException

use of io.getlime.security.powerauth.rest.api.spring.exception.authentication.PowerAuthSignatureTypeInvalidException in project powerauth-restful-integration by lime-company.

the class SecureVaultService method vaultUnlock.

/**
 * Unlock secure vault.
 * @param header PowerAuth signature HTTP header.
 * @param request ECIES encrypted vault unlock request.
 * @param httpServletRequest HTTP servlet request.
 * @return ECIES encrypted vault unlock response.
 * @throws PowerAuthSecureVaultException In case vault unlock request fails.
 * @throws PowerAuthAuthenticationException In case authentication fails.
 */
public EciesEncryptedResponse vaultUnlock(PowerAuthSignatureHttpHeader header, EciesEncryptedRequest request, HttpServletRequest httpServletRequest) throws PowerAuthSecureVaultException, PowerAuthAuthenticationException {
    try {
        final SignatureTypeConverter converter = new SignatureTypeConverter();
        final String activationId = header.getActivationId();
        final String applicationKey = header.getApplicationKey();
        final String signature = header.getSignature();
        final SignatureType signatureType = converter.convertFrom(header.getSignatureType());
        if (signatureType == null) {
            logger.warn("Invalid signature type: {}", header.getSignatureType());
            throw new PowerAuthSignatureTypeInvalidException();
        }
        final String signatureVersion = header.getVersion();
        final String nonce = header.getNonce();
        // Fetch data from the request
        final String ephemeralPublicKey = request.getEphemeralPublicKey();
        final String encryptedData = request.getEncryptedData();
        final String mac = request.getMac();
        final String eciesNonce = request.getNonce();
        // Prepare data for signature to allow signature verification on PowerAuth server
        final byte[] requestBodyBytes = authenticationProvider.extractRequestBodyBytes(httpServletRequest);
        final String data = PowerAuthHttpBody.getSignatureBaseString("POST", "/pa/vault/unlock", BaseEncoding.base64().decode(nonce), requestBodyBytes);
        // Verify signature and get encrypted vault encryption key from PowerAuth server
        final VaultUnlockResponse paResponse = powerAuthClient.unlockVault(activationId, applicationKey, signature, signatureType, signatureVersion, data, ephemeralPublicKey, encryptedData, mac, eciesNonce);
        if (!paResponse.isSignatureValid()) {
            logger.debug("Signature validation failed");
            throw new PowerAuthSignatureInvalidException();
        }
        return new EciesEncryptedResponse(paResponse.getEncryptedData(), paResponse.getMac());
    } catch (PowerAuthAuthenticationException ex) {
        throw ex;
    } catch (Exception ex) {
        logger.warn("PowerAuth vault unlock failed, error: {}", ex.getMessage());
        logger.debug(ex.getMessage(), ex);
        throw new PowerAuthSecureVaultException();
    }
}
Also used : PowerAuthSecureVaultException(io.getlime.security.powerauth.rest.api.spring.exception.PowerAuthSecureVaultException) PowerAuthSignatureInvalidException(io.getlime.security.powerauth.rest.api.spring.exception.authentication.PowerAuthSignatureInvalidException) PowerAuthSignatureTypeInvalidException(io.getlime.security.powerauth.rest.api.spring.exception.authentication.PowerAuthSignatureTypeInvalidException) EciesEncryptedResponse(io.getlime.security.powerauth.rest.api.model.response.v3.EciesEncryptedResponse) PowerAuthAuthenticationException(io.getlime.security.powerauth.rest.api.spring.exception.PowerAuthAuthenticationException) SignatureType(com.wultra.security.powerauth.client.v3.SignatureType) VaultUnlockResponse(com.wultra.security.powerauth.client.v3.VaultUnlockResponse) PowerAuthAuthenticationException(io.getlime.security.powerauth.rest.api.spring.exception.PowerAuthAuthenticationException) PowerAuthSignatureTypeInvalidException(io.getlime.security.powerauth.rest.api.spring.exception.authentication.PowerAuthSignatureTypeInvalidException) PowerAuthSecureVaultException(io.getlime.security.powerauth.rest.api.spring.exception.PowerAuthSecureVaultException) PowerAuthSignatureInvalidException(io.getlime.security.powerauth.rest.api.spring.exception.authentication.PowerAuthSignatureInvalidException) SignatureTypeConverter(io.getlime.security.powerauth.rest.api.spring.converter.v3.SignatureTypeConverter)

Example 5 with PowerAuthSignatureTypeInvalidException

use of io.getlime.security.powerauth.rest.api.spring.exception.authentication.PowerAuthSignatureTypeInvalidException in project powerauth-restful-integration by lime-company.

the class TokenService method createToken.

/**
 * Create token.
 *
 * @param request        ECIES encrypted create token request.
 * @param authentication PowerAuth API authentication object.
 * @return ECIES encrypted create token response.
 * @throws PowerAuthAuthenticationException In case token could not be created.
 */
public EciesEncryptedResponse createToken(EciesEncryptedRequest request, PowerAuthApiAuthentication authentication) throws PowerAuthAuthenticationException {
    try {
        // Fetch activation ID and signature type
        final PowerAuthSignatureTypes signatureFactors = authentication.getAuthenticationContext().getSignatureType();
        // Fetch data from the request
        final String ephemeralPublicKey = request.getEphemeralPublicKey();
        final String encryptedData = request.getEncryptedData();
        final String mac = request.getMac();
        final String nonce = request.getNonce();
        // Prepare a signature type converter
        final SignatureTypeConverter converter = new SignatureTypeConverter();
        final SignatureType signatureType = converter.convertFrom(signatureFactors);
        if (signatureType == null) {
            logger.warn("Invalid signature type: {}", signatureFactors);
            throw new PowerAuthSignatureTypeInvalidException();
        }
        // Get ECIES headers
        final String activationId = authentication.getActivationContext().getActivationId();
        final PowerAuthSignatureHttpHeader httpHeader = (PowerAuthSignatureHttpHeader) authentication.getHttpHeader();
        final String applicationKey = httpHeader.getApplicationKey();
        // Create a token
        final CreateTokenResponse token = powerAuthClient.createToken(activationId, applicationKey, ephemeralPublicKey, encryptedData, mac, nonce, signatureType);
        // Prepare a response
        final EciesEncryptedResponse response = new EciesEncryptedResponse();
        response.setMac(token.getMac());
        response.setEncryptedData(token.getEncryptedData());
        return response;
    } catch (Exception ex) {
        logger.warn("Creating PowerAuth token failed, error: {}", ex.getMessage());
        logger.debug(ex.getMessage(), ex);
        throw new PowerAuthTokenErrorException();
    }
}
Also used : PowerAuthTokenErrorException(io.getlime.security.powerauth.rest.api.spring.exception.authentication.PowerAuthTokenErrorException) PowerAuthSignatureTypeInvalidException(io.getlime.security.powerauth.rest.api.spring.exception.authentication.PowerAuthSignatureTypeInvalidException) EciesEncryptedResponse(io.getlime.security.powerauth.rest.api.model.response.v3.EciesEncryptedResponse) SignatureType(com.wultra.security.powerauth.client.v3.SignatureType) PowerAuthSignatureHttpHeader(io.getlime.security.powerauth.http.PowerAuthSignatureHttpHeader) CreateTokenResponse(com.wultra.security.powerauth.client.v3.CreateTokenResponse) PowerAuthSignatureTypes(io.getlime.security.powerauth.crypto.lib.enums.PowerAuthSignatureTypes) PowerAuthTokenErrorException(io.getlime.security.powerauth.rest.api.spring.exception.authentication.PowerAuthTokenErrorException) PowerAuthAuthenticationException(io.getlime.security.powerauth.rest.api.spring.exception.PowerAuthAuthenticationException) PowerAuthSignatureTypeInvalidException(io.getlime.security.powerauth.rest.api.spring.exception.authentication.PowerAuthSignatureTypeInvalidException) SignatureTypeConverter(io.getlime.security.powerauth.rest.api.spring.converter.v3.SignatureTypeConverter)

Aggregations

PowerAuthSignatureTypeInvalidException (io.getlime.security.powerauth.rest.api.spring.exception.authentication.PowerAuthSignatureTypeInvalidException)5 PowerAuthSignatureTypes (io.getlime.security.powerauth.crypto.lib.enums.PowerAuthSignatureTypes)3 PowerAuthSignatureHttpHeader (io.getlime.security.powerauth.http.PowerAuthSignatureHttpHeader)3 InvalidPowerAuthHttpHeaderException (io.getlime.security.powerauth.http.validator.InvalidPowerAuthHttpHeaderException)3 PowerAuthAuthenticationException (io.getlime.security.powerauth.rest.api.spring.exception.PowerAuthAuthenticationException)3 PowerAuthSignatureInvalidException (io.getlime.security.powerauth.rest.api.spring.exception.authentication.PowerAuthSignatureInvalidException)3 SignatureType (com.wultra.security.powerauth.client.v3.SignatureType)2 EciesEncryptedResponse (io.getlime.security.powerauth.rest.api.model.response.v3.EciesEncryptedResponse)2 PowerAuthApiAuthentication (io.getlime.security.powerauth.rest.api.spring.authentication.PowerAuthApiAuthentication)2 SignatureTypeConverter (io.getlime.security.powerauth.rest.api.spring.converter.v3.SignatureTypeConverter)2 PowerAuthSecureVaultException (io.getlime.security.powerauth.rest.api.spring.exception.PowerAuthSecureVaultException)2 PowerAuthHeaderMissingException (io.getlime.security.powerauth.rest.api.spring.exception.authentication.PowerAuthHeaderMissingException)2 Nonnull (javax.annotation.Nonnull)2 SignatureType (com.wultra.security.powerauth.client.v2.SignatureType)1 CreateTokenResponse (com.wultra.security.powerauth.client.v3.CreateTokenResponse)1 VaultUnlockResponse (com.wultra.security.powerauth.client.v3.VaultUnlockResponse)1 PowerAuthTokenHttpHeader (io.getlime.security.powerauth.http.PowerAuthTokenHttpHeader)1 VaultUnlockResponse (io.getlime.security.powerauth.rest.api.model.response.v2.VaultUnlockResponse)1 PowerAuthSignatureAuthenticationImpl (io.getlime.security.powerauth.rest.api.spring.authentication.impl.PowerAuthSignatureAuthenticationImpl)1 PowerAuthTokenAuthenticationImpl (io.getlime.security.powerauth.rest.api.spring.authentication.impl.PowerAuthTokenAuthenticationImpl)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial