We use Chilkat to sign HTTP requests in our Powerbuilder 9.0.3 application (and also powerbuilder 12.6) but it's like the signature generated by Chilkat is not accepted by the API of Isabel (we already have contacted Isabel and they guess that there is a parameters issue in the signature algorithm).
The documentation of the Isabel API (https://documentation.ibanity.com/http-signature)say that we have to use the RSASSA-PSS signature algorithm with the following parameters.
Hash algorithm: SHA-256
Mask generation function: MGF1 Mask
generation algorithm: SHA-256
Salt length: 32 bytes (= 256 bits, same as the hash length)
Trailer field: 1
and so we have set the chilkat Rsa component like this:
loo_Rsa = create oleobject
li_rc = loo_Rsa.ConnectToNewObject("Chilkat_9_5_0.Rsa")
loo_Rsa.DebugLogFilePath = "c:\tmp\rsa.log"
loo_Rsa.VerboseLogging=1
li_Success=loo_Rsa.ImportPrivateKeyObj(loo_Privkey)
if li_Success <> 1 then
ls_error = "Error importPrivateKey: "+loo_Rsa.LastErrorText
destroy loo_Rsa
goto ee_error
end if
// Use RSA-PSS by setting OaepPadding = 1
loo_Rsa.OaepPadding = 1
loo_Rsa.OaepHash = "SHA-256"
loo_Rsa.EncodingMode = "base64"
ls_Signature = loo_Rsa.SignStringENC(ls_signing_string,"SHA-256")
Based on the Isabel documentation do you think we have correctly set the RSA parameters in Chilkat or we have miss something ? (we have also tried with LittleEndian = 0 but we receive the same error from the Isabel API).
For your information here is the log of chilkat :
In the log i see that Chilkat add sometime the character 3D after the characters "=" in the signing string, is it normal ? (in the log below i put the characters 3D in bold)
ImportPrivateKeyObj:
DllDate: Feb 12 2018
ChilkatVersion: 9.5.0.72
UnlockPrefix: BEWANB.CB1042019
Architecture: Little Endian; 32-bit
Language: ActiveX
VerboseLogging: 1
toPrivKeyXml:
toRsaPrivateKeyXml:
toRsaPkcs1PrivateKeyDer:
(leaveContext)
DecodeToAsn:
(leaveContext)
(leaveContext)
(leaveContext)
importPrivateKey:
loadAnyString:
loadAnyXml:
loadAnyXml:
(leaveContext)
(leaveContext)
(leaveContext)
(leaveContext)
Success.
(leaveContext 15ms)
SignStringENC:
DllDate: Feb 12 2018
ChilkatVersion: 9.5.0.72
UnlockPrefix: BEWANB.CB1042019
Architecture: Little Endian; 32-bit
Language: ActiveX
VerboseLogging: 1
hashAlgorithm: SHA-256
charset: windows-1252
Component successfully unlocked using purchased unlock code.
inputBytesQP: (request-target): get /isabel-connect/account-reports?offset=3D0&size=3D100=
\nhost: api.ibanity.com\ndigest: SHA-512=3Dz4PhNX7vuL3xVChQ1m2AB9Yg5AULVxXc=
g/SpIdNs6c5H0NE8XYXysP+DGNKHfuwvY7kxvUdBeoGlODJ6+SfaPg=3D=3D\n(created): 16=
15285438\nauthorization: Bearer access_token_1615285439
hashAndSign:
modulus_bitlen: 2048
hashBytes: 070D CF6B 85D6 ACE2 971F 20B3 29A0 439A
FE36 9394 0D1C 10E7 513B 1447 F04D 39B2
padAndSignHash:
keyType: Private
hashInSize: 32
padding: PSS
hashAlg: SHA-256
pss_encode:
emLen: 256
autoSelectedSaltLen: 32
(leaveContext)
(leaveContext 31ms)
byteOrder: LittleEndian
(leaveContext 47ms)
signature: Te3sMFkvo26Mi5pkLsB8AwAJYynlB3xKU1Dy2AyPS4GlF1fUgTU4k5dU3mSu2dkJEbvmkUd+aPuwo+51AyNarcD7vGtFp/ze3vjCB87lZ+qrzDquEpVUNOb6tOq467odIeGPAsj4b9sa6JsdXciEGKPIZgC8+7zojm87f2MdAVVkDXTwFq7nmI+Q5czGlswLpihYn4VF+5ateKDInl1TdiekujmBh5ffkZAE43LZQX4UWIhqqlak7p2P9GyhF9n3RQRZ55Tp25vOWgPdnwz90OKnQR5aWtcHoVY+JuIl0VX49UFELU+L/Xz9tOGnilA7UcKElWMXVzcEqo3KLcGUWQ==
Success.
(leaveContext 47ms)
ImportPrivateKeyObj:
DllDate: Feb 12 2018
ChilkatVersion: 9.5.0.72
UnlockPrefix: BEWANB.CB1042019
Architecture: Little Endian; 32-bit
Language: ActiveX
VerboseLogging: 1
toPrivKeyXml:
toRsaPrivateKeyXml:
toRsaPkcs1PrivateKeyDer:
(leaveContext)
DecodeToAsn:
(leaveContext)
(leaveContext)
(leaveContext)
importPrivateKey:
loadAnyString:
loadAnyXml:
loadAnyXml:
(leaveContext)
(leaveContext)
(leaveContext)
(leaveContext)
Success.
(leaveContext 31ms)
SignStringENC:
DllDate: Feb 12 2018
ChilkatVersion: 9.5.0.72
UnlockPrefix: BEWANB.CB1042019
Architecture: Little Endian; 32-bit
Language: ActiveX
VerboseLogging: 1
hashAlgorithm: SHA-256
charset: windows-1252
Component successfully unlocked using purchased unlock code.
inputBytesQP: (request-target): get /isabel-connect/account-reports?offset=3D0&size=3D100=
\nhost: api.ibanity.com\ndigest: SHA-512=3Dz4PhNX7vuL3xVChQ1m2AB9Yg5AULVxXc=
g/SpIdNs6c5H0NE8XYXysP+DGNKHfuwvY7kxvUdBeoGlODJ6+SfaPg=3D=3D\n(created): 16=
15287272\nauthorization: Bearer access_token_1615287272
hashAndSign:
modulus_bitlen: 2048
hashBytes: B22B C9AF 7041 43E4 1CFE 5898 C88C C9CE
95FC B536 AC75 1F21 996C 7E7A 7B19 80EF
padAndSignHash:
keyType: Private
hashInSize: 32
padding: PSS
hashAlg: SHA-256
pss_encode:
emLen: 256
autoSelectedSaltLen: 32
(leaveContext)
(leaveContext 31ms)
byteOrder: LittleEndian
(leaveContext 31ms)
signature: 0b/fLp4xbSaGqrH7HXsP8bRuhtr9xo7oPiY1+ryhVuR4vDCdCRFc2As6RX2SazS2T2MK4P966TX1rr5Qx2VnDYN0JL6ZnZAiR/P+ILP19bJN9+f6Jv1nfmgSOUB/stxeLKNlibeMXaR6+heX/ccGY807r8MdEk3hGFwlkK611GjrHoNTH+vge2ReQo8lKBaVP1QIHCvwXUVS39GdABHFLxTQ8La514YX8qruJp6i69lDfCvh4P9rOl5pebMwknyEjJ2rs0D40MUU8z+hM5bm+hSD100S7Ww9sDwObitn4FftR60fee/f3vf9qCv0wkBTBbVP8DTR4vbpKxv/oUNXFQ==
Success.
(leaveContext 31ms)
and we receive this errors from the Isabel API:
{"errors":[{"code":"invalidSignature","detail":"The HTTP signature could not be verified. Please refer to https://documentation.ibanity.com/http-signature","meta":{}}]}
Here is also the original signing string:
(request-target): get /isabel-connect/account-reports?offset=0&size=100\nhost: api.ibanity.com\ndigest: SHA-512=z4PhNX7vuL3xVChQ1m2AB9Yg5AULVxXcg/SpIdNs6c5H0NE8XYXysP+DGNKHfuwvY7kxvUdBeoGlODJ6+SfaPg==\n(created): 1615287272\nauthorization: Bearer access_token_1615287272
Thank in advance for any help or suggestion.
Regards.
Guy
I created some examples, and will create a few more here: https://www.example-code.com/powerbuilder/ibanity.asp
It's working fine now, in fact base on Chlikat example i change the way i build the Signing string: i was using a string variable in place of Chilkat StringBuilder
in place of this
// Step 4 - Build the signing string
ls_signing_string = "(request-target): "+ls_request_target+'\n'+&
"host: api.ibanity.com\n"+&
"digest: "+ls_digest+"\n"+&
"(created): "+ls_created+"\n"+&
"authorization: "+"Bearer "+is_token_isabel
...
ls_Signature = loo_Rsa.SignStringENC(ls_signing_string,"SHA-256")
i should use this
// Step 4 - Build the signing string
oleobject loo_SbSigningString
loo_SbSigningString = create oleobject
li_rc = loo_SbSigningString.ConnectToNewObject("Chilkat_9_5_0.StringBuilder")
loo_SbSigningString.Append("(request-target): ")
loo_SbSigningString.AppendLine(ls_Request_target,0)
loo_SbSigningString.Append("host: ")
loo_SbSigningString.AppendLine("api.ibanity.com",0)
loo_SbSigningString.Append("digest: ")
loo_SbSigningString.AppendLine(ls_digest,0)
loo_SbSigningString.Append("(created): ")
loo_SbSigningString.AppendLine(ls_Created,0)
loo_SbSigningString.Append("authorization: Bearer "+is_token_isabel)
..
ls_Signature = loo_Rsa.SignStringENC(loo_SbSigningString.GetAsString(),"sha-256")
Related
Iam testing routing API(https://developer.here.com/documentation/routing-api/api-reference-swagger.html) and all seems to be working as expect except polyline.
Here I share my service invocation
curl --location --request GET 'https://router.hereapi.com/v8/routes?transportMode=car&origin=3.4844257,-76.5256287&destination=3.478483,-76.517984&routingMode=fast&return=elevation,polyline,actions,instructions,summary&apiKey=1234'
As part of response we have the next field:
"polyline": "B2Fkt10Grm4-xE8yTU4mBnBnG8pBAzP0tBAjD4IA_E8LAvMokBT3IkXTzF8QTnG8QTvMsiBTrJjDA3_BjXoB_sB_OAriB3NAzKjDAnLsTAnLkhBnBzKsdA_J8fTnLkcT3DwHAvC8GArJoQAnL8QA7LsTA7V0jBT_M8UA",
As you know the polyline field is encoded.
According to documentation I proceeded to decoded it with a library/code suggested from:
https://github.com/heremaps/flexible-polyline/tree/master/java
The result of decode the field in not correct. The list of points (Lat,Long,Elevation) returned are not matched with the correct location. In the example, the coordinates are from Colombia and the results, after decodification, returns a list of points in a middle of the Atlanthic ocean.
Further, in order to discard library issues I was checking decoding de polyline with other decoder as:
https://developers.google.com/maps/documentation/utilities/polylineutility
https://open-polyline-decoder.60devs.com/
And the result is the same.
So, seems to be the problems is HereAPI side(API routing v8)
Any ideas? Maybe I am invoking the API in the incorrect way
The decoder on https://github.com/heremaps/flexible-polyline/tree/master/java works correct, see please code with your encoded string:
private void testSOLatLngDecoding() {
List<LatLngZ> computed = decode("B2Fkt10Grm4-xE8yTU4mBnBnG8pBAzP0tBAjD4IA_E8LAvMokBT3IkXTzF8QTnG8QTvMsiBTrJjDA3_BjXoB_sB_OAriB3NAzKjDAnLsTAnLkhBnBzKsdA_J8fTnLkcT3DwHAvC8GArJoQAnL8QA7LsTA7V0jBT_M8UA");
List<String> seqCrds = new ArrayList<>();
for (int i = 0; i < computed.size(); ++i) {
LatLngZ c = computed.get(i);
List<String> crds = new ArrayList<>();
crds.add(String.valueOf(c.lat));
crds.add(String.valueOf(c.lng));
crds.add(String.valueOf(c.z));
seqCrds.add(String.join(",", crds));
//assertEquals(computed.get(i), pairs.get(i));
}
System.out.println(String.join(",", seqCrds));
}
We have a javascript tool "Encode/Decode to/from Flexible polyline" on https://demo.support.here.com/examples/v3.1/enc_dec_flexible_polyline
see please result:
Please double check code on your side.
I would suggest removing your API key from the get request you posted in your question.
Using the polyline that you provided gets decoded into the following, which is in Columbia. As a result, I think you need to check the decoder you are using and/or what is being fed into it.
Index
Lat
Lon
Elev
0
3.48437
-76.52567
1003
1
3.48438
-76.52505
1001
2
3.48428
-76.52438
1001
3
3.48403
-76.52365
1001
4
3.48398
-76.52351
1001
5
3.4839
-76.52332
1001
6
3.4837
-76.52274
1000
7
3.48356
-76.52237
999
8
3.48347
-76.5221
998
9
3.48337
-76.52183
997
10
3.48317
-76.52128
996
11
3.48302
-76.52133
996
12
3.482
-76.5217
998
13
3.48128
-76.52194
998
14
3.48073
-76.52216
998
15
3.48056
-76.52221
998
16
3.48038
-76.5219
998
17
3.4802
-76.52137
996
18
3.48003
-76.5209
996
19
3.47987
-76.52039
995
20
3.47969
-76.51994
994
21
3.47963
-76.51982
994
22
3.47959
-76.51971
994
23
3.47944
-76.51945
994
24
3.47926
-76.51918
994
25
3.47907
-76.51887
994
26
3.47872
-76.5183
993
27
3.478512
-76.517966
993
I have some questions, how I can set telegraf.conf file for collect logs from the "zimbra.conf" file?
Now I tried to use this config text, but it does not work :(((
I want to send this logs to grafana
One of the lines "zimbra.conf" for example:
Oct 1 10:20:46 webmail postfix/smtp[7677]: BD5BAE9999: to=user#mail.com, relay=mo94.cloud.mail.com[92.97.907.14]:25, delay=0.73, delays=0.09/0.01/0.58/0.19, dsn=2.0.0, status=sent (250 2.0.0 Ok: queued as 4C25fk2pjFz32N5)
And I do not understand exactly how works the "grok_patterns ="
[[inputs.tail]]
files = ["/var/log/zimbra.log"]
from_beginning = false
grok_patterns = ['%{SYSLOGTIMESTAMP:timestamp} %{SYSLOGHOST} %{DATA:program}(?:\[%{POSINT}\])?: %{GREEDYDATA:message}']
name_override = "zimbra_access_log"
grok_custom_pattern_files = []
grok_custom_patterns = '''
TS_UNIX %{MONTH}%{SPACE}%{MONTHDAY}%{SPACE}%{HOUR}:%{MINUTE}:%{SECOND}
TS_CUSTOM %{MONTH}%{SPACE}%{MONTHDAY} %{HOUR}:%{MINUTE}:%{SECOND}
'''
grok_timezone = "Local"
data_format = "grok"
I have copied your example line into a log file called Prueba.txt wich contains the following lines:
Oct 3 00:52:32 webmail postfix/smtp[7677]: BD5BAE9999: to=user#mail.com, relay=mo94.cloud.mail.com[92.97.907.14]:25, delay=0.73, delays=0.09/0.01/0.58/0.19, dsn=2.0.0, status=sent (250 2.0$
Oct 13 06:25:01 webmail systemd-logind[949]: New session 229478 of user zimbra.
Oct 13 06:25:02 webmail zmconfigd[27437]: Shutting down. Received signal 15
Oct 13 06:25:02 webmail systemd-logind[949]: Removed session c296.
Oct 13 06:25:03 webmail sshd[28005]: Failed password for invalid user julianne from 120.131.2.210 port 10570 ssh2
I have been able to parse the data with this configuration of the tail.input plugin:
[[inputs.tail]]
files = ["Prueba.txt"]
from_beginning = true
data_format = "grok"
grok_patterns = ['%{TIMESTAMP_ZIMBRA} %{GREEDYDATA:source} %{DATA:program}(?:\[%{POSINT}\])?: %{GREEDYDATA:message}']
grok_custom_patterns = '''
TIMESTAMP_ZIMBRA (\w{3} \d{1,2} \d{2}:\d{2}:\d{2})
'''
name_override = "log_frames"
You need to match the input string with regular expressions. For that there are some predefined patters such as GREEDYDATA = .* that you can use to match your input (another example will be NUMBER = (?:%{BASE10NUM}) BASE16NUM (?<![0-9A-Fa-f])(?:[+-]?(?:0x)?(?:[0-9A-Fa-f]+))) . You can also define your own patterns in grok_custom_patterns. Take a look at this website with some patters: https://streamsets.com/documentation/datacollector/latest/help/datacollector/UserGuide/Apx-GrokPatterns/GrokPatterns_title.html
In this case I defined a TIMESTAMP_ZIMBRA pattern for matching Oct 3 00:52:32 and Oct 03 00:52:33 alike inputs.
Here is the collected metric by Prometheus:
# HELP log_frames_delay Telegraf collected metric
# TYPE log_frames_delay untyped
log_frames_delay{delays="0.09/0.01/0.58/0.19",dsn="2.0.0",host="localhost.localdomain",message="BD5BAE9999:",path="Prueba.txt",program="postfix/smtp",relay="mo94.cloud.mail.com[92.97.907.14]:25",source="webmail",status="sent (250 2.0.0 Ok: queued as 4C25fk2pjFz32N5)",to="user#mail.com"} 0.73
P.D.: Ensure that telegraf has access to the log files.
I am having problem setting the parameters for the AES GCM mechanism.
I am receving the following error
#define CKR_MECHANISM_PARAM_INVALID 0x00000071UL
What am I doing wrong?
CK_BYTE iv[12] = { 0 };
CK_MECHANISM mechanismAES = { CKM_AES_GCM, NULL_PTR, 0 };
CK_GCM_PARAMS params = {
.pIv=iv,
.ulIvLen=12,
.ulIvBits=96,
.pAAD=NULL,
.ulAADLen=0,
.ulTagBits=0
};
mechanismAES.pParameter = ¶ms;
mechanismAES.ulParameterLen = sizeof(params);
C_EncryptInit(hSession, &mechanismAES, hKey);
.ulTagBits=0 is very likely the issue. The tag size is the size of the authentication tag. You would not have an authenticated mode of encryption if you left it out.
Valid tag sizes of GCM are 128, 120, 112, 104 or 96 bits. Smaller tag sizes such as 64 bits may be acceptable by some API's. You are however strongly encouraged to keep to the 128 bit tag size, as the security of GCM strongly depends on it.
You may also want to specify either the IV len or the IV bits if the error doesn't go away.
I want get email body. My email is html and save in part. Use this code:
print('charset =', part.get_content_charset())
html = part.get_payload(decode=True)
print ('type =', type(html))
print('text =', html)
result is:
charset = utf-8
type = <class 'bytes'>
text = b'...<font face="DejaVu Sans Mono">\\u044d\\u0442\\u043e html<br>\n...
I want have normal text, but no \u044d\u0442\u043e.
Python 3.4.1 (v3.4.1:c0e311e010fc, May 18 2014, 10:38:22) [MSC v.1600 32 bit (Intel)] on win32
Your data is a byte array. You have to decode the bytes to a string:
text.decode('utf-8')
I'm trying to print the data received on a socket - the contents of ubuf on the return of sys_recv. I cant get the %M format specifier to work properly. Can someone please explain how to use it properly. Thanks
stap -L 'kernel.function("sys_recv#net/socket.c")'
kernel.function("sys_recv#net/socket.c:1800") $fd:int $ubuf:void* $size:size_t $flags:unsigned int
using this probe:
[laris#kakitis stap]$ cat socket-recv.stp
#! /usr/bin/env stap
probe kernel.function("sys_recv#net/socket.c").return {
if (pid() == target())
printf ("%s fd %d size %d ubuf %p %10M \n ", ppfunc(),$fd,$size,$ubuf,$ubuf)
}
From my reading of the man page the format %10M should return 10 bytes from the location pointed to by $ubuf:void but I only get 1. Adjusting the parameter 10 shifts the one character output rather than showing more or less memory
[root#kakitis stap]# stap -x 16796 socket-recv.stp
sys_recv fd 13 size 64071 ubuf 0x86ceca0 70
sys_recv fd 13 size 62679 ubuf 0x86cf210 50
Changing 10 to 2 gives this
[root#kakitis stap]# stap -x 16796 socket-recv.stp
sys_recv fd 13 size 64071 ubuf 0x86ceca0 70
sys_recv fd 13 size 62679 ubuf 0x86cf210 50
System particulars are:
[laris#kakitis stap]$ stap --version
Systemtap translator/driver (version 2.1/0.154, rpm 2.1-2.fc17)
Copyright (C) 2005-2013 Red Hat, Inc. and others
This is free software; see the source for copying conditions.
enabled features: AVAHI LIBRPM LIBSQLITE3 NSS TR1_UNORDERED_MAP NLS
[laris#kakitis stap]$ uname -a
Linux kakitis 3.4.33 #1 SMP Tue Jan 7 14:15:58 EST 2014 i686 i686 i386 GNU/Linux
[laris#kakitis stap]$ cat /etc/redhat-release
Fedora release 17 (Beefy Miracle)
Don't confuse the output-width and precision parameters for printf(). The following will do what you meant:
printf ("%33.10M", $pointer)
to print 10 bytes (20 hex characters) in a 33-character-wide output field. One or both numbers can be replaced by *, so that the respective widths are passed as parameters before the $pointer. The upstream man page has been updated with an example.