supply public key in CERTENROLL request - x509

I want to request a cert (from AD cert server) using a template. I want to supply the public key in the request. Using msft's SDK sample
IX509CertificateRequest iRequest = objEnroll.Request;
// then get the inner PKCS10 request
IX509CertificateRequest iInnerRequest =
iRequest.GetInnerRequest(InnerRequestLevel.LevelInnermost);
IX509CertificateRequestPkcs10 iRequestPkcs10 =
iInnerRequest as IX509CertificateRequestPkcs10;
// create CX500DistinguishedName
CX500DistinguishedName objName = new CX500DistinguishedName();
objName.Encode(subjectName, X500NameFlags.XCN_CERT_NAME_STR_NONE);
// set up the subject name
iRequestPkcs10.Subject = objName;
I think I then need to do some thing like this
iRequestPkcs10.PublicKey.InitializeFromEncodedPublicKeyInfo(xx);
but I dont know what xx is. I have the public key (In a bouncy castle PKCS10 object), but what format must it be in to pass to this function?

You can specify the public key in a number of different formats.
According to MSDN, InitializeFromEncodedPublicKeyInfo takes two parameters: the first is the public key, and the second is an EncodingType enumeration value that specifies the format of the public key you are supplying.

Related

Acumatica REST API INTran

I have a Generic Inquiry and Endpoint to get all rows and fields of INTran, which works fine.
What fields in an INTran row are it's unique keys?
I am populating a DB on a different server with this data, so I can do some detailed analysis.
I am using the LastModified field to get updates, and I need to setup my local DB keys so the correct row will be updated, and a new row will not be inserted (unless its keys are new).
I do not have login access to the Acumatica server, so I have to do this through the API.
Version 2019R1
If you have access to the Acumatica website you can look up the INTran DAC (class INTran) with the Source Code page SM204570.
The DAC indicates primary keys are fields:
INTran.DocType
INTran.RefNbr
INTran.LineNbr
You can also deduce the DB type and length in the DAC attribute from the same INTran DAC.
Example DocType, PXDBString with IsFixed of length 1 maps to DB type char(1) :
#region DocType
public abstract class docType : PX.Data.BQL.BqlString.Field<docType> { }
protected String _DocType;
[PXUIField(DisplayName = INRegister.docType.DisplayName)]
[PXDBString(1, IsFixed = true, IsKey = true)]
[PXDefault(typeof(INRegister.docType))]
[INDocType.List()]
public virtual String DocType
{
get { return this._DocType; }
set { this._DocType = value; }
}
#endregion
PXDBString without IsFixed maps to varchar type.
PXDBString with IsUnicode maps to nvarchar.
PXDBInt maps to int.
DAC attributes should always match the DB type but DB is the final source of truth.
In DB here's how those fields are declared:
[DocType] [char](1) NOT NULL
[RefNbr] [nvarchar](15) NOT NULL
[LineNbr] [int] NOT NULL

Getting method name related to a rest service

I wanted to know if there exist a way of retrieving the actual method name associated to a rest service provided. Lets suppose my url is http://localhost:8080/v1/mytesturl now i want to retrieve the actual method name that is associated with this url.
Actually we are maintaining some key/value pair specific to the method that we have created and i need to make some checks based on the method name that gets executed using these values.
Plz let me know if there exist some way to do that..
Simply get the method name from the Object class.
#RestController
#RequestMapping("")
public class HomeController {
#RequestMapping("/mytesturl")
#ResponseBody
public String getMethodName() {
return new Object(){}.getClass().getEnclosingMethod().getName();
}
}
i got the solution by using this
Map<RequestMappingInfo, HandlerMethod> handlerMethods = RequestMappingHandlerMapping.getHandlerMethods();
HandlerExecutionChain handler = RequestMappingHandlerMapping.getHandler(requestr);
HandlerMethod handler1 = null;
if(Objects.nonNull(handler)){
handler1 = (HandlerMethod) handler.getHandler();
handler1.getMethod().getName()
}
this provide me with what i wanted..

Use GuidRepresentation.Standard with MongoDB

I am implementing a custom IBsonSerializer with the official MongoDB driver (C#). I am in the situation where I must serialize and deserialize a Guid.
If I implement the Serialize method as follow, it works:
public void Serialize(BsonWriter bsonWriter, Type nominalType, object value, IBsonSerializationOptions options)
{
BsonBinaryData data = new BsonBinaryData(value, GuidRepresentation.CSharpLegacy);
bsonWriter.WriteBinaryData(data);
}
However I don't want the Guid representation to be CSharpLegacy, I want to use the standard representation. But if I change the Guid representation in that code, I get the following error:
MongoDB.Bson.BsonSerializationException: The GuidRepresentation for the writer is CSharpLegacy, which requires the subType argument to be UuidLegacy, not UuidStandard.
How do I serialize a Guid value using the standard representation?
Old question but in case someone finds it on google like I did...
Do this once:
BsonDefaults.GuidRepresentation = GuidRepresentation.Standard;
For example, in a Web Application/Web API, your Global.asax.cs file is best place to add it once
public class WebApiApplication : System.Web.HttpApplication
{
protected void Application_Start()
{
BsonDefaults.GuidRepresentation = GuidRepresentation.Standard;
//Other code...below
}
}
If you don't want to modify the global setting BsonDefaults.GuidRepresentation (and you shouldn't, because modifying globals is a bad pattern), you can specify the setting when you create your collection:
IMongoDatabase db = ???;
string collectionName = ???;
var collectionSettings = new MongoCollectionSettings {
GuidRepresentation = GuidRepresentation.Standard
};
var collection = db.GetCollection<BsonDocument>(collectionName, collectionSettings);
Then any GUIDs written to the collection will be in the standard format.
Note that when you read records from the database, you will get a System.FormatException if the GUID format in the database is different from the format in your collection settings.
It looks like what's happening is when you are not explicitly passing the GuidRepresentation to BsonBinaryData constructor, it defaults to passing GuidRepresentation.Unspecified and that ultimately maps to GuidRepresentation.Legacy (see this line in the source)
So you need to explicitly pass the guidRepresentation as a third argument to BsonBinaryData set to GuidRepresentation.Standard.
edit: As was later pointed out, you can set BsonDefaults.GuidRepresentation = GuidRepresentation.Standard if that's what you always want to use.

RESTful webservices: query parameters

I am using JAX-RS with RESTEasy.
I want to know if we can have represent different resources with path differentiated only by order and number of query parameters?
e.g.
/customer/1234
/customer?id=1234
/customer?name=James
Can I create three different methods e.g.
#Path("customer/{id}")
public Response get(#PathParam("id") final Long id) {
..
}
#Path("customer?id={id}")
public Response get(#QueryParam("id") final Long id) {
..
}
#Path("customer?name={name}")
public Response get(#QueryParam("name") final String name) {
..
}
Will this work, can I invoke different methods by differentiating path like this?
Thanks
This is a valid #Path:
#Path("customer/{id}") // (1)
These are not:
#Path("customer?id={id}") // (2)
#Path("customer?name={name}") // (3)
They are the same because the boil down to
#Path("customer")
which you could use.
So you can have (1) and one of (2) and (3). But you can't have (2) and (3) at the same time.
#QueryParam parameters are not part of the #Path. You can access them as you do in the signature of the method but you can't base the routing of JAX-RS on them.
Edit:
You can write one method that accepts both id and name as #QueryParam. These query parameters are optional.
#Path("customer")
public Response get(#QueryParam("id") final String id,
#QueryParam("name") final String name) {
// Look up the Customers based on 'id' and/or 'name'
}

IOS: Decrypting a message with public key received from webservice

I'm new to this topic so sorry if this is a stupid question :\
I'm trying to decrypt a message with a given public key. Both the message and public key is given from the webservice.
See the following code for how i currently do the decrypting:
for (NSValue *refVal in keyRefs) {
SecKeyRef p_key = NULL;
[refVal getValue:&p_key];
if (p_key == NULL) continue;
size_t dataLength = encryptedData.length;
size_t outPutLength = MAX(dataLength, SecKeyGetBlockSize(p_key));
void *outPutBuf = malloc(outPutLength);
if (outPutBuf) {
// Error handling
OSStatus status = SecKeyDecrypt(p_key,
kSecPaddingNone,
encryptedData.bytes,
encryptedData.length,
outPutBuf,
&outPutLength
);
NSLog(#"decryption result code: %ld (size: %lu)", status, outPutLength);
NSLog(#"FINAL decrypted text: %s", outPutBuf);
if (status == errSecSuccess) {
break;
}
} else {
//Error handling
}
}
I get no errors, but the decrypted string is displayed like this (the correct output should be a JSON array):
decryption result code: 0 size:511)
FINAL decrypted text: ˇˇˇˇˇˇˇˇˇˇˇˇˇˇˇˇˇˇˇˇˇˇˇˇˇˇˇˇˇˇˇˇˇˇˇˇˇˇˇˇˇˇˇˇˇˇˇˇˇˇˇˇˇˇˇˇˇˇˇˇˇˇˇˇˇˇˇˇˇˇˇˇˇˇˇˇˇˇˇˇˇˇˇˇˇˇˇˇˇˇˇˇˇˇˇˇˇˇˇˇˇˇˇˇˇˇˇˇˇˇˇˇˇˇˇˇˇˇˇˇˇˇˇ
Is it because I use the "SecKeyDecrypt" with a "public key" instead of a "private key"? In that case, what should i instead use for decrypting?
Thanks for any help regarding this!
EDIT: I'm using code from: http://blog.flirble.org/2011/01/05/rsa-public-key-openssl-ios/ to use the public key i get from the server (this is where "keyRefs" from the code snippet comes from)
Of course, the public key is something someone else uses to encrypt data so that only someone with the private key can decrypt it.
The very definition of a public key is that you can give it to anyone. You wouldn't want anyone to be able to decrypt anyone else's encrypted message would you?
It is impossible to tell from your code fragment where your private key is stored, or what the contents (or even class) of keyRefs is.
EDIT: In response to above OP's comment. And clarification.
*"The public key itself is the public part of a RSA-key-pair stored on the server. The encrypted message was created on the server by first JSON-encoding the object, then encrypted with the private-key with OPENSSL_PKCS1_PADDING, then base64-encoded, and then JSON-encoded again as a part of the final message. The message and public key is stored on the client. What i want is to decrypt the message on the client by using the public key. As i said, im not very good at this subject so i might have tried to do this the wrong way"*
Thats not how public key cryptography works. The server and client exchange public keys. Then each of them use the other's public key to encrypt data sent to the opposite party. The receiving party always uses their own private key to decrypt the message.
If you want the server to generate an encrypted response, have the client pass their public key in the request, use that public key to encrypt the response, and then decrypt the response on the client with the client's private key.