I have a private key and a signature, but I don't the message being signed. Can I somehow decode the signature using private key to get the message that is signed?
What is signed is the message hash, not the message. You cannot derive a message from its hash.
Related
I have an API spec that defines a parameter account_id as a string in the request body.
Say a request comes in with a number or even boolean for that field. Something like:
"account_id": 1234567890
or
"account_id": true
The deserializer I'm using, Vert.x's Json.decodeValue, automatically converts these types to string (but it doesn't provide an option for strict type checking).
Question:
What the best practice in this scenario? Should I be strict about the spec and reject the request? Or let number and boolean be silently converted to string?
That's a very broad question, not directly related to Vert.x.
TL;DR - let it be converted to String, then parse it again in your business layer doing the necessary validations.
I would say it really depends on the purpose of your API. Why account_id is a string? Is it because you planned to use UUIDs or some other non-numeric identifier in the future?
Anyway, it seems that this is a business concern. So, receive account_id as a String, then if needed, parse it as an Integer and return relevant error. In the future, in case you'd also receive other types of identifiers, you can add another validation, returning same type of error.
vert.x's Json class is a wrapper around Jackson's ObjectMapper which is a public static field.
That means you can configure it any way you like:
Json.mapper.configure(DeserializationFeature.FAIL_ON_NULL_FOR_PRIMITIVES, false);
Need to create hash token using SHA-512 Algorithm, So on using _digest function of jmeter, I am getting a different token.
What is "salt"? is it same as secret key ?
How to use it?
${__digest(SHA-512,{test_test_test},SXF,,)}
See documentation of function:
https://jmeter.apache.org/usermanual/functions.html#__digest
Regarding SALT, it is described here:
https://en.m.wikipedia.org/wiki/Salt_(cryptography)
It’s not a private key, a salt is random data that is used as an additional input to a one-way function that "hashes" data, a password or passphrase. Salts are used to safeguard passwords in storage.
So, I have a private key in binary blob format which looks like some encrypted junk. Now, what should I do in order to transform that into a correct looking private key which is usable by openssl ?
For instance, I want it to be in -----BEGIN PRIVATE KEY----- some base64 -----END PRIVATE KEY----- format.
How is it possible ?
Convert the binary blob to string or base64 decode the whole thing and see what it produces. If it is gibrrish, you would need to see if it is encoded differently or if it is encrypted. If later, you need to decrypt.
It is difficult to provide a concrete answer without having more details on the data format.
While configuring mail service com.day.cq.mailer.DefaultMailService, I came to know that SMTP port should be an integer (smtp.port=I"465").
But if I try configuring using sling:OsgiConfig node, as the CRX is not providing Integer for data type (only Decimal, Double and Long), I am not able to achieve this.
Is there any alternative?
Use String type in sling:OsgiConfig node to give the smtp:port in CRX/DE. This is internally processed by DefaultMailService.
If we see the DefaultMailService implementation smtp.port is String, is processed by annotations
#Property(intValue={25})
private static final String SMTP_PORT = "smtp.port";
Sandeep is wrong, the internal representation is not String. The SMTP_PORT variable is of type String, because it holds a label and not the field value.
The actual value is of type int.
But you can set the value to Long in crx.de, because the value will be internally cast to int then.
String might also work, but I did not test that.
I am developing ASP.Net Web API application and we are exposing a REST API for different clients. I have a problem when taking users' JSON files and converting them to Data Model classes. My JSON looks like below.
{"engagementid":1,"clientname":"fsdfs","myno":"23,45","address1":"fsd","address2":"fsdfs","city":"fsdfs","zip":"fsdf","info":"fsdfs","country":"fsdfs","currency":"NOK"}
You can see that my "myno" is sent as a string. But in my Server Data Model "myno" is a double value. So what happen here is when I send the value for "myno" as "23,45", it gets assigned to MyNo property of my Model as 2345. This is wrong, because you can see that the number has been changed because of this wrong conversion. What I simply need is to restrict this conversion. I mean, I want to send an error to Client if he sends a string for "myno" property. Since it is a double value in my Server Data Model, I want to accept only numbers from the client for this property. Which means, I want it like this.
{"myno":2345} //correct
{"myno":"2345"} //wrong. I want to send a error to user by saying, "We only accept Numbers for this value"
How do I do this?
Update:
This problem gets solved if I am using int in my server-model. I mean, if a client send a string to a property which is represented as int in my model, then it gives an error to user by saying string to int conversion can not be done.
I don't whether it is correct or not. I am just telling my suggestion according to my experience. Why can't you create a custom validation attribute and check the datatype of data.
public class IsNumberAttribute : ValidationAttribute
{
protected override ValidationResult IsValid(object value, ValidationContext context)
{
if(value.GetType() != Int)
return new ValidationResult("Only Numbers Allowed");
return null;
}
}