Limit intended purposes of newly created self signed certificate - windows

I'm creating a self signed certificate using CertCreateSelfSignCertificate. This works and I can encrypt/sign/decrypt/verify data with it.
I would like to limit the intended purposes of the certificate, but I always end up with a certificate that has "<All>" intended purposes enabled. This is the code I'm using to prepare the pExtensions parameter to the CertCreateSelfSignCertificate call:
BYTE key_usage_value = CERT_DATA_ENCIPHERMENT_KEY_USAGE |
CERT_DIGITAL_SIGNATURE_KEY_USAGE;
CERT_KEY_USAGE_RESTRICTION_INFO key_usage = {
0, NULL,
{ sizeof(key_usage_value), &key_usage_value }
};
auto key_usage_data = EncodeObject(szOID_KEY_USAGE_RESTRICTION, &key_usage);
CERT_EXTENSION extension[] = {
{ szOID_KEY_USAGE_RESTRICTION, TRUE, {
key_usage_data.size(), key_usage_data.data()
} }
};
CERT_EXTENSIONS extensions = {
elemsof(extension),
extension
};
EncodeObject simply calls CryptEncodeObject and returns the result as a std::vector.
I have not found much documentation on this so I'm not actually sure this is what I'm supposed to do. Can anyone point out to me what I'm doing wrong?

I guess the Extended Key Usage of your certificate is beeing build empty, that means that all purposes are allowed, if you want to limit those, you will need to define them including the specific OIDs of each one, for instance, A certificate capable only for:
Smartcardlogon, Digital Signature and Non-Repudiation
will have Extended Key Usage field filled with
1.3.6.1.4.1.311.20.2.2
2.5.29.37.3
2.5.29.37
Hope it helps

After looking into szOID_ENHANCED_KEY_USAGE according to srbob's answer I managed to change the key usage field.
Here is the (simplified) code I'm using to create the extensions on the certificate, again, this is the code I'm using to prepare the pExtensions parameter to the CertCreateSelfSignCertificate call:
BYTE key_usage_value = CERT_DATA_ENCIPHERMENT_KEY_USAGE |
CERT_DIGITAL_SIGNATURE_KEY_USAGE;
CERT_KEY_USAGE_RESTRICTION_INFO key_usage = {
0, NULL,
{ sizeof(key_usage_value), &key_usage_value }
};
auto key_usage_data = EncodeObject(szOID_KEY_USAGE_RESTRICTION, &key_usage);
LPSTR enh_usage_value[] = { szOID_KP_DOCUMENT_SIGNING };
CERT_ENHKEY_USAGE enh_usage = {
elemsof(enh_usage_value),
enh_usage_value
};
auto enh_usage_data = EncodeObject(szOID_ENHANCED_KEY_USAGE, &enh_usage);
CERT_EXTENSION extension[] = {
{ szOID_KEY_USAGE_RESTRICTION, TRUE, {
key_usage_data.size(), key_usage_data.data() } },
{ szOID_ENHANCED_KEY_USAGE, TRUE, {
enh_usage_data.size(), enh_usage_data.data() } },
};
CERT_EXTENSIONS extensions = {
elemsof(extension),
extension
};
Note that the code above still adds the szOID_KEY_USAGE_RESTRICTION extension as well.

Related

Visual testing with Nightwatch-vrt: Test passed, element is captures, but no picture is seen

I installed nightwatch-vrt locally in my project. Npm showed me multiple vulnerities which I ignored.
I created a nightwatch.vrt.conf.js with the following content:
const path = require('path');
const baseConfig = require('./nightwatch.conf.js');
const config = {
...baseConfig,
custom_commands_path: ['node_modules/nightwatch-vrt/commands'],
custom_assertions_path: ['node_modules/nightwatch-vrt/assertions']
};
function generateScreenshotFilePath(nightwatchClient, basePath, fileName) {
const moduleName = nightwatchClient.currentTest.module,
testName = nightwatchClient.currentTest.name;
return path.join(process.cwd(), basePath, moduleName, testName, fileName);
};
config.test_settings.default.globals = {
"visual_regression_settings": {
"generate_screenshot_path": generateScreenshotFilePath,
"latest_screenshots_path": "vrt/latest",
"latest_suffix": "",
"baseline_screenshots_path": "vrt/baseline",
"baseline_suffix": "",
"diff_screenshots_path": "vrt/diff",
"diff_suffix": "",
"threshold": 0.5,
"prompt": false,
"always_save_diff_screenshot": true
}
}
module.exports = config;
My test (simple, just to see if it works) looks like:
module.exports = {
tags: ['x'],
'visual testing':function(browser) {
browser
.url('https://www.kraeuter-und-duftpflanzen.de')
.maximizeWindow()
.assert.visible('.header-main')
.pause(1000)
.assert.screenshotIdenticalToBaseline('.header-main')
//.saveScreenshot('./tests_output/image.png')
.end();
}
}
Now the test passes, no assertions failed, a folder is created and the file is correctly named placed there, but I can only see an field with checkerboard pattern (like the transparent background in vector graphics) in the size of the captured element.
Before the test report messages like this are shown:
[32644:26476:0414/082519.134:ERROR:device_event_log_impl.cc(214)] [08:25:19.134]
USB: usb_device_handle_win.cc:1049 Failed to read descriptor from node connection:
Ein an das System angeschlossenes Gerõt funktioniert nicht. (0x1F)
If I let Nightwatch take a screenshot itself, it is displayed correctly.
Does anyone know, where's the mistake?
it seems that this package is broken and not updated for a very very long time. I advise you to update to this one https://www.npmjs.com/package/#bbc/nightwatch-vrt

Filter any Event using ethers.js and local node (Ganache-cli)

anyone can help me? I am using ganache-cli with fork bsc mainnet. When I use queryFilter, javascript show me this error: "Number can only safely store up to 53 bits"
In bsc mainnet it works perfectly
How can I solve this?
this is the code :
const {JsonRpcProvider} = require("#ethersproject/providers")
const ethers = require('ethers')
var provider = new ethers.providers.JsonRpcProvider("http://localhost:xxxx")
var abi = [
"event Swap(address indexed sender,uint amount0In,uint amount1In,uint amount0Out,uint amount1Out,address indexed to)"
]
contract = new ethers.Contract("0xd99c7F6C65857AC913a8f880A4cb84032AB2FC5b", abi, provider)
provider.getBlockNumber().then(function(x) {
contract.queryFilter([contract.filters.Swap()], x-48, x).then(function(el) {
console.log(el)
})
})
Guess this workaround should do the trick:
https://github.com/ChainSafe/web3.js/pull/3948#issuecomment-821779691

Cypress - extract URL info

I have this URL :
https://www.acme.com/book/passengers?id=h1c7cafc-5457-4564-af9d-2599c6a37dde&hash=7EPbMqFFQu8T5R3AQr1GCw&gtmsearchtype=City+Break
and want to store these values :
id=h1c7cafc-5457-4564-af9d-2599c6a37dde
hash=7EPbMqFFQu8T5R3AQr1GCw
for use in a later test.
How do I extract these values from the URL? I am using Cypress. Thanks.
Please follow the following steps and that's all there is to it.
You can put this snippet into before() hooks of your spec file and you can access them wherever you want.
cy.location().then(fullUrl => {
let pathName = fullUrl.pathname
let arr = pathName.split('?');
let arrayValues = arr[1].split('&');
cy.log(arrayValues[0]);
cy.log(arrayValues[1]);
cy.log(arrayValues[2]);
})
In case anyone needs the correct answer, use the cy.location('search') to extract the search part of the location data.
Then for convenience, convert it to a javascript object with key/value pairs for each item.
Finally, store it in a Cypress alias to use later in the test.
cy.location('search')
.then(search=> {
const searchValues = search.split('?')[1].split('&')
// yields: [
// id=h1c7cafc-5457-4564-af9d-2599c6a37dde,
// hash=7EPbMqFFQu8T5R3AQr1GCw,
// gtmsearchtype=City+Break
// ]
const searchMap = searchValues.reduce((acc,item) => {
const [key,value] = item.split('=')
acc[key] = value.replace('+', ' ')
return acc
}, {})
// yields: {
// id: "h1c7cafc-5457-4564-af9d-2599c6a37dde",
// hash: "7EPbMqFFQu8T5R3AQr1GCw",
// gtmsearchtype: "City Break"
// }
cy.wrap(searchMap).as('searchMap')
})
Using #Srinu Kodi's answer I got it working changing ...then(fullUrl => ... to
...then((fullUrl) => ...

Usage of AlternativeLanguageCodes in Google Cloud Speech to Text API v1p1beta1 RPC

I am working on Google Cloud Speech to Text API in RPC v1p1beta1 with its go client. The API works as expected but if alternativeLanguageCodes are set in the RecognitionConfig it does not answer.
GoogleRecognitionConfig: &speech.StreamingRecognitionConfig{
SingleUtterance: c.SingleUtterance,
InterimResults: false,
Config: &speech.RecognitionConfig{
Encoding: speech.RecognitionConfig_LINEAR16,
SampleRateHertz: 8000,
LanguageCode: lang,
// AlternativeLanguageCodes: []string("en-US"),
SpeechContexts: []*speech.SpeechContext{
{Phrases: c.Phrases},
},
},
},
I am aware it's in beta but I am wondering if anyone else is having issues as well or it's just a bug in my code.
Thanks
I have tried this today (c#, 1.0.0-beta02) but I never get alternative language codes results, only for primary language code.
ENGINE = SpeechClient.Create();
ENGINE_CONFIG = new StreamingRecognitionConfig()
{
Config = new RecognitionConfig()
{
Encoding = RecognitionConfig.Types.AudioEncoding.Linear16,
SampleRateHertz = settings.ArchiveSampleRate,
LanguageCode = firstLanguageCode,
ProfanityFilter = false,
MaxAlternatives = Constants.MASTER_SETTINGS.SpeechRecognitionAlternatives,
SpeechContexts = { new HintsManager(settings).GetHintsBasedOnContext(Contexts) }
},
InterimResults = Constants.MASTER_SETTINGS.RecognitionConfigSettings.InterimResultsReturned
};
// NOTE: 10062019 - ADD ALTERNATIVE LANGUAGE CODES HERE
// NOTE: 10062019 - ADD ALTERNATIVE LANGUAGE CODES HERE
// NOTE: 10062019 - ADD ALTERNATIVE LANGUAGE CODES HERE
foreach (var alternativeCode in otherAlternativeLanguageCodes)
{
ENGINE_CONFIG.Config.AlternativeLanguageCodes.Add(alternativeCode);
}
EDIT: After upgrading yesterday to new Beta, Nuget:
Install-Package Google.Cloud.Speech.V1P1Beta1 -Version 1.0.0-beta03
Everything seems to be working ok. The only thing I noticed was that interim results are never returned?

Says Jasmine spy is not being called, but I can see that its being called

I can't figure out why Jasmine is claiming that the function I'm spying on isn't being called, especially since it is logging in buildLinksObj when called through and not calling when I remove .and.callThrough() I feel like I've written similar code a bunch of times before without any problem. I'm using Jasmine 2.9
The error message I'm getting is:
1) addToLinks should call buildLinksObj if its given an object with children
it should add the personalized links to PageApp.meta.analytics.links
Expected spy buildLinksObj to have been called.
at UserContext.<anonymous> (http://localhost:9877webpack:///tests/specs/common/FetchPersonalContent.spec.js:854:0 <- tests/app-mcom.js:104553:48)
Here's the except of my code:
FetchPersonalContent.js
const buildLinksObj = (responseObj = {}, targetObj, PageApp) => {
console.log('it logs in buildLinksObj') // This is logging!
}
const addToLinks = (responseArr, personalizedLinks) => {
responseArr.forEach((media) => {
const type = media.type;
const typeObj = media[type];
buildLinksObj(typeObj, personalizedLinks, PageApp);
if (typeObj && typeObj.children) {
console.log('has children!')
console.log('typeObj.children is: ', typeObj.children);
typeObj.children.forEach((child) => {
console.log('has a child')
buildLinksObj(child, personalizedLinks, PageApp);
console.log('buildLinksObj was definitely called. what the heck?')
});
}
});
}
export {buildLinksObj, addToLinks, FetchPersonalContent as default,
};
FetchPersonalContent.spec.js
import * as FetchPersonalContent from '../../../src/FetchPersonalContent'; // my path is definitely correct
describe('it should add the personalized links to PageApp.meta.analytics.links', () => {
it('addToLinks should call buildLinksObj if its given an object with children ', () => {
spyOn(FetchPersonalContent, 'buildLinksObj').and.callThrough();
FetchPersonalContent.addToLinks([{
"personalId": 30718,
"type": "carousel",
"carousel": {}
}], {});
expect(FetchPersonalContent.buildLinksObj).toHaveBeenCalled();
});
});
I'd really appreciate any help!
I have a feeling FetchPersonalContent.buildLinksObj in the spec file is not pointing to the same instance as buildLinksObj in the FetchPersonalContent.js file.
Why is export {FetchPersonalContent as default} required? I am assuming you have shared the complete content of FetchPersonalContent.js in your question.
Possible solutions:
You can try removing FetchPersonalContent from the export statement.
Or
Instead of
export {buildLinksObj, addToLinks, FetchPersonalContent as default,
};
You can directly export the constants in FetchPersonalContent.js file.

Resources