I am trying to load certificate from the system store. I am using the function CertFindCertificateInStore from CryptoAPI:
std::string certName;
CERT_RDN_ATTR subjCN;
subjCN.pszObjId = szOID_COMMON_NAME;
subjCN.dwValueType = CERT_RDN_PRINTABLE_STRING;
subjCN.Value.cbData = 2*(certName.size());
subjCN.Value.pbData = (BYTE*)certName.c_str();
CERT_RDN rdn;
rdn.cRDNAttr = 1;
rdn.rgRDNAttr = &subjCN;
cert = CertFindCertificateInStore ( certStore,
X509_ASN_ENCODING | PKCS_7_ASN_ENCODING,
CERT_UNICODE_IS_RDN_ATTRS_FLAG ,
CERT_FIND_SUBJECT_ATTR,
&rdn,
NULL);
Why do I need to set the dwValueType for CERT_RDN_ATTR to CERT_RDN_PRINTABLE_STRING instead of CERT_RDN_UNICODE_STRING? (I am using Unicode.) With CERT_RDN_UNICODE_STRING this code doesn't work.
Nevertheless, I can't load certificate with a subject CN containing whitespaces and russian symbols. For simple CN names such as "foo", this code works perfect.
What can I do to load Certificates with a unicode name this way?
If you can understand anything from the gibberish that is the MSDN documentation then you are amazing. Perhaps the following gem can be deconstructed for some illumination:
The CERT_UNICODE_IS_RDN_ATTRS_FLAG dwFindFlags value is used only with
the CERT_FIND_SUBJECT_ATTR and CERT_FIND_ISSUER_ATTR values for
dwFindType. CERT_UNICODE_IS_RDN_ATTRS_FLAG must be set if the
CERT_RDN_ATTR structure pointed to by pvFindPara was initialized with
Unicode strings. Before any comparison is made, the string to be
matched is converted by using X509_UNICODE_NAME to provide for Unicode
comparisons.
I guess the "string to be matched" is in your subjCN.Value.pbData field. Have you converted this using X509_UNICODE_NAME? This seems to be something you do in the CryptEncodeObject function. Going to that page has made my head hurt. Sorry, you'll have to be the one to suffer through the next steps.
I more carefully looked to the documentation. As I understand now,
certificate name blob contains encoded array of rdn attributes
http://msdn.microsoft.com/en-us/library/aa382005(v=vs.85).aspx
Each rdn attribute has type - such as UTF8, UNICODE, T.61 and etc.
When using CERT_UNICODE_IS_RDN_ATTRS_FLAG for CertFindCertificateInStore, this function converts suppled string
in RDN attribute from Unicode to RDN attribute type and then matches this value with certificates RDN's.
So I decoded my certificate with CryptDecodedObject, looked at RDN Common Name ant it turned out, that type was CERT_RDN_T61_STRING. Then I set subjCN.dwValueType to CERT_RDN_T61_STRING code had worked. For russian symbols I needed CERT_RDN_UNICODE_STRING.
So CertFindCertificateInStore with CERT_FIND_SUBJECT_ATTR or with CERT_FIND_ISSUER_ATTR is not much use to you, if you don't know exact encodyng of this attribute in certificate.
Related
is there a way to extract only IPv4 from a file in JSON language using VB.net
For example I would like that when I open a JSON file from VB I can filter only IPv4 from this text for example: https://pastebin.com/raw/S7Vnnxqa
& i expect the results like this https://pastebin.com/raw/8L8Ckrwi i founded this website that he offer a tool to do that https://www.toolsvoid.com/extract-ip-addresses/ i put the link here to understand more what i mean but i don't want to use an external tool i want it to be converted from VB directly thanks for your help in advance.
Your "text" is JSON. Load it using the JSON parser of your choice (google VB.NET parse JSON), loop over the matches array and read the IP address from the http.host property of each element.
Here is an example how to do it using the Newtonsoft.Json package (see it working here on DotNetFiddle):
' Assume that the variable myJsonString contains the original string
Dim myJObject = JObject.Parse(myJsonString)
For Each match In myJObject("matches")
Console.WriteLine(match("http")("host"))
Next
Output:
62.176.84.198
197.214.169.59
46.234.76.75
122.136.141.67
219.73.94.83
2402:800:621b:33f1:d1e3:5544:4fcf:526e
178.136.75.125
188.167.212.252
...
If you want to extract only IPv4 and not IPv6, you can use a regular expression to check whether it matches:
Dim IPV4Regex = New Regex("^(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)$")
Dim ip = match("http")("host")
If IPV4Regex.Match(ip).Success Then
Console.WriteLine(ip)
End If
62.176.84.198
197.214.169.59
46.234.76.75
122.136.141.67
219.73.94.83
178.136.75.125
188.167.212.252
...
Of course it's always recommended to parse the input data in a structured way, to avoid surprises such as false positives. But if you just want to match anything that looks like an IP address, regardless of the input format (even if you just put hello1.2.3.4world in the textbox), then you could use just the regular expression and skip the structured approach (see it working here on DotNetFiddle):
Dim IPV4RegexWithWordBoundary = New Regex("\b(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\b")
Dim match = IPV4RegexWithWordBoundary.Match(myJsonString)
Do While match.Success
Console.WriteLine(match.Value)
match = match.NextMatch()
Loop
Here I modified the regular expression to use \b...\b instead of ^...$ so that it matches word boundaries instead of start/end of string. Note however that now we get IP addresses twice with the input that you provided, because the addresses exist more than once:
62.176.84.198
62.176.84.198
197.214.169.59
197.214.169.59
46.234.76.75
46.234.76.75
...
I am new to SQL Server and am trying to implement the steps from this tutorial: https://www.youtube.com/watch?v=ElGSvn3OCK4 (At around minute 12).
I want to implement a semantic search. Therefore I want to set a Search Property List. Here is the code (which is from the tutorial):
ALTER SEARCH PROPERTY LIST DocumentPropertiesTest
ADD 'Title'
WITH (PROPERTY_SET_GUID = 'F29F85E0-1068-AB91-08002B27B309', PROPERTY_INT_ID = 2,
PROPERTY_DESCRIPTION = 'System.Title = Title of the item' );
GO
I am getting an error that says that the conversion in uniqueidentifier failed. Can anyone explain what this means in this example? Thanks a lot!
A UNIQUEIDENTIFIER field must have a valid GUID
Your string 'F29F85E0-1068-AB91-08002B27B309' isn't a GUID.
You can use something like this to validate.
A GUID has another 4 digit block that you seem to be missing.
For example:
'F29F85E0-1068-0000-AB91-08002B27B309' note the 0000 around the middle.
According to the documentation, I can use options such as ssplit.isOneSentence for parsing my document into sentences. How exactly do I do this though, given a StanfordCoreNLP object?
Here's my code -
Properties props = new Properties();
props.setProperty("annotators", "tokenize, ssplit, pos, lemma, ner, depparse");
pipeline.annotate(document);
Annotation document = new Annotation(doc);
pipeline.annotate(document);
List<CoreMap> sentences = document.get(SentencesAnnotation.class);
At what point do I add this option and where?
Something like this?
pipeline.ssplit.boundaryTokenRegex = '"'
I'd also like to know how to use it for the specific option boundaryTokenRegex
EDIT:
I think this seems more appropriate -
props.put("ssplit.boundaryTokenRegex", "/"");
But I still have to verify.
The way to do it for tokenizing sentences to end at any instance of a ' " ' is this -
props.setProperty("ssplit.boundaryMultiTokenRegex", "/\'\'/");
or
props.setProperty("ssplit.boundaryMultiTokenRegex", "/\"/");
depending on how it is stored. (CoreNLP normalizes it as the former)
And if you want both starting and ending quotes -
props.setProperty("ssplit.boundaryMultiTokenRegex","\/'/'|``\");
What i am trying to do is create a dictionary in python 3.4 that will have one key named pass. Right now when I try to do this I only get an "invalid syntax".
login_data = dict(email=USERNAME, lsd=LSD, login=LOGIN ,pass=PASSWORD)
I am new to python thanks in advance
You can't. pass is a python keyword and as such it's not a valid identifier.
You can append a trailing underscore to make it into a valid identifier and use pass_ (this is the usual convention in such situations), or you can use a completely different name instead.
Note that pass is not a valid identifier, but you can use it as a string.
In your case you can build the dictionary using the dictionary literal:
login_data = {'email': USERNAME, 'lsd': LSD, 'login': LOGIN, 'pass': PASSWORD}
I have a large Openldap directory. In the directory the display name property for every is filled but i need to modify these entry and make it like "givenName + + sn". Is there are way i can do it directly in the directory just like sql queries (update query). I have read about the ldapmodify but could not find the way to use it like this.
Any help in this regard will be appreciated.
There is no way to do this with a single LDAP API call. You'll always have to use one LDAP search operation to get givenname and sn attributes, and one LDAP modify operation to modify the displayName attribute.
If you use the command line ldaptools "ldapsearch" and "ldapmodify", you can do this easily with some shell scripting, but you'll have to be careful: sometimes ldapsearch(1) can return LDIF data in base64 format, with UTF-8 strings that contain characters beyond ascii. For instance: 'sn:: Base64data' (note the double ':')
So, if I were you I would use a simple script in my language of choice, that has an LDAP API, instead of using shell commands. This would save me the troubles of base64 decoding that the ldaptools sometimes impose.
For instance, with php-cli, your script would be roughly like this (perhaps some more error checking would be appropriate):
<?php
$ldap = ldap_connect('host');
ldap_bind($ldap, ...);
$sr = ldap_search($ldap, 'ou=people,...', 'objectclass=*');
$entries= ldap_get_entries($ldap, $sr);
for($i=0; $i<$entries['count']; $i++) {
$modify = array('displayname' => $entries[$i]['givenname'] . ' ' . $entries[$i]['sn']);
ldap_modify($ldap, $entries[$i]['dn'], $modify);
}
Addendum: if you want to keep this data up to date without any intervention, you will probably need to use a specialized OpenLDAP module that keeps "virtual" attributes, or even a virtual directory, such as Penrose or Oracle Virtual Directory, on top of OpenLDAP. However this might be overkill for a simple concatenation of attributes.