In the TPM I can generate an SRK (Storage Root Key) that will be stored on the chip. This key will be used to wrap and protect other keys (not stored on the TPM).
Let's say I don't trust the chip in the key generation process, is there any way to put my own SRK in the TPM? Same question for the wrapped keys?
There are command TPM_CC_Import and TPM_CC_Load, but the first seems to be able to onnly import symetric keys (and I want to import an asymetric one) and the second seems to only be able to load an object created by the TPM.
Anyone has any idea or somethink to help me?
Related
I am making a project that uses firebase which has the structure explained on the image. The nodes are like this userUID->MAC_addr->Data. On the Android side i have the code shown below, as you can see when some data changes it iterates a lot, this is because i dont have the "MAC" string to use it, so when something change i have to bring all the information due that. For example, if i had 2 MAC directions and some data changed on 1 of them i would have to bring the information of the other branch too. How can i improve this?
reference.child(Firebase.auth.uid.toString()).addValueEventListener(object :ValueEventListener{
override fun onDataChange(snapshot: DataSnapshot) {
for (i in snapshot.children) {
//iterates on macAddresses
for(data in i.children){
//iterates on the real data
when(data.key){
"AlarmActivated"->{}
"AlarmOff"->{}
...
}
}
}
I have tried other ways, but all of them needs to know the entire path, i was thinking to save the data on the phone (with preferences, but i dont like that approach, i hope there is a better way)
When you listen on a certain path, you can only get information about the direct child node of that path that was changed. There is no specific information about what lower-level properties were changed.
The typical solution for your use-case is to store the previous snapshot that you got, and then compare that property-for-property to any updates in your application code. You can either use local storage for storing the data yourself, or you can use the built-in caching mechanism of the SDK to handle the storage.
i am trying to update my firebase but is not appear what i updated
this is my firebase data :
and then i exported my data :
then i updated and added another class :
and return a message is all updated :
but the problem is my data don't updated and stay in same data :
and this is my rules :
please help me to know what is and why i cant success to update that
thanks alot
Firebase automatically creates keys for any values you write, and it automatically deletes keys that no longer have any values under them.
Since you specified no value for the game key, it is immediately deleted after you add it.
If you want to make sure the key gets written when you import the JSON, be sure to give it a value. E.g.
"game": true
But note that you don't need to pre-create keys like this, as Firebase will automatically create the game key when your app writes a value somewhere under it.
I'm trying to understand how corda oracles work from an example on github. It seems like in every example oracle verification function checks the data in command and data in output state. I don't understand why that should work because we (issuer node) manage that data and put it in command/output state.
// Our contract does not check that the Nth prime is correct. Instead, it checks that the
// information in the command and state match.
override fun verify(tx: LedgerTransaction) = requireThat {
"There are no inputs" using (tx.inputs.isEmpty())
val output = tx.outputsOfType<PrimeState>().single()
val command = tx.commands.requireSingleCommand<Create>().value
"The prime in the output does not match the prime in the command." using
(command.n == output.n && command.nthPrime == output.nthPrime)
}
In this example state gets Nth prime number from oracle but after it's issued the verification function doesn't rerun generateNth prime function to make sure that this number is really the one we needed. I understand that data in this example is deterministic since Nth prime cannot change but what about the case where we have dynamic data like stock values? Shouldn't oracle verification function also send another http request and get current values to check them?
Firstly, note that contracts in Corda are not able to access the outside world in any way (DB reads, HTTP requests, etc.). If they could, transaction validity would be non-deterministic. A transaction that is found to be valid on day n may become invalid on day n+1 (because a database row changed, or a website went down, etc.). This would cause disagreements about whether a given transaction was a valid ledger update.
However, we sometimes need a transaction to include external data for verification (whether a company is bankrupt, whether a natural catastrophe happened, etc.). To do this, we use a trusted oracle that only signs the transaction if a given piece of data is valid.
We could embed the information in the input or output states. However, this would require us to reveal the entire input or output state to the oracle for signing. For privacy reasons, it is therefore preferable to embed the data in a command that only contains the data of interest to the oracle, so that we can filter out all the other parts of the transaction and only present this command to the oracle for signing.
The oracle will usually perform a DB read or make an HTTP request to check the validity of the data before signing.
I have program who exchange session key via Diffie-Hellman algorithm, or almost exchange. All action is 2 classes: one receives data and calculates private key, set it to second class, where symmetric key is calculated after receiving public part of DH.
Program is using Qt and QCA.
Private key is stored as widget class member:
QCA::DHPrivateKey m_localKey;
after receiving public part of other side key (as QByteArray) it calculates symetric key:
QCA::Initializer init;
QCA::DLGroup group(prime, p);
QCA::SecureArray remoteKey(m_remoteKey);
QCA::DHPublicKey pk(group, remoteKey);
m_sessionKey = m_localKey.deriveKey(pk);
but session key is always empty (m_sessionKey.isEmpty() and m_sessionKey.isNull() are true).
Values are set and they are exchange correct (remote part public key is received as it is),
m_localKey.isNull() and pk.isNull() returns correct values (false).
strange part is that when I run test, it works. Test use same order operations just private keys are created in one class, but logic to get symmetric key is same, and class used for that is same.
My question would be why it could behave different in test and separate programs. And is it possible to get any error/debug information from QCA::DHPrivateKey about what went wrong in deriveKey()?
Sadly that code was lost so can't check for sure, but problem probably was in 2 places - transfering/receiving data and too many QCA::Initializer calls.
After set QCA::Initializer in main and [re]writing data exchange code it works.
It's still sad that I don't know how check errors, if such occurs, so if anyone know please share these knowledges.
I want to get the system icon of a specified folder, but maybe the only way to retrieve the icon is to use SHGetFileInfo() method. The first parameter of SHGetFileInfo() method is a pointer of LPITEMIDLIST.
If I only have the absolute path of the folder, how can I get the pointer according to the path?
SHParseDisplayName().
Welcome to the wonderful world of PIDLs.
You can read more at Introduction to the Shell Namespace, but basically a PIDL is a Pointer to an item ID List. You can think of it as a linked list in contiguous memory, but instead of each node having a pointer to the next node, you instead have the cb member which is the Count of Bytes that are contained the item, so you can add that to the base address to get the next item. IDLists are terminated with an item with { cb = 0, abID = NULL }.
So, what's in these magic lits? Basically you don't care and can't know. Any IShellFolder implementation can create a new type of ID to represent its type of item in the shell namespace. The basic file system view that the Shell implements just stores the parts of the path in these lists, so you have something like "c:\" in the first one "Users\" in the next one, etc. In reality they are serialized structs (or classes) that may contain more data. But they can also represent printers, network shares, database searches (for search folders, stacks, etc).
All you really need to know is you can ask IShellFolders to give you a PIDL that represents the items they contain, and later on you can give that PIDL back to them, and other various Shell functions and interfaces, and they know how to deal with them. What SHParseDisplayName() basically does (I think) is go through the registry looking for all registered IShellFolder implementations and asks them if they know what to do with the string you pass in, and the first one to handle it makes the PIDL and gives it back.