I am building a DApp where I want to add a message to all the blocks that shows that the blocks are created by the same company i.e my website and no one can replicate that message. So, I think the best way is to add a message to every block that is encrypted using the block's private key and anyone else can decrypt the message using the block's public key. Is this possible? If yes, then how? I am using web3.js and solidity.
P.S- I know the concept of digital signature it is pretty much the same...but in my case I don't want to verify the user who has signed the block but I just want to verify if the block is from my website or not.
I am looking for some good approaches on storing passwords within the framework (groovy+geb+spock+selenium). Currently I am using encrypt and decrypt methods using Crypto.Cipher. However I would like to know if others have any good approaches to do it. Such as any other algorithms/techniques/tools?
It looks something like below:
def "test" (){
given:
when
Login(username,password)
then
where:
username | password
"jass" | "testpass123"
//"jass" | decryptPassword("some encrypted value ")
// instead of the actual password we are calling a
// function "decryptPassword" which takes encrypted value and
// returns the actual key to the calling function.
}
You can encrypt the password and store in the spock table. Write a separate method in other class for decrypt. Use the encrypted data. Call the decrypt method in password field instead of plain test.
More secure decrypt method should be converted as jar file and use it. So its difficult to find the decrypt algorithm.
I am using this great encrypt/decrypt package.
It encrypts data before prePersist and decrypts is automatically postPersist.
At one part of my project I need the plain (encrypted) value from the database, is that in any way possible?
I identified this (processFields) as the right function to change I believe, but what do I have to do?
I changed Line 277 to $entity->$setter($getInformation); but 1. that means NONE of the values are decrypted, and 2. it does not seem to have any effect though.
How do you retrieve the data to be decrypted? IF you use standard DQL, when hidratate the object you have the plain data. Otherwise you need to do by yourself thru the exposed service, something like, example in a controller:
$pain = $this->get('ambta_doctrine_encrypt.encryptor')-> decrypt($encrypted);
Hope this help
Recently, I discovered that the "Web.Config" file contains an <appSettings> section which seemed good for storing one's Application Settings. Heck, it even has a programmatic way to access the file thru a standard System library. So being all clever, I wrote an Interface to access it and then a Concrete implementation of the interface, shown here:
public interface IAppSettings
{
IEnumerable<string> GetValues(string componentName, string settingName);
IEnumerable<KeyValuePair<string, string>> GetValuePairs(string componentName, string settingName);
void SetValues(string componentName, string settingName, IEnumerable<string> valueList, bool append);
void SetValuePairs(string componentName, string settingName, IEnumerable<KeyValuePair<string, string>> pairList, bool append);
}
Then I came to discover that saving settings back to "web.config" while the application is running causes the entire application to re-start. This seems completely unreasonable to me because if I'm writing back to web.config a lot and the application is restarting each time, then things like HttpRuntime.Cache get completely emptied effectively making my Cache useless because it's constantly emptying and repopulating.
So I'm wondering: Where should I store my Application Settings?
Is there a good solution out there for this so that I don't have to roll my own?
EDIT:
Okay, thanks to everyone who suggested using a DB and a potential table schema. I think I'm going to go with the following schema:
settings:
index NUMBER NOT NULL AUTO_INCREMENT <== Primary Key
component NVARCHAR(255) NOT NULL
setting NVARCHAR(255) NOT NULL
key NVARCHAR(255)
value NVARCHAR(255) NOT NULL
Though I don't think I'll make the "setting" the P-Key, but use an Auto-Incr Index instead. This way if I have an application that needs to mail something to multiple managers, I can store many:
index component setting value
1 RequestModule ManagerEmail manager1#someplace
2 RequestModule ManagerEmail manager2#someplace
And then I can use:
IEnumerable<string> GetValues(string componentName, string settingName);
And it will return a list of email addresses, rather than just a single value.
Does this make sense?
web.config is generally used for read-only settings, ie. the settings set during deployment of the application by the system administrator.
If you want to read and write the settings, the most obvious way is to use the database. By the way, this has an advantage: an application can be hosted on several servers and will still read and write the settings correctly,
You can also implement your custom storage for the settings, but it will be probably more difficult to implement and not much faster.
To answer your second question, the structure of your database depends on the type of settings you want to store.
If you need to store heterogeneous unique entries like this:
Mail address of an administrator,
Maximum number of entries to display on home page of the website,
Text to display on "About us" page,
Boolean value indicating whether public comments are enabled or not,
then you have to use varchars or other more or less friendly types as keys to identify the entries (rather than to refer to them by their index).
On the other hand, if your purpose is to store the mail addresses of several managers, you should create a Manager table containing their mail addresses, names, datetime of their last connection, etc.
You really shouldn't mix both. In theory, you can refer to the entry in settings by component/setting pair. In practice, it makes things harder and creates a bunch of problems:
What if, further, you will need, for every manager, to store a boolean value indicating whether she/he wants to receive alerts from you? With your current structure, this will be impossible.
Since the same setting can have multiple values, how do you intend to handle the settings which must be unique? For example, there must be only a single value of text to display on "About us" page. What if there are two values stored in database?
Storing settings in web.config is useful because it makes it easy to have different settings in different environments. However, as you say, this is no use if you are likely to want to change the settings in a live environment.
A simple database table is the most useful way to do this if you need to change the values.
eg.
create table Settings
(Name varchar(50) primary key,
Value varchar(50))
If you're using SQL Server, you can set to the Value column to be sql_variant which will allow you to store a variety of datatypes.
It is meant for application settings, but not settings that are meant to be dynamically changed during runtime. Rather, it is for settings that change only occasionally, and where you would expect (and even desire) an app restart when they change.
For more ephemeral settings, you may want to just use a simple database system - even a flat file/XML in the App_Data dir can work, if your app doesn't use a database otherwise.
Yes.Changing the web.config will reset the application.I usually maintain a settings table to store key-value pairs for the settings and access it from there.
SETTINGS
SETTING_NAME VARCHAR(100)PRIMARY KEY
SETTING_VALUE VARCHAR(100)
Then write a class which can Insert,Delete,Update values to this table.
Ex Data for the SETTINGS table
SETTING_NAME SETTING_VALUE
AdminEmail admin#mysite.com
ErrorTrackingEmail errors#mysite.com
I usually add a "type" field to my settings table so that I only retrieve the group of settings needed this works for me as a way of grouping like settings and retrieving them at once.
Create a key-valued table like this:
settings:
name NVARCHAR(255) PRIMARY KEY
value NVARCHAR(255) NOT NULL
First of all, it's not unreasonable at all when you consider what information is supposed to be stored in the web.config file. When you change things like assembly information, connection strings, etc., your application needs to stop and reload the values to run with those settings.
If you're storing application wide settings, then you can create a Settings table in your database or even use a separate text file to store the settings.
If you're talking about storing per-user settings, you shoul check out ASP.NET Profile Properties.
Application-wide settings should certainly be stored in this section of the web.config file, as it prevents hard-coding values which may change over time. There's no need to read them out using your own code, as there's a built-in method: use the System.Configuration.ConfigurationManager.AppSettings array to retrieve them (you'll need to add a reference to the System.Configuration assembly in your project). You can edit AppSettings through the ASP.NET Web Site Administration Tool, too (Project menu -> ASP.NET Configuration).
For values which you envisage changing more often and while the site is up and running, it's reasonable to use an XML file, lightweight database (such as SQLite or SQL Server Compact) or even a text file for these settings.
If you need to save settings, you can always save them in a custom configuration file.
I did just that a while back, and I have the code available to do it here.
I've created an RSA key using:
RSA_generate_key(2048, RSA_F4, NULL, NULL);
Now I want to export the public key to another party B. Right now, I've just memcpy'd the entire RSA* struct and sent that over the wire, and B is able to use that to encrypt using RSA_public_encrypt().
But I think in this case I've actually exported the entire public/private key pair, and not just the public key. I want to only export the public component of the RSA key. How do I use OpenSSL APIs to do that?
Thanks
You probably want the functions d2i_RSAPublicKey and i2d_RSAPublicKey. i2d serializes a RSA key struct to a bytestring, and d2i does the reverse operation.