Public/Private Key Pairs with RSA in Java

Generating Quick Response Code in Java Public/Private Key Pairs with RSA
Public/Private Key Pairs with RSA
QR Code Drawer In Java
Using Barcode printer for Java Control to generate, create Denso QR Bar Code image in Java applications.
If there is an attacker in the middle when the shared secret for HMAC signing is shared, the attacker can steal the secret and then sign requests as if he were the actual client One option for safeguarding against this type of attack is to use a public/ private key pair generated using the RSA algorithm In this approach, the client creates a key pair and then sends the public portion to the server When the client makes an API request, it uses the private key to encrypt a signature string Upon receiving the request, the server looks up the client s public key and uses it to decrypt the signature If the signature matches what is expected, the request is valid1
Encoding Bar Code In Java
Using Barcode maker for Java Control to generate, create bar code image in Java applications.
In practice, generating and validating a signature generated using public/private keys is very similar to generating and validating a signature made with a shared secret For this reason, the example shows only the code related to signing and validating A more complete running example can be found with the sample code for this chapter at http://githubcom/pauldix/service-oriented-designwith-ruby/tree/master/chapter_10/
Recognizing Bar Code In Java
Using Barcode decoder for Java Control to read, scan read, scan image in Java applications.
Authentication
Quick Response Code Generation In C#
Using Barcode creator for VS .NET Control to generate, create Quick Response Code image in VS .NET applications.
To get started with public/private key pairs, the actual keys are needed These can be generated in many ways, but because this is a Ruby book, the following example shows how to do it in pure Ruby It is important to note that openssl is required, and it is not part of the default Ruby package on Ubuntu If you re running on Ubuntu, be sure to install the ruby-openssl package first That said, actually generating the keys takes only a few lines:
QR Code Generation In .NET Framework
Using Barcode encoder for ASP.NET Control to generate, create QR-Code image in ASP.NET applications.
require 'rubygems' require 'openssl' module GenerateKeys def selfgenerate if Fileexist ("example_keypem") || Fileexist ("example_keypub") puts "Keys exist, not generating" return end # Use a 2048 bit key, 4096 can be used if # stronger security is desired rsa_private_key = OpenSSL::PKey::RSAgenerate(2048) # Write the private key Fileopen("example_keypem", "w") do |f| fwrite rsa_private_keyto_s end # Write the public key Fileopen("example_keypub", "w") do |f| fwrite rsa_private_keypublic_key end end end # If this file is the one being executed, go ahead # and create the keys
Generating Denso QR Bar Code In VS .NET
Using Barcode generator for .NET framework Control to generate, create QR image in Visual Studio .NET applications.
194 if $0 == __FILE__ GenerateKeysgenerate end
Make Denso QR Bar Code In Visual Basic .NET
Using Barcode creation for .NET framework Control to generate, create Quick Response Code image in VS .NET applications.
10 Security
Make ANSI/AIM Code 39 In Java
Using Barcode creation for Java Control to generate, create Code-39 image in Java applications.
Once both keys are generated, the private key must be given to the client and the public key to the server A sample client that uses the private key to sign a request can then be written as follows The signature is again placed in X-Auth-Sig, and X-Auth-User could be added to allow the server to look up the appropriate public key based on a user identifier, as shown in the following example:
Generate Bar Code In Java
Using Barcode creation for Java Control to generate, create bar code image in Java applications.
require require require require 'generate_keys' 'cgi' 'openssl' 'base64'
ECC200 Generation In Java
Using Barcode generator for Java Control to generate, create Data Matrix 2d barcode image in Java applications.
# Since this is an example, we'll go ahead and # generate some keys GenerateKeysgenerate verb = host = path = params "GET" "localhost" "/" = {"user" => "topper", "tag" => "ruby"}
Barcode Generator In Java
Using Barcode printer for Java Control to generate, create bar code image in Java applications.
# Sort the query params and concat them with # everything else again sorted_params = paramssortmap do |param| paramjoin("=") end canonicalized_params = sorted_paramsjoin("&") string_to_sign = verb + host + path + canonicalized_params # Get our private key private_key = OpenSSL::PKey::RSAnew(Fileread ("example_keypem"))
Painting UPC A In Java
Using Barcode creation for Java Control to generate, create Universal Product Code version A image in Java applications.
Authentication
USS Code 93 Creation In Java
Using Barcode creator for Java Control to generate, create USS Code 93 image in Java applications.
# Create the signature and escape it unescaped_sig = private_keyprivate_encrypt(string_to_sign) sig = CGIescape(Base64encode64(unescaped_sig)) query_string = paramsmap {|k,v| [CGIescape(k), CGIescape(v)]join("=") }join("&") puts "Without Signature:" system %Q|curl -i "http://localhost:9292/ #{query_string}"| sleep 2 puts "\n\nWith Signature:" system %Q|curl -i -H "X-Auth-Sig: #{sig}" \ "http://localhost:9292/ #{query_string}"|
EAN-13 Encoder In VS .NET
Using Barcode encoder for ASP.NET Control to generate, create EAN13 image in ASP.NET applications.
On the server side, a validator is once again needed This time, the validator uses the public key to decrypt the signature and compare it to the unsigned canonicalized query parameters This differs from the HMAC validator s approach because the public key cannot be used to generate the same signature as the private key for the canonicalized query parameters However, it can be used to decrypt strings signed using the private key:
Generate Code-128 In .NET Framework
Using Barcode encoder for ASP.NET Control to generate, create USS Code 128 image in ASP.NET applications.
require 'cgi' require 'openssl' require 'base64' module Rack class RsaSigValidator def initialize(app) @app = app end def call(env) if signature_is_valid (env) @appcall(env) else
Decode GTIN - 13 In Visual Studio .NET
Using Barcode scanner for .NET framework Control to read, scan read, scan image in Visual Studio .NET applications.
10 Security [401, {"Content-Type" => "text/html"}, "Bad Signature"] end end def signature_is_valid (env) # On your server, you'd want to actually look up # the public key using something else in the # params (like a user_id) key = OpenSSL::PKey::RSAnew(IOread( "example_keypub")) req = Rack::Request(env) verb = env["REQUEST_METHOD"] host = env["REMOTE_HOST"] path = env["REQUEST_PATH"] body = env["rackinput"]read sig = Base64decode64(CGIunescape( env["HTTP_X_AUTH_SIG"] || "")) return false if sig == "" # Short circuit # Generate the string to compare against sorted_params = reqparamssortmap { |param| paramjoin("=")} canonicalized_params = sorted_paramsjoin("&") expected_string = verb + host + path + canonicalized_params # Decrypt the string and compare it to the # expected string expected_string == keypublic_decrypt(sig) end end end
Barcode Generator In VB.NET
Using Barcode creator for .NET framework Control to generate, create barcode image in .NET framework applications.
With the validator written, the only step left is to wire it into a rackup configuration, which is left as an exercise for you
Generating Data Matrix ECC200 In VB.NET
Using Barcode creation for .NET Control to generate, create ECC200 image in .NET framework applications.
Reading Code 128 Code Set B In .NET
Using Barcode recognizer for VS .NET Control to read, scan read, scan image in .NET framework applications.