node.js - Uniquely identify HTTPS certificate -

-

in nodejs, can client certificate https connection req.connection.getpeercertificate(). produces structure below (self-signed cert generated via this code):

{ subject:    { c: 'us',      st: 'utah',      l: 'provo',      o: 'acme app client',      cn: 'client.example.net' },   issuer:    { c: 'us',      st: 'utah',      l: 'provo',      o: 'acme signing authority inc',      cn: 'example.com' },   modulus: 'a1e576a9017a839a8986664fe3159a8e2199d35afcd0d55f27e1169c8d2c9e90e634f353c143eb05c03c297390070f9af0752727aa7f5212cace5b2b503418584392f4cf3d2669ee394ee310572e0c26eaf1d9ff4ab14b7f1cf155af4dba48263357fdc99778e568f39f8d68aa34496f2d10a66cc1ed99eb17cde8d10fbe850b386d593cc3ad42a8af0fc25efabb14018418ee7e56111e073d81447ee14d0d242f242b4507b2325f06d5abf0ffcd986958d4e843d700fa97e88c6bbcb91958fca142efe4d85d6a0fbe8a0c74bbed001c6b9f4452c926ad77858c71057096a07e056be33f8568b84373930cfd489c4e7fa1b09f63413114f2ac97ea0c0cf3b98b',   exponent: '10001',   valid_from: 'jul  8 19:26:10 2015 gmt',   valid_to: 'jul  7 19:26:10 2018 gmt',   fingerprint: 'f1:40:33:5e:d0:9f:1a:f0:07:3b:b9:6c:ba:90:26:33:3f:a0:2d:f0',   serialnumber: 'ff164cd2e63bfdf7',   raw: <buffer 30 82 03 46 30 82 02 2e 02 09 00 ff 16 4c d2 e6 3b fd f7 30 0d 06 09 2a 86 48 86 f7 0d 01 01 05 05 00 30 67 31 0b 30 09 06 03 55 04 06 13 02 55 53 31 ... > }

which, if any, of these fields appropriate consider cryptographically secure identity of client, same way ssh public key might considered identity?

according how test public/private dsa keypair?, comparing modulus ensures certificate matches identity. lead me believe modulus appropriate field call "identity", , agrees rsa encryption (key generation) in different keypairs have different modulus. however, have not found solid information leading me believe modulus unique in cases (for instance, fingerprint should unique, since it's shorter easier find collision [and fake identity] if considered fingerprint uuid).

ideally i'm looking more information on nature of information contained in certificate. of search results have come info on how use openssl, not concepts involved.

fingerprint: 'f1:40:33:5e:d0:9f:1a:f0:07:3b:b9:6c:ba:90:26:33:3f:a0:2d:f0',

the fingerprint unique certificate , equivalent fingerprint of key in ssh.


Comments

Post a Comment

Popular posts from this blog

python - No exponential form of the z-axis in matplotlib-3D-plots -

-
Image
i have similar problem described in how prevent numbers being changed exponential form in python matplotlib figure : i don't want (in special case) weird scientific formatting of axis. problem different have problem @ z -axis. 2-d plots can use ax.get_yaxis().get_major_formatter().set_useoffset(false) . , there no function ax.get_zaxis() what use format z -axis same way? edit: example: from mpl_toolkits.mplot3d import axes3d import numpy np import sys import matplotlib import matplotlib.pyplot pyplot def func(xi, ti): res = 10e3 + np.cos(ti) * np.sin(xi) return res if __name__ == '__main__': timespacing = 20 timestart = 0 timeend = 1 time = np.linspace(timestart, timeend, timespacing) widthspacing = 50 widthstart = 0 widthend = 3 width = np.linspace(widthstart, widthend, widthspacing) reslist = [] matplotlib.rcparams['legend.fontsize'] = 10 fig = pyplot.figure() ax = fig.gca(projection = '3d...
Read more

php - Best Light server (Linux + Web server + Database) for Raspberry Pi -

-
i install web server database on raspberry pi (little computer). computer has 1gb ram. i want know best combination: linux distribution , web server , dbms run local server multiple users minimal latency, use php on server. , best settings performance , not have bugs (memory usage, disable plugin, disable service, etc)? i thought light debian , lighttpd server , sqlite database. solution? i think lighttpd + sqlite great choice. linux distro, debian @ centos or tiny core linux , although i'm not sure of compatibility pi. obviously, can't go wrong raspbian if want use in production , more stable performance, few more pi's , set them in cluster .
Read more

c# - "Newtonsoft.Json.JsonSerializationException unable to find constructor to use for types" error when deserializing class -

-
i developing app in xamarin android. have splash screen serialize class , pass mainactivity using intent . when try deserialize in mainactivity error message : "serializationexception unable find constructor use types" serialization : void loaddata() { currency currency = new currency(this); intent = new intent(this, typeof(mainactivity)); intent.putextra("currency", newtonsoft.json.jsonconvert.serializeobject(currency)); startactivity(intent); } deserialization : cur = newtonsoft.json.jsonconvert.deserializeobject<currency> (intent.getstringextra("currency")); // error here class constructor : public currency(context context) { thiscontext = context; } i began experiencing problem after added parameter context context constructor. has caused this? how can solve it? possible serialize/deserialize class has parameters? you need have empty constructor in currency class in order deserialize it. ...
Read more