Tuesday, October 16th, 2007
It´s not easy to get information on derby keys once you created them. I was looking for a command like “SHOW CREATE TABLE <tablename>” but no luck. I realized that the answer should lay in SYS tables. After googling a while I found the following bit of wisdom:
The following query will give you the UNIQUE constraints on a table:
select c.constraintname, c.constraintid
from sys.systables t, sys.sysconstraints c
where t.tablename = 'FOO'
and t.tableid = c.tableid
and c.type = 'U'
;
The following query will return a descriptor object for each constraint
on the table. The descriptor will tell you which columns are in each
constraint. As noted in the Reference Guide section on
SYS.SYSCONGLOMERATES, the descriptor object implements
org.apache.derby.catalog.IndexDescriptor. Please note that the
descriptor object is not part of Derby' public API and can therefore
change from release to release:
select g.descriptor
from sys.systables t, sys.sysconstraints c, sys.syskeys k,
sys.sysconglomerates g
where t.tablename = 'FOO'
and t.tableid = c.tableid
and c.type = 'U'
and c.constraintid = k.constraintid
and k.conglomerateid = g.conglomerateid
;
Tags: apache, derby, describe, key, show, sys, unique
Posted in java | No Comments »
Friday, June 29th, 2007
Wireshark allows you to inspect SSL connection as long as you have the corresponding private key of the server side. You can read the details here. But if you are using java and tomcat you’ll probably have the certificate and private key stored in a JKS keystore so how can you extract the key in the right format for WireShark?
First of all, keytool doesn’t allow you to extract the private key from a keystore. So you need external help. I use the DumpPrivateKey.java which is a modified version on the DumpPrivateKey found in this forum post.
import java.io.FileInputStream;
import java.security.Key;
import java.security.KeyStore;
import sun.misc.BASE64Encoder;
/**
* This is an utility program that reads the keystore file specified in the
* parameter and dumps to the standard output the private key encoded in Base64
*
*/
public class DumpPrivateKey {
/**
* Main method. Invoked from command line. This method open the jks file
* specified in the parameter to get the private key, transforms it in
* Base64 format and write it to the standard output. <code>Usage</code>:
* java DumpPrivateKey keystore.jks alias storepassword keypassword
*
* @param args
* List of strings containing the input parameters.
*/
static public void main(String[] args) {
try {
if (args.length != 4) {
System.err
.println("Usage java DumpPrivateKey keystore.jks alias storepassword keypassword");
System.exit(1);
}
KeyStore ks = KeyStore.getInstance("jks");
String keystore = args[0];
String alias = args[1];
String storepass = args[2];
String keypass = args[3];
ks.load(new FileInputStream(keystore), storepass.toCharArray());
Key key = ks.getKey(alias, keypass.toCharArray());
if (key == null) {
System.err.println("No key found for alias:" + alias
+ " and keypass:" + keypass);
System.exit(1);
}
BASE64Encoder myB64 = new BASE64Encoder();
String b64 = myB64.encode(key.getEncoded());
System.out.println("-----BEGIN PRIVATE KEY-----");
System.out.println(b64);
System.out.println("-----END PRIVATE KEY-----");
} catch (Exception e) {
e.printStackTrace();
}
}
}Issuing the command
java -cp . DumpPrivateKey wwwserver.jks tomcat changeit changeit >server.key
will export the private key to server.key but you need to convert this key format to the format supported by wireshark. You can do that with openssl
openssl pkcs8 -inform PEM -nocrypt -in server.key -out server.rsa.key
Then you can use the server.rsa.key in WireShark ->Edit ->Preferences->Protocol->SSL ->rsa key file list -> 192.168.0.4,443,http,c:\server.rsa.key.
Hope it works for you!
Tags: ethereal, https, inspect, java, jks, key, rsa, sniffer, sniffing, ssl, tomcat, wireshark
Posted in java | No Comments »
Tuesday, January 9th, 2007
I’ve you tried beryl or compiz you probably had notice that the Super key (the windows key, also known as Meta key) is used a lot. By default in my Fedora Core 6 installation the Windows key is not enabled, I had to add Option "XkbOptions" "altwin:super_win" to the InputDevice section of my /etc/X11/xorg.conf to activate it.
This is how the InputDevice section look like now:
...
Section "InputDevice"
Identifier "Keyboard0"
Driver "kbd"
Option "XkbModel" "pc105"
Option "XkbLayout" "es"
Option "XkbOptions" "altwin:super_win"
EndSection
...
via Noiesmo’s GNU/Linux Site
Tags: altwin, beryl, compiz, inputdevice, key, keyboard, linux, option, section, super, super_win
Posted in linux | 5 Comments »
