corrected hints and improved error handling base64 (#781)

2020-04-14 16:13:25 +02:00
parent b8abc99faf
commit 0638cae6e5
2 changed files with 8 additions and 6 deletions
--- a/webgoat-lessons/crypto/src/main/resources/i18n/WebGoatLabels.properties
+++ b/webgoat-lessons/crypto/src/main/resources/i18n/WebGoatLabels.properties
@ -12,8 +12,8 @@ crypto-hashing.hints.2=Find a online hash database or just google on the hash it

 crypto-signing.hints.1=Use openssl to get the public key from the private key. Apparently both private and public key information are stored.
 crypto-signing.hints.2=Use the private key to sign the "modulus" value of the public key.
-crypto-signing.hints.3=Actually the "modulus" of the public key is the same as the private key. You could use openssl -in test.key -pubout > test.pub and then openssl -in test.pub -pubin -modulus or other components. 
-crypto-signing.hints.4=Make sure that you do not take hidden characters into account. You might want to use echo -n "00AE89..." | openssl dgst -sign ...
+crypto-signing.hints.3=Actually the "modulus" of the public key is the same as the private key. You could use openssl rsa -in test.key -pubout > test.pub and then openssl rsa -in test.pub -pubin -modulus -noout or other components. 
+crypto-signing.hints.4=Make sure that you do not take hidden characters into account. You might want to use echo -n "00AE89..." | openssl dgst -sign somekey -sha256 ... and do not forget to base64 encode the outcome
 

 crypto-signing.notok=The signature does not match the data (modulus)