I want to encode p7b file with certificate chain to pem
I can do it in console with openssl pkcs7 -print_certs -in certificate.p7b -out certificate.cer
I want to do it with erlang ssl library - looks like otp should already do this without asn.1 test in erlang otp
But
1> application:ensure_all_started(ssl).
{ok,[crypto,asn1,public_key,ssl]}
But PKCS7 module undefined - asn.1 was not compiled
2> 'PKCS7':decode('SignedData', Der1).
** exception error: undefined function 'PKCS7':decode/2
If I download PKCS7.asn manually and try to compile, I'll get error
3> asn1ct:compile('PKCS7.asn')
PKCS7:13: 'Attribute' is not exported from InformationFramework
...
{error,[{structured_error,{'PKCS7',13},
asn1ct_check,
{undefined_import,'Attribute','InformationFramework'}},
{structured_error,{'PKCS7',13},
Question 1: Is there any way to compile 'PKCS7' without manual downloading asn.1 modules? I am sure I missed something important, and this file should works automatically as otp lib
Question 2: Maybe there are some simplest way to encode p7b to pem chain?
Is there any documentation for using otp/lib/asn.1?
There are no need to compile ANS.1 module PKCS7. The Erlang (Elixir) function public_key:der_decode/2 works with 'ContentInfo' atom as the first argument ASN1Type.
(elixir code)
{:ContentInfo, _id, content_info} = :public_key.der_decode(:ContentInfo, p7b_binary)
{:certSet, certificates_set} = elem(content_info, 4)
But question why 'PKCS7':decode does not works still open
Related
I'm trying to generate an SSL cert.
But I've run into this error while doing so:
The ordinal 372 could not be located in the dynamic link library C:\wamp64\bin\apache\apache2.4.7\bin\openssl.exe
I've been searching around for awhile but the solutions aren't detailed enough. I've also no experience in generating SSL certs.
I've also tried using dependency walker and it generated:
Error: At least one required implicit or forwarded dependency was not found.
Error: At least one module has an unresolved import due to a missing export function in an implicitly dependent module.
Warning: At least one delay-load dependency module was not found.
But I don't know how to continue from here.
Please provide detailed solution on how to resolve this and generate an SSL cert. Thanks.
How to clone with disabled SSL checking, using GitPython library. The following code ...
import git
x = git.Repo.clone_from('https://xxx', '/home/xxx/lala')
... yields this error:
Error: fatal: unable to access 'xxx': server certificate verification failed. CAfile: /etc/ssl/certs/ca-certificates.crt CRLfile: none
I know about "export GIT_SSL_NO_VERIFY=1", but how to implement it in a python library ?
The two following methods have been tested with GitPython 2.0.8 but should be working at least since 1.0.2 (from the doc).
As suggested by #Byron:
git.Repo.clone_from(
'https://example.net/path/to/repo.git',
'local_destination',
branch='master', depth=1,
env={'GIT_SSL_NO_VERIFY': '1'},
)
As suggested by #Christopher:
git.Repo.clone_from(
'https://example.net/path/to/repo.git',
'local_destination',
branch='master', depth=1,
config='http.sslVerify=false',
)
It seems easiest to pass the GIT_SSL_NO_VERIFY environment variable to all git invocations. Unfortunately Git.update_environment(...) can only be used on an existing instance, which is why you would have to manipulate python's environment like so:
import git
import os
os.environ['GIT_SSL_NO_VERIFY'] = "1"
repo = git.Repo.clone_from('https://xxx', '/home/xxx/lala')
OK, after lots of desperate attempts to make Connection Kit work, I've finally made it to create a project get to compile - yay!. Oh, wait, I didn't say it actually runs. It just compiled without any error - yay, again.
But now I guess I have to deal with linking issues.
CodeSign /Users/drkameleon/Library/Developer/Xcode/DerivedData/ftpTest5-fnzabvxlmdwqwpbcsglidslbijzn/Build/Products/Debug/ftpTest5.app/Contents/Frameworks/ConnectionKit.framework/Versions/A
cd "/Users/drkameleon/Code/##Tests/ftpTest5"
export CODESIGN_ALLOCATE=/Applications/Xcode.app/Contents/Developer/Toolchains/XcodeDefault.xctoolchain/usr/bin/codesign_allocate
Signing Identity: "-"
/usr/bin/codesign --force --sign - --preserve-metadata=identifier,entitlements,resource-rules /Users/drkameleon/Library/Developer/Xcode/DerivedData/ftpTest5-fnzabvxlmdwqwpbcsglidslbijzn/Build/Products/Debug/ftpTest5.app/Contents/Frameworks/ConnectionKit.framework/Versions/A
Warning: usage of --preserve-metadata with option "resource-rules" (deprecated in Mac OS X >= 10.10)!
/Users/drkameleon/Library/Developer/Xcode/DerivedData/ftpTest5-fnzabvxlmdwqwpbcsglidslbijzn/Build/Products/Debug/ftpTest5.app/Contents/Frameworks/ConnectionKit.framework/Versions/A: code object is not signed at all
In subcomponent: /Users/drkameleon/Library/Developer/Xcode/DerivedData/ftpTest5-fnzabvxlmdwqwpbcsglidslbijzn/Build/Products/Debug/ftpTest5.app/Contents/Frameworks/ConnectionKit.framework/Versions/A/Frameworks/CURLHandle.framework
Command /usr/bin/codesign failed with exit code 1
Any idea what this means guys? What am I supposed to do?
The accepted answer here (Codesign of Dropbox API fails in Xcode 4.6.3: "code object is not signed at all") basically suggests using the --deep signing flag. But neither this seems to be supported in Xcode6+, nor does it work for me (the exact same errors are being produced).
I'm trying to debug a custom FxCop rule I wrote by following this FAQ: http://blogs.msdn.com/b/codeanalysis/archive/2007/05/16/faq-how-do-i-debug-a-custom-rule.aspx ("Debugging within Visual Studio or via command-line" section)
Initially I got some errors about missing references, but I managed to fix those by using the following command line:
FxCopCmd.exe /searchgac /d:"SomeDir" /file:"MyAssembly.dll" /rule:"MyCustomRules.dll" /console
Now, I'm getting the following error:
Project : error : CA0055 : Could not load MyAssembly.dll. Signature is not valid.
Project : error : CA0052 : No targets were selected.
I made sure that MyAssembly.dll is signed with my test signing certificate, and that all of the certificates in the certification path are in the "Trusted Root Certification Authorities" (of the current user) but it doesn't help.
Does anyone know what this error means?
Thanks!
Try to build openssl in xcode5 shows "libcrypto.a" and libssl.a" files missing error. i am using the latest openssl files from Github. i can't find the exact problem, if anybody have any idea please free to share.
Thanks
just update xcode5.0 to xcode 5.1 .it will work ....
Try to build openssl in xcode5 shows "libcrypto.a" and libssl.a" files missing error.
There's an example of setting include and library paths using Xcode at User Guide for the OpenSSL FIPS Object Module v2.0, Appendix E-2. On page 130, it shows you how to set the paths for OpenSSL under iOS (ALWAYS_SEARCH_USER_PATHS, USER_HEADER_SEARCH_PATHS, OTHER_LDFLAGS, etc). Setting paths applies to native and cross-compiled - there's no difference. You can also ignore that its written for the FIPS module - again, there's no difference.
If you have more information, then add it to your question. Otherwise, the folks on Stack Overflow will be taking stabs in the dark.