Import certificate on windows server 2012 fail - x509certificate

I have a p12 file (RS256), when I open through Certificate Import Wizard on windows 10 and follow steps, windows could read the file with a password, but when it move to windows server 2012 r2 and do the same steps, windows fails to read the file because the password entered is not correct. please help, why I can't import p12 to windows server 2012 r2
Certificate Import Wizard
UPDATE
the p12 file converted from the jks file using keytool on windows 10, I tried to re-convert it on windows server 2012 but still, it can not reads the file because the password is incorrect (I'm pretty sure the password is entered correctly), could you suggest me how to convert jks file to p12 with sha256withRSA correctly that running on windows server 2012 r2?
this command successfully generated but imported fail:
keytool -importkeystore -srckeystore e:\file.jks -srcstoretype JKS -deststoretype PKCS12 -destkeystore e:\file.p12 -sigalg RS256
keytool -importkeystore -srckeystore e:\file.jks -srcstoretype JKS -deststoretype PKCS12 -destkeystore e:\file.p12 -sigalg sha256withRSA

The most likely reason is that your PFX is internally using new encryption options that were added in Windows 10.
If you run your PFX through an ASN.1 decoder (such as https://lapo.it/asn1js/, or the certutil -asn command) you want to see something like
C:\>certutil -asn sample.pfx
0000: 30 82 0e a9 ; SEQUENCE (ea9 Bytes)
0004: 02 01 ; INTEGER (1 Bytes)
0006: | 03
0007: 30 82 0e 65 ; SEQUENCE (e65 Bytes)
000b: | 06 09 ; OBJECT_ID (9 Bytes)
000d: | | 2a 86 48 86 f7 0d 01 07 01
| | ; 1.2.840.113549.1.7.1 PKCS 7 Data
0016: | a0 82 0e 56 ; OPTIONAL[0] (e56 Bytes)
001a: | 04 82 0e 52 ; OCTET_STRING (e52 Bytes)
001e: | 30 82 0e 4e ; SEQUENCE (e4e Bytes)
0022: | 30 82 06 0f ; SEQUENCE (60f Bytes)
0026: | | 06 09 ; OBJECT_ID (9 Bytes)
0028: | | | 2a 86 48 86 f7 0d 01 07 01
| | | ; 1.2.840.113549.1.7.1 PKCS 7 Data
0031: | | a0 82 06 00 ; OPTIONAL[0] (600 Bytes)
0035: | | 04 82 05 fc ; OCTET_STRING (5fc Bytes)
0039: | | 30 82 05 f8 ; SEQUENCE (5f8 Bytes)
003d: | | 30 82 05 f4 ; SEQUENCE (5f4 Bytes)
0041: | | 06 0b ; OBJECT_ID (b Bytes)
0043: | | | 2a 86 48 86 f7 0d 01 0c 0a 01 02
| | | ; 1.2.840.113549.1.12.10.1.2 szOID_PKCS_12_PKCS8ShroudedKeyBag
004e: | | a0 82 04 fe ; OPTIONAL[0] (4fe Bytes)
0052: | | | 30 82 04 fa ; SEQUENCE (4fa Bytes)
0056: | | | 30 1c ; SEQUENCE (1c Bytes)
0058: | | | | 06 0a ; OBJECT_ID (a Bytes)
005a: | | | | | 2a 86 48 86 f7 0d 01 0c 01 03
| | | | | ; 1.2.840.113549.1.12.1.3 szOID_PKCS_12_pbeWithSHA1And3KeyTripleDES
0064: | | | | 30 0e ; SEQUENCE (e Bytes)
0066: | | | | 04 08 ; OCTET_STRING (8 Bytes)
(it keeps going)
That is, there's a 1.2.840.113549.1.12.10.1.2 (PKCS#12 PKCS8ShroudedKeyBag) which contains an item of 1.2.840.113549.1.12.1.3 (PKCS#12 pbeWithSHA1And3KeyTripleDES).
I'm guessing your PFX instead has a PKCS8ShroudedKeyBag which contains an item of 1.2.840.113549.1.5.13 (Password Based Encryption Scheme 2 / PBES2)... which is first supported on Windows 10.

If the installation with the certmgr.msc fails, then the .p12 file probably cannot be imported into Windows 2012 using the built-in Windows 2012 tools. To check that: "For each of your PKCS #12 files, you could try the following: issue the command certutil -asn | findstr /i "pb aes des sha" (replacing "" with the name of the PKCS #12 file).
If the output starts like:
| | | | | ; 1.2.840.113549.1.12.1.3 szOID_PKCS_12_pbeWithSHA1And3KeyTripleDES
then it should be possible to import the PKCS #12 file into Windows 2016.
If the output starts like:
| | | | | ; 1.2.840.113549.1.5.13 szOID_PKCS_5_PBES2 | | | | | | ; 1.2.840.113549.1.5.12 szOID_PKCS_5_PBKDF2 | | | | | ; 2.16.840.1.101.3.4.1.42 aes256
or similar, then the PKCS #12 file probably cannot be imported into Windows 2016 using the built-in Windows 2016 tools. You will have to recreate the PKCS #12 file using TripleDES and SHA1." - see thread: https://learn.microsoft.com/en-us/answers/questions/518605/importing-a-pkcs12-to-windows-server-2016.html
You have to recreate the .p12 as in: https://kb.globalscape.com/Knowledgebase/11040/Converting-an-Incompatible-PKCS12-Format-File-to-a-Compatible-PKCS12

Related

Turn markdown table into html table

I´m currently using a tool, which creates a little informational report over solidity smart contracts with some usefull informations in it, that I want to partially display on the website I´m working on.
The tool is called solidity-metrics (https://github.com/ConsenSys/solidity-metrics) and can be used as CLI or as a library in your backend for example, which is what I want to use.
I´m sending files to my backend, which than scans those solidity files with the metrics tool.
It creates can create an object with a lot of meta-data using metrics.total() but it also can create a markdown string using metrics.generateReportMarkdown().
It includes taledata, which is only displayed in the markdown, not in the metrics.total() object, so I need to somehow turn it into html.
The table content from the markdown looks like this:
| Type | File | Logic Contracts | Interfaces | Lines | nLines | nSLOC | Comment Lines | Complex. Score | Capabilities |
|========|=================|============|=======|=======|===============|==============|
| 📝 | ./uploads/contracts/ProjectName.sol | 1 | **** | 564 | 535 | 308 | 152 | 221 | **<abbr title='Uses Assembly'>🖥</abbr><abbr title='Payable Functions'>💰</abbr><abbr title='Uses Hash-Functions'>🧮</abbr><abbr title='create/create2'>🌀</abbr>** |
| 📝 | ./uploads/contracts/ERC2981.sol | 1 | **** | 48 | 37 | 24 | 7 | 15 | **** |
| 🔍 | ./uploads/contracts/IERC2981.sol | **** | 1 | 18 | 14 | 3 | 10 | 3 | **** |
| 📝 | ./uploads/contracts/MockERC721.sol | 1 | **** | 27 | 27 | 19 | 1 | 18 | **** |
| 📝 | ./uploads/contracts/TokenName.sol | 1 | **** | 285 | 262 | 157 | 46 | 159 | **<abbr title='Uses Assembly'>🖥</abbr><abbr title='Uses Hash-Functions'>🧮</abbr>** |
| 📝 | ./uploads/contracts/Originals.sol | 1 | **** | 142 | 128 | 83 | 22 | 81 | **<abbr title='Uses Hash-Functions'>🧮</abbr>** |
| 📝 | ./uploads/contracts/SutterTreasury.sol | 1 | **** | 23 | 23 | 17 | 1 | 20 | **<abbr title='Payable Functions'>💰</abbr>** |
| 📝🔍 | **Totals** | **6** | **1** | **1107** | **1026** | **611** | **239** | **517** | **<abbr title='Uses Assembly'>🖥</abbr><abbr title='Payable Functions'>💰</abbr><abbr title='Uses Hash-Functions'>🧮</abbr><abbr title='create/create2'>🌀</abbr>** |
What I´ve tried and found out so far:
So the table actually kinda looks like normal markdown to me, but somehow, when trying to throw it inside a .md files it still doesn´t look like it should:
I figured out, that they have linked this github.css file in their credits:
https://gist.github.com/tuzz/3331384
tryed to import it into the .md file but it also didn´t seem to work, don´t even know if that makes sense to import a css file into a .md file...
To come to an end, does anyone have an idea on how to turn this markdown into html, which looks like the image I posted above (which I created with the function, which you can build into vs code, where you can mark the files, right click and scan them using metrics)?
Edit: So I figured out, that the equal signs, splitting the headers from the table body could be replaced by hyphens, which would work out fine in the markdown. I could solve that by replacing all "=" with "-", but that would destroy the rest of the markdown file, because there are also other usecases for the equal sign.

Issues with Apache ServiceMix and javax.transaction

I am having an issue with Apache ServiceMix (7.0.0.M1). I start up a fresh service mix (clean) and simply install the transaction feature:
karaf#root>feature:install transaction
This puts the Aries Transaction Blueprint into a GracePeriod:
224 | GracePeriod | 80 | 1.1.1 | Apache Aries Transaction Blueprint
225 | GracePeriod | 80 | 2.1.0 | Apache Aries Transaction Blueprint
This keeps my apps I install later that require the javax transaction api from starting. Is there a workaround for this issue? I had the same issues when just using karaf 4.0.3 and trying to instal camel and transaction.
Below you'll find a listing of all bundles (the basic service mix + those added by installing the transaction feature above). Notice the failure due to the GracePeriod timeout.
karaf#root>list
START LEVEL 100 , List Threshold: 50
ID | State | Lvl | Version | Name
-------------------------------------------------------------------------------------------------------
10 | Active | 50 | 5.13.0 | activemq-karaf
11 | Active | 50 | 2.6.3 | Jackson-annotations
12 | Active | 50 | 2.6.3 | Jackson-core
13 | Active | 50 | 2.6.3 | jackson-databind
23 | Active | 50 | 3.1.4 | activeio-core
24 | Active | 50 | 5.13.0 | activemq-camel
25 | Active | 50 | 5.13.0 | activemq-osgi
40 | Active | 50 | 2.16.2 | camel-blueprint
41 | Active | 50 | 2.16.2 | camel-catalog
42 | Active | 80 | 2.16.2 | camel-commands-core
43 | Active | 50 | 2.16.2 | camel-core
44 | Active | 50 | 2.16.2 | camel-cxf
45 | Active | 50 | 2.16.2 | camel-cxf-transport
46 | Active | 50 | 2.16.2 | camel-jms
47 | Active | 50 | 2.16.2 | camel-spring
48 | Active | 50 | 2.16.2 | camel-xstream
49 | Active | 80 | 2.16.2 | camel-karaf-commands
51 | Active | 50 | 3.2.2 | Apache Commons Collections
53 | Active | 50 | 3.3.0 | Commons Net
54 | Active | 50 | 1.6.0 | Commons Pool
55 | Active | 50 | 2.4.2 | Apache Commons Pool
93 | Active | 50 | 2.0.0 | geronimo-j2ee-connector_1.5_spec
94 | Active | 50 | 1.0.1 | geronimo-j2ee-management_1.1_spec
99 | Active | 50 | 3.4.6 | ZooKeeper Bundle
129 | Active | 80 | 2.0.9 | Apache MINA Core
132 | Active | 50 | 7.0.0.M1 | Apache ServiceMix :: ActiveMQ :: Camel
133 | Active | 50 | 7.0.0.M1 | Apache ServiceMix :: ActiveMQ :: Service
136 | Active | 50 | 1.6.1.5 | Apache ServiceMix :: Bundles :: dom4j
138 | Active | 50 | 1.9.2.1 | Apache ServiceMix :: Bundles :: jasypt
142 | Active | 50 | 1.1.0.4 | Apache ServiceMix :: Bundles :: jdom
143 | Active | 50 | 2.3.0.2 | Apache ServiceMix :: Bundles :: kxml2
156 | Active | 50 | 1.7.0.6 | Apache ServiceMix :: Bundles :: velocity
160 | Active | 50 | 1.1.4.c | Apache ServiceMix :: Bundles :: xpp3
161 | Active | 50 | 1.4.8.1 | Apache ServiceMix :: Bundles :: xstream
172 | Active | 50 | 3.18.0 | Apache XBean :: Spring
201 | Active | 50 | 0.6.4 | JAXB2 Basics - Runtime
214 | Active | 50 | 2.11.0.v20140415-163722-cac6383e66 | Scala Standard Library
221 | Active | 80 | 1.2.0 | CDI APIs
222 | Active | 80 | 1.2 | javax.interceptor API
223 | Active | 80 | 1.2 | javax.transaction API
224 | Failure | 80 | 1.1.1 | Apache Aries Transaction Blueprint
225 | Failure | 80 | 2.1.0 | Apache Aries Transaction Blueprint
226 | Active | 80 | 1.3.0 | Apache Aries Transaction Manager
227 | Active | 80 | 1.0.2 | Apache Felix Coordinator Service
228 | Active | 80 | 1.0.0.2 | Apache ServiceMix :: Bundles :: javax.inject
I have cross posted to the apache mailing lists as well.
The problem is that the spring-tx feature installs the jta 1.1 spec bundle. The aries transaction bundles require the new jta 1.2 spec though. So they do not find the TransactionManager which is bound to the wrong spec version.
This is caused by an error in the karaf spring-tx feature. The feature should depend on the jta 1.1 spec with dependency=true. This allows the karaf resolver to choose a different bundle providing suitable capabilities.
I have documented this issue in KARAF-4358. The issues is solved on master and the 4.0.x branch. So it will be delivered in karaf 4.0.5. You can fix you karaf distro by editing the feature file in the system dir in the same way I did.

How to decode the application extension block of GIF?

How to decode the application extension block of GIF?
0000300: 73e7 d639 bdad 10ad 9c08 b5a5 0021 ff0b s..9.........!..
0000310: 4e45 5453 4341 5045 322e 3003 0100 0000 NETSCAPE2.0.....
0000320: 21f9 0409 1900 f600 2c00 0000 0016 01b7 !.......,.......
this "
21 ff0b s..9.........!..
0000310: 4e45 5453 4341 5045 322e 30
" is known, but what is "03 0100 0000"?
The following describes GIF Netscape Application extension, taken from here.
The block is 19 bytes long. First 14 bytes belongs to general
Application Extension format, syntax is described in GIF89a
Specification, section "26. Application Extension".
Syntax
0 | 0x21 | Extension Label
+---------------+
1 | 0xFF | Application Extension Label
+---------------+
2 | 0x0B | Block Size
+---------------+
3 | |
+- -+
4 | |
+- -+
5 | |
+- -+
6 | |
+- NETSCAPE -+ Application Identifier (8 bytes)
7 | |
+- -+
8 | |
+- -+
9 | |
+- -+
10 | |
+---------------+
11 | |
+- -+
12 | 2.0 | Application Authentication Code (3 bytes)
+- -+
13 | |
+===============+ --+
14 | 0x03 | Sub-block Data Size |
+---------------+ |
15 | 0x01 | Sub-block ID |
+---------------+ | Application Data Sub-block
16 | | |
+- -+ Loop Count (2 bytes) |
17 | | |
+===============+ --+
18 | 0x00 | Block Terminator
You already know the data up to NETSCAPE2.0. The next byte 0x03 tells us the next data sub-block length which is always 3 bytes. The following 0x01 is the sub-block ID. For Netscape block, there is only one data sub-block and the ID is 1.
The following 2 bytes specifies the loop count in little endian — how many times the image frames should be looped, which is 0, and 0 means loop forever.
The last byte 0x00 is used to terminate the data block. So when we meet a 0x00 where data sub-block length should be, we know there are no sub-blocks left and we need to stop reading the block.

Converting from ushort to RGB values

I'm trying to read an image file which has its colors stored in the following fashion:
Hex RGB
00 00 -> 0/0/0
01 00 -> 0/0/8
02 00 -> 0/0/16
...
20 00 -> 0/8/0
21 00 -> 0/8/8
22 00 -> 0/8/16
As you can see, it will increase the previous channel if the current one has a value of 256 or bigger.
I for the world can't seem to figure out a simple algorithm to calculate the appropriate color. If anyone can whip that for me I would be very thankful!
Update:
0x00 -> 0x1F == 0x20 -> 0x3F == 0/0/0 -> 0/0/248
0x40 -> 0x5F == 0x60 -> 0x7F == 0/8/0 -> 0/8/248
I just noticed that 32 ranges that follow up produce same color result... this is not some efficient RGB encoding, it's more like a protection if you ask me.
Another update:
I ended up making a colormap which I can use to lookup the right color for a specific number, you can see it's a pretty weird looking map. If someone can figure out an algorithm to get to the colors specified in this map I'd be very grateful as I'm really curious to how it works.
It looks to me as if they have done a 5-5-5 or a 5-6-5 bit level encoding to maximize the color capability within 16 bits. what this means is for lets say a 5-6-5 that the bit encoding would look like the below.
---------------------------------------------------------------------------------
| 15 | 14 | 13 | 12 | 11 | 10 | 9 | 8 | 7 | 6 | 5 | 4 | 3 | 2 | 1 | 0 |
---------------------------------------------------------------------------------
| red | green | blue |
---------------------------------------------------------------------------------
However in your case it also looks as if they swapped byte order meaning that yours based upon the order you gave could actually look as follows (bytes ordered as you show them):
| byte 0 | byte 1 |
---------------------------------------------------------------------------------
| 15 | 14 | 13 | 12 | 11 | 10 | 9 | 8 | 7 | 6 | 5 | 4 | 3 | 2 | 1 | 0 |
---------------------------------------------------------------------------------
| low green | blue | red | hi green |
---------------------------------------------------------------------------------
Disclaimer: This is a repost of an update to my original question for the sake of completion.
I ended up making a colormap which I can use to lookup the right color for a specific number, you can see it's a pretty weird looking map. If someone can figure out an algorithm to get to the colors specified in this map I'd be very grateful as I'm really curious to how it works.

Tidy Data Layout - convert variables into factors

I have the following data table
| State | Prod. |Non-Prod.|
|-------|-------|---------|
| CA | 120 | 23 |
| GA | 123 | 34 |
| TX | 290 | 34 |
How can I convert this table to tiny data format in R or any other software like Excel?
|State | Class | # of EEs|
|------|----------|---------|
| CA | Prod. | 120 |
| CA | Non-Prod.| 23 |
| GA | Prod. | 123 |
| GA | Non-Prod.| 34 |
Trying using reshape2:
library(reshape2)
melt(df,id.vars='State')
# State variable value
# 1 CA Prod 120
# 2 GA Prod 123
# 3 TX Prod 290
# 4 CA Non-Prod. 23
# 5 GA Non-Prod. 34
# 6 TX Non-Prod. 34

Resources