I am using jpasskit to generate and sign passes. So, I created a signature file from a sample manifest.json, using my p12 file and the Apple WWDRCA certificate. Then I decided to do the same thing (using the same manifest and certificates) using this Objective C code. But the signature files are different from each other.
I suspect there is something wrong with the jpasskit code. So, is there any way to decrypt the signature or otherwise inspect them somehow to see what is wrong?
Looking at your pass signature (provide in chat), it looks like you are using an Apple Production IOS Push Services certificate (com.paguemob.mobileios.PagueMob) to sign your pass.
You need to be signing with a Pass Type ID certificate, and that certificate must match the name of the certificate you have in your pass.json (pass.com.paguemob.mobileios.PagueMobS).
Related
We are trying to automate certain processes with Chilkat.
In particular we are trying to generate a PKCS7 document that contains the following features:
A signed xml document. This signing is done via smartcard and the
output must include the signature. For this point, we are using the
crypt2 object with :
EncodingMode, HashAlgorithm and charset attributes
SetSigningCert, OpaqueSignStringENC methods
We need also to include the signer's digital signature certificate in X.509 ASN encoding.
This second point is where we are having some problems.
We have obtained a valid signed document according to the 2 points through the createp7m method for manual testing but the point of our program is to automate the process in memory. Therefore, we are trying to use the OpaqueSignStringENC("original xml to sign") but we believe the point (2) is not being taken into account.
I don't know if anyone has encountered a similar problem. I just recently started working with encryption, certificates...sorry if I am explaining myself incorrectly.
Thanks everyone for your help and time
i'm faceing some issue with an ssl certificate that i need for payment gateway,i already generated it but it doesn't work,i'm already doing a 3d payment gateway with a plugin that requires that certification..
I opened ssl via command prompt generated it but still i get the error request that the certification is invalid,is it possible that i did something wrong here is how it is required
OpenSSL Setup Prior to proceeding, it is necessary to download Win32 OpenSSL which can be found at: https://www.openssl.org/source/ After
the software is set up, it is important to enter a variable Path for a
bin catalogue.
In system variables: Variable PATH → “Change” Put a semicolon at the end of the line and enter a pathway to the bin folder:
c:\OpenSSL\bin For the next step, in the console, open the batch
folder and run run.bat (one of the attachments in the email received
from UPC)
The command can be performed for example in FAR. For this, place the cursor on run.bat file, press Ctrl Enter and add MERCHANT ID with
a space Key Generation Key generation and exchange is performed after
the Merchant sends a request for registration and receives E-shop
attributes via Internet (that includes a Merchant ID) Prior to key
generation, it is necessary to edit the file config.dat according to
the data of the E-shop. Config.dat data shall not strictly correspond
with the data in the request; such data is used for neither signature
generation nor signature verification and is only used for an
identification of a certificate file.
Can someone please explain me a little how to do it in steps i already watched some tutorials on youtube but i think i did something wrong,ill hope someone here can tell me how to fix this issue thank you very much
I have been tasked with duplicating the functionality of SecureZip; namely encrypting and digitally signing a file and then sending via SFTP.
I've been able to put together a java program based on the bouncycastle examples, and have been able to encrypt and decrypt files (with a locally generated PGP key) using this program. However, now I'm trying to implement the digital signature and want to capture the keys used for signing on the AIX system that is running the SecureZip commands.
So when I run the command
pkzipc -listcertificates
I get a response that indicates there are two OpenPGP certificates available for signing. Referring to them using
pkzipc -archivetype=pgp -add -recipient=<PUBLIC KEY RECIPIENT> -certificate=<CERT NAME> -sign=files file.out file.in
allows me to create the encrypted files using this CERT NAME cert. My question is, where? Where are these certificates located? Does AIX have a central OpenPGP certificate location or are these somehow imported into some SecureZip storage location?
Using SecureZip Server Version 14 for AIX
Using AIX 7100-03
I found the certificate location. Evidently there are three locations in UNIX that PKZIPC looks (according to the manual I finally got my hands on):
For public keys:
$PK_OPENGPG_PUBLIC_RING
$HOME/.pgp/pubring.pkr
For private keys:
$PK_OPENPGP_SECRET_RING
$HOME/.pgp/secring.skr
$HOME/.gnupg/secring.gpg
I'm trying to convert beta web-service to live. after removing beta word from the web-service [i.e. in web.config: endpoint address="https://wsbeta.fedex.com:443/web-services/rate"], this web service is not fetching the value. Any suggestions, why this is happening or I'm missing any procedure. Any guidance/suggestions on this.
To move a system from testing to production is not only needed to remove the word beta from the testing URL address:
From:
"https://wsbeta.fedex.com:443/web-services/rate";
To:
"https://ws.fedex.com:443/web-services/rate";
(when doing this change make sure you are replacing ALL occurrences of wsbeta. to ws. in your solution.)
But also you need to change the MeterNumber, include the Password and Key. When you sign up for the Production Key you will get all this information on the email and also you'll get the Key as soon as you sign up (you won't get that key on the email so be careful and write down that information).
With those pieces of information you should be good to go. If you are getting an exception that's a different story, let us know what exception you are getting.
I need to create a private key using openssl in Qt and then use that key to sign a zip file? I dont even have a clue on how to do this! Can somebody help me to do this?
Creating a key is a multi-step process: create a "certificate signing request" CSR, give the CSR to the "certificate authority" CA, the CA will sign the certificate and return to you a public certificate. (You do this once at first program execution.) You add the certificate and private key to your certificate store (once per program execution), and then you can finally sign the file (probably using an EVP_* function). (Once per zip file.)
Good luck :) OpenSSL is a beast. I suggest using a helper tool such as TinyCA if you're also going to be your own CA. (There's nothing wrong with learning the openssl command line for CA functions, it is just a ton of extra work that doesn't get you much closer to your immediate goal. Still worth looking at.)