Wings of Hermes - A Cyber Blog
Thoughts on Cyber Security
Parts of the Windows Crypto API are quite well documented (particularly the original CAPI stuff). Other parts….. I’ve been trying to get PKCS8 files working between OpenSSL and Windows. The Import/Export on Windows is so badly documented I eventually resorted to ASN.1 decodes and header file trawls to find what I needed. Anyway – if… Continue Reading PKCS8 files and Windows Crypto API
I seem to always add little posts about trivial things that messed me up. Android studio 1.0.2 – couldn’t work out how to access the libs dir to add a jar file from another project I have. So simply copy it by hand into the libs directory (under app – same level as src). Then… Continue Reading Adding Jars in Android Studio
Just ran into a great error on upgrading to Glassfish 4. Couple of references to it from Google but no solution. Glassfish log: [2013-12-22T07:02:51.014+1100] [glassfish 4.0] [SEVERE] [] [javax.enterprise.system.core] [tid: _ThreadID=36 _ThreadName=admin-listener(4)] [timeMillis: 1387656171014] [levelValue: 1000] [[ Exception while loading the app : CDI deployment failure:WELD-001301 Annotation @org.glassfish.api.admin.RestEndpoints(value=[@org.glassfish.api.admin.RestEndpoint(description=disable-secure-admin, path=disable-secure-admin, opType=POST, params=[], useForAuthorization=false, configBean=interface com.sun.enterprise.config.serverbeans.Domain)])… Continue Reading WELD-001301 on Glassfish
I’ve been messing around with the Windows LSA and implementing my own authentication package. It’s all part of an authentication server I’m building. The *NIX component (a PAM module) was pulled together in an afternoon. Windows is a slightly different story….. As always, MSDN has great documentation on the APIs, but there is not a lot… Continue Reading Implementating a SSA/AP proxy
I just upgraded from Glassfish 3.1 to 3.1.1 and all logging for my app below INFO (i.e. FINE/FINER/FINEST) stopped working. Turns out there is a bug that normally expresses itself by stopping logging working altogether. I think another symptom is glassfish starts to ignore logging if the level for the particular logger is set to… Continue Reading Glassfish 3.1.1 won’t log FINE
Well – JAAS and GlassFish. I naively assumed this would be easy to get to work. It’s not. I started out by building a login module that extended AppservPasswordLoginModule and plugging it directly into login.conf. I then created a Realm that used it and continued on my merry way. The moment I tried to extend… Continue Reading JAAS and GlassFish – and “interesting” exercise
Patrick Hogan has done a great project on GitHub – IOS Certificate Key and Trust Sample Project – that pulls together all the concepts for RSA key importing/exporting and handling. It’s used some of the code from my import and export posts + code from a few other places together with his own work. Great… Continue Reading Nice Sample Project for iPhone RSA Key and Trust Handling
So following from my post on exporting a public key from an iPhone into java, here is some sample code for going the other way. It follows the same logic as exporting the key but in reverse. (It starts with decoding the Base64 piece as the app I am working on always passes data in… Continue Reading Import Standard RSA key to iPhone key store
I seem to be struggling with lots of things lately that should be easy, but I just can’t find an easy way to do them. My latest struggle has been using NSURLConnection to connect to an SSL site that is secured using my root certificate. There is no easy reference anywhere for how to do… Continue Reading iPhone SSL based NSURLConnection with your own root cert
Strange. com.sun.org.apache.xml.internal.security.utils.Base64 is a part of the base Java 1.6 runtime (it’s found in rt.jar). But Netbeans throws errors on it unless you include the METRO 2.0 jar file as a library to compile against (you don’t need to package it). Or at least that’s the case on Windows. On OS X it just works. What… Continue Reading Base64 classes in an EJB module with Netbeans