I am trying to use certutil with its basic syntax to encode a string that shows me more than what i need. The output of the following
command:
certutil -encode pass.txt
output:
-----BEGIN CERTIFICATE-----
Z29sZGVuZ2F0ZTEyMw==
-----END CERTIFICATE-----
Please tell me how to use certutil command to get rid off these lines
-----BEGIN CERTIFICATE-----
-----END CERTIFICATE-----
OS: Windows 7
certutil -encode pass.txt | grep -v CERTIFICATE will work
edit:
grep -v removes lines that matches the regex provided, so this will remove any line containing the phrase "CERTIFICATE"
Related
What if you want to put your ssh private or public key into environment variable and access it on a CI system?
A key looks like this, so how can you convert it in a base64 string without newlines?
-----BEGIN OPENSSH PRIVATE KEY-----
b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAAAMwAAAAtzc2gtZW
QyNTUxOQAAACAICS0Scec9oD2raCs5HoZyQuZCPXJAVZvIJ+OooR0faAAAAJBsx4YgbMeG
IAAAAAtzc2gtZWQyNTUxOQAAACAICS0Scec9oD2raCs5HoZyQuZCPXJAVZvIJ+OooR0faA
AAAEDd1JmV4ligped6DH18jnlyEriUfNve+80vexKOOZjUwQgJLRJx5z2gPatoKzkehnJC
5kI9ckBVm8gn46ihHR9oAAAABmF3c2JvdAECAwQFBgc=
-----END OPENSSH PRIVATE KEY-----
First generate your keys or you can use any existing keys whether it's RSA or ED25519
ssh-keygen -t ed25519 -C "coo#abc.com"
Encode it into base64
cat id_ed25519 | base64 | tr -d \\n
Now you can copy paste the output anywhere you want, this should give you a string with 0 newlines.
To verify
echo your_encoded_string | base64 --decode
You should see the same key as you had in your file.
A quickest way is simply:
cat <filename> | base64 -w 0
I'm trying to create a hash for files in the directory using this script:
for file in *.zip; do openssl dgst -sha256 -binary ${file%.*}.zip $file | base64 >> ${file%.*}.zip.base64sha256; done
It creates hash like this:
b5iQL1fo5r+6osykGr0mcEZ14Xdbn8y0SrFGIuzMfeRvmJAvV+jmv7qh7OUavSZwRnXhd1ufzLRKsUYi7Mx95A==
But for terraform and AWS Lambdas I need a shorted hash value. I can get by using terminal and command like this:
openssl dgst -sha256 -binary archive.zip | base64 >> hash.base64sha256
And output is b5iQL1fo5r+6osykGr0mcEZ14Xdbn8y0SrFGIuzMfeQ=
So the question is: how I can retrieve short version of hash? It's required by terraform and AWS (when hash value is long - lambda are going to redeploy every time)
If you decode the "long" base64 you'll see that it's the same sequence of bytes repeated. That's because here
openssl dgst -sha256 -binary ${file%.*}.zip $file
you are specifying the file twice, once removing the extension and then re-adding it as .zip in ${file%.*}.zip, the other plainly as $file. This results in outputting the concatenated hash for both inputs (that are the same). To fix this, just specify it once:
openssl dgst -sha256 -binary "$file"
(with quotes to avoid problems with whitespace in shell expansion)
Instead of
for file in *.zip; do openssl dgst -sha256 -binary ${file%.*}.zip $file | base64 >> ${file%.*}.zip.base64sha256; done
try
for file in *.zip; do openssl dgst -sha256 -binary ${file%.*}.zip | base64 >> ${file%.*}.zip.base64sha256; done
my file test.txt contains
checksum test file
when I upload into blob its md5 is
CONTENT-MD5 cvL65GNcvWFoqZUTI5oscw==
when I run in local md5Sum test.txt its value is
72f2fae4635cbd6168a99513239a2c73
As discussed in the comments. Solution from here:
Googled around and found a suggestion to use openssl dgst, and it
worked!
openssl dgst -md5 -binary $filename | base64
Turns out, md5sum returns a hex representation of the hash and I had
to unhex it before computing its base64:
md5sum --binary $filename | awk '{print $1}' | xxd -p -r | base64
I have the two lines in bash
grep -L "BEGIN RSA PRIVATE KEY" *
grep -l "BEGIN RSA PRIVATE KEY" *
And would like to use them in a Python array
I've tried to get it working with a subprocess, but the "*" was not working.
I get a file not found error from grep.
I need to be able to sign a EXE in Linux. Following the directions listed at https://developer.mozilla.org/en-US/docs/Mozilla/Developer_guide/Build_Instructions/Signing_an_executable_with_Authenticode, I was able to get it done using Mono. However, I'm running into problems -- apparently Mono's signcode only supports md5 and sha1 hash algorithm. I'm trying to sign using sha256. Anyone know how I can get this done?
Thanks!
I was unable to find out how to do this with Mono's signcode but this can be done using https://sourceforge.net/projects/osslsigncode/files/osslsigncode/ -- use -h sha2 parameter when signing.
According to the mono documenation following algorithms are supported:
sha1 | md5 | sha2 | sha256 | sha384 | sha512
So the adjusted example from Mozilla would look like this:
signcode \
-spc authenticode.spc \
-v authenticode.pvk \
-a sha256 -$ commercial \
-n My\ Application \
-i http://www.example.com/ \
-t http://timestamp.verisign.com/scripts/timstamp.dll \
-tr 10 \
MyApp.exe```