How can I programatically (python preferably or java) get the serial number of the digital certificate a file, say /users/myfile, is signed with? Manually, I can do this by:
Right click myfile > Properties > Digital signature > details > advanced tab > and here you find serial number.
thanks.
Related
I have a task where I need to fill in PDF Forms. I think they are called Acroforms but I am not sure. It is opposit to XFA Forms (embedded in PDFs), Acroforms are less dynamic, they don't have many features compared to XFA.
I am coding for NodeJS, so I tried its module pdffiller. This library is only a wrapper for so-called pdftk or PDF Toolkit.
It took me almost one day to figure out how to use it on my Ubuntu 18.04 development laptop. I couldn't install it or compile, so I had to download docker image, unpack it and place compiled pdftk in specific system folders to allow pdffiller to work (lib goes here /usr/lib/x86_64-Linux-gnu/libgcj.so.16.0.0, binary goes here /usr/local/bin/pdftk).
Then there go the forms. Those downloaded from official government webpage (these are tax return forms) are XFA forms, these do not work with pdftk - all I get is a request for password which I don't have.
Error: Failed to open PDF file:
tax-return-form.pdf
OWNER PASSWORD REQUIRED, but not given (or incorrect)
Done. Input errors, so no output created.
We took the other approach, we bought Adobe Acrobat DC to convert flat PDFs to simple Acroforms. Then we tested again what PDF Toolkit can do. Two problems are blockers, and dim pdftk unusable for us:
No output for Polish diactrict signs (ąęćśżźnó)
No ability to check a checkbox
And the tax form has plenty of those checkboxes!
I would like to as what tool should we use? Is there any opensource or free for commercial use that will fill PDF Forms properly?
Edit:
I found the way to select checkboxes. After using pdftk dump_data_fields_utf8 method I got a file with a lot of information about fields:
---
FieldType: Button
FieldName: checkbox3
FieldFlags: 0
FieldJustification: Left
FieldStateOption: Off
FieldStateOption: Yes
---
The checkbox above has FieldStateOption: Off or Yes. Just putting Yes in JSON field-value map mad checkboxes selected.
It is doable, but:
there is no utf-8 fonts if one uses 'flatten' option
has to use 'need_appearances' which excludes 'flatten'
Ubuntu's PDF Viewer Evince 3.28.4 doesn't know how to display polish fonts
Firefox, Chrome, Adobe Reader 9 for Linux does display UTF fonts properly.
and fanks for the downvote without explanation why, SO sucks as usual.
I have a Java product that can export Excel files. Some of them contain macros. And the client wants them to be certified with a given pfx file
I have the .pfx file given by the client.
I can, of course, supply an excel macros with the certificate by hand. But the aim is to make the code (java) to do it automatically.
Apache poi has docs (https://poi.apache.org/apidocs/dev/org/apache/poi/poifs/crypt/dsig/SignatureInfo.html) about supplying the Excel workbook, not macros, so, it is something different, as far as I understand. At least, in the Excel, the certification for workbook and macros looks in very different ways.
Any automated, no-menu solution is ok, at least, I can call external tools from Java.
jmeter 5.0 windows 10
I am using jmeter to load test a localhost:5000 app and want to record it using htts test script recorder
I go file-->templates-->select template --create and it scaffolds a test for me
I then go to firefox and go to proxy and change setting and also install the certificate
I then click on the http(s) test script recorder on the left and hit the start button which results in a pop up to install the certificate
then there is another pop up
what values should i be selecting in html sampler setting and the highlighted
this is what I want to achieve
go to http://localhost:5000/
then upload a xml file(I have stored it in my jmeter/bin dir) and get a multi checkbox item results back
then check some of the check boxes and then hit submit button
Prefix - is just a string which will be added to the generated HTTP Request sampler labels. If you don't provide any prefix you will have the names like 1, 2, 3, 4, etc.:
If you set something as the prefix - it will be added to each sampler name
Create new transaction after request (ms) - if you put i.e. 5000 into this field and during recording you will not click anywhere for 5+ seconds - JMeter will put all subsequent requests into a new Transaction Controller. Transaction Controller's main function is to measure the total child of its children. for example on the above image foo10 is the Transaction Controller and it will measure the cumulative time of execution of samplers from foo10 to foo17 and report it as a single transaction. For example you can have your whole sequence as a single transaction or have 2 separate transactions: upload file and submit.
Just in case make sure your Firefox proxy settings look like:
to wit:
proxy is being used for all protocols
no exclusions are being made
You should be importing certificate into the Firefox after starting the proxy as the certificate has limited life time span (7 days) and if you will not be recording for more than 7 days you will not be able to use the certificate anymore without regenerating it. So make sure that "fresh" certificate is imported into the Firefox.
Does anyone know the format the UserCertificate field is stored in (DER, crt, etc)? I have not been able to extract this properly to calculate a fingerprint.
The field is a hex-encoded field. The internet certificates were base64 encoded, so in my DSAPI filter, I pulled the cert, ran a Hex-To-Base64 Decoder and calculated a fingerprint.
Just an FYI, the first 44 numbers/letters of the encoded Cert are added by Domino and are not part of the cert.
Background:
I have an application to which I want to pass a param at download time, which is actually the id of the advertiser from which it got downloaded. We use this id to report successful installation.
This param will be different for different advertisers. Somebody suggested me here to append the param data at the end of the exe and fetch it. I was able to do so perfectly.
Problem:
The problem now is that if we append in the exe, it breaks the digital signature of exe. If I replace the data with same amount of other data, the digital signature tab remains, but the digital signature becomes invalid.
So is there any way to append/replace data in exe without bothering its digital signature?
It doesn't sound too achievable, maybe make the download a zip with the signed exe and a text file with the code (which it then reads).
Bit of a wild stab in the dark would be to try using NTFS Alternate Data Streams
This may or may not invalidate the signature
You may or may not be able to configure mime types such that the exe could be a single download.
The additional data may or may not be preserved when a file is zipped.