I am trying to use MP4Box to edit the #EXT-X-MAP:URI="fragment_init.mp4" file used in HLS fMP4. My current approach is to dump the mp4 file to an xml file, edit the xml and then package back into an mp4 file. Firstly, the source gstgenerated.mp4 file is converted to 2sec HLS fragments:
MP4Box -dash 2000 -frag 2000 -profile full -out master.m3u8 -segment-name fragment_ gstgenerated.mp4
Then the newly created fragment_init.mp4 file is dumped to the default fragment_init_dump.xml file:
MP4Box -dxml fragment_init.mp4
But if I try to re-create the mp4 file with the -package option an error is generated:
C:\Users\KFerguson\Videos\PAR> MP4Box -package fragment_init_dump.xml -new init.mp4
Missing 4CC code for meta name - please use ABCD:fileName
Failed to package file
Can anyone help with interpreting this and comment if I am on the right path to the box editing objective?
I wrote a self-defined OpenSSL engine and engine tester in ubuntu 20.4. And the OpenSSL version is 1.1.1.
The goal is to use engine in TLS session, and the first step is to use command line to sign a digest. The reference website is:
https://wiki.openssl.org/index.php/Creating_an_OpenSSL_Engine_to_use_indigenous_ECDH_ECDSA_and_HASH_Algorithms
But the tester use the engine by calling the function, like ECDSA_sign and ECDSA_verify in the code, which can't act as expected. I hope to achieve the effect like:
$ openssl dgst -engine <engine_id> -sha256 -sign -out
So what should I do? And is this practicable?
Thanks a lot!
That OpenSSL wiki page is useful for beginners to learn how OpenSSL engine works, but it is too old that a lot of APIs in the page has been deprecated, especially the ECC functions.
Yes it is practicable.
Copy your YOUR_ENGINE_NAME.so to /usr/lib/x86_64-linux-gnu/engines-1.1/, then edit /etc/openssl.cnf to tell OpenSSL command line utility to start with loading your engine:
# Insert near top of file openssl.cnf:
openssl_conf = openssl_init
# OpenSSL example configuration file.
# This is mostly being used for generation of certificate requests.
#
......
......
# Insert at bottom of file openssl.cnf:
[ openssl_init ]
engines = engine_section
[ engine_section ]
YOUR_ENGINE_NAME = YOUR_ENGINE_NAME_section
[ YOUR_ENGINE_NAME_section ]
engine_id = YOUR_ENGINE_NAME
dynamic_path = /usr/lib/x86_64-linux-gnu/engines-1.1/YOUR_ENGINE_NAME.so
default_algorithms = ALL
init = 1
You can put some printf info in your engine's init function. It will display after OpenSSL command line utility started if the engine is properly loaded:
$ openssl
engine bind start
YOUR_ENGINE init success
OpenSSL>
I have cloned this repo (https://github.com/docusign/code-examples-node) and believe I have entered all required keys and codes. But, when I try to authenticate with JWT I get this error:
at Sign.sign (internal/crypto/sig.js:105:29)
at Object.sign (C:\Users\BrownJ3\Documents\repos\code-examples-node\node_modules\jwa\index.js:152:45)
at Object.jwsSign [as sign] (C:\Users\BrownJ3\Documents\repos\code-examples-node\node_modules\jws\lib\sign-stream.js:32:24)
at Object.module.exports [as sign] (C:\Users\BrownJ3\Documents\repos\code-examples-node\node_modules\docusign-esign\node_modules\jsonwebtoken\sign.js:189:16)
at generateAndSignJWTAssertion (C:\Users\BrownJ3\Documents\repos\code-examples-node\node_modules\docusign-esign\src\ApiClient.js:62:16)
at exports.requestJWTUserToken (C:\Users\BrownJ3\Documents\repos\code-examples-node\node_modules\docusign-esign\src\ApiClient.js:890:19)
at _DsJwtAuth._getToken [as getToken] (C:\Users\BrownJ3\Documents\repos\code-examples-node\lib\DSJwtAuth.js:85:33)
at log (C:\Users\BrownJ3\Documents\repos\code-examples-node\lib\DSJwtAuth.js:174:33)
at _DsJwtAuth.DsJwtAuth.login (C:\Users\BrownJ3\Documents\repos\code-examples-node\lib\DSJwtAuth.js:184:5)
at commonControllers.login (C:\Users\BrownJ3\Documents\repos\code-examples-node\lib\commonControllers.js:36:16) {
library: 'PEM routines',
function: 'get_name',
reason: 'no start line',
code: 'ERR_OSSL_PEM_NO_START_LINE```
What this typically means is that the PEM file is missing the indicator that the key portion has begun.
PEM files are structured like this:
Intitial Data to be processed
-----Begin <Type>-----
Key Information
-----End <Type>-----
The standard for these files can be found here: https://www.rfc-editor.org/rfc/rfc7468
Can you confirm if the -----Begin / End lines are present are present in the PEM file you're using? Please don't post the actual file here, if they are present in the PEM we're going to want to have you open a support case with DocuSign so we keep any necessary private data for troubleshooting private.
If using docker, I have some observations.
Try to make .env values plain text. Not string literal.
When getting the item to code, replace '\\n' with '\n'
You can validate your certificate here: https://www.sslchecker.com/certdecoder.
In my case I pasted wrongly that missed one dash:
- -----BEGIN CERTIFICATE-----
+ ----BEGIN CERTIFICATE-----
Please note the first 5 dash is critical.
If you indeed have valid structure of PEM as #Matt King DS suggested, but you still get this error, it is likely that new lines are causing error.
If you are using dotenv then from documentation:
Multiline values
If you need multiline variables, for example private keys, those are now supported (>= v15.0.0) with line breaks:
PRIVATE_KEY="-----BEGIN RSA PRIVATE KEY-----
...
Kh9NV...
...
-----END DSA PRIVATE KEY-----"
Alternatively, you can double quote strings and use the \n character:
PRIVATE_KEY="-----BEGIN RSA PRIVATE KEY-----\nKh9NV...\n-----END DSA PRIVATE KEY---
AWS lambda
I also encountered this error in AWS lambda. Here above approach didn't work for me. I had to have env variable in lambda without double quotes, with \n instead of new lines and in code I had to replace \n by \n, like this:
process.env.MY_PRIVATE_KEY.replace(/\\n/g, '\n')
Try to delete .nprm from -->
C:\Users{username}
then it will works fine
I solved it by just running the following lines of code. This can be run anywhere in order to turn the normal \n into actual newlines '\n'
jWtstring = 'your_JWT_string'
jWtstring.replace(/\\n/g, '\n')
After you get the newly line-entered JWT key, you can paste it to SSM or perform the next steps as you wish.
const fs = require('fs')
const https = require('https')
https.createServer(
{
key:fs.readFileSync('key.pem'),
cert: fs.readFileSync('cert.pem'),
}
).listen(PORT, () => {
console.log(`server is running on http://localhost:${PORT}`);
})
you need to load the file key.pem before initialize to the "key: key.pem" with readFileSync that belongs to fs module
https.createServer:- https://nodejs.org/api/https.html#httpscreateserveroptions-requestlistener
fs.readFileSync:- https://nodejs.dev/en/learn/reading-files-with-nodejs/
I have exactly the same issue, I spent around 1 week working on this and still no solution for my M1 Mac Pro.
Solved my problem by:
Search for your .npmrc file and delete it.
sudo find ~ -type f -name
'*npmrc' rm -rf /Users/<user>/.npmrc
Do some classics like: npm cache verify npm cache clear --force
Finally use the npm install
Hope it helps, at least for the future user :DD
If you have this problem with Angular CLI then ensure that your ssl key paths are valid.
Had the same problem when running :
ng serve --ssl true --ssl-cert ./ssl/server.crt --ssl-key ./ssl/server.key
and it turned out my paths were invalid.
For the angular version 14.2.8 use following commands.
ng serve --ssl "Your_project_name" --ssl-key "path_of_key" --ssl-cert "path_of_your_certificate"
Example:-if your key and certificate on a same drive C://your_key or C://your_certificate
you have to use
const key = new NodeRSA({ b: 512 });
let keypair = {
private: key.exportKey(),
public: key.exportKey("public")
};
this private key at the time of signing token with RSA
if you just using it as sandbox project you can use: (without private key)
var jwt = require('jsonwebtoken');
var token = jwt.sign({ foo: 'bar' }, 'shhhhh');
if not as sandbox, you have to generate a privteKey.
you can see it on jsonwebtoken docs:
https://www.npmjs.com/package/jsonwebtoken
How can I save a X509AttributeCertificate to PKCS12 keystore ?
I guess this is what you are looking for: https://docs.oracle.com/javase/tutorial/security/toolsign/rstep2.html
I'm trying to build a native bundle, specially for mac os x, but also in windows. And in both environments the .app, .dmg, .exe get generated correctly, but when I run them, I get many java.security.NoSuchAlgorithmException exceptions. For example:
Caused by: java.security.NoSuchAlgorithmException: SunTlsRsaPremasterSecret KeyGenerator not available
Caused by: java.security.NoSuchAlgorithmException: PBEWithMD5AndDES SecretKeyFactory not available
My program uses TLS, to establish xmpp connections. And also I have a webview with HTTPS which is not loading eighter.
Does anybody have any idea why this could be happening?
I should note that if I run the generated jar alone, it works fine, it only happens with the .exe and .app.
This is my build.xml fx:deploy code:
<fx:deploy width="${javafx.run.width}" height="${javafx.run.height}"
nativeBundles="all"
outdir="${basedir}/${dist.dir}" outfile="${application.title}">
<fx:application name="${application.title}"
mainClass="${javafx.main.class}"/>
<fx:resources>
<fx:fileset dir="${basedir}/${dist.dir}"
includes="*.jar"/>
<fx:fileset dir="${basedir}/${dist.dir}" includes="lib/*.jar"/>
</fx:resources>
<fx:info title="${application.title}"
vendor="${application.vendor}"/>
</fx:deploy>
Appreciate your help.
I hadn't seen this post before: JavaFX WebView Not Loading HTTPS Page
What's happening is that the jre's bundle doesn't include the /ext folder, so you have to copy it with a script when you build the bundle.