Post

Replies

Boosts

Views

Activity

parsing DER format data using SecAsn1Decode
Hi,I'm working on the output of method `distinguishedNames` that available under challenge.protectionSpace when my application receieve callback from the server (didReceieveChallenge) of type NSURLAuthenticationMethodClientCertificate. In this case the server ask for certificate from the client that was signed by issuer from the issuersList provided by the server.The method challenge.protectionSpace.distinguishedNames returns as a DER encoded data, and I wish to decode it and get the issuer distiguished name.Since openssl is no longer native mac code, i turned to SecAsn1Decode and realized that it also expect to have a template of the DER format (SecAsn1Template).. so I pretty much need to have the formatted layout before I want to decode an instance formatted in this way.Conceptually, I'm not sure I understand why this template is really needed, because the DER format explain the format by itself.I've tested my assumption by copying the output of distinguishedNames and using asn.1 online converter to human readble text, and it revealed the format by itself.here's the input :30 81 8E 31 0B 30 09 06 03 55 04 06 13 02 49 4931 0F 30 0D 06 03 55 04 08 0C 06 62 62 62 62 626C 31 0C 30 0A 06 03 55 04 07 0C 03 54 4C 56 310B 30 09 06 03 55 04 0A 0C 02 54 53 31 1E 30 1C06 03 55 04 0B 0C 15 43 41 5F 63 65 72 74 69 6669 63 61 74 65 5F 73 65 72 76 65 72 31 1B 30 1906 03 55 04 03 0C 12 62 62 62 62 62 73 5F 4D 6163 42 6F 6F 6B 5F 50 72 6F 31 16 30 14 06 09 2A86 48 86 F7 0D 01 09 01 16 07 7A 40 7A 2E 63 6F6Dand the output :SEQUENCE (7 elem) SET (1 elem) SEQUENCE (2 elem) OBJECT IDENTIFIER 2.5.4.6 countryName (X.520 DN component) PrintableString II SET (1 elem) SEQUENCE (2 elem) OBJECT IDENTIFIER 2.5.4.8 stateOrProvinceName (X.520 DN component) UTF8String bbbbbl SET (1 elem) SEQUENCE (2 elem) OBJECT IDENTIFIER 2.5.4.7 localityName (X.520 DN component) UTF8String TLV SET (1 elem) SEQUENCE (2 elem) OBJECT IDENTIFIER 2.5.4.10 organizationName (X.520 DN component) UTF8String TS SET (1 elem) SEQUENCE (2 elem) OBJECT IDENTIFIER 2.5.4.11 organizationalUnitName (X.520 DN component) UTF8String CA_certificate_server SET (1 elem) SEQUENCE (2 elem) OBJECT IDENTIFIER 2.5.4.3 commonName (X.520 DN component) UTF8String bbbbbs_MacBook_Pro SET (1 elem) SEQUENCE (2 elem) OBJECT IDENTIFIER 1.2.840.113549.1.9.1 emailAddress (PKCS #9. Deprecated, use an altName extension instead) IA5String z@z.comSo perhaps anyone can thing of a good reason why is the template is needed ? and if so, how do i generate it for my specific example.Thanks !
3
0
1.7k
Dec ’19
Extract all domains from active directory ODNode object
I'd like to obtain all available network domains which are bound to my active directory server TEST. from command-line I use odutil show nodenames which retrieves : Name																					State	Refs Type				 External Locked Hidden /Active Directory														 Online 3													X			X /Active Directory/TEST															 10	 /Active Directory/TEST/All Domains						Online 4		Virtual node /Active Directory/TEST/Global Catalog				 Online 6		Virtual node								 X /Active Directory/TEST/domain.com						 Online 6		Virtual node								 X /Configure																		Online 2													X			X /Contacts																		 Online 3 /LDAPv3																			 Online 1													X			X /Local																				Online 2													X			X /Local/Default																Online 36												 X /Search																			 Online 19 I only care about the Active directory based nodes since I'd like to list all domains attached to those nodes only. in the case above both /Active Directory/myserver/Global Catalog and /Active Directory/myserver/domain.com are marked as hidden. Unfortunately, I couldn't find a way to get nodes which are marked as hidden from the command-line output. Perhaps anybody knows how ? My Code to iterate those nodes is : 		ODNode * node = [ODNode nodeWithSession:[ODSession defaultSession] 																			 type:kODNodeTypeAuthentication error:nil]; 		NSArray * subnodes = (bridge NSArray *)ODNodeCopySubnodeNames((bridge ODNodeRef)node, NULL); which retrieved only the non-hidden nodes : /Active Directory/myserver/All Domains. Thanks !
0
0
473
Jul ’20
fail to install lldb on Big Sur (11.0) from command line
Hi, I'm using the following command in order to install lldb without Xcode > xcode-select --install However, the window that pops up with the progress bar gets halted on task "Finding Software" Those are the relevant errors I could trace from log stream: 2020-07-29 14:17:28.792892+0300 0x2bfe     Default     0x68a7               163    0    runningboardd: (RunningBoard) [com.apple.runningboard:process] [daemon<com.apple.dt.CommandLineTools.installondemand(502)>:843] Error 45 setting darwin role to UserInteractive: Operation not supported, falling back to setting priority 2020-07-29 14:17:28.931499+0300 0x2bff     Default     0x68af               163    0    runningboardd: (RunningBoard) [com.apple.runningboard:process] [daemon<com.apple.dt.CommandLineTools.installondemand(502)>:843] Error 45 setting darwin role to UserInteractiveFocal: Operation not supported, falling back to setting priority Any idea how to tackle this issue?
1
0
529
Jul ’20