I'm trying to get the "modulus" from public key and certificate to validate that these pair key and cert match before sign but I can't
I have a web app building in Angular and I use https://www.npmjs.com/package/node-forge.This is a snnipet but I don't know how to achive getting mudulus.
var buffer = forge.util.createBuffer(FirmaUtil.Key, 'raw');
var asn1 = forge.asn1.fromDer(buffer);
var info = forge.pki.decryptPrivateKeyInfo(asn1, 'password');
var privateK = forge.pki.privateKeyFromAsn1(info);
At the end i could achieve the goal compare the modulus from cer and key
doesCertMatchKey: function privateKeyMatchesCertificate(model) {
certificate = {};
certificate.Cer = model.Cert; //AsArrayBuffer .cer file
certificate.Key = model.Key; //AsArrayBuffer .key file
certificate.Pass = model.Pass
let bufferCer = forge.util.createBuffer(certificate.Cer, 'raw');
let asn1Cert = forge.asn1.fromDer(bufferCer);
let cer = forge.pki.certificateFromAsn1(asn1Cert);
let nHexPublicK = cer.publicKey.n.toString(16);
let eHexPublicK = cer.publicKey.e.toString(16);
var bufferKey = forge.util.createBuffer(certificate.Key, 'raw');
var asn1Key = forge.asn1.fromDer(bufferKey);
//Before the next step check password to void exception.
var info = forge.pki.decryptPrivateKeyInfo(asn1Key, certificate.Pass);
var privateKey = forge.pki.privateKeyFromAsn1(info);
var nHexPrivateK = privateKey.n.toString(16);
var eHexPrivaetK = privateKey.e.toString(16);
//If they are identical then the private key matches the certificate.
return nHexPublicK === nHexPrivateK;
}
I would like to set up outlook appointment using ActiveX.
Following code is working. Other than the part where I have setup the timezone. which i cant seem to find how to set. Is there any API reference available to setup timezone ?
var sub = "Test";
var stDate = "01-01-2020";
var endDate = "01-01-2020";
var sBody1 = ".....";
var sBody2 = "hello ";
var sBody3 = ".....world";
if (confirm("Are you sure that you want to send an outlook invite for the meeting? Click OK to send invite.")) {
try {
outlookApp = new ActiveXObject("outlook.application");
}
catch (Error) {
alert("Please verify if your browser is enabled to run ActiveX scripts and try again!");
return false;
}
try {
nameSpace = outlookApp.getNameSpace("MAPI");
mailFolder = nameSpace.getDefaultFolder(6);
mailItem = mailFolder.Items.Add("IPM.Appointment.ConfRmReq");
mailItem.MeetingStatus = 1;
mailItem.Subject = sub;
mailItem.Start = stDate;
mailItem.End = endDate;
mailItem.TimeZones = ["Eastern Standard Time"];
//var tzEastern = tzs["Eastern Standard Time"];
mailItem.StartTimeZone = tzEastern;
mailItem.EndTimeZone = tzEastern;
var sBody = sBody1;
mailItem.Body = sBody;
sEmailList.push('Email Address');
mailItem.RequiredAttendees = sEmailList.join(';');
mailItem.Display();
You will need to retrieve the timezone from the Application.Iimezones collection. I never had luck retrieving the tz by its name, so you'd need to enumerate the time zones and check their ID / Name / StandardDesignation / DaylightDesignation properties.
I am attempting to verify a signature with a certificate. We have to download the required certificate from the CA, verify the certificate, then verify the signature. I have no idea, and I'm hoping someone can shed some light. Here's what I have / know so far.
To sign a message, I used the following code:
function sign(sk, m, certname) {
var key = new RSAKey();
key.setPrivate(sk.n, sk.e, sk.d);
var h = CryptoJS.SHA256(JSON.stringify(m)).toString(CryptoJS.enc.Hex);
h = new BigInteger(h, 16);
var sig = key.doPrivate(h).toString(16);
var obj = { "type": "SIGNED", "msg": m, "certname": certname, "sig": sig };
return JSON.stringify(obj);
}
To verify a signature, I used the following code:
function verify(pk, signed) {
var key = new RSAKey();
var s = JSON.stringify(signed.sig).toString(CryptoJS.enc.Hex);
s = new BigInteger(s, 16);
key.setPublic(pk.n, pk.e);
var v = key.doPublic(s).toString(16);
var h = CryptoJS.SHA256(JSON.stringify(signed.msg)).toString(CryptoJS.enc.Hex);
return (v == h);
}
To verify a certificate, I used the following code: (EDIT: this is the new certificate verification function).
function verifyCertificate(signedCert, certname) {
var key = new RSAKey();
var s = JSON.stringify(signedCert.sig).toString(CryptoJS.enc.Hex);
s = new BigInteger(s, 16);
key.setPublic(CApk.n, CApk.e);
var v = key.doPublic(s).toString(16);
var h = CryptoJS.SHA256(JSON.stringify(signedCert.msg)).toString(CryptoJS.enc.Hex);
return (v == h);
}
And that's that. Can anyone please help. I don't know how to go about this.
EDIT: Okay, I think I have solved my own question (with assistance from the responses). This is the code that returns all positive results:
function verifyWithCert(sig) {
// 1. Download the required certificate from the CA
// 2. Verify the certificate
// 3. Verify the message
var certKey = new RSAKey();
var loadedCert = loadCert(sig.certname);
var certS = JSON.stringify(loadedCert.sig).toString(CryptoJS.enc.Hex);
certS = new BigInteger(certS, 16);
certKey.setPublic(CApk.n, CApk.e);
var certV = certKey.doPublic(certS).toString(16);
var certH = CryptoJS.SHA256(JSON.stringify(loadedCert.msg)).toString(CryptoJS.enc.Hex);
var verifyResult;
if (certV == certH) {
verifyResult = true;
}
var Sigkey = new RSAKey();
var s = JSON.stringify(sig.sig).toString(CryptoJS.enc.Hex);
s = new BigInteger(s, 16);
Sigkey.setPublic(loadedCert.msg.subject.pk.n, loadedCert.msg.subject.pk.e);
var v = Sigkey.doPublic(s).toString(16);
var h = CryptoJS.SHA256(JSON.stringify(sig.msg)).toString(CryptoJS.enc.Hex);
var verifySignature;
if (v == h) {
verifySignature = true;
}
var result = { "certificateFound": loadedCert ,"certificateVerified": verifyResult ,"signatureVerified": verifySignature };
return result;
}
(A note to other members of StackOverflow, I am also in this class so there's a bit of stuff that I mention that comes out of nowhere in regards to variables and other references.)
In the verifyCertificate function:
function verifyCertificate(signedCert, certname) {
var loadedCert = loadCert(certname);
// signedCert is the same as loadedCert above, the button runs the
// loadCert function and outputs the contents into the textarea,
// so the following will always be true.
var originalSig = JSON.stringify(signedCert.sig);
var loadedSig = JSON.stringify(loadedCert.sig);
log(loadedSig);
return (originalSig == loadedSig);
}
How am I supposed to verify the certificate then? What am I comparing the loaded CA certificate to? I thought maybe compare the public key in the certificate to the public key used to sign the message but... I don't know. I'm very confused.
You're on the right track with that though, think about the verify() function, and the details contained in the CApk variable at the top of the file. Can you hash the message from the loadCert() JSON response and match it against the output from:
function verify() {
//[...]
key.setPublic(pk.n, pk.e);
//[...]
}
Assuming you change a few variables?
It's similar to the method I used at least, so I'm hoping it's right. I figure if you can hash the message using the details in CApk, and compare it to a hash of the message contained in the JSON response, that verifies the certificate. Hopefully.
There is an error in 'verify certificate' approach.
you need to test the signature of certificate with public key of CA given in 355a3_main to verify, the code given here will only verify your certificate and will give s false positive for rest
i think this should work
var loadedCert = loadCert(certname);
var originalSig = JSON.stringify(signedCert.sig);
var loadedSig = JSON.stringify(loadedCert.sig);
log(loadedSig,originalSig);
var key = new RSAKey();
var s = JSON.stringify(signedCert.sig).toString(CryptoJS.enc.Hex);
s = new BigInteger(s, 16);
key.setPublic(CApk.n, CApk.e);
var v = key.doPublic(s).toString(16);
var h = CryptoJS.SHA256(JSON.stringify(signedCert.msg)).toString(CryptoJS.enc.Hex);
if (originalSig == loadedSig && v==h)
return true;
else
return false;
That being said what about the long message of arbitrary length?
Except... you know how he says his solutions for the core tasks are between 5 and 10 lines? well this is about 20 lines of code, so i don't know if I should be suspicious of my code
I used the function verify and verifycertificate again in the RSA signature verification with certificate function. That will make your code fairly short. and I really appreciate this post, you're all my life savers.
I've downloaded a copy of PrettyDiff to embed in my own local application, so I can compare two AJAX loaded files that are in two variables.
Unfortunately, I can't seem to make prettydiff work. Here's how I try :
var example1 = getFile('exemple1.txt');
var example2 = getFile('exemple2.txt');
var output = prettydiff("/*prettydiff.com api.lang: 8, api.mode: diff, api.diffview: inline, api.source:example1, api.diff: example2 */");
document.getElementById("output").innerHTML = output[0];
All I get is "Error: Source sample is missing.".
I've also tried to make an "api" variable that I fill with the parameters, but that doesn't work either.
The documentation doesn't give any example on how to pass the parameters (options, source and diff texts).
Anyone knows ?
Ok, I found out a way to get it working. I still don't know the fuss about the parameters as comments as specified in the docs, but you can create a js object and pass all your parameters :
var api = new Object();
api.mode = "diff";
api.diffview = "inline";
api.lang = 8;
api.source = example1;
api.diff = example2;
var output = prettydiff(api);
You can use prettydiff option like this.
const prettydiff = require("prettydiff");
let options = prettydiff.options;
options.source = content_Old;
options.diff = content_New;
options.diff_format = "html";
options.lang = "script";
options.color = "white";
options.diff_space_ignore = false;
options.diff_view = "sidebyside";
options.lexer = "script";
options.sourcelabel = "Original File";
options.difflabel = "Updated File";
options.mode = "diff";
options.parse_format = "htmltable";
options.list_options = true;
options.crlf = false;
options.force_indent = true;
outputHtml = prettydiff();
Here is my code, I get an object error onLoad. Please help.
function Setlook()
{
var lookup = new Object();
var lookupValue = new Array();
lookup.id = "7b31D4D998-F124-E111-96C3-1CC1DEEA";
lookup.entityType = 1022;
lookup.name = "Default";
lookupValue[0] = lookup;
Xrm.Page.getAttribute(“pricelevelid”).setValue(lookupValue);
}
The code itself looks correct, but the GUID of the lookup doesn't. It doesn't have the right format nor does it have the right number of characters (32). Fixing that should eliminate the error.
Here is the proper syntax, the important thing is to have the correct .typename
function Setlook()
{
var value = new Array();
value[0] = new Object();
value[0].id = '{31D4D998-F124-E111-96C3-1CC1DEE8EC2D}';
value[0].name = 'Default';
value[0].typename = 'pricelevel';
Xrm.Page.getAttribute("pricelevelid").setValue(value);
}