didReceiveAuthenticationChallenge not getting called - ios5

I am using iOS sdk5.0. I am hitting a link using NSURLConnection and creating a request. But my control is not going into didReceiveAuthenticationChallenge method. Is didReceiveAuthenticationChallenge not called in iOS5.0?

According to Docs of NSURLConnectionDelegate
connection:canAuthenticateAgainstProtectionSpace:
connection:didReciveAuthenticationChallenge:
connection:didCancelAuthenticationChallenge:
are deprecated and new code should adopt
connection:willSendRequestForAuthenticationChallenge
The older delegates will still be called for compatibility, but incur more latency in dealing with the authentication challenge.

I was having the same problem (see my comment above). In my searches, I came across this gist: https://gist.github.com/1675763 . I tried the code in the AUTH_NEW path. The delegate still wasn't being called. Then I noticed the comment on line 40:
"Perhaps iOS 5 can't support DSA signature algorism."
I did some searches, and found nothing to indicate that this was a limitation was a problem. Finally, in desperation, I changed this. I was using java's keytool (Java's reinvented version of openssl+) to generate my self-signed cert. It uses DSA by default. Out of desperation, I used a flag to force it to use RSA. Then the delegate got called, and the code in the gist above worked.
I still have yet to see any documentation that says you can't use DSA. openssl seems to use RSA by default, so folks using that probably never run into this.
Short story: check your cert and make sure it is signed with RSA and not DSA.

I'd like to emphasize the point Chris Westin makes. And beyond that, I actually created an RSA key, but accidentally copied the DSA one to the server. So when in doubt, you need to use the -v (verbose) command to make sure that you've got the proper cert in place. Example:
keytool -list -v -keystore <name of keystore here>

Related

iText7 and C# - X509Certificate2Signature port can't sign using RSAcng

I'm trying to sign a PDF using iText7 the way I did with iText5:
I took the Cert from Windows Personal Store.
I create an IExternalSignature based on the Cert.
I found that X509Certificate2Signature class is not present in iText7.
Because of that I've ported it, however when the Signer method SignDetached is invoked I get that nasty error telling that the classic RSA algorithm is not available because now it is a bit different (RSAcng).
Is there a workaround?
For sure, there must be a reason why the class was not ported to iText7 that I can't understand.
Thanks.

How can I get the SHA1 fingerprint of a TlsCertificate in GJS?

I'm trying to get a fingerprint of a Gio.TlsCertificate of a connection, which as I understand it is just a SHA1 checksum of the certificate in DER form. So I think I could use GLib.compute_checksum_for_data() on the certificate property of the Gio.TlsCertificate object, but any attempt to access that property results in:
JS ERROR: Error: Unable to introspect element-type of container in GValue
Is there a way I can access the certificate property, or an easier way to fingerprint a certificate in GLib?
This looks like a bug in the generated introspection XML for Gio.TlsCertificate.certificate. I’ve filed an upstream bug about it.
In the meantime, you may be able to work around this by retrieving the property manually using g_object_get() and handling things that way; I don’t know what workarounds are exactly possible in JS.

How do I decompile a .sis file?

I need to be able to view and edit a .sis file. Can anyone suggest the right way to do this please?
Basically, you could indeed extract stuff, modify them and re-pack them. there are tools that can help on this, for example SisContent claims to be able to do so, thus you could use this app at least for viewving the SIS.
Anyhow, the problem there is then the signing. If the app requires capabilities that are ok with Self-signing (and is not having any auto start feature etc.) then you could make own Self-signing certificate, either with the makekeys included in the SDK, or using OpenSSL. With SisContent, there also appears to be Self signing certificate included in it.
Anyhow note that following capabilities: ReadDeviceData, WriteDeviceData, PowerMgmt, ProtServ, SwEvent, SurroundingsDD, Trusted UI, CommDD, DiskAdmin, MultimediaDD, NetworkControl, CommDD, DiskAdmin, MultimediaDD and NetworkControl. Can not be used with self-signing, and as there is no ways on signing apps (and there were never a way on signing others apps) with real Symbian certificate having publicer ID. and thus these apps can not really be installed after they are modified.
Then again, if you are targeting for pre-3rd edition devices, then they are not requiring any signing, thus you could extract the files, modify them, and simply repack with makesis.
There is a software called unmakeSis.

NFC Plugin for Eclipse

I'm trying to use the NFC Plugin but i have an error "Signature could not verify". I write the code generating the signature of the data and a selfsigned certificate. But when I put all them together i shows me that error. Can you help me with this?
The Signature Record support is experimental at this point, so I advise you to check out the sources for a deeper investigation.

Doesn't zend openid auto clean nonce files?

I am using zend OpenID library:https://github.com/marcinwol/zfopenid works great. But, the issue is not cleaning tmp folder files[nonce files]. It seems purgeNonces members of Zend_OpenId_Consumer_Storage_File are
not being called anywhere in the execution. http://framework.zend.com/manual/1.11/en/zend.openid.consumer.html dbstorage seems to clear the expired data. But, that too is not clearing Nonce. I am planning to use dbstorage. Any examples would be appreciated.
Thanks
I found some info, we do not need to delete discovery files as it is for single id.
http://openid.net/specs/openid-authentication-2_0.html#verify_nonce
as per this, Zend_OpenId_Consumer_Storage_File doesn't delete nonce files. Whenever we want to call purgeNonce, we must use
"The time-stamp MAY be used to reject responses that are too far away from the current time".so I can delete old nonce files.
Also, dbstorage example's isUniqueNonce has to check for a duplicate nonce for the same OP, Not for all OP.
please correct my understanding if it is wrong.