How to Generate a DSA signature? - ruby

I'm using Sparkle in my Application to do updates but in the documentation it says to generate a DSA Signature and provides a tool to do is (the tool is coded in ruby) but i don't know how to use it. Can someone help?
This is where the documentation is (Step 3): http://sparkle.andymatuschak.org/documentation/pmwiki.php/Documentation/BasicSetup?from=Main.HomePage

Google'd the command string, and got a handful of hits.
Most useful:
https://answers.launchpad.net/sparkle/+question/50496
Quoting the author:
It's a script; you need to run it from
the command line.
Open the terminal. Change into the
Sparkle distribution directory. Type:
ruby "Extras/Signing
Tools/generate_keys.rb"
Follow the instructions on the wiki
from there.

Also, I'd highly recommend looking at Feeder for constructing your Sparkle RSS feed. It can generate a DSA signature for you automatically, once you drag your binary into an update entry. It also can upload your binaries and feed to your server for you. Overall, it's saved me a tremendous amount of time with my Sparkle feeds.

Indeed Sparkle Basic wiki page is a bit misleading. For everyone how still gets confused with process, here are necessary steps:
go to Extras/Signing Tools subfolder
generate dsa private/public key pair:
ruby generate_keys.rb
Note that there is bug with this script in Sparkle 1.56b, so it might be better to take it from here: updated generate_keys.rb script
using sign_update.rb script (from same folder) you will generate dsa signature:
ruby sign_update.rb

Related

Is there a way to code a bulk download (zip?) for users to download all attachments on my page?

My app serves up a bunch of files as links that the user has to download individually. The customer wants me to provide a bulk download option as well. I'm using ColdFusion, but can probably use other languages or translate into one I can use. I mostly likely cannot download a commercial tool to do it. Thanks!
Use curl - in your case it would be libcurl. This would require C++ bindings.
Create a list of your links in a string or a file that your app would access.
Get started with the curl cli.
See here - https://curl.se/docs/httpscripting.html and here - https://www.freecodecamp.org/news/how-to-start-using-curl-and-why-a-hands-on-introduction-ea1c913caaaa/
Once you are comfortable with this, use libcurl linked within your app and download the files using the libcurl API.
Thanks for your reply - I appreciate it. A coworker found the best answer for ColdFusion. There's a tag called cfzip that does it all.
https://helpx.adobe.com/coldfusion/cfml-reference/coldfusion-tags/tags-u-z/cfzip.html

How can I distribute my OSX command line Apps in my site?

I'm building OSX commandline apps. it's almost complete.
source code is open'd in my github.
but I want to distribute its "binary(Execute file)" as free ware but I can't understand the method.
simply should I extract execute file and place my blog?
I'm sorry because my english is poor.
Make sure you are building a release version of your app as described here How to deploy a Mac Command Line Tool
Then you can place the binary on your blog or on any other page. Make sure you are not using any libraries that may be missing from other people Macs.
Note it is always helpful if you add a description what your app does, how it needs to be called (arguments, ...) and maybe give some screenshots or in case of a command line app textual version of outputs.

Any NTLM challenge-response authentication codes I can embed in my xcode project?

I am looking for some NTLM challenge-response authentication codes I can embed in my xcode project (for my iPhone app) so for example, with input of password and 8 bytes of challenge, the code can generate 24 bytes response.
I check samba source code and find that it is impossible for me to cut the part doing NTLM challenge-response authentication and add it to my xcode project. So any other source I can resort to ?
Thanks!
The full specification is available from Microsoft as an Open Specification. I'm not aware of an Objective C implementation, so it may be easiest to simply build your own from the specification.
I finally managed to solve it.
So first I need to add openssl to my iPhone project b/c I need to MD4 and DES. I am not sure if there is other way to get MD4 & DES. And thankfully someone has already added openssl to xcode, check here http://www.x2on.de/2010/02/01/tutorial-iphone-app-with-compiled-openssl-library/
Then add ntlm implementation upon that. I used the sample code here, http://www.innovation.ch/personal/ronald/ntlm.html
A note though, that sample code has some problem (it took me several hours figured that out). But we can also use keywords there(the function name) to do google code search to find correct implementation.

Extracting source code from a document for testing

I wrote tutorials for some Ruby gems I wrote. It is in markdown (Kramdown) text document. To ensure the integrity of the source code in the tutorials as the development of the gems continue I want to extract the source code from the tutorial document and run test to ensure the code is correct and working. Before reinventing the wheel I searched but found nothing on this kind of problem. Is there any software that can help me solve my problem? Ruby software would be cool but I'm not particular about the language. I'm sure I can't be the first person to encounter this problem.
The other option is to only have place holders in the tutorial documents and have all the files externally en then populate the document prior to publishing. This would mean a lot more loose files but would be significantly easier to implement.
Org mode in emacs can do that, but it means you can't write in Markdown.
Are you after something like Ruby DocTest?

Example source code for SignerSignEx to sign an .exe file?

I want to codesign an .exe file using an API rather than running signtool.exe. The documentation for SignerSignEx is here:
http://msdn.microsoft.com/en-us/library/aa387734(VS.85).aspx
It seems to be recommended as a modern replacement for the CapiCom library, based on this documentation:
http://msdn.microsoft.com/en-us/library/aa375732(VS.85).aspx#_crypto2_digital_signature_objects
Is there any sample code somewhere for how to use it?
You can find a simple enough sample here in Alejandro Campos Magencio's post.
It begins with CAPICOM, but fear not, the second half is about SignerSignEx. It also ends with a troubleshooting tip.
I've always used signtool.exe myself. Are you having any issues with it?
G'luck

Resources