Domain and .mac
Can anyone tell me - If I register my personal domain name with .mac on iweb and create a new site will my other sites (made on iweb and published to .mac be changed). In other words will all sites now be on the domain name or can they be different.Thanks
To add to Roddy's information:
I use iWebSites to manage multiple sites.. It lets me create multiple sites and multiple domain files.
If you have multiple sites in one domain file here's the workflow I used to split them into individual site files with iWebSites. Be sure to make a backup copy of your original Domain.sites files before starting the splitting process.
This lets me edit several sites and only republish the one I want.
Similar Messages
-
How to Publish to a personal domain AND .Mac?
I had a working iWeb site published to web.mac and it working fine. I added a new site in iWeb08 and set up a personal domain. When I selected the new site and published, BOTH my old site and the new one published to my personal domain. How do I tell iWeb08 to publish one site to a personal domain and another site to .Mac (.Me)?
This post is a little confusing. Do you have two sites hosted at MMe or not?
Do you mean that you used to host your business site and MMe and have now switched to uploading directly to your web host using ftp? If you have, then you can of course delete this site from your iDisk/MMe account, because if you have uploaded directly, then MMe has nothing to do with your domain name any more.
If you have not done this and you are hosting both your sites on your MMe account via either CNAME or web forwarding, then no, you can't delete that site because if you do, there is nowhere to forward to.
Password protection will not affect any other sites that you have. Just go into iWeb and set this up and then re-publish and it will just affect that site that you set it up for. Nothing else. -
I have a question similar to one discussed here:
http://discussions.apple.com/thread.jspa?threadID=1313370&tstart=135
I have added a CNAME record and www.mydomain.com now forwards smoothly to the content I've put up on .Mac.
However, mydomain.com does not. Yahoo only has an A record for the domain without www and it requires an IP address. Doing a DNS lookup on web.mac.com produces 17.250.248.34, however http://17.250.248.34 in a browser is much different from http://web.mac.com. Would that work??
I thought of trying to put a Yahoo front page for mydomain.com with a Javascript redirect to www.mydomain.com, but sadly they don't allow Javascript (or even HTML markup for that matter).
It also seems that the search engines visit the URL without the www, so this is seriously messed up.
Thanks for any ideas!Help? Yahoo says to set up an A record, leave Source blank (_____.houseofbeing.com) and enter an IP address as Destination. I entered the IP address for web.mac.com: 17.250.248.34.
Yahoo gave an error message:
Warning: Some Advanced DNS configurations can disrupt your service. Please carefully plan your configuration. For more information, refer to our Advanced DNS Help pages.
The record that you requested cannot be set up because it would otherwise interfere with DNS records Yahoo! has created to support your service. Please choose a different source hostname.
Add an A or CNAME Record
Enter a hostname in the "Source" field. To create an A Record, enter an IP address in the "Destination" field. To create a CNAME, enter a hostname as a destination instead.
Note: Any changes you submit will take 30 minutes to take effect.
Source: _______.houseofbeing.com
Hint: Enter "info" to create the hostname info.houseofbeing.com. To create an A Record for your root domain name, leave the Source field blank.
Destination: 17.250.248.34
Hint: For an A Record, enter an IP address, like 17.12.22.11. For a CNAME record, enter another hostname, like info.other-domain.com -
Masking and Forwarding domain to mac address
Hope I have the lingo correct, but I have a domain address that is on all of my print material. When I developed my site in iWeb, I needed to have only that published domain name appear. I went to my host and had them turn on forwarding and masking, but I can't seem to get it all together to make it happen. Can anyone help and/or guide me?
Question #2: is there some magic to perform in order for my iWeb site to appear correctly in Windows/Internet Explorer and other venues. It seems to have some glitches in other internet software re appearance.
ThanksI went to my host and had them turn on forwarding and masking, but I can't seem to get it all together to make it happen.
Could you provide your personal and .Mac urls so we can see what is going on? -
2-way Trust Relationship between Windows and Mac Domain
Hi guys I hope someone can help me.
Just a quick explanation of what I am trying to do.
I have an Xserve running OSX 10.5.8 server, which is the OD Master. On that server I’m running Kerio mail server. I have a Microsoft 2003 server running AD.
The problem is I need to run BlackBerry Enterprise on the Windows server as the BlackBerry need active directory to work.
Since I have both system already running, I do not want to destroy my open directory just to get the BlackBerry working.
So what I have tried to do is create a 2-way Trust Relationship between the 2 domains, so the BlackBerry server will talk to the Kerio mail server.
The trust relationship appears to create fine from the Windows server side, but I’m not able to retrieve LDAP information from the open directory server.
The creation from the OSX server starts fine automated but then I had to finish it manually.
Has anyone else here created a 2-way trust relationship between Windows and Mac’s before? Any help on how you did it would be appreciated. ThanksHave you checked on when the computer last checked in and changed the computer account password with the domain? When a computer changes it's password, Active Directory will store only the current password and it does not expire. The workstation
will store both the current password and the previous password. This for cases when you may restore Active Directory to a point before the computer password change.
To handle this, the workstation will try it's current password, then it's previous.
If you're restoring the workstation to a previous point in time, you may be rolling the stored passwords back too far for Active Directory to accept. I would only imagine this to be the case a handful of times if you're going back 1-2 days.
Are you experiencing 100% failure? -
Hi, I have a problem with my mac mail account. Its linked with my website and i've just transferred my domain and host plan to 123-reg.co.uk Now for some reason emails disappear from my inbox! Emails come in and then my inbox is empty.. Help!
Lord K. Thank you. Yes I am within the 90 time period, however I travel Intertionally and I can not receive not make a call to Apple. I was just at the Genius Bar in Chicago and they said, don't worry about it. It just floats out there, however, I can not recover my messages on a flash drive. I need to go back to my old computer which I don't have with me. My messages were in folders for a lawsuit. It is going to take an incredible amount of work for me to, you have no Idea. We are talking thousands of pages! I the defendent will have them during discovery so I am not so worried. However, I can not bring them to him on a Flashdrive when I meet with him without an extraordinary amount of presssure on my part. THis is not just some little email issue. This is suing EXPEDIA and Tripadviosr.com
-
Windows 2012 R2 ADRMS domain controller version and Non-domain-joined Mac Client with outlook 2011
Hi,
What is the AD version for Windows 2012R2 ADRMS? Is it possible to have Windows 2003 R2 DC with Windows 2012R2 ADRMS?
Any installation guide Non-domain-joined Mac Client with outlook 2011?
What is the SQL version for Windows 2012R2 ADRMS?
Please advise. Thanks.
Kelvin TeangHi Kelvin -
There is no RMS Client for Macs. That functionality is actually provided through the Office for Mac application (this is different compared to the PC). Domain-joined clients will autodiscover the RMS server and should be able to create and consume
protected content. Non-domain-joined clients cannot automatically discover their RMS server. In this scenario, prepare a protected document or email from a domain-joined machine and send it to your non-domain-joined users. They will open
the document or email up and the URLs contained in the publishing license of the document will direct them to the correct RMS server.
I hope that helps!
Micah LaNasa
Synergy Advisors
synergyadvisors.biz -
Running Virtual Domains on Mac OSX Server and Postfix
Just purchased Mac OS Server X and Installed it. I am begining to setup mail servevices and this is my question.I have been using FreeBSD 5.3 and Postfix. In the main.cf I had setup 3 virtual Domains and used Canonical Maps and virtual alias to get my mail to the proper mailboxes. Now do I have to do that here in the terminal screen manually adding the canonical maps and virtual alias in the main.cf or does Server admin do it automacticly when I setup the virtual domains?
Thanks
PowerMac G4 Digital Audio 533 Mhz. Mac OS X (10.4.2)You can either go the manual editing route you were used to or use Server Admin. The results will be similar, but the approach different. Server Admin defines virtual domains differently (This is possible because postfix allows for different implementations.
I have written a Tutorial on OS X Virtual Mail Domains. You can download it here: http://osx.topicdesk.com/downloads/ -
Session key and MAC generation in SCP '02' i='15'
Hi,
I am trying send a PUT KEY command and it resolves to '6982' after a '9000' EXTERNAL AUTHENTICATE.
I suspect that my encryption is causing the problem.(not really sure!)
I compare my session keys to some that ppl had derived and posted on the forum and I don't really get what they did.
I am trying to find out if I'm deriving the correct session keys or not?!?!
e.g
//Calculating session keys with
//static key = '404142434445464748494a4b4c4d4e4f' (keyData)
//sequence counter = '003b'
//"0101" + sequenceCounter + "000000000000000000000000" for session CMAC key (data)
//"0102" + sequenceCounter + "000000000000000000000000" for session RMAC key (data)
//"0181" + sequenceCounter + "000000000000000000000000" for session DEK key (data)
//"0182" + sequenceCounter + "000000000000000000000000" for session ENC key (data)
//sessionCMAC is :3213860da8f8d9796794cbcec43ef7a23213860da8f8d979: with sequence counter:003b (result)
//sessionRMAC is :042a687f6e0dd3f80eabf1e5d51ccefe042a687f6e0dd3f8: with sequence counter:003b (result)
//sessionDEK is :1fe31370c22354e3b90d6b8ad5686d371fe31370c22354e3: with sequence counter:003b (result)
//sessionENC is :94a47ad54ffbf423fe4a9d915befab5294a47ad54ffbf423: with sequence counter:003b (result)
<code>
if (keyData.length == 16) {
byte[] temp = (byte[]) keyData.clone();
keyData = new byte[24];
System.arraycopy(temp, 0, keyData, 0, temp.length);
System.arraycopy(temp, 0, keyData, 16, 8);
DESedeKeySpec keySpec = new DESedeKeySpec(keyData);
SecretKeyFactory secretKeyFactory = SecretKeyFactory.getInstance("DESede");
SecretKey key = secretKeyFactory.generateSecret(keySpec);
IvParameterSpec iv = new IvParameterSpec(new byte[]{0, 0, 0, 0, 0, 0, 0, 0});
Cipher desedeCBCCipher = Cipher.getInstance("DESede/CBC/NoPadding");
desedeCBCCipher.init(Cipher.ENCRYPT_MODE, key, iv);
byte[] result = desedeCBCCipher.doFinal(data);
if (result .length == 16) {
byte[] temp = (byte[]) result .clone();
result = new byte[24];
System.arraycopy(temp, 0, result , 0, temp.length);
System.arraycopy(temp, 0, result , 16, 8);
keySpec = new DESedeKeySpec(result);
secretKeyFactory = SecretKeyFactory.getInstance("DESede");
key = secretKeyFactory.generateSecret(keySpec);
</code>
I use the same encrytion to derive KeyCheckValue with
newKey ='505152535455565758595a5b5c5d5e5f', data = '0000000000000000'
and it results to : '6d377e' (of course the last 3 bytes)
Even though my CMAC session key is different from others (e.g "RLopes" in "http://192.9.162.102/thread.jspa?threadID=5365173&tstart=363" and I have seen it in others too and its really odd to me that its slightly different if you take a close look you will get what i mean) i get the EXTERNAL AUTHENTICATION to work.
If there is anyone who is 100% sure meaning he/she got other commands to work after EXTERNAL AUTHENTICATE using CMAC please help me verify the keys I got?
Can he/she test with his code to see if he/she is getting the same session keys or check value?
Thanks in advance
KamranHi,
Here is the Class and thanks for the tip, I've honestly tried these <code></code> but didn't work and I know it is indeed annoying without the tags :D
I really hope it helps...
* To change this template, choose Tools | Templates
* and open the template in the editor.
package terminalpcsc;
import java.lang.Exception;
import java.security.GeneralSecurityException;
import java.security.Key;
import java.security.SecureRandom;
import java.util.List;
import javax.crypto.*;
import javax.crypto.spec.*;
import javax.security.sasl.AuthenticationException;
import javax.smartcardio.*;
* @author Kamran
* @param args the command line arguments
public class Main {
private static CardChannel channel;
private static Card card;
private static int CHALLENGE_LENGTH = 8;
private static byte[] keyDiversification = new byte[10];
private static byte[] keyInformation = new byte[2];
private static byte[] sequenceCounter = new byte[2];
private static byte[] cardChallenge = new byte[6];
private static byte[] cardCryptogram = new byte[8];
private static byte[] hostChallenge = new byte[8];
private static byte[] hostCryptogram = new byte[8];
private static String keyDiversificationHexString;
private static String keyInformationHexString;
private static String sequenceCounterHexString;
private static String cardChallengeHexString;
private static String cardCryptogramHexString;
private static String hostChallengeHexString;
private static String hostCryptogramHexString;
private static byte[] sessionCMAC;
private static byte[] sessionDEK;
private static byte[] sessionENC;
private static byte[] sessionRMAC;
private static byte[] icvNextCommand;
private static IvParameterSpec ivAllZeros = new IvParameterSpec(new byte[]{0, 0, 0, 0, 0, 0, 0, 0});
private static byte[] staticKey = hexStringToByteArray("404142434445464748494a4b4c4d4e4f4041424344454647");
private static byte[] newKey = hexStringToByteArray("505152535455565758595a5b5c5d5e5f");
private static byte[] CMAC;
* @param args the command line arguments
public static void main(String[] args) throws Exception {
initiateCardChannel();
String apduString = generateSelectAPDU("a000000003535041");
byte[] bufferC = hexStringToByteArray(apduString);
CommandAPDU capdu = new CommandAPDU(bufferC);
System.out.println("Sending APDU Select AID: " + byteArrayToHexString(bufferC));
ResponseAPDU rapdu = channel.transmit(capdu);
System.out.println("Sending Apdu: Done!");
System.out.println("Waiting For Response...");
byte[] bufferR = rapdu.getData();
String responseData = byteArrayToHexString(rapdu.getBytes());
System.out.println("Response: " + responseData);
apduString = generateInitializeUpdateAPDU();
bufferC = hexStringToByteArray(apduString);
capdu = new CommandAPDU(bufferC);
System.out.println("Sending APDU Initialize Update: " + byteArrayToHexString(bufferC));
rapdu = channel.transmit(capdu);
System.out.println("Sending Apdu: Done!");
System.out.println("Waiting For Response...");
bufferR = rapdu.getData();
responseData = byteArrayToHexString(rapdu.getBytes());
System.out.println("Response: " + responseData);
// protocol 01
//System.arraycopy(bufferR,0,keyDiversification,0,10);
//System.arraycopy(bufferR,10,keyInformation,0,2);
//System.arraycopy(bufferR,12,cardChallenge,0,8);
//System.arraycopy(bufferR,20,cardCryptogram,0,8);
// protocol 02
System.arraycopy(bufferR, 0, keyDiversification, 0, 10);
System.arraycopy(bufferR, 10, keyInformation, 0, 2);
System.arraycopy(bufferR, 12, sequenceCounter, 0, 2);
System.arraycopy(bufferR, 14, cardChallenge, 0, 6);
System.arraycopy(bufferR, 20, cardCryptogram, 0, 8);
keyDiversificationHexString = byteArrayToHexString(keyDiversification);
keyInformationHexString = byteArrayToHexString(keyInformation);
sequenceCounterHexString = byteArrayToHexString(sequenceCounter);
cardChallengeHexString = byteArrayToHexString(cardChallenge);
cardCryptogramHexString = byteArrayToHexString(cardCryptogram);
System.out.println("keyDiversification: " + keyDiversificationHexString);
System.out.println("keyInformation: " + keyInformationHexString);
System.out.println("sequenceCounter: " + sequenceCounterHexString);
System.out.println("cardChallenge: " + cardChallengeHexString);
System.out.println("cardCryptogram: " + cardCryptogramHexString);
System.out.println("Calculating Session Keys... encryption with CBC");
//E.4.1 GP 2.1.1
sessionCMAC = deriveEncryptionCBC(staticKey, hexStringToByteArray("0101" + sequenceCounterHexString + "000000000000000000000000"));
System.out.println("sessionCMAC is :" + byteArrayToHexString(sessionCMAC) + ": with sequence counter:" + sequenceCounterHexString);
sessionRMAC = deriveEncryptionCBC(staticKey, hexStringToByteArray("0102" + sequenceCounterHexString + "000000000000000000000000"));
System.out.println("sessionRMAC is :" + byteArrayToHexString(sessionRMAC) + ": with sequence counter:" + sequenceCounterHexString);
sessionDEK = deriveEncryptionCBC(staticKey, hexStringToByteArray("0181" + sequenceCounterHexString + "000000000000000000000000"));
System.out.println("sessionDEK is :" + byteArrayToHexString(sessionDEK) + ": with sequence counter:" + sequenceCounterHexString);
sessionENC = deriveEncryptionCBC(staticKey, hexStringToByteArray("0182" + sequenceCounterHexString + "000000000000000000000000"));
System.out.println("sessionENC is :" + byteArrayToHexString(sessionENC) + ": with sequence counter:" + sequenceCounterHexString);
System.out.println("Calculating and Verifying Card Cryptogram...");
byte[] signature = cbcMACSignature(hexStringToByteArray(hostChallengeHexString + sequenceCounterHexString + cardChallengeHexString + "8000000000000000"), sessionENC);
String signatureHexString = byteArrayToHexString(signature);
if (signatureHexString.equalsIgnoreCase(cardCryptogramHexString)) {
System.out.println("signature is :" + signatureHexString + "\ncardCryptogram is :" + cardCryptogramHexString + " \nCard cryptogram authenticated");
apduString = generateExternalAuthenticateAPDU();
bufferC = hexStringToByteArray(apduString);
capdu = new CommandAPDU(bufferC);
System.out.println("Sending APDU External Authenticate: " + byteArrayToHexString(bufferC));
rapdu = channel.transmit(capdu);
System.out.println("Sending Apdu: Done!");
System.out.println("Waiting For Response...");
bufferR = rapdu.getData();
responseData = byteArrayToHexString(rapdu.getBytes());
System.out.println("Response: " + responseData);
apduString = generatePutKeyAPDU();
bufferC = hexStringToByteArray(apduString);
capdu = new CommandAPDU(bufferC);
System.out.println("Sending APDU Put Key: " + byteArrayToHexString(bufferC));
rapdu = channel.transmit(capdu);
System.out.println("Sending Apdu: Done!");
System.out.println("Waiting For Response...");
bufferR = rapdu.getData();
responseData = byteArrayToHexString(rapdu.getBytes());
System.out.println("Response: " + responseData);
} else {
System.out.println("signature is :" + signatureHexString + "\ncardCryptogram is :" + cardCryptogramHexString + " \nCard cryptogram is not authenticated");
releaseCardChannel();
public static byte[] cbcMACSignature(byte[] data, byte[] sessionSENC) throws AuthenticationException {
IvParameterSpec params =
new IvParameterSpec(new byte[]{0, 0, 0, 0, 0, 0, 0, 0});
if (sessionSENC.length == 16) {
byte[] temp = (byte[]) sessionSENC.clone();
sessionSENC = new byte[24];
System.arraycopy(temp, 0, sessionSENC, 0, temp.length);
System.arraycopy(temp, 0, sessionSENC, 16, 8);
byte[] temp = null;
SecretKey secretKey = new SecretKeySpec(sessionSENC, "DESede");
try {
Cipher cbcDES = Cipher.getInstance("DESede/CBC/NoPadding");
cbcDES.init(Cipher.ENCRYPT_MODE, secretKey, params);
temp = cbcDES.doFinal(data);
} catch (GeneralSecurityException e) {
e.printStackTrace();
byte[] signature = new byte[8];
System.arraycopy(temp, temp.length - 8, signature, 0, signature.length);
return signature;
// generateInitialUpdateAPDU()
//CLA '80'
//INS '50' INITIALIZE UPDATE
//P1 'xx' Key Version Number
//P2 '00' Reference control parameter P2
//Lc '08' Length of host challenge
//Data 'xx xx…' Host challenge
//Le '00'
//RESPONSE TEMPLATE
//Key diversification data 10 bytes
//Key information 2 bytes
//Card challenge 8 bytes
//Card cryptogram 8 bytes
public static String generateInitializeUpdateAPDU() throws Exception {
hostChallenge = generateHostChallenge();
hostChallengeHexString = byteArrayToHexString(hostChallenge);
return "8050000008" + hostChallengeHexString + "00";
//CLA '80' or '84'
//INS 'D8' PUT KEY
//P1 'xx' Reference control parameter P1 Key Version Number -- '00' is new key range is '01' to '7F'
//P2 'xx' Reference control parameter P2 Key Identifier -- '00' to '7F'
//Lc 'xx' Length of data field
//Data 'xxxx..' Key data (and MAC if present)
//Le '00'
public static String generatePutKeyAPDU() throws Exception {
String keyCheckValue = new String();
//keyCheckValue = keyCheckValue.substring(keyCheckValue.length() - (3 * 2));
keyCheckValue = byteArrayToHexString(deriveEncryptionECB(newKey, hexStringToByteArray("0000000000000000")));
keyCheckValue = keyCheckValue.substring(keyCheckValue.length() - (3 * 2));
System.out.println("keyCheckValue :" + keyCheckValue + " 3DES ECB, key is new key '505152535455565758595a5b5c5d5e5f5051525354555657', data is 8 zeroes");
String encryptedNewKey = byteArrayToHexString(deriveEncryptionECB(sessionDEK, newKey));
//System.out.println("sessionDEK.getEncoded() :" + sessionDEK.getEncoded() + " len is:" + sessionDEK.getEncoded().length);
System.out.println("encryptedNewKey :" + encryptedNewKey);
//testing newKey
String dataField = "01" + "8010" + encryptedNewKey + "03" + keyCheckValue + "8010" + encryptedNewKey + "03" + keyCheckValue + "8010" + encryptedNewKey + "03" + keyCheckValue;
// String dataField2 = "01" + "8010" + byteArrayToHexString(newKey) + "03" + keyCheckValue + "8010" + byteArrayToHexString(newKey) + "03" + keyCheckValue + "8010" + byteArrayToHexString(newKey) + "03" + keyCheckValue;
System.out.println("datafield to calculate cmac :" + dataField);
System.out.println("icv to calculate cmac is previous mac first 8 byte sessionCMAC in CBC single des :" + byteArrayToHexString(icvNextCommand));
CMAC = generateCMac2((byte) 0x84, (byte) 0xD8, (byte) 0x00, (byte) 0x81, hexStringToByteArray(dataField), sessionCMAC, icvNextCommand);
System.out.println("data field with des padding for encryption (encryption in CBC sessionENC) :" + desPadding(dataField));
String dataField3 = byteArrayToHexString(deriveEncryptionCBC(sessionENC, hexStringToByteArray(desPadding(dataField))));
System.out.println("data field after encryption :" + dataField3);
Integer CMACLen = byteArrayToHexString(CMAC).length() / 2;
System.out.println("CMACLen :" + CMACLen);
Integer dataFieldLen = dataField3.length() / 2;
System.out.println("dataFieldLen :" + dataFieldLen);
Integer intLc = dataFieldLen + CMACLen;
System.out.println("intLc :" + intLc);
String hexLc = Integer.toString(intLc, 16);
System.out.println("hexLc :" + hexLc);
return "84D80081" + hexLc + dataField3 + byteArrayToHexString(CMAC) + "00";
//generateExternalAuthenticateAPDU()
//CLA '84'
//INS '82' EXTERNAL AUTHENTICATE
//P1 'xx' Security level --'03' C-DECRYPTION and C-MAC.--'01' C-MAC.'00' No secure messaging expected.
//P2 '00' Reference control parameter P2
//Lc '10' Length of host cryptogram and MAC
//Data 'xx xx…' Host cryptogram and MAC
//Le Not present
public static String generateExternalAuthenticateAPDU() throws Exception {
System.out.println("Calculating and Verifying Host Cryptogram...");
hostCryptogram = cbcMACSignature(hexStringToByteArray(sequenceCounterHexString + cardChallengeHexString + hostChallengeHexString + "8000000000000000"), sessionENC);
hostCryptogramHexString = byteArrayToHexString(hostCryptogram);
System.out.println("hostCryptogram is :" + hostCryptogramHexString);
CMAC = generateCMac2((byte) 0x84, (byte) 0x82, (byte) 0x03, (byte) 0x00, hostCryptogram, sessionCMAC, new byte[]{0, 0, 0, 0, 0, 0, 0, 0});
return "8482030010" + hostCryptogramHexString + byteArrayToHexString(CMAC);
// generateSelectAPDU()
//CLA '00' ISO/IEC 7816-4 command
//INS 'A4' SELECT
//P1 'xx' Reference control parameter P1 --'04' select by name
//P2 'xx' Reference control parameter P2 --'00' First or only occurrence --'02' Next occurrence
//Lc 'xx' Length of AID
//Data 'xxxx..' AID of Application to be selected
//Le '00'
// RESPONSE TEMPLATE
//'6F' File Control Information (FCI template) Mandatory
//'84' Application / file AID Mandatory
//'A5' Proprietary data Mandatory
//'73' Security Domain Management Data (see Appendix F for detailed coding) Optional
//'9F6E' Application production life cycle data Optional
//'9F65' Maximum length of data field in command message Mandatory
public static String generateSelectAPDU(String AID) throws Exception {
String AIDlen = Integer.toString(AID.length() / 2, 16);
if (AIDlen.length() == 1) {
AIDlen = "0" + AIDlen;
System.out.println("00A40400" + AIDlen + AID);
return "00A40400" + AIDlen + AID;
public static String byteArrayToHexString(byte[] b) throws Exception {
String result = "";
for (int i = 0; i < b.length; i++) {
result +=
Integer.toString((b[i] & 0xff) + 0x100, 16).substring(1);
return result;
public static void initiateCardChannel() throws CardException {
System.out.println("Connecting to Java Card...");
TerminalFactory factory = TerminalFactory.getDefault();
List<CardTerminal> terminals = factory.terminals().list();
System.out.println("Terminals Detected: " + terminals);
// get the first terminal
System.out.println("Connecting to: " + terminals + "...");
CardTerminal terminal = terminals.get(0);
System.out.println("Connected to: " + terminals);
// establish a connection with the card
System.out.println("Connecting to Java Card...");
card = terminal.connect("T=0");
System.out.println("Connected to card: " + card);
System.out.println("Obtaining Channel...");
channel = card.getBasicChannel();
System.out.println("Connecting to Channel: " + channel.getChannelNumber());
public static void releaseCardChannel() throws CardException {
System.out.println("Disconnection all...");
card.disconnect(false);
System.out.println("Disconnection Done");
System.out.println("*END*");
public static byte[] hexStringToByteArray(String s) {
int len = s.length();
byte[] data = new byte[len / 2];
for (int i = 0; i < len; i += 2) {
data[i / 2] = (byte) ((Character.digit(s.charAt(i), 16) << 4) + Character.digit(s.charAt(i + 1), 16));
return data;
//To generate the derivation data:
public static byte[] deriveEncryptionCBC(byte[] keyData, byte[] data) throws GeneralSecurityException {
//Key key = getSecretKey(keyData);
if (keyData.length == 16) {
byte[] temp = (byte[]) keyData.clone();
keyData = new byte[24];
System.arraycopy(temp, 0, keyData, 0, temp.length);
System.arraycopy(temp, 0, keyData, 16, 8);
SecretKey secretKey = new SecretKeySpec(keyData, "DESede");
IvParameterSpec dps =
new IvParameterSpec(new byte[]{0, 0, 0, 0, 0, 0, 0, 0});
String algorithm = "DESede/CBC/NoPadding";
Cipher desedeCBCCipher = Cipher.getInstance(algorithm);
desedeCBCCipher.init(Cipher.ENCRYPT_MODE, secretKey, dps);
byte[] result = desedeCBCCipher.doFinal(data);
//adjustParity(result);
return result;
public static byte[] deriveEncryptionECB(byte[] keyData, byte[] data) throws GeneralSecurityException {
//Key key = getSecretKey(keyData);
if (keyData.length == 16) {
byte[] temp = (byte[]) keyData.clone();
keyData = new byte[24];
System.arraycopy(temp, 0, keyData, 0, temp.length);
System.arraycopy(temp, 0, keyData, 16, 8);
SecretKey secretKey = new SecretKeySpec(keyData, "DESede");
String algorithm = "DESede/ECB/NoPadding";
Cipher desedeCBCCipher = Cipher.getInstance(algorithm);
desedeCBCCipher.init(Cipher.ENCRYPT_MODE, secretKey);
byte[] result = desedeCBCCipher.doFinal(data);
//adjustParity(result);
return result;
* Adjust a DES key to odd parity
* @param key
* to be adjusted
public static byte[] adjustParity(byte[] key) {
for (int i = 0; i < key.length; i++) {
int akku = (key[i] & 0xFF) | 1;
for (int c = 7; c > 0; c--) {
akku = (akku & 1) ^ (akku >> 1);
key[i] = (byte) ((key[i] & 0xFE) | akku);
return key;
public static byte[] generateCMac2(byte cla, byte ins, byte p1, byte p2, byte[] dataField, byte[] SMacSessionKey, byte[] icv) throws GeneralSecurityException, Exception {
if (SMacSessionKey.length == 16) {
byte[] temp = (byte[]) SMacSessionKey.clone();
SMacSessionKey = new byte[24];
System.arraycopy(temp, 0, SMacSessionKey, 0, temp.length);
System.arraycopy(temp, 0, SMacSessionKey, 16, 8);
byte[] cMac = new byte[8];
byte[] padding = {(byte) 0x80, 0, 0, 0, 0, 0, 0, 0};
int paddingRequired = 8 - (5 + dataField.length) % 8;
byte[] data = new byte[5 + dataField.length + paddingRequired];
//Build APDU
data[0] = cla;
data[1] = ins;
data[2] = p1;
data[3] = p2;
data[4] = (byte) ((byte) dataField.length + (byte) 0x08);
System.arraycopy(dataField, 0, data, 5, dataField.length);
System.arraycopy(padding, 0, data, 5 + dataField.length, paddingRequired);
System.out.println("data to calculate mac :" + byteArrayToHexString(data));
System.out.println("icv to calculate mac :" + byteArrayToHexString(icv));
Cipher cipher = Cipher.getInstance("DESede/CBC/NoPadding");
Cipher singleDesCipher = Cipher.getInstance("DES/CBC/NoPadding", "SunJCE");
SecretKeySpec desSingleKey = new SecretKeySpec(SMacSessionKey, 0, 8, "DES");
SecretKey secretKey = new SecretKeySpec(SMacSessionKey, "DESede");
//Calculate the first n - 1 block. For this case, n = 1
IvParameterSpec ivSpec = new IvParameterSpec(icv);
singleDesCipher.init(Cipher.ENCRYPT_MODE, desSingleKey, ivSpec);
byte ivForLastBlock[] = singleDesCipher.doFinal(data, 0, 8);
int blocks = data.length / 8;
for (int i = 0; i < blocks - 1; i++) {
singleDesCipher.init(Cipher.ENCRYPT_MODE, desSingleKey, ivSpec);
byte[] block = singleDesCipher.doFinal(data, i * 8, 8);
ivSpec = new IvParameterSpec(block);
int offset = (blocks - 1) * 8;
cipher.init(Cipher.ENCRYPT_MODE, secretKey, ivSpec);
cMac = cipher.doFinal(data, offset, 8);
ivSpec = new IvParameterSpec(new byte[8]);
singleDesCipher.init(Cipher.ENCRYPT_MODE, desSingleKey, ivSpec);
icvNextCommand = singleDesCipher.doFinal(cMac);
return cMac;
public static byte[] generateHostChallenge() {
byte[] hostChallenge = new byte[CHALLENGE_LENGTH];
SecureRandom random = new SecureRandom();
random.nextBytes(hostChallenge);
return hostChallenge;
public static String desPadding(String hexString) {
System.out.println("String to pad before:" + hexString);
hexString = hexString + "80";
int hexStringLen = hexString.length() / 2;
int padding = 8 - (hexStringLen % 8);
for (int i = 0; i < padding; i++) {
hexString = hexString + "00";
System.out.println("String to pad after :" + hexString);
return hexString;
}Thanks in advance
Kamran -
IWeb/Domain Forwarding/.mac question
Hello Everyone
I have been lurking in the forum for some time, and now have a question. I did a search for it without any luck, so here goes.
I have a website I created using iWeb, with a domain I purchased from GoDaddy. I have domain forwarding and domain Masking both enabled. The issue I have is that each page shows only the purchased URL. In other words, I cannot direct someone to an individual page. I would like the pictures page to show up as purchased domain/pictures, and the links page to show up as purchased domain/links.
We had a discussion involving this on a MMUG I belong to. There are 3 of us who all have domains purchased from GoDaddy. The 2 of us hosting on .Mac have the above mentioned issue with the URL. The one person hosted elsewhere (not GoDaddy), has distinct URL's for each page. This leads me to believe the root of the issue resides with .Mac hosting. Does this make any sense?
FWIW, I asked the same question to .Mac support and got nowhere. They just sent me a response explaining what domain forwarding is.
Dual 2.0 G5 Rev A - PowerBook 17" 1.33 Mac OS X (10.4.6)The masking feature that you describe is just that.... it masks the actual URL with whatever URL you give it...in this case the URL for your domain. So if you type in http://www.yourdomain.com and have it masked and forwarded to your .Mac pages, that URL is the only URL you will ever see in the address bar of your browser. This is the expected behavior for masking.
There are some different things you can do with your domain, though...
Remember that your forwarded domain basically replaces the relevant portion of your .Mac address. I will use my domain name and .Mac iWEb address for example.
http://www.dirtdoog.com ==> forwards to http://web.mac.com/jwtseng/iWeb
So anytime I see my .Mac URL, I can replace the whole initial section with my domain name...
http://web.mac.com/jwtseng/iWeb/kate/MyWorld/MyWorld.html
can be directly replaced with...
http://www.dirtdoog.com/kate/MyWorld/MyWorld.html
And because I have masking turned on, this is the URL that will stay in my address bar.
For your purposes, you might be interested in assigning subdomains. This feature is located under "Total DNS control". It lets your replace the "www" with a sub-domain that again can be forwarded to any URL. You can use this to forward directly to your photos page using this...
http://photos.yourdomain.com
That would work too, if you had a page that you commonly like to give out to people. -
I own 2 domains and therefore have my own email addresses for them. I also have a .Mac account and use that as my main mailbox getting everything forwarded into it and then picking it up with Mail.app. The problem is that I never want to send mail via my .mac address I will always use my own domain. Mail seems to randomly choose my .Mac account to send the mail from which is increasingly annoying. Is there a way to stop this and set a proper default FROM account?
Why not just have mail download the messages direct rather than forwarding them to your .mac account. that way each email would reply from the email address that you received it in. You can access multiple email accounts with mac mail.app. The only problem you might have is with smtp not forwarding some accounts. .mac usually will process smtp mail from another account.
jercro -
Problem with logical domain and boot net
Trying to install a new domain on a T2000. Able to get to "Configuring devices" but then it just sits and twirls... What have I configured wrong in the domain creation?
I have:
{0} ok show-devs
/cpu@7
/cpu@6
/cpu@5
/cpu@4
/cpu@3
/cpu@2
/cpu@1
/cpu@0
/virtual-devices@100
/virtual-memory
/memory@m0,8000000
/aliases
/options
/openprom
/chosen
/packages
-virtual-devices@100/channel-devices@200
\virtual-devices@100/console@1
/virtual-devices@100/ncp@4
/virtual-devices@100/channel-devices@200/disk@0
/virtual-devices@100/channel-devices@200/network@0
/openprom/client-services
/packages/obp-tftp
/packages/kbd-translator
/packages/SUNW,asr
/packages/dropins
/packages/terminal-emulator
/packages/disk-label
/packages/deblocker
/packages/SUNW,builtin-drivers
|0} ok show-disks
/) /virtual-devices@100/channel-devices@200/disk@0There are a number of issues with network booting in LDOM 1.0.2, I think they affect all versions of the LDOM software though. If you add a vnet to a guest domain and then try and jumpstart a guest domain from time to time immediately after the guest domain does the RARP request it hangs. Just sending a break to the guest domain, going back to the ok prompt and starting the boot net - install again generally fixes it.
Also there are some gotcha's with LDOM's that affect jumpstart.
1) If you chose option a) harden the OS using JASS when doing the installation of the LDOM software and you have the jumpstart server on the control domain then it isn't going to work. JASS turns off things like rpcbind which will prevent jumpstart from working. The same problem affects network booting. You would think that running a jass-execute -u to undo the hardening of the o/s in the control domain would work but it doesn't and you have to start over with a fresh solaris image for the control domain. This only applies if you have your jumpstart server on your control domain.
2) Since jumpstart relies on the MAC of the client to function and since with LDOM's the MAC is dynamically assigned from a pool of address's you can end up with the wrong entry in /etc/ethers on your jumpstart server. That is worth checking.
3) Since the MAC of the virtual network device isn't the same as the MAC shown when you run banner at the ok prompt in the guest domain you can end up with the wrong entry in /etc/ethers. Either do a boot net (vnet1 whatever) and then make a note of the MAC its broadcasting or do an ldm list-bindings domainname for the guest you want to network boot and copy and paste the MAC of the virtual network you are going to be booting from.
All the regular gotcha's with net boot and jumpstart still apply with LDOM's but so do all the usual fixes. Use of snoop will allow you do debug most problems. Also using show-nets at the ok prompt in the guest domain and make sure that you have the right number of virtual networks.
Paul. -
Site opens different in PC and Mac
Hi, I am having trouble with the site after I publish it to a non .mac domain. It opens different in PC and Mac. If I fix to look fine for one opens weird in other. Also, the navigation tabs doesent open in some computers. Any ideas?
The site is
http://www.ournepal.info/
ThanksThe main thing is to stick to fonts from the web safe list. If you do use other fonts make sure you convert them to an image. Doing this will increase your page download time and should be avoided where possible.
The standard iWeb navigation will not appear on PCs using Internet Explorer with Java turned off.
The solution is to hide the standard navigation, build your own in a text box, create the links and paste it to each page of your site -
Issue with EVC and MAC learning
Hi,
I have a testing scenario that seems no to work and I don't find eny clue.
On switch 3800-B I have configured this two ports. To the port 0/8 I have connected a host with IP address and MAC f0f7.55cf.6201.
interface GigabitEthernet0/8
switchport access vlan 20
end
interface GigabitEthernet0/7
switchport trunk allowed vlan none
switchport mode trunk
service instance 1 ethernet
encapsulation dot1q 10 second-dot1q 11
rewrite ingress tag pop 2 symmetric
bridge-domain 20
Then I connect the interface 0/7 of this switch to the switch 3800-A to port 0/8. Port is configured as follows.
bridge-domain 15 interface GigabitEthernet0/8
switchport trunk allowed vlan none
switchport mode trunk
service instance 1 ethernet
encapsulation dot1q 1-4094 second-dot1q 1-4094
bridge-domain 15
The connectivity is going further, but issue is happening here.
I see MAC adress of the host on the 3800-B Gi0/8,
20 f0f7.55cf.6201 DYNAMIC Gi0/8
but I do not see this MAC at the port and service instance on the switch 3800-A ??
Do I have missed something or there is any issue with double tagging on this platform ?
I appreciate quick response and thanks for any hint.
MetodHi Waris,
the whole configuration consists of some other links and connections, so I might have had a loop somewhere. I completelly changed the design and it works.
Thank you for your engagement and best regards.
Metod -
Virtual Domains and Aliases - the sequel
Ok pterobyte
I have successfully set up virtual domains and aliases on several systems including Mac OS 10.4 - now i'm trying to set up a brand new xserve to host a local domain and several virtual domains...
I have followed pterobytes method of creating virtual domains and aliases etc. However, whether I use /etc/postfix/aliases (for local users) or /etc/postfix/virtual for virtual users - I cannot get the mail to go to two addresses at the same time.
The mail.log only records the mail being sent to local mail box.
Here's an example:
local user example (remote.com is a remote domain where mail should be forwarded to as well as sent to local mail box.)
#aliases
local_guy [email protected], [email protected]
virtual user example
#virtual
[email protected] virtual_guy, [email protected]
"virtual.com" is set up as a virtual domain in SA Mail and mail.virtual.com is that users mail server in WGM.
BTW in pterobyte's latest pdf manual shortname 3 says "shortname3-x: aliases for e-mail address under shortname2" what does that mean?
As I said mail delievers correctly locally but does NOT go to the remote address. Does anyone have a clue what else I can look at?
anyone?
anyone?
Pterobyte?
PowerBook G4, MacBook, various servers Mac OS X (10.4.3)sorry I missed the colon in the posted message:
it is local_guy: [email protected], [email protected]
Here's the postconf -n (I restored the aliases file back to default last night - i've been working on the virtual forward.)
Thans for getting back so fast...
command_directory = /usr/sbin
config_directory = /etc/postfix
content_filter = smtp-amavis:[127.0.0.1]:10024
daemon_directory = /usr/libexec/postfix
debugpeerlevel = 2
enableserveroptions = yes
html_directory = no
inet_interfaces = all
mail_owner = postfix
mailboxsizelimit = 0
mailbox_transport = cyrus
mailq_path = /usr/bin/mailq
manpage_directory = /usr/share/man
mapsrbldomains =
messagesizelimit = 52428800
mydestination = $myhostname,localhost.$mydomain,localhost
mydomain = iplanitonline.com
mydomain_fallback = localhost
myhostname = mail.iplanitonline.com
mynetworks_style = host
newaliases_path = /usr/bin/newaliases
queue_directory = /private/var/spool/postfix
readme_directory = /usr/share/doc/postfix
sample_directory = /usr/share/doc/postfix/examples
sendmail_path = /usr/sbin/sendmail
setgid_group = postdrop
smtpdclientrestrictions = permit_mynetworks rejectrblclient sbl-xbl.spamhaus.org rejectrblclient relays.ordb.org permit
smtpdpw_server_securityoptions = cram-md5,login,plain
smtpdrecipientrestrictions = permitsasl_authenticated,permit_mynetworks,reject_unauthdestination,permit
smtpdsasl_authenable = yes
smtpdtls_keyfile =
smtpduse_pwserver = yes
unknownlocal_recipient_rejectcode = 550
virtualmailboxdomains = hash:/etc/postfix/virtual_domains
virtual_transport = lmtp:unix:/var/imap/socket/lmtp
MacBook (BootCamp), various Macs and servers Mac OS X (10.4.7)
Maybe you are looking for
-
ICal creates calendar account every time I open iCal - duplicate Events
Hi, I have a Lion Server and 2 Clients (with Lion). All the latest updates are installed on all computers. On the Lion Server is the iCal Server running. Ok I configured iCal on a client (Lion). This client has 2 cal accounts (in Preferences -> Accou
-
How to share videos to iTunes???
What's the best workflow to share videos from iPhoto to iTunes? It seems QuickTime is the best way as it has the Share to iTunes button right in its toolbar. However, with iPhoto '11, it looks like I have to Reveal the file in Finder in order to open
-
Leopard, iPhone, calendars not syncing
I get this error message on both my desktop and my laptop: "iTunes could not sync calendars to the iPhone "iPhone" because an error occurred while merging data." As of right now only my iPhone has my current calendars, so I can't overwrite the iPhone
-
MacBook Pro freezes when loading applications
My 15" MacBook Pro doesn't load applications - it boots, logs in, and I can get to my desktop.. however, the colored pinwheel comes up, spins for about a minute and then stops. When I try to click anything (from the dock, Macintosh HD, etc.. the pinw
-
NEF import: default brightness set to +50 and contrast to +25 -- why?
When importing D80 NEF RAW files, brightness is always pre-set to +50 (and contrast to +25). When "corrected" to zero, one would have to do an expose compensation for the images to appear with regular exposure. I feel pretty uncomfortable with that b