Jan 23, 2014

Accessing a HG ( Mercurial ) repository with git or how to convert a HG Repo to git ==> git-remote-hg is the solution.

There is a nice "plugin" for git to handle HG repositories.

This is a simple file from here. This must be stored somewhere in the
path with the name git-remote-hg.

After this you can simple clone a HG Repo with:

git clone hg::http://<server>/<repo>

The repos looks good with branches and tags.

As desccribed in the probject, there should also be a push back possible.

Jan 22, 2014

Install Windows XP as KVM guest on Fedora 20 with the VirtIO drivers from RedHat

KVM is a virtualisation environment from the Linux Kernel, which is
also ported to Illumos/OpenSolaris.

The installation of windows is straight forward from an iso-Image by using
IDE disk.

After the installation, the devices can be changed to the virtio drivers for
better performance.

Therefore the ISO for virtio can be downloaded.

After this, a tool for windows is used to mount an iso-Image as a drive.

A very good description on changing the driver is given here.

Following this description was straight forward and worked for me.

The next step is to get the network ( using a private net ) to work with

Jan 21, 2014

In the last yum updates on Fedora 20 the PRE scriptlets of same packages fail

During the last update of the Fedora 20 packages with yum the
following error occured:

Running transaction
error: %pre(initscripts-9.51-1.fc20.x86_64) scriptlet failed, exit status 127
Error in PREIN scriptlet in rpm package initscripts-9.51-1.fc20.x86_64
error: initscripts-9.51-1.fc20.x86_64: install failed
error: %pre(pcp-3.8.10-1.fc20.x86_64) scriptlet failed, exit status 127
Error in PREIN scriptlet in rpm package pcp-3.8.10-1.fc20.x86_64
error: pcp-3.8.10-1.fc20.x86_64: install failed
error: %pre(selinux-policy-targeted-3.12.1-117.fc20.noarch) scriptlet failed, ex
it status 127
Error in PREIN scriptlet in rpm package selinux-policy-targeted-3.12.1-117.fc20.
error: selinux-policy-targeted-3.12.1-117.fc20.noarch: install failed
error: %pre(nfs-utils-1:1.2.9-2.1.fc20.x86_64) scriptlet failed, exit status 127
Error in PREIN scriptlet in rpm package 1:nfs-utils-1.2.9-2.1.fc20.x86_64
Warning: scriptlet or other non-fatal errors occurred during transaction.

There was a problem in the previous selinux-policy package.

Look here for Details.

There is also the solution for the problem, which also fixed my problem

# setenforce 0
# yum clean expire-cache
# yum update selinux-policy\*
# setenforce 1

After this my system got uptodate again:

 Loaded plugins: langpacks, refresh-packagekit
No packages marked for update

Jan 2, 2014

Parsing HTML code like XML as DOMTree?? -> Use htmlcleaner

I had the problem, to parse HTML-Emails in Java, where the tags were not balanced and so on.

To get the same features with the DOMTree as with parsing of XML, I searched for a tool and found it
in htmlcleaner.

Htmlcleaner converts the HTML-Code to a DOMTree, which allows parsing and searching with XPath.

This is a nice way for extracting data from the email message. In my case there was every data in the same tag, but the signature used a different font attribute, which allowed the distinction in the XPath searching.

smime certificate management and bouncycastle S/MIME encrypted Message/EMail creation

After having difficulties with PGP encryption with the receiving side ( the key, I got is shown in 
thunderbird to miss subkeys for encryption, but the other side said, they can encrypt ??), I had to
change to S/MIME encryption.

Meaning to create a email Message in Java and encrypt the message before sending.

The basics for encryption in Java is shown in an example in bouncycastle.

But to start you need a certificate. You can create your own CA ( certificate Authority ) and create
Certificate requests, which are signed by the CA. A nice intro ( in German ) is here, which I used because
of thinking of problems with the certificate of cacert.

The other way as mentioned is cacert.org. Here you can register and create your own certificates. The
disadvantage is, that the root certificate is not contained in Firefox/Thunderbird...

To get started you need the certificate of the receiver.

This must be stored in a pkcs12 keystore, but how to create such a keystore?

I found a nice GUI for keystore handling. This tool is called Portecle.
 It is a javatool with a clean GUI.

Creating a Keystore of Type PKC12 could not import the certificate of cacert, I created.
After this I searched for a long time, but didn't find any usefull thing.

The tricky part is, to create a JKS ( Java Key Store ), import the certificate, assign an alias name you
would like to search for in the java code and change the keystore type in the Tools menu to pkcs12.
After this you can save the keystore and have a working PKCS12 keystore as requested by the
source code of bouncycastle.

The source code is quite simple:

KeyStore    ks = KeyStore.getInstance("PKCS12", "BC");
ks.load(new FileInputStream("/path/to/keystore.p12"), "KeystorePassword".toCharArray());

Enumeration e = ks.aliases();String      keyAlias = null;
while (e.hasMoreElements()){    String  alias = (String)e.nextElement();
    if (alias.equals("searchAlias"))    {        keyAlias = alias;

     Certificate cert = ks.getCertificate(keyAlias);
     MimeMessage m = new MimeMessage(session);

     m.setFrom(new InternetAddress("sender@adress"));
     m.setSubject("Test Mail for Enryption");
     m.setRecipient(Message.RecipientType.TO, new InternetAddress(        "receiver@adress") );
     m.setText("Test email with certifcate usage.");

        // create the generator for creating an smime/encrypted message
        SMIMEEnvelopedGenerator  gen = new SMIMEEnvelopedGenerator();
        gen.addRecipientInfoGenerator(new    JceKeyTransRecipientInfoGenerator((X509Certificate)cert).setProvider("BC"));

        MimeBodyPart mp = gen.generate(m, new JceCMSContentEncryptorBuilder(CMSAlgorithm.RC2_CBC).setProvider("BC").build());
m = new MimeMessage(m);
m.setContent(mp.getContent(), mp.getContentType());
FileOutputStream fous = new FileOutputStream("email.msg");

This is a short layout without any errorhandling, but using javamail and sending the MimeMessage,
thunderbird can decrypt the message after importing the private key and the certificate.

When using cacert, you have to install the created certificate from cacert.org and backup the certificate as
a PKCS12 file in the perferences/Advanced/Certificates/View Certificates/Your Certificates path.

After saving you can import this in thunderbird  perferences/Advanced/Certificates/View Certificates/.

This allows thunderbird to decrypt S/MIME encrypted messages sent by the java code.

UPDATE: if you have more receivers, just add an RecipientInfoGenerator for each receiver with:
gen.addRecipientInfoGenerator(new    JceKeyTransRecipientInfoGenerator((X509Certificate)cert).setProvider("BC"));
 and every receiver can view the email.