cryptography

问题 From microsoft documentation In steps 6 and 7 ( Kerberos SSP <-> CSP or Base CSP ): In essence, it exchanges a copy of the x.509 certificate (from a smart card) in the pre-authentication data field of the request and is signed by the private key. I wonder if there is any method to customize CSP (Cryptographic Service Provider) so that Kerberos SSP can get x.509 certificate (self-created) without using smart card? Then from Kerberos SSP send the certificate to AD (active directory). Link

问题 BackGround I have a server which uses MSRCrypto to sign my nonce. I need to verify that nonce in Java. It is well know that MSRCrypto sends it in P1363 format and Java Library requires it in DER format. I cannot change the server code as I am the client. The server is using SHA386withECDSA What I need 1) Can someone provide me with exact code snippet to convert it from P1363 format to ASN.1 and vice-versa(ASN.1 to P1363) in Java . I tried a few code snippets but was not able to make it work

问题 I'm getting android.security.KeyStoreException: Unknown error On a rare number of devices with different Android Versions (6 - 8) This is my key generation code: final KeyPairGenerator keyGenerator = KeyPairGenerator .getInstance(KeyProperties.KEY_ALGORITHM_RSA, ANDROID_KEY_STORE); keyGenerator.initialize(new KeyGenParameterSpec.Builder(ALIAS, KeyProperties.PURPOSE_ENCRYPT | KeyProperties.PURPOSE_DECRYPT) .setKeySize(2048) .setEncryptionPaddings(KeyProperties.ENCRYPTION_PADDING_RSA_PKCS1)

问题 Q: Does this smali class decrypt data? what encryption is it using? I need help finding out what this code uses to decrypt the file text it receives? the encrypted text prints out as expected in a jumbled mess, is there a way to manually decrypt the text using the information I need help understanding? thank you > < package utils; import android.util.Log; import com.crashlytics.android.Crashlytics; import java.io.BufferedOutputStream; import java.io.File; import java.io.FileOutputStream;

问题 Checked the cpython source code for both secrets and uuid4. Both seems to be using os.urandom. #uuid.py def uuid4(): """Generate a random UUID.""" return UUID(bytes=os.urandom(16), version=4) #secrets.py def token_bytes(nbytes=None): """Return a random byte string containing *nbytes* bytes. If *nbytes* is ``None`` or not supplied, a reasonable default is used. >>> token_bytes(16) #doctest:+SKIP b'\\xebr\\x17D*t\\xae\\xd4\\xe3S\\xb6\\xe2\\xebP1\\x8b' """ if nbytes is None: nbytes = DEFAULT

问题 I have a method that generates a keypair as below: public void create() throws Exception{ StringWriter pemStrWriter = new StringWriter(); JcaPEMWriter pemWriter = new JcaPEMWriter(pemStrWriter); Security.addProvider(new BouncyCastleProvider()); KeyPairGenerator g = KeyPairGenerator.getInstance("ECDSA", "BC"); ECGenParameterSpec spec = new ECGenParameterSpec("secp256r1"); g.initialize(spec); KeyPair keyPair = g.generateKeyPair(); pemWriter.writeObject(keyPair.getPrivate()); pemWriter.close();

问题 I am writing a custom OpenSSL engine using Windows CNG API. While implementing the EVP_PKEY_meths to generate and use ECDH keys, I came across the issue of converting keys from OpenSSL EVP_PKEY to CNG BCRYPT_KEY and vice versa. I am facing this scenario while implementing the Keygen and Derive functions. Is there any easy way to perform these conversions? 回答1: I've only done this with RSA private keys, but I assume that other types (e.g. ECC) would follow the same principal of exporting the

问题 In javascript, is it possible to use the browser built-in sha256 hash (https://developer.mozilla.org/en-US/docs/Web/API/SubtleCrypto/digest#Converting_a_digest_to_a_hex_string) inside a synchronous function? Ideally, I'd like to do something like String.prototype.sha256 = function() { // ... return hash } I already tried things like (async() => {hash = await digestMessage(message); return hash})() , but I can only get back the promise object. It seems to me that it might not be possible to

问题 I'm making a little utility to help me remember passwords by repetition. I'd like to enter password to be remembered only once every day and not before each session. Of course, I wouldn't store a password itself, but would gladly store its hash. So, what are the easiest ways to get a hash from std::string using the C++ Standard Library? 回答1: For a quick solution involving no external libraries, you can use hash<std::string> to hash string s. It's defined by including the header files hash_map

问题 I have read some texts about strong collision resistance and weak collision resistance, but I was unable to understand the difference. The only thing I can understand that there is a low probability of collision in hash functions which have weak collision resistance, and a higher probability of collision in strong collision resistance hash functions. I could not understand what is the real thing, what is the significance of these parameters. Can anyone help me on this ? 回答1: The weak