cryptography

问题 I am trying to create private and public keys for DNSSEC algorithm 13: #include <stdio.h> #include <stdlib.h> #include <openssl/ec.h> #include <openssl/obj_mac.h> #include <openssl/bn.h> int main() { EC_KEY *eckey = NULL; const EC_POINT *pub_key = NULL; const EC_GROUP *group = NULL; const BIGNUM *res; BN_CTX *ctx; ctx = BN_CTX_new(); eckey = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1); EC_KEY_generate_key(eckey); res = EC_KEY_get0_private_key(eckey); printf("Private: %s\n", BN_bn2hex(res))

问题 I've written a program to encrypt 10 bytes random number using an RSA public key on my Java Card. The random number is generated each time that the card receives that APDU command, and as the related cipher object block size is 2048 bit in my applet, I append 242 bytes of 0x00 at the end of this 10 byte random number to make it 256 bytes length. The problem is that sometimes the response is a Crypto Exception with 05 value. As you know and as JC API documents mentioned: 0x05 = ILLEGAL_USE

问题 I'm trying to generate RSA keypairs in Ruby, mostly using the examples from this blog post. Here is my slightly modified code: def generate_keypair(passphrase) rsa_key = OpenSSL::PKey::RSA.new(2048) cipher = OpenSSL::Cipher::Cipher.new('aes-256-cbc') private_key = rsa_key.to_pem(cipher, passphrase) public_key = rsa_key.public_key.to_pem return private_key, public_key end This successfully generates a private key and a public key, and I can write those out to files on the filesystem. irb(main)

问题 Cheers. This is a copy of my question on crypto stack exchange. I'm dealing with HSM via PKCS#11 C/Python interface. I'm wondering is it possible to do some C_Encrypt / C_Decrypt in hardware. By saying "in hardware" I mean encryption/decryption without exposing the result to the caller space. This is mostly aboud decryption as I want to call C_Decrypt and leave the result inside the HSM as arbitrary data to do some other transformations on that data later, saying re-encrypting it on some

问题 I want to implement the most secure, and most reliable form of symmetric key cryptography in my application. The user should input a password to encrypt/decrypt, and that's all. For RijndaelManaged, one must enter a key and an IV. I'm not sure how to address the situation. Right now, I have the entered password being hashed by SHA256 and then being used as the key for the Rijndael. What do I use for the IV? Another password? 回答1: You can use GenerateIV (overridden in RijndaelManaged ) to

问题 I want to implement the most secure, and most reliable form of symmetric key cryptography in my application. The user should input a password to encrypt/decrypt, and that's all. For RijndaelManaged, one must enter a key and an IV. I'm not sure how to address the situation. Right now, I have the entered password being hashed by SHA256 and then being used as the key for the Rijndael. What do I use for the IV? Another password? 回答1: You can use GenerateIV (overridden in RijndaelManaged ) to

问题 I have tried for days to get bcrypt installed on my windows machine with no luck. One of the dependencies (Windows 7 SDK) does not want to be installed even though I have tried numerous suggestions from around the net it just refuses to cooperate. I need a good alternative to bcrypt which does not have any dependencies. 回答1: Check out https://npmjs.org/package/bcryptjs, it's fully compatible with bcrypt just without the dependencies. Or https://npmjs.org/package/simplecrypt if you don't want

问题 I am implementing DES - CBC. I am confused as to what cipher.init , cipher.update and cipher.dofinal do. I just use init to set the key and dofinal to get the result. I don't use update. Is that correct? Also whats the difference to the result when using UTF-8 and ASCII encodings? Here is my code: byte[] ciphertext; Cipher enc = Cipher.getInstance("DES/CBC/PKCS5Padding"); enc.init(Cipher.ENCRYPT_MODE, new SecretKeySpec(key, "DES"), new IvParameterSpec(vector)); // Is this the complete

问题 I have a very large zip file, 2.5gb, which is encrypted. I can't decrypt the entire file into memory and unzip there for production. So I'm trying to use streams to limit the amount of memory used. I've hooked up the following to do it (error handling and stream closing left out for clarity): SecretKeySpec keySpec = new SecretKeySpec(myKey "AES"); Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding"); FileInputStream fis = new FileInputStream(new File(pathToEncryptedFile));

问题 I have a key (say) "thisist0psecret" that I want to use as a symmetric encryption/decryption key with the Google Tink library. I am baffled that I am unable to do this simple thing. I can generate new keys (using various templates AES128_GCM, etc.), serialize them and then read them back with KeysetReader. But, for the life of me, I cannot figure out how to create a symmetric key with the specific key bytes that I specify . I am able to do the following, for example, with Tink: KeysetHandle