cryptography

问题 I need to generate cryptographically secure pseudorandom numbers, in Javascript. I know about the window.crypto.getRandomValues API, which does exactly what I want. However, I also know it was introduced relatively recently (in 2011 or so). Can I safely assume window.crypto.getRandomValues is present, or will using it introduce compatibility problems on some browsers? Are there any major (widely used) browsers which do not support window.crypto.getRandomValues (including mobile or desktop

问题 I'm almost losing hope on this one. I'm trying to access the Firefox trust store from Java 7 using the NSS libraries that come with the Firefox installation, via PKCS#11. Here is the code: import java.security.KeyStore; import java.security.Security; import java.util.Enumeration; import sun.security.pkcs11.SunPKCS11; public class Test { public static void main(String[] args) throws Exception { String configName = "pkcs11.cfg"; SunPKCS11 p = new SunPKCS11(configName); Security.addProvider(p);

问题 I am trying to encrypt and decrypt some simple text. But for some reason I am getting a strange error: javax.crypto.BadPaddingException . Why would JCE generates bytes that are not properly padded? I have the following code: import javax.crypto.Cipher; import javax.crypto.KeyGenerator; import javax.crypto.SecretKey; import javax.crypto.spec.IvParameterSpec; import java.security.SecureRandom; public class SimplestTest { public static void main(String[] args) throws Exception { SecureRandom rnd

问题 I am trying to encrypt and decrypt some simple text. But for some reason I am getting a strange error: javax.crypto.BadPaddingException . Why would JCE generates bytes that are not properly padded? I have the following code: import javax.crypto.Cipher; import javax.crypto.KeyGenerator; import javax.crypto.SecretKey; import javax.crypto.spec.IvParameterSpec; import java.security.SecureRandom; public class SimplestTest { public static void main(String[] args) throws Exception { SecureRandom rnd

问题 This question already has answers here : Secure hash and salt for PHP passwords (14 answers) Closed 5 years ago . $pass="test" the above variable contains a password called test.I want to hash this password using sha512 md5 and salt how do i do that as ive found only benifits of salt and sha512,i allready know md5 encryption.please i need the solution as my system is vunerable and please explain it with a code example because im still attached to md5 from what ive understood by your comments

问题 This question already has answers here : Secure hash and salt for PHP passwords (14 answers) Closed 5 years ago . $pass="test" the above variable contains a password called test.I want to hash this password using sha512 md5 and salt how do i do that as ive found only benifits of salt and sha512,i allready know md5 encryption.please i need the solution as my system is vunerable and please explain it with a code example because im still attached to md5 from what ive understood by your comments

问题 It's difficult to tell what is being asked here. This question is ambiguous, vague, incomplete, overly broad, or rhetorical and cannot be reasonably answered in its current form. For help clarifying this question so that it can be reopened, visit the help center. Closed 7 years ago . Can anyone explain how to encrypt and decrypt files using certificates stored in a java 'PKCS#12` keystore? 回答1: As mention Eugene Mayevski, your question is wrong and cannot be answered in its original form. But

问题 In the past when dealing with passwords I've always stored a salt and a hashed password separately in my data store. Today I was looking to update some legacy code to use a RFC 2898 hash value. I came across the Crypto.Hash methods from System.Web.Helpers . It looks like these will do most of the heavy lifting for me. There are GenerateSalt() , HashPassword() , and VerifyHashedPassword() methods. The HashPassword() and VerifyHashedPassword() methods don't take a salt value. The MSDN

问题 In the past when dealing with passwords I've always stored a salt and a hashed password separately in my data store. Today I was looking to update some legacy code to use a RFC 2898 hash value. I came across the Crypto.Hash methods from System.Web.Helpers . It looks like these will do most of the heavy lifting for me. There are GenerateSalt() , HashPassword() , and VerifyHashedPassword() methods. The HashPassword() and VerifyHashedPassword() methods don't take a salt value. The MSDN

问题 I have a small string of some data (less than 1kb) that I would like to have user agents pass to other sites when they are sent from my site. In order for the other sites to verify that I was the one that created the string I though of two options. The server pings me back to confirm (like paypal, openid, etc..) I use public/private keys to prove I sent the message (like PGP, DKIM, etc..) I don't want to setup HMAC because that would mean I have to use custom keys for each site which would be