cryptography

问题 I want to decrypt an AES encrypted message in Java. I’ve been trying various Algorithm/Mode/Padding options from the standard library and from BouncyCastle. No luck :-( The encrypting entity is written in Python and is already in production. Encrypted messages have already gone out, so I cannot easily change that part. The Python code looks like this: from Crypto.Cipher import AES import base64 import os import sys BLOCK_SIZE = 16 PADDING = '\f' pad = lambda s: s + (BLOCK_SIZE - len(s) %

问题 I want to have a way of authenticating an user (which introduces his password) without having that password stored in plain text or even a hash of it. How should I do it? Is it secure to have a control string that the user key can cipher and compare it with the ciphered string that I have stored? 回答1: Per NIST (National Institute of Standards and Technology): Use a hash function, iterate over an HMAC with a random salt for about a 100ms duration and save the salt with the hash. Use functions

问题 I'm working with X25519-keys based encryption at the moment. My question is, basically, how to derive PublicKey from existing X25519 PrivateKey ? I have found the code in the XDHKeyPairGenerator : BigInteger publicKey = ops.computePublic(privateKey.clone()); But this package is platform-specific, thus not accessible. And I can't find a method to do it through publicly-accessible interfaces. 回答1: You must scalar multiply the private key (which is just a big number) by the 25519 curve generator

问题 I got a pice of java RSA decrypt code, now I want to express in Python pycrypto. but I got different ciphertext although using same private key, and server only access ciphertext that encrypt by java. I seach google, it look like cause of padding. I am not familiar with RSA, my current solution is that execute java code in tomcat, Python call it through http request. but I still want to encrypt direct in Python code. in java code: public static String encrypt(String paramString)throws

问题 I have managed to encrypt data in native code using the Crypto API and decrypt this in .NET (C#) code, using RC2 algorithm and SHA for creating a key. This is the native code (Delphi in this case): // Get handle to CSP If Not CryptAcquireContext(hCryptProv, nil, nil, PROV_RSA_FULL, 0) Then If Not CryptAcquireContext(hCryptProv, nil, nil, PROV_RSA_FULL, CRYPT_NEWKEYSET) Then ShowMessage('CryptAcquireContext '+IntToStr(GetLastError())); // Create a hash object If Not CryptCreateHash(hCryptProv,

问题 We using AES encryption to encrypt the data. Generating a key once in a year using some app(i.e console) so which way i have to choose to generate the key? 1. Do we need to generate the key using the Pass Phrase method? 2. Or we have to choose the default generate key provided by AESCryptoServiceProvider? The below method uses Pass Phrase for generating the encryption. Method 1: private static readonly byte[] Salt = new byte[] { 10, 20, 30, 40, 50, 60, 70, 80 }; private static byte[]

问题 I'm new to encryption/decryption. I'm trying to decrypt an input string that is encrypted and comes out to 44 characters. This is what I have so far but I keep getting "bad data" when it attempts to execute the "TransformFinalBlock" function. public static String Decrypt(String input) { try{ byte[] inputArray = Convert.FromBase64String(input); TripleDESCryptoServiceProvider tripleDES = new TripleDESCryptoServiceProvider(); tripleDES.KeySize = 128; tripleDES.Key = UTF8Encoding.UTF8.GetBytes(

问题 I would like to be able to generate a key pair private and public key in command line with openssl, but I don't know exactly how to do it. What I have done so far was to do the following command line but this only prints me this which I don't know exactly what it is:s FROM OPENSSL PAGE: To create EC parameters with explicit parameters: openssl ecparam -out ec_param.pem -name prime192v1 -param_enc explicit -----BEGIN EC PARAMETERS----- MIHHAgEBMCQGByqGSM49AQECGQD////////////////////+/////////

问题 // base64-encode the binary result of the HMAC computation $merchantSig = base64_encode(hash_hmac('sha256',$signData,pack("H*" , $hmacKey),true)); The above is the php code that generates the digest. let h = crypto.createHmac('sha256', hmacKey).update(keyString).digest('base64'); The above is the nodejs code that generates the digest. The key that I am using is hexadecimal in both php and node. What should I be doing differently in node to get the same result as that in php. I know php uses a

问题 I am getting a runtime error when trying to use System.Security's crypto code. I added a reference to System.Security and everything looks good but I am getting this error: "Compiler Error Message: CS0103: The name 'ProtectedData' does not exist in the current context" here is the code that is throwing the error. public static string EncryptString(SecureString input, string entropy) { byte[] salt = Encoding.Unicode.GetBytes(entropy); byte[] encryptedData = ProtectedData.Protect( Encoding