cryptography

问题 I am using twisted's Perspective Broker for a network application. I encountered the problem that it automatically uses an MD5 challenge-response scheme for authentication. Ideally I would prefer not to store MD5 hashes on the server-side due to a number of security vulnerabilities. Alternatively, scrypt, bcrypt or pbkdf2 provide more secure algorithms. However, while these algorithms are readily available in python, I don't quite see, whether it is possible to implement a custom

问题 I wanted to convert array< Byte>^ to unsigned char*. I have tried to explain what i have done. I donot know how to proceed further. Please show me the right approach. I am using MS VC 2005. //Managed array array<Byte>^ vPublicKey = vX509->GetPublicKey(); //Unmanaged array unsigned char vUnmanagedPublicKey[MAX_PUBLIC_KEY_SIZE]; ZeroMemory(vUnmanagedPublicKey,MAX_PUBLIC_KEY_SIZE); //MANAGED ARRAY to UNMANAGED ARRAY // Initialize unmanged memory to hold the array. vPublicKeySize = Marshal:

问题 I am making cross-platform application with server being written in Java, so I ended up with C# for Windows. I finally got through all obstacles like different endianities for BigIntegers in these two languages (Java: big endian, C#: little), so I successfuly made key-exchange as well. Now this is where problem comes, in Java I use AES/CBC/PKCS5Padding for encryption, but in C# there was no PKCS5 available, but as I read in other posts to this topic here on SO, PKCS7 is told to be same as

问题 Java supports OCSP out of the box. The way it is being done though, (I mean the revocation check) is transparent to the programmer. My question is, is there any api (part of java) that can create a valid OCSP request or response? So that it would be possible for a programmer to implement a custom OCSP checker? 回答1: The standard Java API does not provide publicly available classes to handle OCSP. In Sun/Oracle's JDK, the OCSP management classes are in the sun.security.provider.certpath package

问题 I am attempting a proof of concept under very constrained technological conditions. My question is: how to efficiently subtract big integers (represented as byte arrays) in a Java Card? . Now, the details are what make the task tricky. I have access to one smart card. The model is Feitian JavaCOS A22 and runs Java Card 2.2. For full detail, Java Card enables the usage of a very restricted subset of the Java API ( namely, no int , no char , and naturally, no BigInteger ), but it does support a

问题 I am new to the EC-encryption and have some struggle with it. I am using Java 8 and the BouncyCatle provider. The Question I have now is: when I generate an EC-KeyPair with the folloing code: ECGenParameterSpec spec = new ECGenParameterSpec("secp521r1"); KeyPairGenerator kpg = KeyPairGenerator.getInstance("ECDH", BouncyCastleProvider.PROVIDER_NAME); kpg.initialize(spec, new SecureRandom()); return kpg.generateKeyPair(); and try to get the byte array of the public key to send it to another

问题 I am trying to follow a specification for an encrypted field in SagePay 3.00 using ColdFusion 10. The requirement is to encrypt the string as AES(block size 128-bit) in CBC mode with PKCS#5 padding using the provided password as both the key and initialisation vector and encode the result in hex. It's the "using the provided password" that is causing the problem. At the moment I have myStr = 'assortednamevaluepairsetc'; providedPassword = 'abcdefghijklmnop'; myCrypt = Encrypt(myStr

问题 I'm trying to read certificate from smime.p7s file, the certificate chain is: Baltimora Cyber Trust --> DigitPA --> Aruba PEC So when i'm trying to extract, I retrieve only the last two certificate, the last like subject and the first like issuer. What am I wrong? the code: private List<CertificateInfo> reading(ASN1InputStream asn1Stream) throws IOException, CMSException, CertificateException { ArrayList<CertificateInfo> infos = new ArrayList<CertificateInfo>(); ASN1Primitive obj = asn1Stream

问题 AFAIK, CFB8 mode has block size of 1byte. So I can induce that IV is also 1byte length. However, when I do a test passing same iv of just 1 byte into common crypto create function for encrypt and decrypt function, encrypted and decrypted message mismatch. So I think that the API should have taken more than 1 byte to use as IV. I would like to know why? Any thing wrong with my understanding? CCCryptorStatus result = CCCryptorCreateWithMode(operation, kCCModeCFB8, kCCAlgorithmAES128,

问题 I'm developping an Android App that generates an EC Asymetric key. When my app gets connected to a device, they exchange their public key. They then use ECDH to establish a shared secret. This shared secret is then used to derive an AES session key. All this is working fine. I'm now working on the storage of the asymetric key. I wanted to put it in the Android KeyStore but I don't see how I can then do the ECDH operation. The key in the key store can be used to sign, decrypt or encrypt but I