cryptography

问题 Does anyone know of a pure DSA module in Python for signing messages? 回答1: If OpenSSL has the functionality you are looking for, try pyOpenSSL. 回答2: Python Cryptography Toolkit has this module Chilkat (this may be a pure module check with chilkat - commercially licensed ) 回答3: Unfortunately, you might have to use a wrapper to some non-Python implementation, like pyOpenSSL. I'm not aware of any pure Python crypto library that is secure. In particular, pycrypto is a piece of crap. E.g., if you

问题 I need to have a Win32 application load a hard coded AES-256 key, ideally using the WinCrypt.h methods. I've got my key in an unsigned char[32] but I can't find the correct format of a key blob to pass to CryptImportKey. Everything seems to give me invalid parameter errors. Is there any way to do this? (Also important is how to set IV in WinCrypt. I can't see how to do that at all) 回答1: Solved it. I was using the wrong bType and using 256 for keySize instead of 32. BYTE myPrivateKey[] = {1,2

问题 I am using CryptoSwift to encrypt data I will be passing in a URL. To do this, I need the datatype of the piece of data to be a String to concatenate into the NSURL request. After encrypting the data it is output in bytes. How can I cast the bytes to a nonsense string to pass in the URL that a PHP script can decrypt? I am able to encrypt into UInt8, however I do not think it is possible to pass it over a URL to PHP script so I need to make it a string. The code: let string = "hello" let input

问题 Based on the Golang documentation on CFB decryption I wrote a minimal working example to decrypt a string that was encrypted with AES CFB and then base 64 encoded in python3. The golang decryption works fine when the message was encrypted within Golang (with the encryption function from the Golang doc example). However when I encrypt the message in a python script using the python crypto package, I am unable to decrypt it in the golang script successfully. I don't get the right bytes back. $

问题 Here is my code snippet: int eValue = 79, t; int bitLength = 1024; // KeySize BigInteger e = new BigInteger(Integer.toString(eValue)); KeyPairGenerator kpg = KeyPairGenerator.getInstance("RSA"); kpg.initialize(bitLength); KeyPair kp = kpg.generateKeyPair(); KeyFactory kfactory = KeyFactory.getInstance("RSA"); RSAPublicKeySpec kspec = (RSAPublicKeySpec) kfactory.getKeySpec(kp.getPublic(), RSAPublicKeySpec.class); System.out.println("Byte Length is : " + kspec.getModulus().toByteArray().length)

问题 The game of Bridge is played with 52 different playing cards that are randomly distributed among four players, each player ending up with thirteen cards: a so called "deal". Roughly a little less than 2^96 Bridge deals are possible. In this document the requirements for a program that generates random deals are described as follows: The software should be able to generate every possible bridge deal, since that is also possible with manual dealing. The software should generate every deal with

问题 I'm using Python 2.7 and am creating an HMAC using the hmac library. Python 3.3 includes a compare_digest() function that will compare two digests and resist timing attacks, but that's not available in 2.7. Prevailing advice is not to roll my own crypto, so are there any mature Python libraries that provide that functionality? PyCrypto does not appear to. 回答1: For anyone finding this from search, if using Django, then you can also use the constant_time_compare function in django.utils.crypto.

问题 I'm interested in providing a managed dll for use in .Net that provides authenticated encryption services. The DLL might be used in a WPF program or an ASP application. I have a couple of questions related to Microsoft's crypto and stream models. Authenticated encryption modes (CCM, CWC, EAX, GCM, etc) typically produce two artifacts - first is the cipher text and second is the authentication tag. Its fairly easy to stream encryption, but there can be some problems. For example, CCM cannot be

问题 I'm interested in providing a managed dll for use in .Net that provides authenticated encryption services. The DLL might be used in a WPF program or an ASP application. I have a couple of questions related to Microsoft's crypto and stream models. Authenticated encryption modes (CCM, CWC, EAX, GCM, etc) typically produce two artifacts - first is the cipher text and second is the authentication tag. Its fairly easy to stream encryption, but there can be some problems. For example, CCM cannot be

问题 I know very little about Ruby, so please forgive me if the answer to this is obvious. I noticed at http://www.ruby-doc.org/stdlib-1.9.3/libdoc/securerandom/rdoc/SecureRandom.html that Ruby uses the pid and the current time to seed OpenSSL::Random when a call to random_bytes is made. Unless something else happens under the covers, isn't this pretty much the seed that Netscape used in their initial SSL implementation in the mid 90s? http://en.wikipedia.org/wiki/Random_number_generator_attack