cryptography

问题 I have my own private key string, i.e. -----BEGIN RSA PRIVATE KEY----- MIICXAIBAAKBgQCSAYYgzvGTww.... .... .... ..... 3yUMYj9oYzqdrRHP0XgD0cEEvyqPBwLaNsRdFwy5qTiHjj0f+ZWHQWmqcoLmmpzyZEbIvQm/VhbjRF6iKG4WZ9Hfa7ntYRNGdWgD/KMIeZI= -----END RSA PRIVATE KEY----- Now, I need to sign my claim set using this private key in C# to generate JWT payload. I have written the following code: var utc0 = new DateTime(1970, 1, 1, 0, 0, 0, 0, DateTimeKind.Utc); var issueTime = DateTime.Now; var iat = (int

问题 I need to sign some data with one private key using Algorithm SHA1RSA ,Rsa Key length 2048 with 64 base encoding.My code is like this string sPayload = ""; HttpWebRequest httpWebRequest = (HttpWebRequest)WebRequest.Create("URI"); httpWebRequest.ContentType = "application/json; charset=utf-8"; httpWebRequest.Method = WebRequestMethods.Http.Post; using (StreamWriter streamWriter = new StreamWriter(httpWebRequest.GetRequestStream())) { sPayload = "{\"id\":\"14123213213\"," + "\"uid\":\"teller\",

问题 I am working on AES algorithm, and I have this exception which I couldn't solve. javax.crypto.BadPaddingException: Given final block not properly padded at com.sun.crypto.provider.SunJCE_f.b(DashoA13*..) at com.sun.crypto.provider.SunJCE_f.b(DashoA13*..) at com.sun.crypto.provider.AESCipher.engineDoFinal(DashoA13*..) at javax.crypto.Cipher.doFinal(DashoA13*..) the exception happens in the decryption part. I initialize the key in a different place from where the decryption algorithm is

问题 I need to send encrypted data from a Java client to a C# server. Right now I'm learning how to encrypt data using AES (requirement). Following this accepted answer android encryption/decryption with AES I'm doing the following: byte[] keyStart = "qweroiwejrwoejlsifeoisrn".getBytes(); // Random character string byte[] toEncrypt = myMessageString.getBytes(); keyGen = KeyGenerator.getInstance("AES"); sr = SecureRandom.getInstance("SHA1PRNG"); sr.setSeed(keyStart); keyGen.init(128, sr); SecretKey

问题 I need to send encrypted data from a Java client to a C# server. Right now I'm learning how to encrypt data using AES (requirement). Following this accepted answer android encryption/decryption with AES I'm doing the following: byte[] keyStart = "qweroiwejrwoejlsifeoisrn".getBytes(); // Random character string byte[] toEncrypt = myMessageString.getBytes(); keyGen = KeyGenerator.getInstance("AES"); sr = SecureRandom.getInstance("SHA1PRNG"); sr.setSeed(keyStart); keyGen.init(128, sr); SecretKey

问题 This, pretty basic, piece of code is quite common when handling encryption\decryption in Java. final Cipher cipher = Cipher.getInstance("AES/CBC/NoPadding"); cipher.init(Cipher.ENCRYPT_MODE, key, iv); cipher.doFinal(*something*); These three lines alone, potentially throw six exceptions and I'm not sure what's the cleanest (in terms of code readability) way to handle them. A try with six catch clauses really looks like a smell to me. Are there micropatterns or best practices, I am obviously

问题 For a webapplication, when HTTPS is not available as a security measure, is it possible to still make the login somewhat secure? E.g.: Tokenize logins, to make repeat attacks difficult? Somehow encrypt the sent password from a HTML password field? In particular I'm using CakePHP and an AJAX POST call to trigger authentication (includes provided username and password). Update on the problem: HTTPS is not available. Period. If you don't like the the situation, consider it a theoretical question

问题 We are writing a set of application for windows which contains IE toolbar, Firefox toolbar and Windows Desktop client. Before using any of these components user provides his secret code and says that he need to save this code for 1hr or whatever option he chooses. Now the challenge for us is that we have to use the same secret code to decrypt his data while he uses in all 3 component, Currently we are writing that secret key in a plain file with AES encryption with a specific key buried in

问题 We are writing a set of application for windows which contains IE toolbar, Firefox toolbar and Windows Desktop client. Before using any of these components user provides his secret code and says that he need to save this code for 1hr or whatever option he chooses. Now the challenge for us is that we have to use the same secret code to decrypt his data while he uses in all 3 component, Currently we are writing that secret key in a plain file with AES encryption with a specific key buried in

问题 here is my BlowFishCrypto Class using System; using System.Collections.Generic; using System.Linq; using System.Text; using Org.BouncyCastle.Crypto; using Org.BouncyCastle.Crypto.Modes; using Org.BouncyCastle.Crypto.Engines; using Org.BouncyCastle.Crypto.Parameters; using Org.BouncyCastle.Math; namespace Common.Encryption { public class BlowfishCryptographer { private bool forEncryption; private IBufferedCipher cipher; public BlowfishCryptographer(bool forEncryption) { this.forEncryption =