digital-signature

问题 result variable in the below class is always returning false though I am using the correct signature file and the public key. public class VeriGen { static FileInputStream fin; public static void main(String args[]) throws Exception { Security.addProvider(new BouncyCastleProvider()); KeyStore msCertStore = KeyStore.getInstance("Windows-MY", "SunMSCAPI"); msCertStore.load(null, null); X509Certificate c = ((X509Certificate) msCertStore.getCertificate("Software View Certificate Authority"));

问题 String ACCESS_CODE = "My_PAYFORTAcces_Code" String MERCHANT_ID = "My_Payfory_Merchet_ID" I found the issue I think the issue is with Signature generation, I tried signature generation using with the string “ TESTSHAINaccess_code=ACCESS_CODEdevice_id=ffffffff-d6ab-d802-b274-478d7792a1b7language=enmerchant_identifier=MERCHANT_IDservice_command=SDK_TOKENTESTSHAIN ” I got my signature as “ 9c804f2c08e36749c75389afc12c50e68307c31052e6434c072cd5b36cc8c607 ” and when I tried with “ PASSaccess_code

问题 We have a web service that exchanges data via XML document with a vendor. Each vendor needs to digitally sign the XML document to ensure the integrity of the data transmitted for audit purposes. I am unclear as to which type of certificate I need to buy from the major third-party CA's to meet this requirement? Code signing seems to be the right approach, but XML is not listed on any of the sites. Can anyone provide some guidance on this? 回答1: You need an X.509 certificate (they're all X.509

问题 Normally both PSS and PKCS1v15 can be used for RSA signatures padding. And for java the code is also simple, but it just can't tell the padding strategy used. My code: Signature signature = Signature.getInstance("SHA1WithRSA"); signature.initSign(privateKey); signature.update(plainBytes); byte[] signBytes = signature.sign(); May I explicitly define PSS with MGF1 as the padding strategy using SunJCE as provider? 回答1: PSS is not present in the supported algorithms list of SunJCE. However

问题 I have digitally signed a file(either .exe or .dll not a jar file) using SignTool. Signtool can also verify the digital signature. But my requirement is to check digital signature of file signed by signtool using java program. I searched on internet but didn't find any info. Could you please give me pointers regarding the same? Thanks for your suggestion. 回答1: Signing Code jarsigner -keystore c:/my.keystore -storepass ozziepassword e:/securityApplet.jar ozzie Verify Code: jarsigner -verify e:

问题 I'm generating CMS signature files with external PKCS#1 based on this thread. The first step is obtain the signed attributes from the original file to be signed in external application which is returning PKCS#1 byte array. Then build standard org.bouncycastle.cms.SignerInfoGenerator with original file hash, signed data (PKCS#1) and certificate to add to CMS, and finally create the attached signature . But when i'd tried to validate it using this code: String originalFile =

问题 I am trying to sign a Visual Studio 2012 extension that is packaged as a VSIX file. I have followed the instructions at http://www.jeff.wilcox.name/2010/03/vsixcodesigning/; however, I am interested in performing signing without specifying a pfx file and password. For example, if I were to call 'signtool.exe', my command line would be: "signtool.exe" sign /n MySubjectName /t 'http://timestamp.verisign.com/scripts/timstamp.dll' /d "MyDescription" MyPackage.vsix I understand that this command

问题 I am trying to sign a Visual Studio 2012 extension that is packaged as a VSIX file. I have followed the instructions at http://www.jeff.wilcox.name/2010/03/vsixcodesigning/; however, I am interested in performing signing without specifying a pfx file and password. For example, if I were to call 'signtool.exe', my command line would be: "signtool.exe" sign /n MySubjectName /t 'http://timestamp.verisign.com/scripts/timstamp.dll' /d "MyDescription" MyPackage.vsix I understand that this command

问题 I have to Implement a digital signature in a certificate which we print as PDF in PHP. The requirement is like that a authorized person like Registrar or Sub Registrar digitally signs a certificate. The basic idea behind implementing Digital signature is to know that: 1) Is the certificate digitally signed by the Authorized person and who was that authorized person or someone else has created it who dont have the authority. 2) Is there any changes in the certificate after the registrar/Sub

问题 I have to Implement a digital signature in a certificate which we print as PDF in PHP. The requirement is like that a authorized person like Registrar or Sub Registrar digitally signs a certificate. The basic idea behind implementing Digital signature is to know that: 1) Is the certificate digitally signed by the Authorized person and who was that authorized person or someone else has created it who dont have the authority. 2) Is there any changes in the certificate after the registrar/Sub