digital-signature

问题 I am have digitally signed a pdf using digital token attached in pc using libarary itext sharp to append same, when i open same in adobe reader it shows revocation can not be performed and when i see details then it shows that one of the issuers certificate's revocation is not checked with error : error encountered while BER decoding. path to my plain signed pdf: https://www.sendspace.com/file/vqgl53 As a solution i thought if i can add CRL information itself in document(my plain signed pdf)

问题 So I am trying to generate an ECDSAwithHA256 signature in Java, and for that, I am using the BouncyCastle provider. The curve is a secp521r1. To initalize the signer I am using: public static final String SIGNATURE_ALGORITHEM = "SHA256withECDSA"; public void init() { signer = Signature.getInstance(SIGNATURE_ALGORITHEM, BouncyCastleProvider.PROVIDER_NAME); signer.initSign(privKey); } And to sign I am using public byte[] sign(byte[] bytes) throws SignatureException { signer.update(bytes); byte[

问题 I'm trying to implement digital signature in php as in java sample code below: Signature rsaSig = Signature.getInstance("MD5withRSA"); RSAPrivateKey clientPrivateKey = readPrivateKeyFromFile(fileName); rsaSig.initSign(clientPrivateKey); String source = msg; byte temp[] = source.getBytes(); rsaSig.update(temp); byte sig[] = rsaSig.sign(); BASE64Encoder encoder = new BASE64Encoder(); return encoder.encode(sig); My php code : $rsa = new Crypt_RSA(); $rsa->loadKey('...'); // in xml format

问题 I'm trying to implement digital signature in php as in java sample code below: Signature rsaSig = Signature.getInstance("MD5withRSA"); RSAPrivateKey clientPrivateKey = readPrivateKeyFromFile(fileName); rsaSig.initSign(clientPrivateKey); String source = msg; byte temp[] = source.getBytes(); rsaSig.update(temp); byte sig[] = rsaSig.sign(); BASE64Encoder encoder = new BASE64Encoder(); return encoder.encode(sig); My php code : $rsa = new Crypt_RSA(); $rsa->loadKey('...'); // in xml format

问题 I would like to programmatically perform a check on the APK's signature at runtime. I own a keystore on my development workstation, so I could know (dunno how) the public key I'm signing an APK with. Once I know what the public key will be after signage, I would like to put in the source code and check if the currently running application matches the key. Is it possible? If so, how do I obtain the public key from an Eclipse-generated keystore? Thanks. 回答1: You could try this, it should work

问题 I am attempting to run my app in an emulator and have been receiving the following error: Installation failed since the APK was either not signed, or signed incorrectly. If this is a Gradle-based project, then make sure the signing configuration is specified in the Gradle build script. I am attempting to run the app with a debug setting so signing the app should not be necessary as it will be given a temporary signature upon building. 回答1: This happens often when you install the same app

问题 When installing a signed driver (i.e. with a properly signed .CAB) on Windows 7 through DpInst, unless it's a WHQL-signed driver, you cannot install it silently. If you run DpInst in the non-silent mode, it'll prompt you to trust the "publisher". If you run DpInst in silent mode, it would fail with a signing-related error code (something like 0x800b0109 -- check your setupapi.app.log). 回答1: While ilya's answer is good, the solution on Windows 7 is even easier. The command below deploys the

问题 I have a Java application for signing XML documents. After upgrading Java to the latest version (Java7u25) it stops working. I get the following error: javax.xml.crypto.dsig.XMLSignatureException: javax.xml.crypto.URIReferenceException: com.sun.org.apache.xml.internal.security.utils.resolver.ResourceResolverException: Cannot resolve element with ID ... Reverting back to java7u21 solves the problem. Is there any change in the XML Dig Sig API that causes this error? 回答1: Same problem here.

问题 Why do I need to use separate public key pairs for signing and encryption and not use the same key pair with RSA for example? Is there any security problem with using the same key? 回答1: The reason for using separate key pairs for signing and encryption is to spread the risk: If someone recovers the private encryption key, he/she can decrypt documents that were encrypted using the public encryption key but can’t use it to also sign documents and vice versa. Another reason could be a legal

问题 Why do I need to use separate public key pairs for signing and encryption and not use the same key pair with RSA for example? Is there any security problem with using the same key? 回答1: The reason for using separate key pairs for signing and encryption is to spread the risk: If someone recovers the private encryption key, he/she can decrypt documents that were encrypted using the public encryption key but can’t use it to also sign documents and vice versa. Another reason could be a legal