digital-signature

问题 Here I'm implementing digital signature using RSA. I read a plain text from a file and get MD5 i.e instance of a MessageDigest of the plain text and converting that plain text to BigInteger here this bigInteger should be signed. MessageDigest m1 = MessageDigest.getInstance("MD5"); m1.update(bFile); byte [] digest1 = m1.digest(); for(int i=0; i < digest1.length ; i++){ System.out.println("b["+i+"]="+digest1[i]); } BigInteger bi = new BigInteger(digest1); //here I dont know how to pass

问题 I have been this project which involves sending of signed data. I have been provided with a .pem file and a server certificate which I am supposed to import to another server from which I should sign the data using these files and then send over the signed data to another server for verification adn processing. My Questions are: How do I import these two files into my server? How do I use perl to use the files to sign the data? To note, I am to import into a linux (Suse). This is what I have

问题 I've been struggling for awhile to amend this code sample from Microsoft that shows (somewhat outdated) way how to retrieve a code signature information from an executable file. It works but it doesn't retrieve information if a binary file is dual-signed. So I did some research and tried to rewrite it to make it recognize dual-signatures that are present in many modern executables in Windows. Unfortunately there are very few (nebulous) suggestion available (1), (2), such as those to use

问题 I'm currently trying to add PGP signing support to my small e-mail sending script (which uses Python 3.x and python-gnupg module). The code that signs message is: gpg = gnupg.GPG() basetext = basemsg.as_string().replace('\n', '\r\n') signature = str(gpg.sign(basetext, detach=True)) if signature: signmsg = messageFromSignature(signature) msg = MIMEMultipart(_subtype="signed", micalg="pgp-sha1", protocol="application/pgp-signature") msg.attach(basemsg) msg.attach(signmsg) else: print('Warning:

问题 This question was migrated from Information Security Stack Exchange because it can be answered on Stack Overflow. Migrated 3 years ago . I'm currently working on a Java TLS server. I'm trying to get the following CipherSuite to work : TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA When I test it using openssl s_client I get the following error after the ServerKeyExchange message : 140735242416208:error:1414D172:SSL routines:tls12_check_peer_sigalg:wrong signature type:t1_lib.c:1130: Here is the TLS

问题 I play with digital signatures using node.js. For test purpose, I created a digital signature of some XML data, first using only SHA256, then using RSA-SHA256. The thing that puzzles me is that both methods of signing create exactly the same signature . Both signatures are identical. If they're identical, then why two different methods (SHA256 vs. RSA-SHA256)? I include code below: var crypto = require('crypto'), path = require('path'), fs = require('fs'), pkey_path = path.normalize('private

问题 I generated an RSA key pair with SecKeyGeneratePair. The key size in bits is 2048. NSDictionary *privateAttributes = @{(NSString *)kSecAttrIsPermanent: @YES, (NSString *)kSecAttrApplicationTag: PrivTag}; NSDictionary *publicAttributes = @{(NSString *)kSecAttrIsPermanent: @YES, (NSString *)kSecAttrApplicationTag: PubTag}; NSDictionary *pairAttributes = @{(NSString *)kSecAttrKeyType: (NSString *)kSecAttrKeyTypeRSA, (NSString *)kSecAttrKeySizeInBits: @2048, (NSString *)kSecPublicKeyAttrs:

问题 I have a raw ECDSA signature: R and S values. I need a DER-encoded version of the signature. Is there a straightforward way to do this in openssl using the c interface? My current attempt is to use i2d_ECDSA_SIG(const ECDSA_SIG *sig, unsigned char **pp) to populate an ECDSA_SIG* . The call returns non-zero but the target buffer doesn't seem to be changed. I'm intiailly filling my ECDSA_SIG wtih r and s values. I don't see any errors. The man page says r and s should be allocated when I call

问题 I write the following code for signing the message and then verify it, in java by Bouncy Castle. signing work properly but verifying not work. the result of code print: signature tampered can not recover and return null. why eng.hasFullMessage() function return false and why the following code doesn't work? thanks all. public static String sigVer(PublicKey pu, PrivateKey pr, String original) throws Exception{ //sign BigInteger big = ((RSAKey) pu).getModulus(); byte[] text = original.getBytes(

问题 I receive smime message with content-type 'Application/EDI'. It is non-standard mime type and content should be interpreted as binary. But OpenSSL during verifying signature treats it as text and changes line breaks from '\n' to '\r\n' (as needed by spec for content-type 'text'). So digest becomes wrong and verification fails. Is there any way to make openssl not chaging anything in original message? Argument '-binary' doesn't work on any version (I tried 0.9.7, 0.9.8, 1.0.0). 回答1: Ok,