digital-signature

I'm having trouble verifying DSA signatures using Python/M2Crypto. The signatures are generated in Java, using standard java.security.Signature class, with Sun's crypto provider and SHA1withDSA algorithm designation. Here's some shell output: >>> pk <M2Crypto.DSA.DSA_pub instance at 0x20b6a28> >>> sig = '302c02141c4bbb218215ebfec57288059ce814dc430d849502144dd0c581bf2213aff79d17eb37c939e120a97bd2'.decode('hex') >>> data ='0501...9794'.decode('hex') >>> pk.verify_asn1(sig, data) ------------------------------------------------------------ Traceback (most recent call last): ... DSAError: wrong

Im doing ECDSA signatures using dgst command with OpenSSL as follows: openssl dgst -sha256 -sign key.pem -out my_signature data_file which works just fine. However I read in this SO answer that it first SHA256 hashes the data_file, and ASN.1 encodes the hash before signing it. I would like to create the SHA256 hash of the data and make ECDSA sign just the raw bytes of this hash. (As this is the ECDSA signature, I cannot use rsautl as in the mentioned SO answer.) How do I achieve this using OpenSSL? You can do it with openssl pkeyutl which is a replacement for openssl rsautl that supports ECDSA

This question was migrated from Cryptography Stack Exchange because it can be answered on Stack Overflow. Migrated last year . I'm developing an application based on OpenSSL version 0.9.8a API and I need to verify an RSA signature (4096 bit RSA key) using an RSA public key pubkey . This is my code: const EVP_MD* md = EVP_get_digestbyname("SHA512"); if (!md) { return false; } if(EVP_DigestInit_ex(ctx, md, NULL)<=0) { return false; } if(EVP_DigestVerifyInit( ctx, NULL, md, NULL, pubKey)<=0) { return false; } if (EVP_DigestUpdate(ctx, Msg, MsgLen) <= 0) { return false; } int res = EVP_DigestFinal

I'm developing an Android application, but I want to restrict my application to only be accessible by hardware that is not running a rooted/custom ROM. I know about Android's Forward Locking content protection, but would like to double check this protection from within my app. Is there any way to get the signature of the device along with a trusted signature of the ROM using android API's so that I lock my app out from Custom ROMs? There is no fail-proof way that I can think of, sorry. The main point of a ROM or root is that you can change whatever you want. Therefore, none of the Android API

I'm trying to create a PKCS#7 signed message in C#. The digital signature is being computed separately in an HSM so I already have the value of the signature, I just want to create a PKCS#7 structure that contains it. I've looked into using the SignedCms in the System.Security.Cryptography.Pkcs namespace but this doesn't seem to have an option for providing a precomputed signature. What is the best way to generate a PKCS#7 structure in C# when I already have the value of the digital signature? AFAIK you cannot do that with "built-in" .NET classes. However I have created an example application

I am signing my PDF files programmatically and I would like to add the signature appearance to the PDF : what objects would I need to achieve this ? I know I have to Annotations , BBox and XObject but I don't really know in which order and if I need other things. It is really hard to debug this kind of stuff to find the right configuration so any help would be appreciated ! This is the kind of appearance I want to have : I am using Zend_Pdf to handle my files. 来源： https://stackoverflow.com/questions/45584622/add-digital-signature-appearance-programmatically

Some information a program is using uses input files in xml format. The files have the following structure. <?xml version="1.0" encoding="UTF-8"?> <Envelope xmlns="urn:envelope"> <MyData Id="MyDataId"> <!-- some data --> </MyData> <Signature xmlns="http://www.w3.org/2000/09/xmldsig#"> <SignedInfo> <CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315" /> <SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig-more#rsa-sha256" /> <Reference URI="#MyDataId"> <Transforms> <Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature" /> <