digital-signature

I was wondering if there was (and I hope there is) a standard for public key size for ECDH (Elliptic Curve Diffie-Hellman) and ECDSA (Elliptic Curve Digital Signature Algorithm) for every curve type over prime fields (192, 224, 256, 384 and 521). emboss If you use one of the "named curves" then the public key size is fixed and dependent on the "field size" of your underlying curve. Compressed vs. uncompressed representation Public key sizes further depend on whether the "uncompressed" representation or the "compressed" representation is used. In the uncompressed form, the public key size is

How can I verify a detached signature (CMS/pkcs #7 signature) using the BouncyCastle provider in Java? Currently, my code below throws an exception with the message message-digest attribute value does not match calculated value Security.addProvider(new BouncyCastleProvider()); File f = new File(filename); byte[] buffer = new byte[(int)f.length()]; DataInputStream in = new DataInputStream(new FileInputStream(f)); in.readFully(buffer); in.close(); CMSSignedData signature = new CMSSignedData(buffer); SignerInformation signer = (SignerInformation) signature.getSignerInfos().getSigners().iterator()

I'm using iText 5.5.3 to sign and timestamp PDF documents. It works very well. But I recently switched from Acrobat Pro X to XI and now I see this new line : the signature is not LTV enabled and will expire after <date> I guess this warns me that after this date, the signer's signature will be seen as invalid, right ? However the signature properties tells me : the signature includes an embedded timestamp : <date/time> signature was validated as of the secure timestamp time : <same date/time> Now I'm a little bit confused : since the signature was declared valid at a known and certified date,

I have a web server that allows access only using X509 authentication. Works like a charm. Now I want to extend the use of the X509 certificates (which are stored in the user's browser keystore) to Sign data before it is sent to the server (using JavaScript and HTTPPost) Decrypt data read from the server (where it gets encrypted using the user's public key stored there) I found this example doing RSA Signature which is pretty close.... only it does take the key from a HTML textarea. I want to read it from the key store. Now crypto is quite in flux: Mozilla w3C Internet Explorer 11++ Chome and