digital-signature | 易学教程

RSA signature size?

阅读更多关于 RSA signature size?

I would like to know what is the length of RSA signature ? Is it always the same size as the RSA key size like if the key size is 1024 then RSA signature is 128 bytes , if the key size is 512 bits then RSA signature is 64 bytes ? what is RSA modulus ? Also what does RSA-sha1 mean ? Any pointers greatly appreciated. emboss You are right, the RSA signature size is dependent on the key size, the RSA signature size is equal to the length of the modulus in bytes. This means that for a "n bit key", the resulting signature will be exactly n bits long. Although the computed signature value is not

Securing an API: SSL & HTTP Basic Authentication vs Signature

阅读更多关于 Securing an API: SSL & HTTP Basic Authentication vs Signature

When designing an API for our web app, we'll use the their subdomain as the 'username' and generate an API key/shared secret. Firstly, is it ok to use the subdomain as the username? I don't see the benefit of generating another key. Different APIs seem to do one of two things: Use HTTP Basic Authentication with SSL In every request the username is set to the subdomain and the password to the API key. Since we're using SSL then this should be safe from spoofing. Notable APIs: Google Checkout , Freshbooks , GitHub , Zendesk Create a Signature of the Request with the Shared Secret Normally

HMAC-SHA256 Algorithm for signature calculation

阅读更多关于 HMAC-SHA256 Algorithm for signature calculation

问题 I am trying to create a signature using the HMAC-SHA256 algorithm and this is my code. I am using US ASCII encoding. final Charset asciiCs = Charset.forName("US-ASCII"); final Mac sha256_HMAC = Mac.getInstance("HmacSHA256"); final SecretKeySpec secret_key = new javax.crypto.spec.SecretKeySpec(asciiCs.encode("key").array(), "HmacSHA256"); final byte[] mac_data = sha256_HMAC.doFinal(asciiCs.encode("The quick brown fox jumps over the lazy dog").array()); String result = ""; for (final byte

Signing data with private key in c#

阅读更多关于 Signing data with private key in c#

I need to sign some data with one private key using Algorithm SHA1RSA ,Rsa Key length 2048 with 64 base encoding.My code is like this string sPayload = ""; HttpWebRequest httpWebRequest = (HttpWebRequest)WebRequest.Create("URI"); httpWebRequest.ContentType = "application/json; charset=utf-8"; httpWebRequest.Method = WebRequestMethods.Http.Post; using (StreamWriter streamWriter = new StreamWriter(httpWebRequest.GetRequestStream())) { sPayload = "{\"id\":\"14123213213\"," + "\"uid\":\"teller\"," + "\"pwd\":\"abc123\"," + "\"apiKey\":\"2343243\"," + "\"agentRefNo\":\"234324324\"}"; httpWebRequest

How to programatically sign an MS office XML document with Java?

阅读更多关于 How to programatically sign an MS office XML document with Java?

问题 Please, could someone point me in the right direction to digitally sign an MS-Office document (docx, xlsx, pptx) in Apache POI, or any other open source library? I have already reviewed the classes under org.apache.poi.openxml4j.opc.signature but I cannot understand how I could add a signature to a document. 回答1: Check this sample code .. this sample code uses a file keystore PFX (PKCS12) .. Signs the Document and verify it. // loading the keystore - pkcs12 is used here, but of course jks &

XSD Signature issue

阅读更多关于 XSD Signature issue

问题 I cannot resolve this error about <xs:element ref="ds:Signature"/> . I need some help please. Copyright (C) Microsoft Corporation. All rights reserved. Schema validation warning: The 'http://www.w3.org/2000/09/xmldsig#:Signature' el ement is not declared. Line 162, position 8. Warning: Schema could not be validated. Class generation may fail or may produce incorrect results. Warning: cannot generate classes because no top-level elements with complex type were found. XSD <xs:schema xmlns:xs=

Sign PDF using an external service and iText

阅读更多关于 Sign PDF using an external service and iText

问题 I have this scenario. I have an application that generates a PDF, and that needs to be signed. We have not the certificates to sign the document, because they're in a HSM, and the only way we could make use of the certificates is using a webservice. This webservice, offers two options, send the PDF document, and it returns a signed pdf, or send a hash that will be signed. The first option, is not viable, because the PDF is signed without a timestamp (this is a very important requisite), so

How to create precofigured installer (MSI or EXE) with valid signature?

阅读更多关于 How to create precofigured installer (MSI or EXE) with valid signature?

问题 We want our users to download preconfigured installers of our software for Windows. Pre-configured data consists of settings based on user account data. The customization is to be done in a Java server running on Linux. We need to have those installers digitally signed. Unfortunately we cannot have private signing key on those servers, due to security policy. Can you think of ways to put some metadata into either MSI or EXE while preserving digital signature or other approaches to fulfill the

app-release-unsigned.apk is not signed

阅读更多关于 app-release-unsigned.apk is not signed

I downloaded the zip file of an Android app on github and I'm trying to run it, but I get a dialog with this message app-release-unsigned.apk is not signed. Please configure the signing information for the selected flavor using the Project Structure dialog. I'm using Android Studio. What am I supposed to do? If anyone wants to debug release build using Android Studio, follow these steps: Set build variant to release mode. Right click on app in left navigation pane, click Open Module Settings . Go to Signing Tab. Add a signing config and fill in information. Select your keychain as well. Go to

iText7 LtvVerification.addVerification not enabling LTV

阅读更多关于 iText7 LtvVerification.addVerification not enabling LTV

问题 We are trying to make the signed signature LTV enabled. I am using the below code to add verification. When signature.isTsp() is false, the PDF says Signature is not LTV enabled , though in the other case (signature.isTsp() is true) it shows as valid. When we open the PDF and try to manually add verification info by right clicking on the signature it enables LTV without any issue. Not sure what we are missing here. Any input will be highly helpful. // Adds LTV-enabled information to the PDF