encryption

问题 How can I check if a chosen cipher algorithm transformation supports certain key length? boolean checkAlgorithm( String encryptMethod, int keyLength ) { Cipher cipher = Cipher.getInstance(encryptMethod); int maxLength = cipher.getMaxAllowedKeyLength(encryptMethod); if ( keyLength <= maxLength && SOMETHING_ELSE ) { return true; } else { return false; } } Is there a way without doing it one by one for each transformation like: switch( encryptMethod ) { case "Blowfish": if ( keyLength <=

问题 How can I check if a chosen cipher algorithm transformation supports certain key length? boolean checkAlgorithm( String encryptMethod, int keyLength ) { Cipher cipher = Cipher.getInstance(encryptMethod); int maxLength = cipher.getMaxAllowedKeyLength(encryptMethod); if ( keyLength <= maxLength && SOMETHING_ELSE ) { return true; } else { return false; } } Is there a way without doing it one by one for each transformation like: switch( encryptMethod ) { case "Blowfish": if ( keyLength <=

问题 How can I check if a chosen cipher algorithm transformation supports certain key length? boolean checkAlgorithm( String encryptMethod, int keyLength ) { Cipher cipher = Cipher.getInstance(encryptMethod); int maxLength = cipher.getMaxAllowedKeyLength(encryptMethod); if ( keyLength <= maxLength && SOMETHING_ELSE ) { return true; } else { return false; } } Is there a way without doing it one by one for each transformation like: switch( encryptMethod ) { case "Blowfish": if ( keyLength <=

问题 I am implementing a decryption of ciphertext using Rijndael's algorithm. Unfortunately, I have not got access to the encryption of the data and have only been provided with a password (to generate the key with) and the type of algorithm. I do not have a salt (which seems to be ok), and I do not have the IV. Now, my question is whether I absolutely have to have the IV in order to perform decryption? I suspect the developers who wrote the encryption made no use of salt, or IV (if this is even

问题 We're migrating data from a legacy Java app into our newer .NET app. The Java app has a MySQL backend, and the .NET app has a SQL Server back end. We have the full source code and config files for both, but none of the developers who worked on the Java app are still with the company, and we're having to reverse-engineer some of the logic in order to migrate the data. We have most of the data moving over properly in our tests. But there's one column with encrypted values that we're having

问题 We're migrating data from a legacy Java app into our newer .NET app. The Java app has a MySQL backend, and the .NET app has a SQL Server back end. We have the full source code and config files for both, but none of the developers who worked on the Java app are still with the company, and we're having to reverse-engineer some of the logic in order to migrate the data. We have most of the data moving over properly in our tests. But there's one column with encrypted values that we're having

问题 I need to hash a message into a string of 30 chars. What's the best and most secure hash function for this usage? 回答1: Thirty characters (bytes) is 240 bits. If you can't move the goal-post to allow 32 characters, then you will probably end up using SHA-1, which generates 160-bits or 20 bytes. When Base-64 encoded, that will be 28 characters. If you use a hex-encoding, it will be 40 characters, which is nominally out of range. With 32 characters, you could use SHA-256, but Base-64 encoding

问题 I need to hash a message into a string of 30 chars. What's the best and most secure hash function for this usage? 回答1: Thirty characters (bytes) is 240 bits. If you can't move the goal-post to allow 32 characters, then you will probably end up using SHA-1, which generates 160-bits or 20 bytes. When Base-64 encoded, that will be 28 characters. If you use a hex-encoding, it will be 40 characters, which is nominally out of range. With 32 characters, you could use SHA-256, but Base-64 encoding

问题 I am implementing a decryption of ciphertext using Rijndael's algorithm. Unfortunately, I have not got access to the encryption of the data and have only been provided with a password (to generate the key with) and the type of algorithm. I do not have a salt (which seems to be ok), and I do not have the IV. Now, my question is whether I absolutely have to have the IV in order to perform decryption? I suspect the developers who wrote the encryption made no use of salt, or IV (if this is even

问题 I need to hash a message into a string of 30 chars. What's the best and most secure hash function for this usage? 回答1: Thirty characters (bytes) is 240 bits. If you can't move the goal-post to allow 32 characters, then you will probably end up using SHA-1, which generates 160-bits or 20 bytes. When Base-64 encoded, that will be 28 characters. If you use a hex-encoding, it will be 40 characters, which is nominally out of range. With 32 characters, you could use SHA-256, but Base-64 encoding