public-key-encryption

I'm trying to use public key crypto to sign and later verify a file. The file is a simple plaintext file that contains user information for authoring purposes. I tried different sites for a C implementation of a public key crypto algorithm but I haven't found anything. A lot of sites point to using certificates (x.509, etc) but that is way beyond what I need. I am just looking for a way to generate and public and private keys and use a relatively well known algorithm to sign and verify a file. Any pointers to a pure C implementation out there? The focus is on code that I can reuse and not

New question to keep this question specific and to the point. I have a JWT from Azure and now I need verify the signature in my application. The public keys from Microsoft can be found here: https://login.windows.net/common/discovery/keys How do I use these keys to verify a signature? I can tell these these are the public keys I need as the X5T header in the JWT matches those on this public key list. I am using the JWT PHP library but everything I enter as the public key seems to fail. supplied key param cannot be coerced into a public key So using the link above, that goes from there into the

I've Googled a bit but I haven't found any substantial results. Is it possible to use key-based authentication to connect to an Oracle server using Python? My objective is to be able to automate some reporting I'm doing with Python without having to store a username/password anywhere in the server. One possible solution is to implement Oracle Wallet. Creating an Oracle Wallet entry involves having: a tnsname resolution name established for the said instance a username and password Example: The Oracle sid I'm working with is named ORCL, the user I have to connect with is named my_user. In your

I'm not sure is similar question has been asked before (I couldn't find any), but is it possible to protect Client/Server from Man-In-The-Middle attack? I'm writing a Client application to communicate with Server. Communication will be SSLv3 based. I am OK with server's self-signed certificates, but worried about someone else generating same self-signed certificate in the same server name and pretend to be it. My Client application uses OpenSSL library. [Client and Server are thrift based, if it makes any difference]. Can I avoid such attack at the same time maintaining support for self-signed

Is it possible to run apps on Heroku that are HIPAA compliant? More specifically, I need two apps, one that stores member information and another that stores private health information of the members. I intend to encrypt sensitive data using both asymmetric and symmetric key encryption–asymmetric for the keys that link members with their sensitive data on the other app, and symmetric for specific fields in the members app, such as name, email address and phone. My main concern is that anyone at Heroku can break the asymmetric encryption, since they have access to both apps (and private keys).

I am trying to use the iPhone's PKI libraries to encrypt a short string (12345678), but I keep getting the error -9809 (i.e. errSSLCrypto) whenever I try to use SecKeyEncrypt. The SecureTransport.h header file describes this error simply as "underlying cryptographic error", which wasn't very meaningful. My code is as follows: - (NSData *)encryptDataWithPublicKey:(NSString *)plainText { OSStatus result = -1; NSData *plainTextData = [plainText dataUsingEncoding:NSASCIIStringEncoding]; size_t plainTextLength = [plainTextData length]; SecTrustRef trustRef; SecTrustResultType trustResult;