security

问题 I've generated an RSA symmetric key pair on a device using SecKeyGeneratePair() on a device. I have SecKeyRef struct pointers for each key. So, how do I save a SecKeyRef to disk? Or even transmit it (I also imagine there are issues with correct encoding too)? Apple's 'Certificate, Key, and Trust Services' Guide notes You can send your public key to anyone, who can then use it to encrypt data. I'd like to save the private key especially; so I can use it on deployed devices to decrypt data

问题 Closed . This question is opinion-based. It is not currently accepting answers. Want to improve this question? Update the question so it can be answered with facts and citations by editing this post. Closed 12 months ago . Some applications (or websites) compute a password's complexity as you type. They typically display a red bar which turns orange, then green, then even greener as your password gets longer, and contains more classes of characters (e.g., lowercase, uppercase, punctuation,

问题 We want to remove hardcoded passwords from ODBC connection strings in our SAS code, and also prevent any of the passwords from appearing in the SAS log files. There seems to be plenty of whitepapers discussing how to go about this but I either find problems with them, or can't get them working. Prompting the user each time for the PW is not a viable alternative. Also, storing the password in a macro variable is an acceptable approach, as long as you have a way to suppress it from printing to

问题 I'm having a problem trying to convert SecByteBlock to string. Here's my case: I want to encrypt user access data using AES with static key and dynamic iv. My code is something like this: AesKeyIvFactory aesKeyIvFactory; SecByteBlock key = aesKeyIvFactory.loadKey(); SecByteBlock iv = aesKeyIvFactory.createIv(); encryptionService->encode(&userAccess, key, iv); std::string token = std::string(iv.begin(), iv.end()) + userAccess; The code above is supposed to: Load key from file; Create iv;

问题 I get this message when I am trying to access a web service from Jquery located in SAME the URL (but different directory). I know it is IE security setting. The question is, how do I suppress it...surely, people don't put web services in the same web site, same directory.... 回答1: In case this is helpful for someone running Visual Studio 2013. I had upgraded my Visual Studio from 2010 to 2013 and then started seeing the seurity warning. Using Fiddler I found that VS 2013 kept sending

问题 I want to check if a file exists locally, where the HTML file is located. It has to be JavaScript. JavaScript will never be disabled. jQuery is not good but can do. By the way, I am making a titanium app for Mac so I am looking for a way of protecting my files from people who click "show package contents". 回答1: Your question is ambiguous, so there are multiple possible answers depending on what you're really trying to achieve. If you're developping as I'm guessing a desktop application using

问题 I was given this C# code written by the web service team that exposes some web service that I'm planning to consume. My password needs to be encrypted with this code so that the web service knows how to decrypt it on their end. using(RSACryptoServiceProvider rsa = new RSACryptoServiceProvider()) { rsa.FromXmlString(publicKey); byte[] plainBytes = Encoding.Unicode.GetBytes(clearText); byte[] encryptedBytes = rsa.Encrypt(plainBytes, false); return Convert.ToBase64String(encryptedBytes); } I'm

问题 In the newer versions of Android (> 3.0) there is an onscreen button that will display a list of the recent apps with their names and snapshots. Even though my app itself is password protected, this overview might show sensitive data in that snapshot. So is there any way to force a certain image (like a logo) to be shown rather than let the OS decide? 回答1: It seems to be impossible for now. There's a method called onCreateThumbnail but it is not used currently by the system I guess, since it

问题 In the newer versions of Android (> 3.0) there is an onscreen button that will display a list of the recent apps with their names and snapshots. Even though my app itself is password protected, this overview might show sensitive data in that snapshot. So is there any way to force a certain image (like a logo) to be shown rather than let the OS decide? 回答1: It seems to be impossible for now. There's a method called onCreateThumbnail but it is not used currently by the system I guess, since it

问题 I thought that one processes cannot read the memory of another process. But I'm shocked to see an application named "WinHex" which has "Ram Editor" and it is able to access entire memory. of all the processes. How is that possible? And it is even able to modify the memory of other processes. Doesn't this become malicious? 回答1: In all likelyhood, the tool uses ReadProcessMemory or some variant, which requires PROCESS_VM_READ access. With respect to your "malicious" comment, remember that you