You can generate a public-private keypair with the genrsa context (the last number is the keylength in bits): openssl genrsa -out keypair.pem 2048 To extract the public part, use the rsa context: openssl rsa -in keypair.pem -pubout -out publickey.crt Finally, convert the original keypair to PKCS#8 format with the pkcs8 context: openssl pkcs8 -topk8 -inform … Read more
The open source iTextSharp library will allow you to do this. Here’s a post explaining how to digitally sign a pdf file. If you don’t want to use a third party library then you can implement it yourself but it could be a tough task -> you can start by reading the pdf specification (8.6MB)
HTTP Basic Authentication over SSL is perfectly secure from my research. After all, using SSL (strictly TLS now) means the transport layer is encrypted and we can safely assume any information passed over this is secure and has not been tampered with. Therefore passing the username and password without generating a signature is sufficient.
OK, I’ve worked out what’s going on. Leonidas is right, it’s not just the hash that gets encrypted (in the case of the Cipher class method), it’s the ID of the hash algorithm concatenated with the digest: DigestInfo ::= SEQUENCE { digestAlgorithm AlgorithmIdentifier, digest OCTET STRING } Which is why the encryption by the Cipher … Read more
Here is my solution: public static String encode(String key, String data) throws Exception { Mac sha256_HMAC = Mac.getInstance(“HmacSHA256”); SecretKeySpec secret_key = new SecretKeySpec(key.getBytes(“UTF-8”), “HmacSHA256”); sha256_HMAC.init(secret_key); return Hex.encodeHexString(sha256_HMAC.doFinal(data.getBytes(“UTF-8”))); } public static void main(String [] args) throws Exception { System.out.println(encode(“key”, “The quick brown fox jumps over the lazy dog”)); } Or you can return the hash encoded … Read more
If anyone wants to debug release build using Android Studio, follow these steps: Set build variant to release mode. Right click on app in left navigation pane, click Open Module Settings. Go to Signing Tab. Add a signing config and fill in information. Select your keychain as well. Go to Build Type tab. Select release … Read more
Your understanding of “public keys encrypt, private keys decrypt” is correct… for data/message ENCRYPTION. For digital signatures, it is the reverse. With a digital signature, you are trying to prove that the document signed by you came from you. To do that, you need to use something that only YOU have: your private key. A … Read more
First, unzip the APK and extract the file /META-INF/ANDROID_.RSA (this file may also be CERT.RSA, but there should only be one .RSA file). Then issue this command: keytool -printcert -file ANDROID_.RSA You will get certificate fingerprints like this: MD5: B3:4F:BE:07:AA:78:24:DC:CA:92:36:FF:AE:8C:17:DB SHA1: 16:59:E7:E3:0C:AA:7A:0D:F2:0D:05:20:12:A8:85:0B:32:C5:4F:68 Signature algorithm name: SHA1withRSA Then use the keytool again to print out all … Read more