How to create public and private key with openssl?

You can generate a public-private keypair with the genrsa context (the last number is the keylength in bits): openssl genrsa -out keypair.pem 2048 To extract the public part, use the rsa context: openssl rsa -in keypair.pem -pubout -out publickey.crt Finally, convert the original keypair to PKCS#8 format with the pkcs8 context: openssl pkcs8 -topk8 -inform … Read more

Digitally sign PDF files [closed]

The open source iTextSharp library will allow you to do this. Here’s a post explaining how to digitally sign a pdf file. If you don’t want to use a third party library then you can implement it yourself but it could be a tough task -> you can start by reading the pdf specification (8.6MB)

Securing an API: SSL & HTTP Basic Authentication vs Signature

HTTP Basic Authentication over SSL is perfectly secure from my research. After all, using SSL (strictly TLS now) means the transport layer is encrypted and we can safely assume any information passed over this is secure and has not been tampered with. Therefore passing the username and password without generating a signature is sufficient.

Using SHA1 and RSA with java.security.Signature vs. MessageDigest and Cipher

OK, I’ve worked out what’s going on. Leonidas is right, it’s not just the hash that gets encrypted (in the case of the Cipher class method), it’s the ID of the hash algorithm concatenated with the digest: DigestInfo ::= SEQUENCE { digestAlgorithm AlgorithmIdentifier, digest OCTET STRING } Which is why the encryption by the Cipher … Read more

HMAC-SHA256 Algorithm for signature calculation

Here is my solution: public static String encode(String key, String data) throws Exception { Mac sha256_HMAC = Mac.getInstance(“HmacSHA256”); SecretKeySpec secret_key = new SecretKeySpec(key.getBytes(“UTF-8”), “HmacSHA256”); sha256_HMAC.init(secret_key); return Hex.encodeHexString(sha256_HMAC.doFinal(data.getBytes(“UTF-8”))); } public static void main(String [] args) throws Exception { System.out.println(encode(“key”, “The quick brown fox jumps over the lazy dog”)); } Or you can return the hash encoded … Read more

How does a public key verify a signature?

Your understanding of “public keys encrypt, private keys decrypt” is correct… for data/message ENCRYPTION. For digital signatures, it is the reverse. With a digital signature, you are trying to prove that the document signed by you came from you. To do that, you need to use something that only YOU have: your private key. A … Read more

How do I find out which keystore was used to sign an app?

First, unzip the APK and extract the file /META-INF/ANDROID_.RSA (this file may also be CERT.RSA, but there should only be one .RSA file). Then issue this command: keytool -printcert -file ANDROID_.RSA You will get certificate fingerprints like this: MD5: B3:4F:BE:07:AA:78:24:DC:CA:92:36:FF:AE:8C:17:DB SHA1: 16:59:E7:E3:0C:AA:7A:0D:F2:0D:05:20:12:A8:85:0B:32:C5:4F:68 Signature algorithm name: SHA1withRSA Then use the keytool again to print out all … Read more

Hata!: SQLSTATE[HY000] [1045] Access denied for user 'divattrend_liink'@'localhost' (using password: YES)