Search Results

Search found 1714 results on 69 pages for 'western digital'.

Page 10/69 | < Previous Page | 6 7 8 9 10 11 12 13 14 15 16 17  | Next Page >

  • How can I programmatically obtain the company info used to digitally sign an assembly in .NET?

    - by chaiguy
    As a means of simple security, I was previously checking the digital signature of a downloaded update package for my program against its public key to ensure that it originated from me. However, as I'm using cheap code signing certs (Tucows), I am unable to renew an existing cert and therefore the keys change every time I need to renew. Therefore, a more reliable means would be to verify the organization information embedded in the signed assembly (which is displayed in the UAC dialog) against my well-known organization string, as this will continue to be the same. Does anyone know how to obtain this information from a digitally-signed assembly?

    Read the article

  • Canonicalizing XML in Ruby

    - by whazzmaster
    I'm working on a SAML gateway using Ruby/Rails and I'm attempting to write some code that validates the xml digital signature of the incoming SAML response against the x509 cert of the originating service. My problem: the signature depends on a canonicalized version of the XML that is hashed and then signed and I'm having trouble finding a ruby lib/gem that will canonicalize XML per the spec. I found a super old gem on rubyforge that is a mess but I'd be more interested if something like nokogiri supported this kind of functionality (from the nokogiri docs, it doesn't). I've googled extensively but thought I'd ask around here to see if anyone has any good insights before I go and try to write my own version or rework the existing c14n-r library.

    Read the article

  • How do I digitally sign an HTTPS request in .net?

    - by Endy Tjahjono
    Is there a built in procedure to digitally sign an HTTPS request with client's SSL private key in .net? Also, is there a built in procedure to verify the digital signature against an SSL certificate? Or do I have to roll my own? Or is there a third party library? I need the request to be digitally signed because the client manipulates money, so I want to be sure that the request really comes from the client and that nobody tampers with the content of the request. I'm also considering using SSL client certificate, but it can only provide confidentiality and authentication, but not data integrity.

    Read the article

  • Encoding license file for privacy

    - by Swingline Rage
    Hi, We're using XML Digital Signatures for signing and verifying our license keys. The signing works fine and has been running smoothly. The XML license file contains a few (plaintext) details about the license, along with a binary signature. We'd like to encode (I don't say encrypt) those plaintext details (license duration, user name, etc, etc.) so they're not immediately visible to prying eyes. Is there a standard (eg, base 64 or something else) that people use in this situation? It doesn't need to be secure or particularly clever, just enough to conceal the information in Notepad. Thanks : )

    Read the article

  • How to slave a 3.5" 500gb SATA external hard drive (Western Digital) to my Dell Inspiron laptop

    - by AJ HDD
    I have a 3.5" Western Digital My Book 500gb external hard drive. I gave it to a friend of mine, and he broke the USB port in it. I went to a nearby comp repair shop and had him solder the thing, and it didn't detect when it when I plugged it into my Dell Inspiron laptop. I recently saw about the 3.5" SATA to USB enclosure, so I went to check it. Strangely, when its placed in the enclosure, its not detecting in Windows. Also, when it was put as secondary (I'm guessing slave) to the shop fellow's desktop, it shows up in the BIOS and while starting, but then again doesn't show in Windows 7. The guy told me that I need to use a data recovery tool to get my data back. P.S. Whe WD hard drive doesnt have an OS, just data. So my question is: Can I slave the drive to my Dell laptop and try to recover the data, and if so how? I would really appreciate it any help, thanks in advance.

    Read the article

  • com0com silent install (test signed com0com.sys shows up as signed in explorer but not in Device Manager)

    - by Andrew
    My goal is to have the com0com serial driver install without popping up the install wizard on both WinXP and Win2000. I am working on WinXP x86. I have followed the test signing instructions for the com0com driver, replacing amd64 with i386 at line 60. I have added my test certificate as both a root and trustedprovider using the following commands: certmgr /add com0com.cer /r localMachine root certmgr /add com0com.cer /r localMachine trustedprovider And verified that it is listed under both locations. I then run the newly built setup.exe. This installs the signed com0com.sys file into C:\WINDOWS\system32\DRIVERS and sets up a pair of virtual serial ports and a bus between them. Using explorer, I go to the DRIVERS directory, right click on the com0com.sys file and verify that it has the "test" digital signature. I then go into Device Manager, open the "com0com serial port emulators" entry, pick an entry and do Properties-Driver and see that it says "Not digitally signed". I click details for the driver and can see that it is referring to the com0com.sys driver file that I just confirmed is signed. I found what might be a related issue but I'm not sure. Does WinXP demand a WHQL signature? If so, does that explain why the com0com.sys file is signed but the device driver entries say they aren't signed?

    Read the article

  • Figuring out the performance limitation of an ADC on a PIC microcontroller

    - by AKE
    I'm spec-ing the suitability of a microcontroller like PIC for an analog-to-digital application. This would be preferable to using external A/D chips. To do that, I've had to run through some computations, pulling the relevant parameters from the datasheets. I'm not sure I've got it right -- would appreciate a check! Here's the simplest example: PIC10F220 is the simplest possible PIC with an ADC. Runs at clock speed of 8MHz. Has an instruction cycle of 0.5us (4 clock steps per instruction) So: Taking Tacq = 6.06 us (acquisition time for ADC, assume chip temp. = 50*C) [datasheet p34] Taking Fosc = 8MHz (? clock speed) Taking divisor = 4 (4 clock steps per CPU instruction) This gives TAD = 0.5us (TAD = 1/(Fosc/divisor) ) Conversion time is 13*TAD [datasheet p31] This gives conversion time 6.5us ADC duration is then 12.56 us [? Tacq + 13*TAD] Assuming at least 2 instructions for load/store: This is another 1 us [0.5 us per instruction] Which would give max sampling rate of 73.7 ksps (1/13.56) Supposing 8 more instructions for real-time processing: This is another 4 us Thus, total ADC/handling time = 17.56us (12.56us + 1us + 4us) So expected upper sampling rate is 56.9 ksps. Nyquist frequency for this sampling rate is therefore 28 kHz. If this is right, it suggests the (theoretical) performance suitability of this chip's A/D is for signals that are bandlimited to 28 kHz. Is this a correct interpretation of the information given in the data sheet? Any pointers would be much appreciated! AKE

    Read the article

  • Figuring out the Nyquist performance limitation of an ADC on an example PIC microcontroller

    - by AKE
    I'm spec-ing the suitability of a dsPIC microcontroller for an analog-to-digital application. This would be preferable to using dedicated A/D chips and a separate dedicated DSP chip. To do that, I've had to run through some computations, pulling the relevant parameters from the datasheets. I'm not sure I've got it right -- would appreciate a check! (EDITED NOTE: The PIC10F220 in the example below was selected ONLY to walk through a simple example to check that I'm interpreting Tacq, Fosc, TAD, and divisor correctly in working through this sort of Nyquist analysis. The actual chips I'm considering for the design are the dsPIC33FJ128MC804 (with 16b A/D) or dsPIC30F3014 (with 12b A/D).) A simple example: PIC10F220 is the simplest possible PIC with an ADC Runs at clock speed of 8MHz. Has an instruction cycle of 0.5us (4 clock steps per instruction) So: Taking Tacq = 6.06 us (acquisition time for ADC, assume chip temp. = 50*C) [datasheet p34] Taking Fosc = 8MHz (? clock speed) Taking divisor = 4 (4 clock steps per CPU instruction) This gives TAD = 0.5us (TAD = 1/(Fosc/divisor) ) Conversion time is 13*TAD [datasheet p31] This gives conversion time 6.5us ADC duration is then 12.56 us [? Tacq + 13*TAD] Assuming at least 2 instructions for load/store: This is another 1 us [0.5 us per instruction] Which would give max sampling rate of 73.7 ksps (1/13.56) Supposing 8 more instructions for real-time processing: This is another 4 us Thus, total ADC/handling time = 17.56us (12.56us + 1us + 4us) So expected upper sampling rate is 56.9 ksps. Nyquist frequency for this sampling rate is therefore 28 kHz. If this is right, it suggests the (theoretical) performance suitability of this chip's A/D is for signals that are bandlimited to 28 kHz. Is this a correct interpretation of the information given in the data sheet in obtaining the Nyquist performance limit? Any opinions on the noise susceptibility of ADCs in PIC / dsPIC chips would be much appreciated! AKE

    Read the article

  • need primitive public key signature with out of band key distribution

    - by Mike D
    I pretty much a complete neophyte at this signature business so I don't know if what I'm asking is nonsense or not. Anyway, here goes... I want to send an out of band message (don't worry about how it gets there) to a program I've written on a distant machine. I want the program to have some confidence the message is legit by attaching a digital signature to the message. The message will be small less than 200 characters. It seems a public key based signature is what I want to use. I could embed the public key in the program. I understand that the program would be vulnerable to attack by anyone who modifies it BUT I'm not too worried about that. The consequences are not dire. I've looked through the MSDN and around the web but the prospect of diving in is daunting. I'm writing in straight c++, no NET framework or other fancy stuff. I've had no experience including NET framework stuff and little luck during previous attempts. Can anyone point me at some very basic resources to get me started? I need to know 1)how to generate the public and private keys 2)how to sign the message 3)how to verify the signature Any help much appreciated. TIA, Mike

    Read the article

  • DSA signature verification input

    - by calccrypto
    What is the data inputted into DSA when PGP signs a message? From RFC4880, i found A Signature packet describes a binding between some public key and some data. The most common signatures are a signature of a file or a block of text, and a signature that is a certification of a User ID. im not sure if it is the entire public key, just the public key packet, or some other derivative of a pgp key packet. whatever it is, i cannot get the DSA signature to verify here is a sample im testing my program on: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 abcd -----BEGIN PGP SIGNATURE----- Version: BCPG v1.39 iFkEARECABkFAk0z65ESHGFiYyAodGVzdCBrZXkpIDw+AAoJEC3Jkh8+bnkusO0A oKG+HPF2Qrsth2zS9pK+eSCBSypOAKDBgC2Z0vf2EgLiiNMk8Bxpq68NkQ== =gq0e -----END PGP SIGNATURE----- Dumped from pgpdump.net Old: Signature Packet(tag 2)(89 bytes) Ver 4 - new Sig type - Signature of a canonical text document(0x01). Pub alg - DSA Digital Signature Algorithm(pub 17) Hash alg - SHA1(hash 2) Hashed Sub: signature creation time(sub 2)(4 bytes) Time - Mon Jan 17 07:11:13 UTC 2011 Hashed Sub: signer's User ID(sub 28)(17 bytes) User ID - abc (test key) <> Sub: issuer key ID(sub 16)(8 bytes) Key ID - 0x2DC9921F3E6E792E Hash left 2 bytes - b0 ed DSA r(160 bits) - a1 be 1c f1 76 42 bb 2d 87 6c d2 f6 92 be 79 20 81 4b 2a 4e DSA s(160 bits) - c1 80 2d 99 d2 f7 f6 12 02 e2 88 d3 24 f0 1c 69 ab af 0d 91 -> hash(DSA q bits) and the public key for it is: -----BEGIN PGP PUBLIC KEY BLOCK----- Version: BCPG v1.39 mOIETTPqeBECALx+i9PIc4MB2DYXeqsWUav2cUtMU1N0inmFHSF/2x0d9IWEpVzE kRc30PvmEHI1faQit7NepnHkkphrXLAoZukAoNP3PB8NRQ6lRF6/6e8siUgJtmPL Af9IZOv4PI51gg6ICLKzNO9i3bcUx4yeG2vjMOUAvsLkhSTWob0RxWppo6Pn6MOg dMQHIM5sDH0xGN0dOezzt/imAf9St2B0HQXVfAAbveXBeRoO7jj/qcGx6hWmsKUr BVzdQhBk7Sku6C2KlMtkbtzd1fj8DtnrT8XOPKGp7/Y7ASzRtBFhYmMgKHRlc3Qg a2V5KSA8PohGBBMRAgAGBQJNM+p5AAoJEC3Jkh8+bnkuNEoAnj2QnqGtdlTgUXCQ Fyvwk5wiLGPfAJ4jTGTL62nWzsgrCDIMIfEG2shm8bjMBE0z6ngQAgCUlP7AlfO4 XuKGVCs4NvyBpd0KA0m0wjndOHRNSIz44x24vLfTO0GrueWjPMqRRLHO8zLJS/BX O/BHo6ypjN87Af0VPV1hcq20MEW2iujh3hBwthNwBWhtKdPXOndJGZaB7lshLJuW v9z6WyDNXj/SBEiV1gnPm0ELeg8Syhy5pCjMAgCFEc+NkCzcUOJkVpgLpk+VLwrJ /Wi9q+yCihaJ4EEFt/7vzqmrooXWz2vMugD1C+llN6HkCHTnuMH07/E/2dzciEYE GBECAAYFAk0z6nkACgkQLcmSHz5ueS7NTwCdED1P9NhgR2LqwyS+AEyqlQ0d5joA oK9xPUzjg4FlB+1QTHoOhuokxxyN =CTgL -----END PGP PUBLIC KEY BLOCK----- the public key packet of the key is mOIETTPqeBECALx+i9PIc4MB2DYXeqsWUav2cUtMU1N0inmFHSF/2x0d9IWEpVzEkRc30PvmEHI1faQi t7NepnHkkphrXLAoZukAoNP3PB8NRQ6lRF6/6e8siUgJtmPLAf9IZOv4PI51gg6ICLKzNO9i3bcUx4ye G2vjMOUAvsLkhSTWob0RxWppo6Pn6MOgdMQHIM5sDH0xGN0dOezzt/imAf9St2B0HQXVfAAbveXBeRoO 7jj/qcGx6hWmsKUrBVzdQhBk7Sku6C2KlMtkbtzd1fj8DtnrT8XOPKGp7/Y7ASzR in radix 64 i have tried many different combinations of sha1(< some data + 'abcd'),but the calculated value v never equals r, of the signature i know that the pgp implementation i used to create the key and signature is correct. i also know that my DSA implementation and PGP key data extraction program are correct. thus, the only thing left is the data to hash. what is the correct data to be hashed?

    Read the article

  • Linear feedback shift register?

    - by Mattia Gobbi
    Lately I bumped repeatedly into the concept of LFSR, that I find quite interesting because of its links with different fields and also fascinating in itself. It took me some effort to understand, the final help was this really good page, much better than the (at first) cryptic wikipedia entry. So I wanted to write some small code for a program that worked like a LFSR. To be more precise, that somehow showed how a LFSR works. Here's the cleanest thing I could come up with after some lenghtier attempts (Python): def lfsr(seed, taps): sr, xor = seed, 0 while 1: for t in taps: xor += int(sr[t-1]) if xor%2 == 0.0: xor = 0 else: xor = 1 print xor sr, xor = str(xor) + sr[:-1], 0 print sr if sr == seed: break lfsr('11001001', (8,7,6,1)) #example I named "xor" the output of the XOR function, not very correct. However, this is just meant to show how it circles through its possible states, in fact you noticed the register is represented by a string. Not much logical coherence. This can be easily turned into a nice toy you can watch for hours (at least I could :-) def lfsr(seed, taps): import time sr, xor = seed, 0 while 1: for t in taps: xor += int(sr[t-1]) if xor%2 == 0.0: xor = 0 else: xor = 1 print xor print time.sleep(0.75) sr, xor = str(xor) + sr[:-1], 0 print sr print time.sleep(0.75) Then it struck me, what use is this in writing software? I heard it can generate random numbers; is it true? how? So, it would be nice if someone could: explain how to use such a device in software development come up with some code, to support the point above or just like mine to show different ways to do it, in any language Also, as theres not much didactic stuff around about this piece of logic and digital circuitry, it would be nice if this could be a place for noobies (like me) to get a better understanding of this thing, or better, to understand what it is and how it can be useful when writing software. Should have made it a community wiki? That said, if someone feels like golfing... you're welcome.

    Read the article

  • Signable, streamable, "readable" archive format?

    - by alexvoda
    Is there any archive format that offers the following: be digitally sign-able with a digital certificate from a trusted source like Verisign - for preventing changes to the file (I am not referring to read only, but in case the file was changed it should no longer be signed telling the user this is not the original file) be stream-able - be able to be opened even if not all of the content has been transfered (also not strictly linearly) be "readable" - be able to read the data without extracting to a temporary folder (AFAIK if you open a file in a zip archive it is extracted first, and this stays true even for zip based formats like OOXML. This is not what I want) be portable - support on at least Windows, Linux and Mac OS X is a must, or at least future support be free of patents - Be open source - also preferably a license that allows commercial use(as far as i know GPL a share-alike licence so it doesn't allow comercial use, BSD on the other hand alows it) Note: Though it may come in handy eventually I can not think right now of a scenario that would require both point 1 and point 2 simultaneously. Or lets leave it a be able to check the signature only when the whole file was downloaded. I am not interested in: being able to be compressed being supported on legacy systems Does any existing archive format fit this description (tar evolutions like DAR and pax come to mind) ? If there is, are there programing libraries available for the above mentioned OSs? If not, would it be hard to create such a thing? EDIT: clarrified piont 5 EDIT 2: added a note to clarify point 1 and 2 P.S.: This is my first question on StackOverflow

    Read the article

  • Digitally sign MS Office (Word, Excel, etc..) and PDF files on the server

    - by Sébastien Nussbaumer
    I need to digitally sign MS Office and PDF files that are stored on a server. I really mean a digital signature that is integrated in the document, according to each specific file formats. This is the process I had in mind : Create a hash of the file's content Send the hash to a custom written java applet in the browser The user encrypts the hash with his/her private key (on an usb token via PKCS#11 for example), thus effectively signing the file. The applet then sends the signature to the server On the server I would then incorporate the signature in the file's (MS Office and PDF files can do that without changing the file's content, probably by just setting some metadata field) What is cool is that you never have to download and upload the complete file to the server again. What is even cooler, the customer doesn't need Office or PDF Writer to sign the files. Parts 2, 3 and 4 are OK for me, my company bought all the JAVA technology I need for that for a previous project I worked on. Problem : I can't seem to find any documentation/examples to do parts 1 and 5 for Office files . Are my google skills failing me this time ? Do you have any pointers to documentation or examples for doing that for MS Office files ? The underlying technology isn't that important to me : I can use Java, .Net, COM, any working technology is OK ! Note : I'm 95% sure I can nail points 1 and 5 for PDF files using iText Thanks ** Edit : If I can't do that with hashes and must download the complete file to the client, it's also possible. But then I still need the documentation to be able to sign Office file... in java this time (from an applet)

    Read the article

  • How to automize multiple projects build process by including digital signature of exe in Delphi?

    - by user193655
    After building a project group of 2 projects with Delphi (2009) I digitally sign the 2 exes using InstallAware Code signing, an exe that shipped with Delphi 2009. How is it possible to automize the digital signature, so when I build I can also attach digital signature. For digital signing I use a pvk (private key) file and an spc (Sw publisher certificate) file. Subquestion: Moreover I created a project group because I have 2 exes, but they are almost the same, the only thing that changes is the Application icon and the application name (one is ProductOne.dpr, the other is ProductTwo.dpr). In practice I have 2 brands of the same product, I have a single build but activation keys details activate one or the other, anyway now I was asked to change the icon and the filename, and for this I need to build 2 projects, activation key is not enough anymore to distinguish between the 2. Anyway if there is a way to do this from a single project it would be better.

    Read the article

  • Implementing RSA-SHA1 signature algorithm in Java (creating a private key for use with OAuth RSA-SHA

    - by The Elite Gentleman
    Hi everyone, As you know, OAuth can support RSA-SHA1 Signature. I have an OAuthSignature interface that has the following method public String sign(String data, String consumerSecret, String tokenSecret) throws GeneralSecurityException; I successfully implemented and tested HMAC-SHA1 Signature (which OAuth Supports) as well as the PLAINTEXT "signature". I have searched google and I have to create a private key if I need to use SHA1withRSA signature: Sample code: /** * Signs the data with the given key and the provided algorithm. */ private static byte[] sign(PrivateKey key, String data) throws GeneralSecurityException { Signature signature = Signature.getInstance("SHA1withRSA"); signature.initSign(key); signature.update(data.getBytes()); return signature.sign(); } Now, How can I take the OAuth key (which is key = consumerSecret&tokenSecret) and create a PrivateKey to use with SHA1withRSA signature? Thanks

    Read the article

  • half-sine pulse shaping

    - by kos
    hi, i wanted to know what is the pulse shape of the modem.oqpskmod? and if it is not half-sine pulse shape, how is it possible to make it half-sine pulse shape as it is stated in ieee 802.15.4(zigbee) standard where it shows it as follows p(t)=sin(pi*t/2*Tc) if 0<=t<=2Tc p(t)=0 if otherwise ? thanks a lot!

    Read the article

  • Java Access Token PKCS11 Not found Provider

    - by oracleruiz
    Hello I'm trying to access the keystore from my smartcard in Java. And I'm using the following code.. I'm using the Pkcs11 implementation of OpenSc http://www.opensc-project.org/opensc File windows.cnf = name=dnie library=C:\WINDOWS\system32\opensc-pkcs11.dll Java Code = String configName = "windows.cnf" String PIN = "####"; Provider p = new sun.security.pkcs11.SunPKCS11(configName); Security.addProvider(p); KeyStore keyStore = KeyStore.getInstance("PKCS11", "SunPKCS11-dnie"); =)(= char[] pin = PIN.toCharArray(); keyStore.load(null, pin); When the execution goes by the line with =)(= throws me the following exeption java.security.KeyStoreException: PKCS11 not found at java.security.KeyStore.getInstance(KeyStore.java:635) at ObtenerDatos.LeerDatos(ObtenerDatos.java:52) at ObtenerDatos.obtenerNombre(ObtenerDatos.java:19) at main.main(main.java:27) Caused by: java.security.NoSuchAlgorithmException: no such algorithm: PKCS11 for provider SunPKCS11-dnie at sun.security.jca.GetInstance.getService(GetInstance.java:70) at sun.security.jca.GetInstance.getInstance(GetInstance.java:190) at java.security.Security.getImpl(Security.java:662) at java.security.KeyStore.getInstance(KeyStore.java:632) I think the problem is "SunPKCS11-dnie", but I don't know to put there. I had tried with a lot of combinations... Anyone can help me...

    Read the article

  • How to Verify Signature, Loading PUBLIC KEY From PEM file?

    - by bbirtle
    I'm posting this in the hope it saves somebody else the hours I lost on this really stupid problem involving converting formats of public keys. If anybody sees a simpler solution or a problem, please let me know! The eCommerce system I'm using sends me some data along with a signature. They also give me their public key in .pem format. The .pem file looks like this: -----BEGIN PUBLIC KEY----- MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDe+hkicNP7ROHUssGNtHwiT2Ew HFrSk/qwrcq8v5metRtTTFPE/nmzSkRnTs3GMpi57rBdxBBJW5W9cpNyGUh0jNXc VrOSClpD5Ri2hER/GcNrxVRP7RlWOqB1C03q4QYmwjHZ+zlM4OUhCCAtSWflB4wC Ka1g88CjFwRw/PB9kwIDAQAB -----END PUBLIC KEY----- Here's the magic code to turn the above into an "RSACryptoServiceProvider" which is capable of verifying the signature. Uses the BouncyCastle library, since .NET apparently (and appallingly cannot do it without some major headaches involving certificate files): RSACryptoServiceProvider thingee; using (var reader = File.OpenText(@"c:\pemfile.pem")) { var x = new PemReader(reader); var y = (RsaKeyParameters)x.ReadObject(); thingee = (RSACryptoServiceProvider)RSACryptoServiceProvider.Create(); var pa = new RSAParameters(); pa.Modulus = y.Modulus.ToByteArray(); pa.Exponent = y.Exponent.ToByteArray(); thingee.ImportParameters(pa); } And then the code to actually verify the signature: var signature = ... //reads from the packet sent by the eCommerce system var data = ... //reads from the packet sent by the eCommerce system var sha = new SHA1CryptoServiceProvider(); byte[] hash = sha.ComputeHash(Encoding.ASCII.GetBytes(data)); byte[] bSignature = Convert.FromBase64String(signature); ///Verify signature, FINALLY: var hasValidSig = thingee.VerifyHash(hash, CryptoConfig.MapNameToOID("SHA1"), bSignature);

    Read the article

  • Securing a license key with RSA key.

    - by Jesse Knott
    Hello, it's late, I'm tired, and probably being quite dense.... I have written an application that I need to secure so it will only run on machines that I generate a key for. What I am doing for now is getting the BIOS serial number and generating a hash from that, I then am encrypting it using a XML RSA private key. I then sign the XML to ensure that it is not tampered with. I am trying to package the public key to decrypt and verify the signature with, but every time I try to execute the code as a different user than the one that generated the signature I get a failure on the signature. Most of my code is modified from sample code I have found since I am not as familiar with RSA encryption as I would like to be. Below is the code I was using and the code I thought I needed to use to get this working right... Any feedback would be greatly appreciated as I am quite lost at this point the original code I was working with was this, this code works fine as long as the user launching the program is the same one that signed the document originally... CspParameters cspParams = new CspParameters(); cspParams.KeyContainerName = "XML_DSIG_RSA_KEY"; cspParams.Flags = CspProviderFlags.UseMachineKeyStore; // Create a new RSA signing key and save it in the container. RSACryptoServiceProvider rsaKey = new RSACryptoServiceProvider(cspParams) { PersistKeyInCsp = true, }; This code is what I believe I should be doing but it's failing to verify the signature no matter what I do, regardless if it's the same user or a different one... RSACryptoServiceProvider rsaKey = new RSACryptoServiceProvider(); //Load the private key from xml file XmlDocument xmlPrivateKey = new XmlDocument(); xmlPrivateKey.Load("KeyPriv.xml"); rsaKey.FromXmlString(xmlPrivateKey.InnerXml); I believe this to have something to do with the key container name (Being a real dumbass here please excuse me) I am quite certain that this is the line that is both causing it to work in the first case and preventing it from working in the second case.... cspParams.KeyContainerName = "XML_DSIG_RSA_KEY"; Is there a way for me to sign/encrypt the XML with a private key when the application license is generated and then drop the public key in the app directory and use that to verify/decrypt the code? I can drop the encryption part if I can get the signature part working right. I was using it as a backup to obfuscate the origin of the license code I am keying from. Does any of this make sense? Am I a total dunce? Thanks for any help anyone can give me in this..

    Read the article

  • Implementing DRM in enterprise environment

    - by Chathuranga Chandrasekara
    Consider the following Business requirement. There are some templates of documents on a server (MS OFFICE format) The users should be able to edit the documents and save a copy in the server. The users SHOULD NOT be able to save a local copy. i.e That option should be not available. Do I have any feature\hack to do this with MS Office? Think about a solution like google docs without the Download options. It is ideal but needs a lot of effort to implement it.

    Read the article

  • How to read public key from PFX file in java

    - by articlestack
    I am able to read private key from PFX file but not public key. I am using following code to read public key. InputStream inStream = new FileInputStream(certFile); CertificateFactory cf = CertificateFactory.getInstance("X.509"); BufferedInputStream bis = new BufferedInputStream(inStream); // if (bis.available() > 0) { java.security.cert.Certificate cert = cf.generateCertificate(bis); System.out.println("This part is not getting printed in case of PFX file"); // } puk = (PublicKey) cert.getPublicKey(); This code is working properly when i read from .cer file. Please help

    Read the article

  • Automate the signature of the update.rdf manifest for my firefox extension

    - by streetpc
    Hello, I'm developing a firefox extension and I'd like to provide automatic update to my beta-testers (who are not tech-savvy). Unfortunately, the update server doesn't provide HTTPS. According to the Extension Developer Guide on signing updates, I have to sign my update.rdf and provide an encoded public key in the install.rdf. There is the McCoy tool to do all of this, but it is an interactive GUI tool and I'd like to automate the extension packaging using an Ant script (as this is part of a much bigger process). I can't find a more precise description of what's happening to sign the update.rdf manifest than below, and McCoy source is an awful lot of javascript. The doc says: The add-on author creates a public/private RSA cryptographic key pair. The public part of the key is DER encoded and then base 64 encoded and added to the add-on's install.rdf as an updateKey entry. (...) Roughly speaking the update information is converted to a string, then hashed using a sha512 hashing algorithm and this hash is signed using the private key. The resultant data is DER encoded then base 64 encoded for inclusion in the update.rdf as an signature entry. I don't know well about DER encoding, but it seems like it needs some parameters. So would anyone know either the full algortihm to sign the update.rdf and install.rdf using a predefined keypair, or a scriptable alternative to McCoy whether a command-line tool like asn1coding will suffise a good/simple developer tutorial on DER encoding

    Read the article

  • Digitally Sign Parts of a XML document

    - by Eros
    I have an XML document having structure similar to the following <envelop> <header>blaa</header> <message>blaa blaa</message> <footer></footer> </envelop> I want to digitally sign the header and message elements and add the signature to the footer element. How can I sign the elements and then later verify the signature (using .net c#) ?

    Read the article

< Previous Page | 6 7 8 9 10 11 12 13 14 15 16 17  | Next Page >