22 questions
0
votes
1
answer
43
views
Why is my key size generated from rsaKeygen() always 19?
When running the rsaKeygen() function, the key it makes is always length 19, and increasing the size of the p and q generation ranges causes the program to hang. Code:
function rsaKeygen()
p = math....
- 21
0
votes
0
answers
19
views
Fortanix dependency for Java 17
I am upgrading from Java 11 to Java 17
I am using the fortanix dependency com.fortanix:sdkms-client:4.27.2394.
but it is compiled in java 8, I need the one for Java 17.
Opening the class I see ...
- 437
0
votes
0
answers
86
views
RemoveCertificate in System.Security.Cryptography.Pkcs.SignedCms - is real (NetFramwork 4.7)?
Net6 has method System.Security.Cryptography.Pkcs.SignedCms.RemoveCertificate(X509Certificate2 certificate)
https://learn.microsoft.com/en-us/dotnet/api/system.security.cryptography.pkcs.signedcms....
- 109
0
votes
1
answer
141
views
Why are there no extensions in the CertificateExtensions property of CertificateRequest?
I'm adding a SAN extension to my CSR
public CertificateRequest GenerateCSR(string subjectName, List<string> ipAddresses, out RSA rsaKeyPair)
{
if (ipAddresses == null)
{
throw ...
- 113
0
votes
1
answer
581
views
PartialChain error in X509Chain when building certificate chain?
I'm encountering a PartialChain error when using the X509Chain class in C# to build a certificate chain. The error message states: "Cannot build a certificate chain for a trusted root authority.&...
- 113
0
votes
1
answer
557
views
Including other certificates when signing using SignedCms and CmsSigner on .NET C#
I'm trying to implement the following signing operation using C# .NET APIs.
$ openssl smime -binary -sign -certfile WWDR.pem -signer signerCertWithKey.pem -in manifest.json -out signature -outform DER ...
- 113
0
votes
1
answer
449
views
Meaning of algorithm properties in a certificate
I am not able to find a reliable definition for the different algorithm properties in a certificate. In windows UI, I have this CA certificate and a CRL it generated (with certutil/ADCS):
My ...
- 57
0
votes
1
answer
1k
views
Decryption error while Decrypt the symmetric key
I'm trying to use RSA algorithm and PKCS1Padding for encryption the given password but when cipher.doFinal() is called the BadPaddingException is thrown.
Here is the code :
String rsaKeyAlgorithm = &...
- 1,332
0
votes
0
answers
386
views
How can i get public key in DER format from base64 encoded public key?
I am trying to get public key in DER format from base64 encoded public key using swift. Is there any way to do this?
- 71
0
votes
1
answer
324
views
Automate parsing yubikey pin in pkcs11
I'm working on infrastructure that requires me to load a smartcard prior to getting access to the bastions. This is done using a Yubikey based pkcs11.so The code looks like :
`
Generate-ssh() {
ssh-...
0
votes
1
answer
158
views
What is the safest way to recognize if a file is application/pkcs7-mime or analogous in Angular?
I need to know a safe method to detect application/pkcs7-mime or similar files. One way would be to detect the final extension of the file but I would like to know if there is something better than ...
0
votes
1
answer
486
views
OpenSSL.crypto.Error when trying to load certificate from Azure Key Vault
I need to implement certificate-based authentication for web API hosted in app service on Azure. To do this I firstly generated .crt certificate file and private key .key file like this:
openssl req -...
- 2,189
0
votes
0
answers
187
views
convert pkcs1 signature to pkcs7 signature using nodejs
as you know, there is no pkcs7 sign in ios, so in backend with nodejs we must convert to pkcs7 for another service call which only accept pkcs7 and it's not in our company. in our sever we have that ...
- 99
0
votes
0
answers
188
views
In which version of openssl is the pkcs8 v2 option introduced?
In which version of openssl is the pkcs8 v2 option introduced?
Ex: openssl pkcs8 -in key.pem -topk8 -v2 des3 -out enckey.pem
From which version of openssl does v2 of pkcs8 work by default?(Which uses ...
0
votes
2
answers
1k
views
How to check pkcs format of a private key using golang code?
I am trying find the encryption format of a private key whether it is pkcs1 or pkcs8. Is there any golang code that helps me identify it
0
votes
0
answers
226
views
Parsing OIDs in CertificatePolicies from CSR object in CX509CertificateRequestPkcs10 in c#
I am trying to parse a CSR, CX509CertificateRequestPkcs10 object to read the OIDs in the Certificate policies in extension but I am not able get to it.
CX509CertificateRequestPkcs10 request = new ...
- 4,309
-1
votes
1
answer
62
views
What is the accepted way to transfer public-private keypairs over intranet? [closed]
I have an embedded system (Netburner 5441x) that consumes public-private RSA keypairs. I have ported OpenSSL into the system but the processor cannot make keypairs fast enough for the application. ...
- 101
0
votes
0
answers
784
views
problem in importing private key to the token
I am trying to inject an der formated private key to a PKC11 compatible token, with the below command:
pkcs11-tool --module /path_tp/libparskey11.so --login --write-object private.der --type privkey --...
0
votes
1
answer
2k
views
Azure Function Could not load file or assembly 'System.Security.Cryptography.Pkcs'
I recently tried decrypting and verifying PKCS#7 message in C# .NET Core 3.1 Web Application. Here is how I did it.
I used System.Security.Cryptography.Pkcs in Web app project. But after implementing ...
- 105
-1
votes
2
answers
940
views
C# Decrypt AES CBC pkcs1 padding, there is System.Security.Cryptography.PaddingMode.PKCS7 but does not have PKCS1
I need to decrypt a cipher that was encrypted with AES CBC 128 with PKCS1 padding.
But, C# AesCryptoServiceProvider and System.Security.Cryptography.PaddingMode does not have PKCS1.
What should I do?
...
- 21
1
vote
0
answers
1k
views
Problem with cURL in PKCS11 with USB TOKEN
I am trying to run a cURL on ubuntu on a usb authentication token to an URL.
I can see the private key when I run the command ''pkcs11-tool -l --pin -O", while if I run the command on p11tool ...
- 11
0
votes
0
answers
836
views
Go TLS x509: no DEK-Info header in block even if using pkcs8
Already burning hours figuring out why I cannot get the certificate using
cert, err := tls.X509KeyPair(blockCrt.Bytes, blockPEM)
A bit of research history I did
Able to read Understanding PKCS1, ...
- 1,159