I just need a confirmation if AION uses a combination of Blake2b and Keccak or just Blake2b? As I was reading the HastUtil.java - https://github.com/aionnetwork/aion/blob/3dbe9316249271d1b0f845acabcde6eff37211fa/modCrypto/src/main/java/org/aion/crypto/HashUtil.java I can see that they are using Blake2b and Keccak.
Related
How can we use the RSA-PSS Algo to create a Signature in ABAP?
Currently we use the following function: SSFW_KRN_SIGN with the str_format = 'PKCS1-V1.5'.
In the future we will need 'SHA256withRSA/PSS' Algo.
Please provide a code example. Thank you!
There is 3 different technical information given with "SHA256withRSA/PSS". SHA256 is hashing algorithm for your data. RSA is a public/private key couple and PSS is a padding algorithm. SSFW_KRN_SIGN using sapcryptolib. You need to update this library (basis can do this) to get new padding and hashing algorithms. Check the note 1848999 for which version supports your minimum requirements. I see that you need to use at least v8.4.15.
You can check your current version with SSF01/SSF02.
in my program I create a AES 128 encrypted key. To do so, first I use a masterkey, thats only written inside of the Code, I write that string directly through the AES 128 function. No var is set for that. After that I salt it with another uniq/random key.
My Question is, is there a safer way for masterkey? Would it be possible to extract that key from compiled program? Of course the Function for AES have to store the value in a string to handle it. Is there some sort of "best practice"?
Which is the difference between using SYS_syscallname and __NR_syscallname in a seccomp filter? Which one should I use?
You should use __NR_syscallname (e.g., __NR_chdir). As per the syscalls manpage:
Roughly speaking, the code belonging to the system call with number __NR_xxx defined in /usr/include/asm/unistd.h can be found in the Linux kernel source in the routine sys_xxx().
The difference is that SYS_syscallname definitions are part of the libc, while __NR_syscallname definitions are from the Linux headers. I'm also not sure all __NR_syscallname have a SYS_syscallname alias.
I am implementing my own version of RSA-OAEP with SHA-256. I want to test it by comparing it to the output of the Cipher class in Java using RSA-OAEP and SHA-256. According to PKCS #1, RSA-OAEP requires a label, which by default is an empty string. However, I can't find a way to input a label in the built-in class. My implementation seems to work correctly for both encryption and decryption, but Cipher class produces different output. Is there a default label which the Cipher class uses?
What is called label L in PKCS1v2.1 RSAES-OAEP was called encoding parameters P in v2.0; see the description of pSourceAlgorithm in A.2.1. The Java API keeps the old terminology, presumably for compatibility, and the default is indeed an empty octet string, implemented in Java as a byte array of length 0. See https://docs.oracle.com/javase/7/docs/api/javax/crypto/spec/PSource.PSpecified.html . Note that even when P-call-me-L is empty, its hash which goes in DB before masking is not empty.
When you say 'different output', you do realize that OAEP is randomized (in a way that provably does not leak information to the adversary) and every encryption of the same plaintext should produce a unique ciphertext, but all of them should decrypt back to the same plaintext, right?
An existing coldfusion website is to be converted to dot net.
In the coldfusion code, the password is hashed using its hash() function with no algorithm:
SomePassword = '#hash(fldPassword)#'
I found this document, saying the default encryption is
CFMX_COMPAT: Generates a hash string identical to that generated by
ColdFusion MX and ColdFusion MX 6.1 (default).
There are some articles actually telling me how to decrypt.
According to Macromedia, The ColdFusion Encrypt function uses an
XOR-based algorithm that utilizes a pseudo random 32-bit key based on
a seed passed by the user as a parameter to the function. The
resulting data is UUencoded.
You'll need to uudecode the encoded value first
http://www.eggheadcafe.com/printsear...asp?linkid=351
and then XOR it using the key it was encrypted with.
http://www.java2s.com/Code/CSharp/La...deamessage.htm
If you dont have the key - your wasting yuor time.
But, how to make it work? I don't think there is any key. All I can see is '#hash(fldPassword)#'. Please help. Thanks.
There are some articles actually telling me how to decrypt.
Hashing and encryption are not the same thing. Encryption can be reversed. You can recover the original value if you have the right key, etectera. Whereas hashing is a one way trip. Once hashed, the original value cannot be recovered. (Well .. in theory. Some of the weaker hashing algorithms have been broken.) So you cannot "decrypt" a hashed value. But you can duplicate the obfuscated result string.
I found this document, saying the default encryption is CFMX_COMPAT
Actually it refers to the default algorithm. However, I am not so sure that description is correct. (Edit: As Rasmus correctly points out, it does say the default is MD5) However, CF9/7 default to MD5 anyway. Even when the algorithm is CFMX_COMPAT. So in either case, a simple MD5 hash in C# would give you the same result.
ie These all produce identical results ie 098F6BCD4621D373CADE4E832627B4F6.
#hash("test")#
#hash("test", "cfmx_compat")#
#hash("test", "md5")#
If I read the documentation correctly, CFMX_COMPAT hashing is just MD5.
So:
byte[] hash = MD5.Create().ComputeHash(fldPassword);
It should be easy to verify if you have access to a ColdFusion installation.