java-security

问题 I'm trying to get serial number from a X.509 Cert.. When i compare the Serial number generated by my code with the actual serial number(on windows), leading zeroes of the actual serial number(of the X509 cert) are missing. Any suggestions or alternative ways to get the serial number of the x.509 cert in hex with the leading zeroes?? Below is the code segment which I'm currently using: InputStream in = new FileInputStream("cert"); CertificateFactory certificateFactory = CertificateFactory

问题 I am using java key store to store and retrieve encryption key.It works faster while my key store size is small. But once my key store size is increased than key store operation goes slow. I am working on linux platform, Java version Jdk_1.8. and safenet as provider. 回答1: I have been facing the same issue related to execution speed varies with different operation system platform. Jvm loads key store in memory. And its having hashtable collection as internal storage. Hashtable is synchronized.

问题 I need to generate a cert and can't find this directory. Thanks! 回答1: I believe the equivalent directory to jre/lib/security under OS X is: /Library/Java/Home/lib/security 回答2: On Mavericks (OS X 10.10) with Oracle Java 8, it appears to be: /Library/Java/JavaVirtualMachines/jdk1.8.0_45.jdk/Contents/Home/jre/lib/security 回答3: The following works for 10.11.6 /Library/Java/Home/jre/lib/security It's actually just a link to the /Library/Java/JavaVirtualMachines/.../Contents/Home/jre/lib/security

问题 I'm looking for Java's equivalent of .NET's SecureString.aspx. Is there such implementation available in 2018? OWASP implementation is not exactly the same because it's just a plain char array. While .NET equivalent provides additional features such as the ability to get an instance from/to unmanaged memory and also encryption. I'm aware of common Java pattern to pass around passwords as char[] and do Arrays.fill() them with zeros after use. But it requires building a trivial utility class

问题 I'm pulling my hair out as I cannot get the samples to work - hopefully someone can help.. I would like to DETECT if a docx and a doc file is password protected/encrypted. I have seen this posted in a few places but I cannot get it work - it doesnt throw an exception. Can someone see what I am doing wrong. Note I only need to detect the password..i dont want to open the document. String fileLocation = "C:/myfile.docx"; File file = new File(fileLocation); FileInputStream fis = new

问题 The following code throws an error in JDK 11: HttpURLConnection con = (HttpURLConnection) new URL("https://sis.redsys.es/sis/realizarPago").openConnection(); con.setRequestMethod("GET"); con.getResponseCode(); The error is: javax.net.ssl.SSLHandshakeException: extension (10) should not be presented in server_hello at java.base/sun.security.ssl.Alert.createSSLException(Alert.java:128) at java.base/sun.security.ssl.Alert.createSSLException(Alert.java:117) at java.base/sun.security.ssl

问题 Here is the stack trace of one of the connections in my process: "ServerConnection on port 10000 Thread 27" #521 prio=5 os_prio=0 tid=0x0000000002db4800 nid=0x2d79 runnable [0x00007f0ababb1000] java.lang.Thread.State: RUNNABLE at java.net.SocketInputStream.socketRead0(Native Method) at java.net.SocketInputStream.socketRead(SocketInputStream.java:116) at java.net.SocketInputStream.read(SocketInputStream.java:171) at java.net.SocketInputStream.read(SocketInputStream.java:141) at sun.security

问题 I'm trying to get a Java security policy right. My code needs to resolve and connect to both login.salesforce.com and xx99.salesforce.com where xx99 can take any of about 100 different values. It works if I hardcode specific hosts - e.g. permission java.net.SocketPermission "login.salesforce.com:443", "connect, resolve"; permission java.net.SocketPermission "na30.salesforce.com:443", "connect, resolve"; But this would lead to me adding about 100 entries to my security policy file to cover all

问题 I need to add a new Extension of OID 1.3.6.1.5.5.7.1.26 in my certificate. I got this OID extension in my certificate but with the following error: Certificate Extensions: 10 [1]: ObjectId: 1.3.6.1.5.5.7.1.26 Criticality=false Extension unknown: DER encoded OCTET string = 0000: 04 0C 30 0A 13 08 33 39 20 64 63 20 32 62 ..0... 39 dc 2b I want this OID to be recognized similar to other extensions like AuthorityInfoAccess , etc. Do I need to edit the jar of Bouncy Castle X509 class? Im using

问题 I have some data that I'm signing on iOS with SecKeyRawSign using Elliptic Curve private key. However, verifying that data in Java using Signature.verify() returns false The data is a random 64 bit integer, split into bytes like so uint64_t nonce = (some 64 bit integer) NSData *nonceData = [NSData dataWithBytes: &nonce length: sizeof(nonce)]; From that data I'm creating a SHA256 digest int digestLength = CC_SHA256_DIGEST_LENGTH; uint8_t *digest = malloc(digestLength); CC_SHA256(nonceData