java-security

Missing leading zeroes while retrieving serial number of a x509 cert

懵懂的女人 提交于 2019-12-20 07:47:49
问题 I'm trying to get serial number from a X.509 Cert.. When i compare the Serial number generated by my code with the actual serial number(on windows), leading zeroes of the actual serial number(of the X509 cert) are missing. Any suggestions or alternative ways to get the serial number of the x.509 cert in hex with the leading zeroes?? Below is the code segment which I'm currently using: InputStream in = new FileInputStream("cert"); CertificateFactory certificateFactory = CertificateFactory

Java Keystore.getKey() slow while Key store size Increase

左心房为你撑大大i 提交于 2019-12-20 04:21:34
问题 I am using java key store to store and retrieve encryption key.It works faster while my key store size is small. But once my key store size is increased than key store operation goes slow. I am working on linux platform, Java version Jdk_1.8. and safenet as provider. 回答1: I have been facing the same issue related to execution speed varies with different operation system platform. Jvm loads key store in memory. And its having hashtable collection as internal storage. Hashtable is synchronized.

Where is the JRE lib/security directory on Mac OS X?

╄→гoц情女王★ 提交于 2019-12-18 21:11:06
问题 I need to generate a cert and can't find this directory. Thanks! 回答1: I believe the equivalent directory to jre/lib/security under OS X is: /Library/Java/Home/lib/security 回答2: On Mavericks (OS X 10.10) with Oracle Java 8, it appears to be: /Library/Java/JavaVirtualMachines/jdk1.8.0_45.jdk/Contents/Home/jre/lib/security 回答3: The following works for 10.11.6 /Library/Java/Home/jre/lib/security It's actually just a link to the /Library/Java/JavaVirtualMachines/.../Contents/Home/jre/lib/security

Java equivalent of SecureString

风流意气都作罢 提交于 2019-12-18 13:06:19
问题 I'm looking for Java's equivalent of .NET's SecureString.aspx. Is there such implementation available in 2018? OWASP implementation is not exactly the same because it's just a plain char array. While .NET equivalent provides additional features such as the ability to get an instance from/to unmanaged memory and also encryption. I'm aware of common Java pattern to pass around passwords as char[] and do Arrays.fill() them with zeros after use. But it requires building a trivial utility class

Java DecriptionInfo on Word DocX

a 夏天 提交于 2019-12-18 09:41:22
问题 I'm pulling my hair out as I cannot get the samples to work - hopefully someone can help.. I would like to DETECT if a docx and a doc file is password protected/encrypted. I have seen this posted in a few places but I cannot get it work - it doesnt throw an exception. Can someone see what I am doing wrong. Note I only need to detect the password..i dont want to open the document. String fileLocation = "C:/myfile.docx"; File file = new File(fileLocation); FileInputStream fis = new

JDK 11 SSL Error on valid certificate (working in previous versions)

亡梦爱人 提交于 2019-12-18 02:42:38
问题 The following code throws an error in JDK 11: HttpURLConnection con = (HttpURLConnection) new URL("https://sis.redsys.es/sis/realizarPago").openConnection(); con.setRequestMethod("GET"); con.getResponseCode(); The error is: javax.net.ssl.SSLHandshakeException: extension (10) should not be presented in server_hello at java.base/sun.security.ssl.Alert.createSSLException(Alert.java:128) at java.base/sun.security.ssl.Alert.createSSLException(Alert.java:117) at java.base/sun.security.ssl

I've put security.provider.1=org.bouncycastle.jce.provider.BouncyCastleProvider but it isn't being used during SSL handshake

筅森魡賤 提交于 2019-12-12 06:00:29
问题 Here is the stack trace of one of the connections in my process: "ServerConnection on port 10000 Thread 27" #521 prio=5 os_prio=0 tid=0x0000000002db4800 nid=0x2d79 runnable [0x00007f0ababb1000] java.lang.Thread.State: RUNNABLE at java.net.SocketInputStream.socketRead0(Native Method) at java.net.SocketInputStream.socketRead(SocketInputStream.java:116) at java.net.SocketInputStream.read(SocketInputStream.java:171) at java.net.SocketInputStream.read(SocketInputStream.java:141) at sun.security

Odd Wildcard Behavior in java.net.SocketPermission

ε祈祈猫儿з 提交于 2019-12-12 02:59:40
问题 I'm trying to get a Java security policy right. My code needs to resolve and connect to both login.salesforce.com and xx99.salesforce.com where xx99 can take any of about 100 different values. It works if I hardcode specific hosts - e.g. permission java.net.SocketPermission "login.salesforce.com:443", "connect, resolve"; permission java.net.SocketPermission "na30.salesforce.com:443", "connect, resolve"; But this would lead to me adding about 100 entries to my security policy file to cover all

Adding a new Extension to my generated certificate

冷暖自知 提交于 2019-12-11 06:28:02
问题 I need to add a new Extension of OID 1.3.6.1.5.5.7.1.26 in my certificate. I got this OID extension in my certificate but with the following error: Certificate Extensions: 10 [1]: ObjectId: 1.3.6.1.5.5.7.1.26 Criticality=false Extension unknown: DER encoded OCTET string = 0000: 04 0C 30 0A 13 08 33 39 20 64 63 20 32 62 ..0... 39 dc 2b I want this OID to be recognized similar to other extensions like AuthorityInfoAccess , etc. Do I need to edit the jar of Bouncy Castle X509 class? Im using

Data signed on iOS can't be verified in Java

懵懂的女人 提交于 2019-12-10 02:48:48
问题 I have some data that I'm signing on iOS with SecKeyRawSign using Elliptic Curve private key. However, verifying that data in Java using Signature.verify() returns false The data is a random 64 bit integer, split into bytes like so uint64_t nonce = (some 64 bit integer) NSData *nonceData = [NSData dataWithBytes: &nonce length: sizeof(nonce)]; From that data I'm creating a SHA256 digest int digestLength = CC_SHA256_DIGEST_LENGTH; uint8_t *digest = malloc(digestLength); CC_SHA256(nonceData