digital-signature – Page 26

control digital signing

Posted on July 11, 2020 by John

What is the secure way to support dev mode and production modes on embedded systems that support digital signing. Dev mode will skip signature verification.

Continue reading control digital signing→

Authenticating Adobe .pdf electronic signatures

Posted on July 3, 2020 by JHW

Having created a certificate for electronic signing within Adobe Acrobat DC, can I authenticate documents signed using it by issuing a signed paper statement to recipients stating that it would be authentic if the properties of the e-signa… Continue reading Authenticating Adobe .pdf electronic signatures→

How is the digital certificate sent alongside digital signatures?

Posted on July 3, 2020 by Daud

Most tutorials on the net only mention sending the digital signature attached to the document, but without the digital signature certificate, it’ll be impossible for receivers to verify the signature. I’m assuming that the digital certific… Continue reading How is the digital certificate sent alongside digital signatures?→

Why is it said that we can obtain a digital signature from a CA when all we obtain from the CA is a certificate?

Posted on July 3, 2020 by Daud

Several sites, like this states that

You can obtain a digital signature from a reputable certificate
authority such as Sectigo

But digital signature is something you create using a piece of text and your private key using a signing algor… Continue reading Why is it said that we can obtain a digital signature from a CA when all we obtain from the CA is a certificate?→

Sign records in a database

Posted on June 26, 2020 by Diego Queiroz

I have a table in my database where I store records to be processed later (basically orders that need to be invoiced or something similar, but this is not the important part).
Since this software runs on-premises, admins control the databa… Continue reading Sign records in a database→

Why does PGP create a signature from plaintext?

Posted on June 25, 2020 by remana

From my understanding, PGP supports the generation of a signature from plaintext using the sender’s private key. Both the plaintext and the signature are encrypted using the session/symmetric key, and the session/symmetric key is encrypted… Continue reading Why does PGP create a signature from plaintext?→

Why does keycloak use HS256 algorithm to sign access token when client settings specify RS256?

Posted on June 22, 2020 by sisisisi

I have the following setup with a keycloak authentication server and an application:

user logs in on application client side, send un/pw to server
application server sends un/pw to keycloak server for a token
keycloak server sends a token… Continue reading Why does keycloak use HS256 algorithm to sign access token when client settings specify RS256?→

Digital signature from hashing encrypted webpage

Posted on June 18, 2020 by Retsek

I’m studying for the Security+ exam with the help of Total Seminars’ Udemy course and in one video they claim that a digital signature is generated by encrypting a message with the sender’s private key and then hashing the result. The digi… Continue reading Digital signature from hashing encrypted webpage→

Who am I really trusting?

Posted on June 17, 2020 by bobuhito

My trusted root certificates are below.
As an exercise, I want to be sure that a MITM is not changing the list.
So, can I somehow get this list signed?
In my opinion, the list could be signed by my laptop’s TPM
using a key signed by my lap… Continue reading Who am I really trusting?→

Validating an Ed25519 public key

Posted on June 11, 2020 by Martijn

Is it possibly to test if an Ed25519 public key is valid without having access to the private key, a signed message or anything except the public key?

“Valid” as in “Not just 32 random bytes”.

I’m assuming not every random combination of… Continue reading Validating an Ed25519 public key→