Collaborate Disseminate
I’m reading rfc5652, there are different references of the two algorithm identifiers.
For example in this ASN.1 structure :
https://tools.ietf.org/html/rfc5652#section-5.3
When using RSA for signing; isn’t the digest algorithm represents t… Continue reading What’s the difference between digest algorithm and signing algorithm? [migrated]
what if data we are sending is such that
size(data) + size(mac) =multiple of block size
If this case if possible how the receiver will determine that no padding is present
???
Continue reading Is it important that every TLS1.2 encrypted message have padding?
While S/MIME has been a PKCS7 standard, what happens while I sign/encrypt an email using a smart card implementing PKCS11? Is PKCS7 supported as kind of backward compatibility?
What I am trying to achieve:
send a signed, unencrypted email using a smart card token through a Python script
What I’ve tried so far:
Have a look on an incoming email signed with same corporate smart card system. It is… Continue reading Email security with PCKS11 and Python – send a signed uncenrypted email
I’m writing an app for a client and part of the client’s encryption requirements for use of AES-256-CBC are:
“128-bit cryptographically random initialization vector”
“PKCS7 padding”
“HMAC of encrypted output required for inte… Continue reading does BouncyCastle implementation of AES-256-CBC meet requirements: "128-bit IV", "PKCS7 padding" and "HMAC verification"
Background: I have a .pfx file from a microsoft CA that some appliance dislikes, but openssl considers it valid. I can use openssl to rewrite the pkcs12 file, trimming away some unnecessary attributes.
openssl pkcs12 -in ori… Continue reading Dissecting and decrypting a .PFX file
I am newbie in PKI. For signing a pdf documents we are free to consider each pkcs#7 format or PADES format. If I have some misunderstandings, please turn it on for me.
Continue reading What is the difference between PKCS#7 and CADES, PADES and XADES?
I have a PKCS#7 (i.e., CMS) detached signature of a file that is signed by my signing certificate and then timestamp signed by a TSA that is all generated by an application we wrote. I would like to give a third party the ori… Continue reading Verify PKCS#7 (CMS) detached signature with timestamp with OpenSSL
Is there a standard/definitive way to distinguish the end-entity cert in a PKCS#7 (P7B) cert chain? I believe the PKCS#7 standard doesn’t not specify sequence when ordering the certs in the chain, but most tools do sequence them in (eithe… Continue reading Distinguish the end-entity cert in a PKCS#7 (P7B) cert chain
I would like to detect signed PDFs in PHP and verify if the signature is valid. From this document I have written this PHP code below.
What it does is:
Extract the PKCS7 code (it works because I can get the details from … Continue reading How to extract and verify PDF signature (PKCS7) with openssl?