在这篇文章中,我们将为您详细介绍将SHA1和RSA与java.security.Signature和MessageDigest和Cipher结合使用的内容,并且讨论关于sha1rsa的相关问题。此外,
在这篇文章中,我们将为您详细介绍将SHA1和RSA与java.security.Signature和MessageDigest和Cipher结合使用的内容,并且讨论关于sha1 rsa的相关问题。此外,我们还会涉及一些关于Android映射异常java.lang.NoClassDefFoundError:android.security.MessageDigest、Broken processes are the biggest cybersecurity threat to your organization、Cloudinary图片上传的ActiveSupport :: MessageVerifier :: InvalidSignature错误、com.bumptech.glide.signature.MediaStoreSignature的实例源码的知识,以帮助您更全面地了解这个主题。
本文目录一览:- 将SHA1和RSA与java.security.Signature和MessageDigest和Cipher结合使用(sha1 rsa)
- Android映射异常java.lang.NoClassDefFoundError:android.security.MessageDigest
- Broken processes are the biggest cybersecurity threat to your organization
- Cloudinary图片上传的ActiveSupport :: MessageVerifier :: InvalidSignature错误
- com.bumptech.glide.signature.MediaStoreSignature的实例源码
将SHA1和RSA与java.security.Signature和MessageDigest和Cipher结合使用(sha1 rsa)
我试图了解Java java.security.Signature
类的作用。如果我计算一个SHA1消息摘要,然后使用RSA加密该摘要,则得到的结果与要求 Signature 类对同一事物进行签名的结果不同:
// Generate new keyKeyPair keyPair = KeyPairGenerator.getInstance("RSA").generateKeyPair();PrivateKey privateKey = keyPair.getPrivate();String plaintext = "This is the message being signed";// Compute signatureSignature instance = Signature.getInstance("SHA1withRSA");instance.initSign(privateKey);instance.update((plaintext).getBytes());byte[] signature = instance.sign();// Compute digestMessageDigest sha1 = MessageDigest.getInstance("SHA1");byte[] digest = sha1.digest((plaintext).getBytes());// Encrypt digestCipher cipher = Cipher.getInstance("RSA");cipher.init(Cipher.ENCRYPT_MODE, privateKey);byte[] cipherText = cipher.doFinal(digest);// Display resultsSystem.out.println("Input data: " + plaintext);System.out.println("Digest: " + bytes2String(digest));System.out.println("Cipher text: " + bytes2String(cipherText));System.out.println("Signature: " + bytes2String(signature));结果(例如):
输入数据:这是正在签名的消息
摘要:62b0a9ef15461c82766fb5bdaae9edbe4ac2e067
密码文本:057dc0d2f7f54acc95d3cf5cba9f944619394711003bdd12 …
签名:7177c74bbbb871cc0af92e30d2808ebae146f22d3 …
我必须对 Signature 所做的事情有一个基本的误解-我已经对其进行了跟踪,并且它似乎正在对 MessageDigest 对象调用update
,将算法设置为我期望的SHA1,然后获取摘要,然后执行加密。是什么使结果有所不同?
编辑:
列奥尼达斯(Leonidas)让我检查了签名方案是否应该执行我认为的功能。RFC中定义了两种类型的签名:
- RSASSA-PKCS1-v1_5
- RSASSA-PSS
其中的第一个(PKCS1)是我上面描述的。它使用哈希函数创建摘要,然后使用私钥对结果进行加密。
所述第二算法使用随机盐值,并且是更安全的,但非确定性。如果重复使用相同的密钥,则由上面的代码产生的签名不会更改,因此我认为它可能不是PSS。
编辑:
这是bytes2string我使用的方法:
private static String bytes2String(byte[] bytes) { StringBuilder string = new StringBuilder(); for (byte b : bytes) { String hexString = Integer.toHexString(0x00FF & b); string.append(hexString.length() == 1 ? "0" + hexString : hexString); } return string.toString();}答案1
小编典典好的,我已经解决了问题。我很傻 Leonidas是正确的,不仅仅是加密的哈希值,还有与摘要连接在一起的哈希算法的ID:
DigestInfo ::= SEQUENCE { digestAlgorithm AlgorithmIdentifier, digest OCTET STRING }这就是为什么它们不同的原因。
Android映射异常java.lang.NoClassDefFoundError:android.security.MessageDigest
java.lang.NoClassDefFoundError: android.security.MessageDigest at com.google.android.maps.KeyHelper.getSignatureFingerprint(KeyHelper.java:60) at com.google.android.maps.MapActivity.createMap(MapActivity.java:513) at com.google.android.maps.MapActivity.onCreate(MapActivity.java:409)
我已经定义了
<uses-library
android:name="com.google.android.maps"
android:required="true" />
在应用程序标记内部,我也在扩展MapActivity.该应用程序在大多数设备上运行良好,但有一些不常见的报告此异常,通常在Android 4.0.4上,如Woxter Tablet PC 90BL,TAB9008GBBK和其他通用名称.
从我在Stackoverflow中读到的内容来看,它是ROM中的一个问题,它可以通过用户做一些高级技巧来解决,但我想要的是防止这种崩溃,因为我不认为它可以解决,我只是想要通知用户(并且他将购买更好的设备:)并禁用地图功能而不是崩溃.但我找不到办法处理这个错误或用我的设备测试它.
我的主要活动也是基于MapActivity,所以我不知道在打开它之前如何处理这个异常.
解决方法
假设在加载类时类是unavailable或发生异常,为什么不尝试在应用程序启动时强制加载它? Class.forName(“android.security.MessageDigest”)应加载该类,您可以捕获该调用抛出的错误.我知道它很脏,但它应该工作.您可以在清单上声明自定义Application类以进行此检查.
类加载测试
try
{
Class.forName("android.security.MessageDigest");
}
catch (Throwable e1)
{
e1.printstacktrace();
//Bad device
}
您还可以执行试金石测试,并通过消化简单的String来检查类加载是否成功.
功能测试
try
{
MessageDigest digester = MessageDigest.getInstance("MD5");
digester.update("test".getBytes("UTF-8"));
byte[] digest = digester.digest();
}
catch (Throwable e1)
{
e1.printstacktrace();
// Class available but not functional
}
如果类加载/试金石测试失败,请更新共享首选项标志并让用户知道他的设备糟透了:)
Broken processes are the biggest cybersecurity threat to your organization
http://www.zdnet.com/article/broken-processes-are-the-biggest-cybersecurity-threat-to-your-organization/
Featured
- 10 tech gadgets we love for Valentine''s Day
- The 10 best not-so-new phones: Why last year''s and older models make great deals
- How to track the coronavirus: Dashboard delivers real-time view of the deadly virus
- Apple''s AirPods Pro are the best earbuds you can buy, but for all the wrong reasons
Many years ago, I read about a grimoire from the Middle Ages that contained a spell for summoning rats, with the basics of the spell consisting of throwing straw and dirty laundry in the corner of a room. Considering the sanitary conditions of the time, it''s not hard to imagine that a pile of nesting material would lead to a rat infestation if not cleared.
Information security is the same thing; there''s not really magic behind it, and much of the time, attacker opportunity is created by failure to perform due diligence.
In this year''s annual report on top cybersecurity threats, Sandy Carielli and I approached some of the hottest trends in security, and surprisingly, what''s getting exploited is often a failure of process and not technology. A few questions we ask in this research are:
- Is API security just rebranding an old problem? While there''s certainly nuance to enumerating API assets from a security perspective, the core issue is still that we''re trusting client-supplied input.
- How do you reduce the opportunity for adversaries to deploy ransomware? We''re frequently speaking to incident responders about this issue, and ransomware, to a large extent, seems to be a crime of opportunity. For most organizations, patching systems and locking down remote access properly is going to make you less convenient than hitting someone else.
- How are policy exceptions being targeted by adversaries? It''s not uncommon to do things like creating exceptions for legacy protocols that bypass multifactor authentication requirements. Unfortunately, our adversaries likely have been in similar situations and know how common this is — so your security through obscurity isn''t quite so obscure.
This post was written about Principal Analyst Josh Zelonis, and it originally appeared here.
Security
- Windows 10 PCs get these new Intel chip security updates for Zombieload attacks
- Rogue IoT devices are putting your network at risk from hackers
- Scam, spam and phishing texts: How to spot SMS fraud and stay safe
- Cybersecurity: A guide for parents to keep kids safe online
- The security risks of running unsupported Windows 7 (ZDNet YouTube)
- Best home security of 2020: Professional monitoring and DIY (CNET)
- How to set up secure credential storage for Docker (TechRepublic)
Cloudinary图片上传的ActiveSupport :: MessageVerifier :: InvalidSignature错误
如何解决Cloudinary图片上传的ActiveSupport :: MessageVerifier :: InvalidSignature错误?
我正在尝试将Cloudinary的图像上载用于开发中的Twitter克隆,但是在我的控制器中通过create方法进行测试时遇到此错误:
ActiveSupport :: MessageVerifier :: InvalidSignature
它扔在@micropost.save上。
这是我的推文(create)的microposts方法:
def create
@micropost = current_user.microposts.build(micropost_params)
@micropost.photo.attach(params[:micropost][:photo])
if @micropost.save
flash[:success] = "Micropost created!"
redirect_to root_url
else
@Feed_items = current_user.Feed.paginate(page: params[:page])
render ''static_pages/home''
end
end
这是表格:
<%= simple_form_for(@micropost) do |f| %>
<!-- [...] -->
<%= f.input :photo,as: :file %>
<!-- [...] -->
<% end %>
和显示:
<%= cl_image_tag @micropost.photo.key,height: 300,width: 400,crop: :fill if micropost.photo.attached? %>
我尝试发布而不上传照片,但是仍然引发相同的错误。只有在我尝试实施Cloudinary时,它才开始发生。
解决方法
暂无找到可以解决该程序问题的有效方法,小编努力寻找整理中!
如果你已经找到好的解决方法,欢迎将解决方案带上本链接一起发送给小编。
小编邮箱:dio#foxmail.com (将#修改为@)
com.bumptech.glide.signature.MediaStoreSignature的实例源码
@SuppressWarnings("ConstantConditions")
protected void loadFileImage(File file,final ViewHolder holder) {
final int iconColor = ATHUtil.resolveColor(activity,R.attr.iconColor);
if (file.isDirectory()) {
holder.image.setColorFilter(iconColor,PorterDuff.Mode.SRC_IN);
holder.image.setimageResource(R.drawable.ic_folder_white_24dp);
} else {
Drawable error = Util.getTintedVectorDrawable(activity,R.drawable.ic_file_music_white_24dp,iconColor);
Glide.with(activity)
.load(new AudioFileCover(file.getPath()))
.diskCacheStrategy(diskCacheStrategy.NONE)
.error(error)
.placeholder(error)
.animate(android.R.anim.fade_in)
.signature(new MediaStoreSignature("",file.lastModified(),0))
.into(holder.image);
}
}
@SuppressWarnings("ConstantConditions")
protected void loadFileImage(File file,0))
.into(holder.image);
}
}
@SuppressWarnings("ConstantConditions")
protected void loadFileImage(File file,0))
.into(holder.image);
}
}
@Override
public void onBindViewHolder(ListViewHolder viewHolder,int position) {
MediaStoreData current = data.get(position);
Key signature =
new MediaStoreSignature(current.mimeType,current.dateModified,current.orientation);
requestBuilder
.clone()
.signature(signature)
.load(current.uri)
.into(viewHolder.image);
}
@Override
public RequestBuilder<Drawable> getPreloadRequestBuilder(MediaStoreData item) {
MediaStoreSignature signature =
new MediaStoreSignature(item.mimeType,item.dateModified,item.orientation);
return requestBuilder
.clone()
.signature(signature)
.load(item.uri);
}
@NonNull
@Override
public RequestBuilder<Gifdrawable> getPreloadRequestBuilder(MediaStoreData item) {
MediaStoreSignature signature =
new MediaStoreSignature(item.mimeType,item.orientation);
return requestBuilder
.clone()
.signature(signature)
.load(item.uri);
}
@Override
public void onBindItemViewHolder(RecentPhotoViewHolder viewHolder,@NonNull Cursor cursor) {
viewHolder.imageView.setimageDrawable(null);
long id = cursor.getLong(cursor.getColumnIndexOrThrow(MediaStore.Images.ImageColumns._ID));
long dateTaken = cursor.getLong(cursor.getColumnIndexOrThrow(MediaStore.Images.ImageColumns.DATE_TAKEN));
long dateModified = cursor.getLong(cursor.getColumnIndexOrThrow(MediaStore.Images.ImageColumns.DATE_MODIFIED));
String mimeType = cursor.getString(cursor.getColumnIndexOrThrow(MediaStore.Images.ImageColumns.MIME_TYPE));
int orientation = cursor.getInt(cursor.getColumnIndexOrThrow(MediaStore.Images.ImageColumns.ORIENTATION));
final Uri uri = Uri.withAppendedpath(baseUri,Long.toString(id));
Key signature = new MediaStoreSignature(mimeType,dateModified,orientation);
Glide.with(getContext())
.fromMediaStore()
.load(uri)
.signature(signature)
.diskCacheStrategy(diskCacheStrategy.NONE)
.into(viewHolder.imageView);
viewHolder.imageView.setonClickListener(new OnClickListener() {
@Override
public void onClick(View v) {
if (clickedListener != null) clickedListener.onItemClicked(uri);
}
});
}
@Override
public void onBindItemViewHolder(RecentPhotoViewHolder viewHolder,orientation);
Glide.with(getContext())
.fromMediaStore()
.load(uri)
.signature(signature)
.diskCacheStrategy(diskCacheStrategy.NONE)
.into(viewHolder.imageView);
viewHolder.imageView.setonClickListener(new OnClickListener() {
@Override
public void onClick(View v) {
if (clickedListener != null) clickedListener.onItemClicked(uri);
}
});
}
public static Key createSignature(Song song) {
return new MediaStoreSignature("",song.dateModified,0);
}
@Override
public View getView(int position,View convertView,ViewGroup parent) {
ViewHolder v = null;
int type = getItem(position).getItemType();
if(convertView != null) {
v = (ViewHolder)convertView.getTag();
if(v == null) {
v = new ViewHolder();
v.imgView = convertView.findViewById(R.id.img);
v.videoIcon = convertView.findViewById(R.id.videoIcon);
}
} else {
convertView = attachActivity.getLayoutInflater().inflate(R.layout.picshow_img_item,null);
v = new ViewHolder();
v.imgView = convertView.findViewById(R.id.img);
v.videoIcon = convertView.findViewById(R.id.videoIcon);
}
convertView.setTag(v);
if(v != null && v.imgView != null) {
if(thubNailSize != 0) {
GlideApp.with(attachActivity)
.load(getItem(position).getPath())
.override(thubNailSize)
.placeholder(R.drawable.other)
.centerCrop()
.dontAnimate()
.format(DecodeFormat.PREFER_RGB_565)
.into(v.imgView);
} else {
GlideApp.with(attachActivity)
.load(getItem(position).getPath())
.placeholder(R.drawable.other)
.centerCrop()
.dontAnimate()
.format(DecodeFormat.PREFER_RGB_565)
.signature(new MediaStoreSignature(type == MediaSetUtils.TYPE_VIDEO ? "video/*" : "image/*",getItem(position).getDatetoken(),0))
.into(v.imgView);
}
if(type == MediaSetUtils.TYPE_VIDEO)
v.videoIcon.setVisibility(View.VISIBLE);
else
v.videoIcon.setVisibility(View.GONE);
}
return convertView;
}
static Key createSignature(Song song) {
return new MediaStoreSignature("",0);
}
public static Key createSignature(Song song) {
return new MediaStoreSignature("",0);
}
关于将SHA1和RSA与java.security.Signature和MessageDigest和Cipher结合使用和sha1 rsa的问题就给大家分享到这里,感谢你花时间阅读本站内容,更多关于Android映射异常java.lang.NoClassDefFoundError:android.security.MessageDigest、Broken processes are the biggest cybersecurity threat to your organization、Cloudinary图片上传的ActiveSupport :: MessageVerifier :: InvalidSignature错误、com.bumptech.glide.signature.MediaStoreSignature的实例源码等相关知识的信息别忘了在本站进行查找喔。
本文标签:
