Fairly new to the c#/.net ecosystem.
My file needs to be pgp encrypted, I have used didisoft lib. like as below.
using DidiSoft.Pgp;
pgp.EncryptStream(inputBlob,name,
publicKeyFile,
outputBlob,
asciiArmor);
I can upload and download the contents.
BUT
The problem is we cant use didisoft libs but alternative like can be used which are freely available and GnuPG compatible. Eg:-
using Starksoft.Aspen.GnuPG;
using Libgpgme;
Can someone help me with usage of below libraries which will PGP encrypt from the provided public key using GnuPG?
Related
I am trying to validate the signature of the windows executable (.exe) file using code. My code is running on Linux.
There are 2 possibilities to verify the executable :
Extract the digital signature content from the executable and verify it using the public key.
Problem: How to extract the digital signature from the .exe file. Is there any library that can help me do it?
Verify using some tool by providing it the public key and file path.
Problem: Not sure which tool can run on Linux and verify windows executable.
Found a solution for this. There is an available library to make this happen in java.
it's an open-source Java implementation of Microsoft Authenticode: https://github.com/ebourg/jsign
I don't want to install another openssl when knowing Google gRPC has a working version of boringSSL.
Now, my challenge is to be able to access some functionalities such as calculate a salt and CMAC.
I am aware that Google does not promote the use of it in case something changes and breaks my code.
I saw there is file called 'binding.gyp' in the root of node_modules/grpc, but don't know if possible to use it.
Any suggestions are welcome.
Thanks
There are several layers of problems with your question, and it's missing a lot of context, but here's a few things I can provide based on what I am getting:
First, grpc-node is deprecated, and you should move over to grpc-js, which is no longer containing native code.
Then, grpc-node doesn't actually use BoringSSL, it's in fact relying on nodejs exposing OpenSSL itself as a native API.
And finally, you're supposed to be able to use nodejs' exposed OpenSSL API in a native node module: https://nodejs.org/api/addons.html#addons_linking_to_libraries_included_with_node_js
Most libraries that I looked at seems to not support encrypting the entire workbook with a password. Is there one available which would make it possible? Preferably in PyPI repository.
You can perhaps use a library like https://pypi.org/project/pyAesCrypt/ which encrypts/decrypts any file
We are using crypto package in our node js app. The thing is we do not want the developer to know about the encryption algorithm we implemented. However, the developer would be knowing the encryption algorithm and the encryption key as they can view the source code of the encryption algorithm.
So my question is: is it possible to compile the encryption algorithm into a file like dll(.NET) or jar file (java) and include it in the project (open source solution). If not, how to prevent developer from viewing the source code?
The final expectation is the developer will know we use crypto package, but do not know we use what algorithm and key we implemented.
Note: I do not expect solution of restricting file access to the user nor hosting it in another environment.
node-ffi is a Node.js addon for loading and calling dynamic libraries using pure JavaScript. It can be used to create bindings to native libraries without writing any C++ code.
https://github.com/node-ffi/node-ffi
I have a PGPPublicKey object. I want to get a list of all signatures(with UserId, email Id, trust level for each singature) associated with it using Bouncy Castle API. I tried but couldn't get it. If anyone has an example link or knows which method to use to get it, please let me know.
I've never used these classes but I thought it might be helpful to post some resources.
It looks like the Bouncy Castle OpenPGP releases include some examples.
I recommend using these examples to solve your problem. Specifically, it looks like you will need to use PGPSignatureList and PGPSignature classes which are utilized in the examples. However, I don't see emailId in any of the classes.
SignedFileProcessor.java: A simple utility class that signs and verifies files.
DetachedSignatureProcessor.java: A simple utility class that creates seperate signatures for files and verifies them.
Also, http://www.bouncycastle.org/documentation.html suggests the following.
Finally there are also code examples from Beginning Cryptography with Java which demonstrate both the use of the JCE/JCA and also some of the Bouncy Castle APIs such as for certificate generation, CMS and S/MIME. Note: the book was written to cover J2SE 5.0, while many of the examples will work with earlier JDKs, some will not compile if you are not using J2SE 5.0 or later.