Does anybody know any good libraries in order to perform RSA and AES cryptographic operations in javaME?
Thank you
Have a look at Bouncy Castle. It includes a lightweight cryptography API for Java.
Related
I need a non-windows (linux or FreeBSD) way of signing a boot executable(EFI binaries) in the Authenticode PE format.
Currently there are some tools like pbsign, sbsign, uefisign, osslsigncode on *nix platforms, but the common pattern is they all need access to the private key.
My private key is in a HSM and I have a python tool that can interface with the HSM and get the output of signing a hash, with the private key in the HSM (which from my research is a step that all the PE signing tools do, though with explicit access to the private key).
Currently the HSM folks have a Thales tool for windows which works with the official Microsoft signtool on windows. But this is a lot of setup and non-portable solution. Also we need to maintain Windows Server Licences, etc.
How do I combine these steps (create an Authenticode PE file, but outsource the signing part alone to my python program) into something that can run on a *nix platform?
The HSM and its interface are non-negotiable (basically that choice is out of my hands).
Any pointers/ideas would be nice.
You could try https://github.com/ebourg/jsign which is a pure Java implementation of Authenticode signing.
How can I expand OpenSSL in Linux so that it can implement Pairing-based Cryptography? I am doing my thesis and this is the final part of it. I am guessing I need to find pairing based cryptographic libraries that can work within OpenSSL? Please help
I am planning to implement a "simple" DTLS tool in python3, which is able to initiate (client) and accept DTLS (server) connections with a PSK as a PoC (later on i am planning to extend it to certificate-based authentication).
I spent days researching libraries that offer this functionality, but i am still not sure what to use. (Any wrapper/library suggestion with documentation/examples are more than welcome).
While it is straightforward to create the DTLS Clients/Servers with the openssl binaries (for example):
openssl s_server -dtls -accept 1337 -nocert -psk deadbeef -cipher PSK-AES128-CCM8
for the server (with a specific ciphersuite) and
openssl s_client -dtls -connect 127.0.0.1:1337 -psk deadbeef -cipher PSK-AES128-CCM8
for the client, i am struggling to find do this with python. (pyopenssl offers no DTLS support) Are there any concrete examples for an implementation using a widly supported library/wrapper? (There are some Coap/IoT libraries out there focussing on the client side (aiocoap), but for my idea it is neccessary to implement both sides)
I ended up using mbedTLS (former PolarSSL). They offer a quite extensive Python3 wrapper that offering almost all of mbedTLS functionality. The readme offers a very useful DTLS sample implementation featuring authentication using a psk and/or certs.
I'm building an application can interact with tpm chip via PKCS#11, generate private key (stored in tpm), import certificate which according the private key, sign data,... I want to use tpm chip like a hsm.
So, someone can help me! What's name of PKCS#11 driver can help me interact with tpm?
OR What's I must do to make the PKCS#11 driver? I have build OpenCryptoki and Trousers on Centos 6.5 but after build successful I don't know what's file in OpenCrptoki or Trousers is PKCS11 driver!
Thanks!
Opencryptoki should support TPM via TrouSerS (see e.g. here, here, here).
There is a simple-tpm-pk11 project which takes a straighter approach and might be interesting for you -- see this interesting article on author's blog.
Disclaimer: I have never used TPM for doing crypto so please do validate my thoughts.
PS: I forgot to say that opencryptoki PKCS#11 driver usually resides in /usr/lib/opencryptoki/libopencryptoki.so.
I have multiple applications which work with one centralized Oracle database.
The applications are targeted on following platforms:
iPhone
Android
Windows (XP, Vista and 7)
Linux
Mac Os
Web applications (ASP.NET, PHP and JSP)
I want to know which kind of cipher I should use to make sure all my encrypted data will be readable (decrypted) for all my application
E.g. 3DES or RIJNDAEL_256 or TWOFISH256?
You should be able to implement those ciphers on all of the target platforms you mentioned.
As for which to use, I'd suggest Rijndael (AES) since it has received a lot of attention and has a proven security track-record.
http://gpg4browsers.recurity.com/ has JS implementations for all ciphers you mentioned.
All OSes you mentioned support all of these ciphers either directly or via mcrypt.
This reduces the question to opinionizing: So here is my opinion - do NOT standardize (in the sense of hardcode) to any of those ciphers, but invest the on-time penalty to develop your apps and protocols in a way, that allows them to handshake the cipher used. This way you can trade speed for security now and are open for developments in cryptography (or cryptanalysis)