Sha1()

Similar Messages

• 3DES decryption with SHA1 hashed key

  Hello all,
  I've been given the task of rewriting an existing VB application in Java, and one routine makes use of the Microsoft Cryptography API.
  The VB code decrypts a string using TripleDES decryption, using a string key that's been hashed with a SHA1 has algorithm.
  Most of the java DESede encryption/decryption examples I've worked through generate keys with a KeyGenerator instance, but I have not yet found any examples that use a key that's been SHA1 hashed.
  My attempts at using a hashed byte[] array of my key phrase with a DESede Crypto instance always return a "wrong key size" error.
  Can anyone provide some help? Example code fragments or anything would help.

  Thanks for the reply, and you're right in that this might be a more appropriate question to ask on a VB forum or on a MS cryptography API forum.
  Nevertheless, I've been able to make some headway on the VB side by getting the bytes of the SHA-1 hash map through some API calls.
  The hex representation of the SHA-1 hashed keyword:
  "3EC10CE885353DCD23B912860C2B91885CD3D6D1"
  A keyword to use as a test:
  "logins"
  Hex representation of the 3DES encrypted result of "logins" using the hashed keyword:
  "FB158A921E3C4CDB"
  Currently, my problem is with the length of the key. As you pointed out, SHA is 20 bytes, while 3DES is looking for 24 bytes. I'll experiment with your suggested 2-key approach, but here's my test code at the moment:
  import java.security.*;
  import javax.crypto.*;
  import javax.crypto.Cipher;
  import javax.crypto.Mac;
  import javax.crypto.SecretKey;
  import javax.crypto.spec.DESedeKeySpec;
  import javax.crypto.spec.SecretKeySpec;
  public class EncryptionTest {
  public static void main(String[] args) {
  String hashedKey = "3EC10CE885353DCD23B912860C2B91885CD3D6D1";
  String textToCode = "logins";
  byte[] keyBytes = hexStringToBytes( hashedKey );
  byte[] source = textToCode.getBytes();
  SecretKey key = new SecretKeySpec(keyBytes, "DESede");
  try {
  Cipher cipher = Cipher.getInstance("DESede");
  cipher.init(Cipher.ENCRYPT_MODE, key);
  byte[] result = cipher.doFinal(source);
  String sresult = hex( result );
  System.out.println( result );
  } catch ( NoSuchPaddingException e ) {
  e.printStackTrace();
  } catch ( BadPaddingException e ) { 
  e.printStackTrace();
  } catch ( NoSuchAlgorithmException e ) {
  e.printStackTrace();
  } catch ( InvalidKeyException e ) {
  e.printStackTrace();
  } catch (IllegalBlockSizeException e ) {
  e.printStackTrace();
  static byte[] hexStringToBytes( String s ) {
  int iLength = s.length();
  int iBuff = iLength / 2;
  byte[] buff = new byte[ iBuff ];
  int j = 0;
  for(int i = 0; i < iLength; i+=2) {
  try {
  String s1 = s.substring(i, i+2);
  buff[j++] = (byte) Integer.parseInt(s1, 16);
  } catch ( Exception e ) {
  e.printStackTrace();
  return buff;
  static String hex(byte[] data) {
  StringBuilder sb = new StringBuilder();
  for (byte b : data) {
  sb.append(Character.forDigit((b & 240) >> 4, 16));
  sb.append(Character.forDigit((b & 15), 16));
  return sb.toString();
  }

• How to setup a template to issue SHA1 certs if I have a SHA256 chain

  Hi All
  Can any one tell me how to setup a template to issue SHA1 certs if I have a SHA256 chain. I looked at the templates and I didn’t see where it is specified?
  Puneet Singh

  Certificate signature algorithm is CA-wide settings and independent from certificate templates. You have to configure your CA to use SHA1 signature:
  certutil -setreg ca\csp\cnghashalgorithm sha1
  net stop certsvc && net start certsvc
  Vadims Podāns, aka PowerShell CryptoGuy
  My weblog: en-us.sysadmins.lv
  PowerShell PKI Module: pspki.codeplex.com
  PowerShell Cmdlet Help Editor pscmdlethelpeditor.codeplex.com
  Check out new: SSL Certificate Verifier
  Check out new:
  PowerShell File Checksum Integrity Verifier tool.

• Using SHA1 for passwords in Solaris 10

  Does any know how to use SHA1 encryption for passwords on Solaris 10? I know I'd need to modify crypt.conf, but I don't know where to get the .so to go along with that.
  I'm moving some users from Mac OS X, and their passwords are SHA1 hashes.
  Thanks!
  Mike VanHorn
  [email protected]

  yes, no and maybe :-)
  There is a command in /usr/platform/SUNW,Sun-Fire-V210/sbin which allows you to control the LOM, the name of this command is "scadm", the LOM packages on the supplemental CD are for different (older) types of LOM and doesn't to anything useful at all on a SunFire V210.
  However, even though the scadm command let you administer the LOM, it won't display the temprature, but you can use the prtdiag -v command to display information about fans, tempratures and friends.
  Happy Easter.
  //Magnus

• Retrieve Certificate Info for dual-signed SHA1/SHA256

  With SHA1 being deprecated we're starting to see files with multiple digital signatures (like msvcr120.dll).  I have code that uses the crypto API (CryptQueryObject, CryptGetMsgParam, CryptMsgOpenToDecode, CryptMsgUpdate, etc.) to get certificate information
  from the signature.
  The problem is that I don't see two signatures.  It appears there's only one message with one signer.  Is there an updated API I should be using?  How is this modeled internally; is it multiple messages, multiple signers, or a single
  signature with multiple certificates? 
  In Windows 8 and Server 2012 I can see both signatures in the properties and see there are two separate certificates, one using a sha1 digest and the other using a sha256.  How do I acquire that information programmatically?

  Have you tried
  ImageEnumerateCertificates?

• Java sha1 and PHP sha1

  Hello to everyone.
  When encoding with PHP using sha1 i do not get the same result as Java's sha1 encoding.
  For example encoding letter 'e' in PHP produces:
  58e6b3a414a1e0[b]90dfc6029add0f3555ccba127f
  whereas in Java it produces:
  58e6b3a414a1e0[b]3fdfc6029add0f3555ccba127f
  Below is the code i am using for both Java and PHP
  String password=pass;
            java.security.MessageDigest d =null;
            try {
                 d = java.security.MessageDigest.getInstance("SHA-1");
            } catch (NoSuchAlgorithmException e) {
                 // TODO Auto-generated catch block
                 e.printStackTrace();
            d.reset();
            d.update(password.getBytes());
            String secret = new String (d.digest());
            secret.getBytes();
            StringBuffer sb = new StringBuffer(secret.getBytes().length * 2);
          for (int i = 0; i < secret.getBytes().length; i++) {
               int b = secret.getBytes() & 0xFF;
  sb.append(HEX_DIGITS.charAt(b >>> 4)).append(HEX_DIGITS.charAt(b & 0xF));
  return sb.toString();     
  PHP Code:
  $str = 'e';
  $str2=sha1($str2);
  echo $str2;Anyone had similar problems and found a solution to them? I cannot see any mistake in the code so any help would be much appreciated.
  P.S: I am running Java 1.4 and PHP 5.1.6 configuration
  Kind Regards
  Christophoros

  Hi,
  I found your reply regarding "Java sha1 and PHP sha1" on the forum and would like to ask another related question.
  I use the following statement to insert username/password to the database:
  INSERT INTO [db_Report].[dbo].[tblLogin]
  ([USERNAME]
  ,[PASSWORD])
  VALUES
  ('test'
  ,HashBytes('MD5', 'password'))
  GO
  In my Java code, however, the following method always return false. I noticed that in the database
  HashBytes('MD5', 'password') returns "0x5F4DCC3B5AA765D61D8327DEB882CF99"
  while
  The the encrypted login password is "[B@13d93f4" in the Java code.
  In this case, how should I check the password, using MessageDigest or not ?
  Many thanks.
  ===============
       {code}private static boolean authenticateUser(String username, String loginPassword){
            boolean authenticate = false;
            Connection con = getDatabaseConnection();
            if (con != null){
                 StringBuffer select = new StringBuffer("");
                 select.append("SELECT password from [db_MobileDetectorReport].[dbo].[tblUserLogin] where username = '"+username+"'");
                 String strSelect = select.toString();
                 try {
                      PreparedStatement ps=con.prepareStatement(strSelect, ResultSet.TYPE_FORWARD_ONLY, ResultSet.CONCUR_UPDATABLE);
                      ResultSet rsResult = ps.executeQuery();
                      byte[] passBytes = loginPassword.getBytes();                    
                      MessageDigest md = MessageDigest.getInstance("MD5");               
                      byte[] encryptedLoginPWD = md.digest(passBytes);
                      System.out.println("encryptedLoginPWD="+encryptedLoginPWD.toString());
                      if (rsResult.next()) {
                           byte[] databasePWD=rsResult.getBytes(1);
                           authenticate=MessageDigest.isEqual(encryptedLoginPWD,databasePWD);
                 } catch (Exception e) {
                      //TBD
            } else {
                 //TBD
            return authenticate;
       }{code}
  Edited by: happy_coding on Dec 21, 2009 1:39 PM{code}{code}
  Edited by: happy_coding on Dec 21, 2009 1:40 PM

• SHA1 Signature not in PKCS#7 Format

  Hello,
  we got a Problem with a Signet XML request.
  We want to Communicate with a service Provider via XML request. The interface of the Service Provider want to have a SHA1 signature of the Data we send. As fare es I now the SSF Library is only supporting Signatures in  PKCS#7 Format my question is if there is a solution just to gernerate the SHA1 Signature without having it in PKCS#7 Format.
  king regards
  Floran

  Hi oliver,
  thank you for your Answer. You are right. The Problem is the partner don't want the container format pkcs#7. He just want to have a SHA1/RSA signature value. No Container. Can I somhow extract the encryptet digest part out of the container in ABAP? Or is there a function module where I can generate a sha1/rsa signatur with the Keys from the SSF Keystore?
  king regards
  Florian

• Ksetup: Enforce use of AES256-CTS-HMAC-SHA1-96 fails

  Hi,
  Windows 7 Home Premium x64 authenticating to a Kerberos 5 install on Ubuntu 14.04.2.  Please note the problems are not with the latter part, several Linux clients use the Kerberos KDC without issue, and an install of "Kerberos For Windows"
  with "Network Identity Manager" on the Windows 7 client works fine, but it does not integrate with the rest of the system, so...
  I have used Ksetup to set the realm, add a KDC, mapped the local user to the principal, and set the machine password (principal exists in the KDC); no problems.  However, the KDC is configured to only accept AES256-CTS-HMAC-SHA1-96.
  When I try the following it does not work:
  C:\>ksetup /setenctypeattr REALM AES256-CTS-HMAC-SHA1-96
  Setting enctypes for domain REALM to:AES256-CTS-HMAC-SHA1-96
  Setting enctypes on REALM failed with 0xc0000034
  Failed /SetEncTypeAttr : 0xc0000034
  C:\>ksetup /addenctypeattr REALM AES256-CTS-HMAC-SHA1-96
  Query of attributes on REALM failed with 0xc0000034
  Failed /AddEncTypeAttr : 0xc0000034
  When I perform a kinit, this is apparent (note that this is getting a response from the KDC, as using an invalid username results in a different error explicitly stating that it is invalid):
  C:\>kinit username
  Password for username@REALM:
  Exception: krb_error 14 KDC has no support for encryption type (14) - CANT_FIND_CLIENT_KEY KDC has no support for encryption type
  KrbException: KDC has no support for encryption type (14) - CANT_FIND_CLIENT_KEY
  at sun.security.krb5.KrbAsRep.<init>(Unknown Source)
  at sun.security.krb5.KrbAsReq.getReply(Unknown Source)
  at sun.security.krb5.KrbAsReq.getReply(Unknown Source)
  at sun.security.krb5.internal.tools.Kinit.sendASRequest(Unknown Source)
  at sun.security.krb5.internal.tools.Kinit.<init>(Unknown Source)
  at sun.security.krb5.internal.tools.Kinit.main(Unknown Source)
  Caused by: KrbException: Identifier doesn't match expected value (906)
  at sun.security.krb5.internal.KDCRep.init(Unknown Source)
  at sun.security.krb5.internal.ASRep.init(Unknown Source)
  at sun.security.krb5.internal.ASRep.<init>(Unknown Source)
  ... 6 more
  I have already set in the Group Policy settings the value of "Network security: Configure encryption types allowed for Kerberos" to "AES256_HMAC_SHA1" only.
  How can I force Windows to use the correct encryption type?
  For completeness, output of ksetup below:
  C:\>ksetup
  default realm = REALM (external)
  REALM:
  kdc = kdc.server.realm
  Realm Flags = 0x0No Realm Flags
  Mapping username@REALM to Username.
  Regards, Rob.
  Edit: Just found some interesting output in the KDC logs.  These are the only entries in there for the IP address of the Win7 client.
  Apr 04 11:15:23 hostname krb5kdc[1711](info): AS_REQ (4 etypes {18 17 16 23}) 10.x.x.x: CLIENT_NOT_FOUND: KERBEROS-KDC-PROBE@REALM for <unknown server>, Client not found in Kerberos database
  Apr 04 11:22:24 hostname krb5kdc[1711](info): AS_REQ (4 etypes {18 17 16 23}) 10.x.x.x: CLIENT_NOT_FOUND: KERBEROS-KDC-PROBE@REALM for <unknown server>, Client not found in Kerberos database
  Apr 04 11:34:02 hostname krb5kdc[1711](info): AS_REQ (5 etypes {3 1 23 16 17}) 10.x.x.x: CLIENT_NOT_FOUND: Username@REALM for <unknown server>, Client not found in Kerberos database
  Apr 04 11:34:18 hostname krb5kdc[1711](info): AS_REQ (5 etypes {3 1 23 16 17}) 10.x.x.x: CANT_FIND_CLIENT_KEY: username@REALM for krbtgt/REALM@REALM, KDC has no support for encryption type
  Apr 04 12:07:13 hostname krb5kdc[1711](info): AS_REQ (4 etypes {18 17 16 23}) 10.x.x.x: CLIENT_NOT_FOUND: KERBEROS-KDC-PROBE@REALM for <unknown server>, Client not found in Kerberos database
  Apr 04 12:33:45 hostname krb5kdc[1711](info): AS_REQ (2 etypes {18 3}) 10.x.x.x: ISSUE: authtime 1428147225, etypes {rep=18 tkt=18 ses=18}, username@REALM for krbtgt/REALM@REALM
  Apr 04 12:33:45 hostname krb5kdc[1711](info): TGS_REQ (1 etypes {18}) 10.x.x.x: BAD_ENCRYPTION_TYPE: authtime 0, username@REALM for cifs/nas.server.realm@REALM, KDC has no support for encryption type
  Apr 04 12:46:17 hostname krb5kdc[1711](info): AS_REQ (5 etypes {3 1 23 16 17}) 10.x.x.x: CANT_FIND_CLIENT_KEY: username@REALM for krbtgt/REALM@REALM, KDC has no support for encryption type

  Hi,
  I'm sorry but this problem do need to be post at Windows Server forum, please access to the link below to post your question at Windows Server Forum:
  https://social.technet.microsoft.com/Forums/sharepoint/en-US/home?category=windowsserver
  Please remember to mark the replies as answers if they help, and unmark the answers if they provide no help. If you have feedback for TechNet Support, contact [email protected]

• How to call sha1.js

  i have deployed sha1.js on my server and given the path to it in my html region. How do i call this particular .js file. how do i use it from here on then. pls help asap
  regards
  sam
  Message was edited by:
  Samd

  hi john
  i am trying to make a login page for users. in that i am taking the user name and password and matching it with the ones in our database. in order to achieve that i am using a 'hash' function that concatenates the user name, password and time stamp and passes the value to the function. now apex has an inbuilt js file caled sha1.js. this particular file uses the hash function i just talked about above. i have declared the sha1 function in the header of my page. the declaration looks like this :
  var = sha1(string1||'-'||string2||'-'||sha1(string3));
  but it is not being called, hence i need some help over this issue.
  sam

• Generate a Sha1 CSR on a ASA5520 8.2.1

  I am tring to get an SSL certificate on my ASA to use with AnyConnect when I generate the "cerificate signing reequest", the asa hashes it with MD5 not SHA1 and the provider I am purchasing my public SSL certificate from will only allow SHA1 CSR's
  The code on my asa is fairly old now version 8.2.1, is there anyway  I can generate the csr in sha1 format without upgrading the ios on my asa?

  This is a limitation (or weakness) in earlier versions of the ASA and although it is not a bug, a bug report has been created to fix this issue.  You need to upgrade to 8.2(2) or higher to solve your issue.  Here is a link to the bug report:
  http://tools.cisco.com/Support/BugToolKit/search/getBugDetails.do?method=fetchBugDetails&bugId=CSCsw88068
  Please rate all helpful posts and remember to select a correct answer

• SHA1 digest error for javax/mail/MessagingException

  java.lang.SecurityException: SHA1 digest error for javax/mail/MessagingException.class
       at sun.security.util.ManifestEntryVerifier.verify(ManifestEntryVerifier.java:194)
       at java.util.jar.JarVerifier.processEntry(JarVerifier.java:201)
       at java.util.jar.JarVerifier.update(JarVerifier.java:188)
       at java.util.jar.JarVerifier$VerifierStream.read(JarVerifier.java:411)
       at sun.misc.Resource.getBytes(Resource.java:97)
       at java.net.URLClassLoader.defineClass(URLClassLoader.java:256)
       at java.net.URLClassLoader.access$000(URLClassLoader.java:56)
       at java.net.URLClassLoader$1.run(URLClassLoader.java:195)
       at java.security.AccessController.doPrivileged(Native Method)
       at java.net.URLClassLoader.findClass(URLClassLoader.java:188)
       at java.lang.ClassLoader.loadClass(ClassLoader.java:306)
       at sun.misc.Launcher$AppClassLoader.loadClass(Launcher.java:276)
       at java.lang.ClassLoader.loadClass(ClassLoader.java:251)
       at java.lang.ClassLoader.loadClassInternal(ClassLoader.java:319)
  Exception in thread "main"
  What could be the problem for this error Exception ???
  Thanks and Regards.

  Hi!
  Do you use some plugins with eclipse IDE, like Tomcat by example or other plugins ... ?
  If yes, update mail.jar and activation.jar inside Tomcat or in your lib project Eclipse...
  You have a conflict with the class loader that check for security for class javax/mail/MessagingException
  See you Manifest.mf inside mail.jar :
  (old version here...)
  Manifest-Version: 1.0
  Implementation-Version: 1.4
  Specification-Title: JavaMail(TM) API Design Specification
  Specification-Version: 1.3
  Implementation-Title: javax.mail
  Extension-Name: javax.mail
  Created-By: 1.5.0 (Sun Microsystems Inc.)
  Implementation-Vendor-Id: com.sun
  Implementation-Vendor: Sun Microsystems, Inc.
  Specification-Vendor: Sun Microsystems, Inc.
  SCCS-ID: @(#)javamail.mf     1.6 05/12/09
  Name: javax/mail/search/SearchTerm.class
  SHA1-Digest: SwGnDhIUmpZhfhq/FKkCQ9nD7ZE=
  Name: javax/mail/SendFailedException.class
  SHA1-Digest: XdCEygaIZQB9YrH2WIr4nPRYYk0=
  Name: javax/mail/MessagingException.class
  SHA1-Digest: lfjX30OQ88v/n9G9fTJGqjFmPd0=
  regards,

• Digest a large file using SHA1

  Hi,
  Is it possible to hash a file of size 1 GB with MessageDigest class. All the update method of the MessageDigest class are having only byte[] as argument. I guess reading the entire file(of size 1GB) and creating a byte array and updating it in to the MessageDigest class is not a good idea. Instead of doing it do we have any other ways/API supports for updating a FileInputStream to a MessageDigest class? It would be good if it takes care of intelligent hashing of large files.
  I tried with multiple updates(of MessageDigest class) and it is taking 80 seconds to digest a single file of size 1.4GB. I believe it is huge time to get a hash of a file. In my system I am having billions of files that need to be hashed. Please suggest me if you have any other mechanism to do it very quickly.

  Dude, your worry is well-founded - butu it isn't a Java problem. What people are trying to tell you is, you can't do what you want, becuase you don't have enough computing power. Let's do the math, shall we? You give a figure of "100 terabytes daily". Let's assume you want to limit that to "in eight hours," so you can run your backup and still leave time to actually deal with the files.
  So - you want to process 1,000,000,000,000 bytes / 8*60*60 s, = 35Mb/s (roughly). On a 3Ghz machine, that leaves you 100 instruction cycles per byte to load from tape (!!!), process the SHA1 algorithm, and write the results.
  What's the maximum streaming capacity, in Mb/sec, of your tape system?
  I don't think there's ANY reasonable way of doing this - certainly not serially. You could manage it with a processing farm - with 100GB tapes, assign one tape to a single CPU, and then your "terabytes' of storage are handleable. You just need 100 machines to get the job done.
  In any event - your speed issue is almost certainly NOT Java's problem.
  Grant

• Windows 10 TP build 9926 Enterprise English UK x64 iso SHA1 value

  I am getting the media driver missing error during installation.I cannot find the sha1 value for the iso.what is it?
  9926.0.150119-1648.FBL_AWESOME1501_CLIENTENTERPRISE_VOL_X64FRE_EN-GB.ISO
  mine is F204C1DBDDA7F7653B24F51D845F823FF2858338
  I want to check if my iso is alright

  On Sun, 25 Jan 2015 01:52:15 +0000, ArunavaRay wrote:
  I am getting the media driver missing error during installation.I cannot find the sha1 value for the iso.what is it?
  9926.0.150119-1648.FBL_AWESOME1501_CLIENTENTERPRISE_VOL_X64FRE_EN-GB.ISO
  mine is F204C1DBDDA7F7653B24F51D845F823FF2858338
  I want to check if my iso is alright
  Where did you download the ISO from? The SHA1 value on MSDN is the same as
  yours (copied and pasted directly from MSDN):
  F204C1DBDDA7F7653B24F51D845F823FF2858338
  but the file name of the ISO is different..
  Paul Adare - FIM CM MVP
  When computers emit smoke, it means they've chosen a new Pope.
  Unfortunately, they invariably choose the wrong one and immediately get
  condemned to nonfunctionality for heresy. -- Anthony DeBoer

• Java.lang.SecurityException: invalid SHA1 signature file digest for com/cry

  While running AVK I've got following error reported on 3d party code we are using. Is there anything that I can do to resolve this issue?
  Thank you in advance,
  Irena
       Error Name : com.sun.enterprise.tools.verifier.tests.web.WebArchiveClassesLoadable
       Error Description : java.lang.SecurityException: invalid SHA1 signature file digest for com/crystaldecisions/MetafileRenderer/DeviceContext$GDIState.class
       at sun.security.util.SignatureFileVerifier.verifySection(SignatureFileVerifier.java:390)
       at sun.security.util.SignatureFileVerifier.process0(SignatureFileVerifier.java:241)
       at sun.security.util.SignatureFileVerifier.process(SignatureFileVerifier.java:191)
       at java.util.jar.JarVerifier.processEntry(JarVerifier.java:235)
       at java.util.jar.JarVerifier.update(JarVerifier.java:190)
       at java.util.jar.JarFile.initializeVerifier(JarFile.java:304)
       at java.util.jar.JarFile.getInputStream(JarFile.java:366)
       at sun.net.www.protocol.jar.JarURLConnection.getInputStream(JarURLConnection.java:119)
       at java.net.URL.openStream(URL.java:913)
       at java.lang.ClassLoader.getResourceAsStream(ClassLoader.java:997)
       at com.sun.enterprise.tools.verifier.apiscan.classfile.BCELClassFileLoader.load(BCELClassFileLoader.java:69)
       at com.sun.enterprise.tools.verifier.apiscan.classfile.ClosureCompilerImpl.buildClosure(ClosureCompilerImpl.java:170)
       at com.sun.enterprise.tools.verifier.apiscan.classfile.ClosureCompilerImpl.buildClosure(ClosureCompilerImpl.java:176)
       at com.sun.enterprise.tools.verifier.apiscan.classfile.ClosureCompilerImpl.buildClosure(ClosureCompilerImpl.java:176)
       at com.sun.enterprise.tools.verifier.apiscan.classfile.ClosureCompilerImpl.buildClosure(ClosureCompilerImpl.java:176)
       at com.sun.enterprise.tools.verifier.apiscan.classfile.ClosureCompilerImpl.buildClosure(ClosureCompilerImpl.java:133)
       at com.sun.enterprise.tools.verifier.tests.web.WebArchiveClassesLoadable.check(WebArchiveClassesLoadable.java:53)
       at com.sun.enterprise.tools.verifier.tests.web.WebTest.check(WebTest.java:46)
       at com.sun.enterprise.tools.verifier.CheckMgr.check(CheckMgr.java:76)
       at com.sun.enterprise.tools.verifier.web.WebCheckMgrImpl.check(WebCheckMgrImpl.java:32)
       at com.sun.enterprise.tools.verifier.BaseVerifier.verify(BaseVerifier.java:86)
       at com.sun.enterprise.tools.verifier.web.WebVerifier.verify(WebVerifier.java:43)
       at com.sun.enterprise.tools.verifier.VerificationHandler.runVerifier(VerificationHandler.java:136)
       at com.sun.enterprise.tools.verifier.VerificationHandler.verifyArchive(VerificationHandler.java:82)
       at com.sun.enterprise.tools.verifier.Verifier.verify(Verifier.java:75)
       at com.sun.enterprise.tools.verifier.Verifier.main(Verifier.java:53)

  could you solve the problem? while I'm connecting to sql server , I get the same error. in fact, i can connect to server through eclipse ide but when i export my application into a jar and try connecting to server through the jar, this problem occurs.
  I thought, you can give me a idea. I don't know where I should start. please, help me..
  Exception in thread "main" java.lang.SecurityException: invalid SHA1 signature f
  ile digest for com/microsoft/sqlserver/jdbc/SQLServerException.class
  at sun.security.util.SignatureFileVerifier.verifySection(Unknown Source)
  at sun.security.util.SignatureFileVerifier.processImpl(Unknown Source)
  at sun.security.util.SignatureFileVerifier.process(Unknown Source)
  at java.util.jar.JarVerifier.processEntry(Unknown Source)
  at java.util.jar.JarVerifier.update(Unknown Source)
  at java.util.jar.JarFile.initializeVerifier(Unknown Source)
  at java.util.jar.JarFile.getInputStream(Unknown Source)
  at sun.misc.URLClassPath$JarLoader$2.getInputStream(Unknown Source)
  at sun.misc.Resource.cachedInputStream(Unknown Source)
  at sun.misc.Resource.getByteBuffer(Unknown Source)
  at java.net.URLClassLoader.defineClass(Unknown Source)
  at java.net.URLClassLoader.access$000(Unknown Source)
  at java.net.URLClassLoader$1.run(Unknown Source)
  at java.security.AccessController.doPrivileged(Native Method)
  at java.net.URLClassLoader.findClass(Unknown Source)
  at java.lang.ClassLoader.loadClass(Unknown Source)
  at sun.misc.Launcher$AppClassLoader.loadClass(Unknown Source)
  at java.lang.ClassLoader.loadClass(Unknown Source)
  at java.lang.ClassLoader.loadClassInternal(Unknown Source)

• What is the MD5 or SHA1 checksum for Mac OSX Mavericks 10.9.2 InstallESD.dmg

  As like in title, What is the MD5 or SHA1 checksum for Mac OSX Mavericks 10.9.2 InstallESD.dmg ?
  I see a strange dates in installation files, so I ask, for security.

  If You can help me, but You dont know how
  open terminal
  write:
  openssl md5 (place on disk where You have installation app)Mavericks.app/Contents/SharedSupport/InstallESD.dmg
  enter and wait for md5 long number

• HMAC (SHA1) key longer than 81 characters not possible?

  Not sure whether I'm in the correct forum...
  To sign a message for a specific application with HMAC-SHA1 hash I need a 83 character key.
  My problem: the function module 'SET_HMAC_KEY' throws the exception "param_length_error". After I've testet with several key length, I found out, that the maximum valid length is 81. Is there any reason for this?
  With 3rd party libraries (ie. Python and Javascript) longer keys are working.
  Code:
  CALL FUNCTION 'SET_HMAC_KEY'
    EXPORTING
      generate_random_key         = ' '
      alg                         = 'SHA1'
      keycstr                     = 'cB1phTHISISATESTVuZMDmWCz1CEMy82iBC3HgFLpE&7857T...YFqV93gRJQ'
      client_independent          = ' '
    EXCEPTIONS
      unknown_alg                 = 1
      param_length_error          = 2
      internal_error              = 3
      param_missing               = 4
      malloc_error                = 5
      abap_caller_error           = 6
      base64_error                = 7
      calc_hmac_error             = 8
      rsec_record_access_denied   = 9
      rsec_secstore_access_denied = 10
      rsec_error                  = 11
      rng_error                   = 12
      record_number_error         = 13
      OTHERS                      = 14.
  Best regards, Uwe
  Edited by: Julius Bussche on Aug 5, 2010 10:19 PM
  I truncated the key further because in a coding tag it toasts the formatting when too long.

  Hi,
  yes, we can :-). Let say that SAP implementation supports a key with size more than 81 bytes. Then according to specification if the key is longer than block size of hash function (64 bytes for SHA-1) then it would use hash function to reduce original key to new key with size equals to output size of hash function (20 bytes for SHA-1). Therefore doing this step manually before calling SET_HMAC_KEY is equal to calling SET_HMAC_KEY which supports keys longer than 81 bytes.
  The easiest way how to check this is to compare some HMAC-SHA1 implementation with the result produced by my proposed logic.
  DATA: text TYPE string,
          key_str TYPE string,
          hash TYPE hash160x,
          key TYPE xstring,
          hmac TYPE hash512_base_64.
    text = 'Hello'.
    key_str = '012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789'.
    CALL FUNCTION 'CALCULATE_HASH_FOR_CHAR'
      EXPORTING
        data  = key_str
      IMPORTING
        hashx = hash.
    key = hash.
    CALL FUNCTION 'SET_HMAC_KEY'
      EXPORTING
        generate_random_key = space
        alg                 = 'SHA1'
        keyxstr             = key
        client_independent  = space.
    CALL FUNCTION 'CALCULATE_HMAC_FOR_CHAR'
      EXPORTING
        alg        = 'SHA1'
        data       = text
      IMPORTING
        hmacbase64 = hmac.
    WRITE: / hmac.
  Javascript version
  var hmac = Crypto.HMAC(Crypto.SHA1, "Message", "Secret Passphrase");
  var hmacBytes = Crypto.HMAC(Crypto.SHA1, "Message", "Secret Passphrase", { asBytes: true });
  var hmacString = Crypto.HMAC(Crypto.SHA1, "Message", "Secret Passphrase", { asString: true });
  Both implementations return "qsXNz/wecK4PMob6VG9RyRX6DQI=".
  Cheers
  Sorry for formatting but it looks like something is broken.
  Edited by: Martin Voros on Aug 6, 2010 10:34 PM