Unable to retrieve public key and signature.

Similar Messages

• Looking for "PDF Public-Key Digital Signature and Encryption Specification"

  Hi,
  i am looking for the following ("old") document:
  PDF Public-Key Digital Signature and Encryption Specification
  Originally i could be found here:
  http://partners.adobe.com/asn/developer/acrosdk/DOCS/ppk_pdfspec.pdf
  But not anymore. Does somebody of you still have it? Adobe today just offers the latest documents but i specifically need that older version.
  Or is there an archive i don't know of?
  Thanks for your help,
  ToM

  You can read the PDF 1.5 specification OR even ISO 32000-1 itself for that information. Each feature is "tagged" with the specific version in which it was introduced.
  Digital Signatures were first introduced in Acrobat 4 (PDF 1.3) and have seen various improvements which each version since.

• Retrieved public key not match with real public key on certificate

  //@@public key from certificate
  *30 81 89 02 81 81*
  +00 92 28 98 7b 71 5e 3b 58 93 7a 58 cd 9e b8 17 c6 8e 74 51 c7 32 be 73 c6 54 d6 e5 3b c8 3c 89 c5 6c cd 59 b2 40 58 f2 83 f4 8d c8 b0 5f 57 26 d9 27 88 ff 76 1b 2d 5e 78 8c aa 66 2e 68 1e ed 01 5a 09 c9 5f fb 11 9d 33 4d 57 f1 02 f8 61 4b 71 08 c9 da db 5c a7 c8 fa a6 ed f6 d5 1b 78 72 20 33 0b 80 6c 07 e0 14 7c 49 b5 e3 aa 39 79 28 9e 76 3f 9c 23 7b ea 5c b3 fd 79 cb d5 71 3d d4 f9 02 03 01 00 01+
  //@@retrieved public key from certificate partially not match
  *30 3F 9F 30 0D 06 09 2A 86 48 86 F7 0D 01 01 01 05 00 03 3F 3F 00 30 3F 89 02 3F 3F*
  +00 92 28 98 7B 71 5E 3B 58 93 7A 58 CD 9E B8 17 C6 8E 74 51 C7 32 BE 73 C6 54 D6 E5 3B C8 3C 89 C5 6C CD 59 B2 40 58 F2 83 F4 3F C8 B0 5F 57 26 D9 27 88 FF 76 1B 2D 5E 78 8C AA 66 2E 68 1E ED 01 5A 09 C9 5F FB 11 3F 33 4D 57 F1 02 F8 61 4B 71 08 C9 DA DB 5C A7 C8 FA A6 ED F6 D5 1B 78 72 20 33 0B 80 6C 07 E0 14 7C 49 B5 E3 AA 39 79 28 9E 76 3F 9C 23 7B EA 5C B3 FD 79 CB D5 71 3D D4 F9 02 03 01 00 01+
       * Convert into hex values
       private static String hex(String binStr) {
            String newStr = new String();
            try {
                 String hexStr = "0123456789ABCDEF";
                 byte [] p = binStr.getBytes();
                 for(int k=0; k < p.length; k++ ){
                      int j = ( p[k] >> 4 )&0xF;
                      newStr = newStr + hexStr.charAt( j );
                      j = p[k]&0xF;
                      newStr = newStr + hexStr.charAt( j ) + " ";
            } catch (Exception e) {
                 System.out.println("Failed to convert into hex values: " + e);
            return newStr;
       * Get public key from keystore.
       * The public key is in the certificate.
       private static Key getPublicKey(String keyname, String keystore)
       throws IOException, KeyStoreException, NoSuchAlgorithmException,
       CertificateException {
            KeyStore ks = KeyStore.getInstance("JKS");
            ks.load(new FileInputStream(keystore), KEYSTORE_PASS.toCharArray());
            X509Certificate cert = (X509Certificate) ks.getCertificate(keyname);
            if (cert != null) {
                 return cert.getPublicKey();
            return null;
  // Read the public key from keystore certificate
                 RSAPublicKey keystorepub = (RSAPublicKey) keystorecert.getPublicKey();
                 tempPub = keystorepub.getEncoded();
                 sPub = new String( tempPub );
                 System.out.println("Public key from keystore:\n" + hex(sPub) + "\n");Italic part is match part however bold part is not match, i think should be calculation on convert hex incorrect.

  the public key on certificate can view direct in hex format although inside the certificate is in byte[] format,hence during extract public key from certificate via java code,need to convert from byte[] to hex string and then compare it.
  this is the picture of certificate that display public key in hex format
  [http://i225.photobucket.com/albums/dd135/ocibala109/cert.jpg]
  Edited by: ocibala on Oct 7, 2008 8:51 PM

• TMADMIN_CAT:1607: ERROR: Unable to initialize public key subsystem

  Hi All,
  I have installed HCM 9 with 8.49.08 PeopleTools on CentOS 5.3 Linux. Everything went fine (I have completed the creation of database) until I am about to start the application server that I have just created. I am getting this error, "TMADMIN_CAT:1607: ERROR: Unable to initialize public key subsystem".
  @Nicolas
  I have followed the instructions in your blog (it's very helpful). However I am now stack with this error.
  Screenshot of the error after trying to boot the appserv:
  PeopleSoft Domain Boot Menu
  Domain Name: DMHCM
  1) Boot (Serial Boot)
  2) Parallel Boot
  q) Quit
  Command to execute (1-2, q) [q]: 1
  psappsrv.cfg has changed archiving old one...
  Copying DMHCM/Archive/psappsrv.cfg to DMHCM/Archive/psappsrv_092509_0140_32.cfg
  Attempting to boot bulletin board...
  tmadmin - Copyright (c) 1996-1999 BEA Systems, Inc.
  Portions * Copyright 1986-1997 RSA Data Security, Inc.
  All Rights Reserved.
  Distributed under license by BEA Systems, Inc.
  Tuxedo is a registered trademark.
  TMADMIN_CAT:1607: ERROR: Unable to initialize public key subsystem
  ==============ERROR!================
  Boot attempt encountered errors!. Check the TUXEDO log for details.
  ==============ERROR!================
  Do you wish to see the error messages in the APPSRV.LOG file? (y/n) [n] :
  Here the content of the ULOG:
  CentOSLinux:psoft /applications/speople/pt849/appserv >tail ULOG.092509
  014032.CentOSLinux!tmadmin.24422.3086362304.-2: 09-25-2009: Tuxedo Version 9.1, 32-bit
  014032.CentOSLinux!tmadmin.24422.3086362304.-2: GP_CAT:1345: ERROR: pif: can't load 'registry.so'
  014032.CentOSLinux!tmadmin.24422.3086362304.-2: LIBSEC_CAT:22: ERROR: Unable to realize the ecsec_map_proof interface implementation native/security/map_proof. Error code (-5000)
  014032.CentOSLinux!tmadmin.24422.3086362304.-2: LIBTUX_CAT:6275: ERROR: Unable to initialize public key subsystem (-3003)
  014032.CentOSLinux!tmadmin.24422.3086362304.-2: LIBTUX_CAT:6204: ERROR: Could not initialize public key subsystem
  020404.CentOSLinux!tmadmin.25119.3086403264.-2: 09-25-2009: Tuxedo Version 9.1, 32-bit
  020404.CentOSLinux!tmadmin.25119.3086403264.-2: GP_CAT:1345: ERROR: pif: can't load 'registry.so'
  020404.CentOSLinux!tmadmin.25119.3086403264.-2: LIBSEC_CAT:22: ERROR: Unable to realize the ecsec_map_proof interface implementation native/security/map_proof. Error code (-5000)
  020404.CentOSLinux!tmadmin.25119.3086403264.-2: LIBTUX_CAT:6275: ERROR: Unable to initialize public key subsystem (-3003)
  020404.CentOSLinux!tmadmin.25119.3086403264.-2: LIBTUX_CAT:6204: ERROR: Could not initialize public key subsystem
  This seems to be the main culprit... GP_CAT:1345: ERROR: pif: can't load 'registry.so' and I have searched this forum and found several suggestions like make sure that LD_LIBRARY_PATH is correctly set .. incorrect permssions, delete the .adm ... etc. I have done all of this suggestions. I even re-installed the Tuxedo 9.1 with the assumption that some files like resistry,.so might have been corrupted but this all did not resolved the issue. I believe I have done my I could before going here asking for help.
  Here is the content of my .bash_profile:
  # .bash_profile
  PS1='CentOSLinux:$USER $PWD >'
  # Get the aliases and functions
  if [ -f ~/.bashrc ]; then
  . ~/.bashrc
  fi
  # User specific environment and startup programs
  PATH=$PATH:$HOME/bin
  export PATH
  unset USERNAME
  export BEA=/applications/speople/bea
  export TUXDIR=/applications/speople/bea/tuxedo91
  export BEA_HOME=/applications/speople/bea/weblogic92
  export ORACLE_HOME=/applications/oracle/10.2.0
  export PATH=$PATH:$ORACLE_HOME/bin
  LD_LIBRARY_PATH=$ORACLE_HOME/lib; export LD_LIBRARY_PATH
  LIBPATH=$TUXDIR/lib:$LIBPATH:/usr/lib; export LIBPATH
  export PS_HOME=/applications/speople/pt849
  . $PS_HOME/psconfig.sh
  I would really appreciate any help on this issue. Many thanks.

  Please, check if you have the following RPM installed :
  [root@centos ~]# more /etc/redhat-release
  CentOS release 5.3 (Final)
  [root@centos ~]# rpm -q compat-libstdc++-33-3.2.3-61.i386
  compat-libstdc++-33-3.2.3-61
  [root@centos ~]#I tested it on CentOS5.3, everything is working fine. Please, see below all the installation steps :
  1. Install CentOS 5.3 with all the default settings
  2. Install Tuxedo
  2.1 => Modify the file ./linux/sles9/base/tuxedo91_32_SLES_9_x86.bin
  mv ./linux/sles9/base/tuxedo91_32_SLES_9_x86.bin /tmp/tuxedo91_32_SLES_9_x86.bin
  cat /tmp/tuxedo91_32_SLES_9_x86.bin|sed 's/export LD_ASSUME_KERNEL/#xport LD_ASSUME_KERNEL/' > ./linux/sles9/base/tuxedo91_32_SLES_9_x86.bin2.2 => Download and install JDK5
  ./jdk-1_5_0_21-linux-i586-rpm.bin
  For inquiries please contact:  Sun Microsystems,  Inc., 4150
  Network  Circle,  Santa  Clara,   California  95054,  U.S.A.
  (LFI#143333/Form ID#011801)
  Do you agree to the above license terms? [yes or no]
  yes
  Unpacking...
  Checksumming...
  0
  0
  Extracting...
  UnZipSFX 5.50 of 17 February 2002, by Info-ZIP ([email protected]).
    inflating: jdk-1_5_0_21-linux-i586.rpm
  Preparing...                ########################################### [100%]
     1:jdk                    ########################################### [100%]
  Done.
  [root@centos JDK5]# # /usr/sbin/alternatives --install /usr/bin/java java /usr/java/jdk1.5.0_21/bin/java 2
  [root@centos JDK5]# /usr/sbin/alternatives --config java
  There are 4 programs which provide 'java'.
    Selection    Command
  *  1           /usr/lib/jvm/jre-1.6.0-openjdk/bin/java
     2           /usr/lib/jvm/jre-1.4.2-gcj/bin/java
  + 3           /usr/java/jdk1.5.0_16/bin/java
     4           /usr/java/jdk1.5.0_21/bin/java
  Enter to keep the current selection[+], or type selection number: 4
  [root@centos JDK5]# java -version
  java version "1.5.0_21"
  Java(TM) 2 Runtime Environment, Standard Edition (build 1.5.0_21-b01)
  Java HotSpot(TM) Client VM (build 1.5.0_21-b01, mixed mode, sharing)
  [root@centos JDK5]#2.3 => Modify the file install.sh
  The line
  sh $INSTALL_BINARY -f $SILENT_INSTALL_FILE > $INSTALLER_OUTPUT;becomes
  sh $INSTALL_BINARY LAX_VM /usr/java/jdk1.5.0_21/jre/bin/java -f $SILENT_INSTALL_FILE > $INSTALLER_OUTPUT;2.4 => run the Tuxedo Installer
  sh ./install.sh3. Install Peopletools
  4. Install the RPM (from the CentOS 5.3 DVD) - this is required for psadmin
  rpm -Uvh compat-libstdc++-33-3.2.3-61.i386.rpm5. Install additional RPMs for Oracle
  rpm -Uvh libXp-1.0.0-8.1.el5.i386.rpm
  rpm -Uvh kernel-headers-2.6.18-128.el5.i386.rpm
  rpm -Uvh glibc-headers-2.5-34.i386.rpm
  rpm -Uvh glibc-devel-2.5-34.i386.rpm
  rpm -Uvh compat-gcc-34-3.4.6-4.i386.rpm
  rpm -Uvh libgomp-4.3.2-7.el5.i386.rpm
  rpm -Uvh gcc-4.1.2-44.el5.i386.rpm
  rpm -Uvh gcc-c++-4.1.2-44.el5.i386.rpm
  rpm -Uvh compat-glibc-headers-2.3.4-2.26.i386.rpm
  rpm -Uvh compat-glibc-2.3.4-2.26.i386.rpm
  rpm -Uvh glibc-utils-2.5-34.i386.rpm
  rpm -Uvh compat-db-4.2.52-5.1.i386.rpm
  rpm -Uvh compat-gcc-34-c++-3.4.6-4.i386.rpm
  rpm -Uvh compat-libstdc++-296-2.96-138.i386.rpm
  rpm -Uvh gcc43-4.3.2-7.el5.i386.rpm
  rpm -Uvh gcc43-c++-4.3.2-7.el5.i386.rpm6. Install Oracle (database or client depending of the config)
  6.1 => add the entry in tnsnames.ora
  6.2 => create the symbolic link
  [oracle@centos oracle]$ cd $ORACLE_HOME/lib
  [oracle@centos lib]$ ln -s libclntsh.so libclntsh.so.9.06.3 => make the ORACLE_HOME readable and executable for everbody
  7. psoft user
  7.1 => The .bash_profile
  [psoft@centos ~]$ more .bash_profile
  # .bash_profile
  # Get the aliases and functions
  if [ -f ~/.bashrc ]; then
          . ~/.bashrc
  fi
  # User specific environment and startup programs
  export ORACLE_HOME=/oracle/10.2
  PATH=$PATH:$HOME/bin:$ORACLE_HOME/bin
  export PATH
  export LD_LIBRARY_PATH=$LD_LIBRARY_PATH:$ORACLE_HOME/lib
  export PS_HOME=/psoft/psoft849
  . $PS_HOME/psconfig.sh
  [psoft@centos ~]$7.2 => Modify the file $PS_HOME/psconfig.sh
  PS_HOSTTYPE=redhat-4-ia32;export PS_HOSTTYPE8. psadmin, create the new domain, and start
  PeopleSoft Domain Boot Menu
       Domain Name: DMOHRMS9
    1) Boot (Serial Boot)
    2) Parallel Boot
    q) Quit
  Command to execute (1-2, q) [q]: 1
  psappsrv.cfg has changed archiving old one...
  Copying DMOHRMS9/Archive/psappsrv.cfg to DMOHRMS9/Archive/psappsrv_092609_1218_35.cfg
  Attempting to boot bulletin board...
  tmadmin - Copyright (c) 1996-1999 BEA Systems, Inc.
  Portions * Copyright 1986-1997 RSA Data Security, Inc.
  All Rights Reserved.
  Distributed under license by BEA Systems, Inc.
  Tuxedo is a registered trademark.
  No bulletin board exists. Entering boot mode.
  INFO: BEA Tuxedo, Version 9.1, 32-bit, Patch Level 036
  INFO: Serial #: 650522264137-2065448083901, Expiration NONE, Maxusers 1000000
  INFO: Licensed to: Oracle-Peoplesoft-ISV
  Booting admin processes ...
  exec BBL -A :
          process id=26552 ... Started.
  1 process started.
  Attempting to boot ...
  INFO: BEA Tuxedo, Version 9.1, 32-bit, Patch Level 036
  INFO: Serial #: 650522264137-2065448083901, Expiration NONE, Maxusers 1000000
  INFO: Licensed to: Oracle-Peoplesoft-ISV
  Booting server processes ...
  exec PSWATCHSRV -A -- -ID 176290 -C psappsrv.cfg -D DMOHRMS9 -S PSWATCHSRV :
          process id=26555 ... Started.
  exec PSAPPSRV -s@../psappsrv.lst -s@../psqcksrv.lst -sICQuery -sSqlQuery:SqlRequest -- -C psappsrv.cfg -D DMOHRMS9 -S PSAPPSRV :
          process id=26556 ... Started.
  exec PSAPPSRV -s@../psappsrv.lst -s@../psqcksrv.lst -sICQuery -sSqlQuery:SqlRequest -- -C psappsrv.cfg -D DMOHRMS9 -S PSAPPSRV :
          process id=26560 ... Started.
  exec PSAPPSRV -s@../psappsrv.lst -s@../psqcksrv.lst -sICQuery -sSqlQuery:SqlRequest -- -C psappsrv.cfg -D DMOHRMS9 -S PSAPPSRV :
          process id=26564 ... Started.
  exec PSSAMSRV -A -- -C psappsrv.cfg -D DMOHRMS9 -S PSSAMSRV :
          process id=26568 ... Started.
  exec PSMONITORSRV -A -- -ID 176290 -C psappsrv.cfg -D DMOHRMS9 -S PSMONITORSRV :
          process id=26571 ... Started.
  exec JSL -A -- -d unused -n //centos.phoenix-nga:9000 -m 1 -M 3 -I 5 -j ANY -x 40 -S 10 -c 1000000 -w JSH :
          process id=26574 ... Started.
  exec JREPSVR -A -- -W -P /psoft/psoft849/appserv/DMOHRMS9/jrepository :
          process id=26576 ... Started.
  8 processes started.HTH,
  Nicolas.

• Creating a single public key and multiple private keys

  Hello,
  I am new to java cryptography. The problem statement is :-
  We have an accounting application, with flexibility of number of users and companies. The number of users and companies for this application has to be restricted based on the license the user has. That is the user will download our application via web while the user downloads he has to be given the key according to the license he has requested (i.e. single or multiple users/companies), I am unable to get the logic of private and public keys as such, y because which ever alogorithm i saw will generate a public and private key in pairs hence i am bit confused. Clearly, For ever additional user (or company) we r charging additional amount hence different license (keys) have to be generated dynamically for different users. I think this can be achived by creating one single public key and multiple private keys, but i am not sure . Please help me out.

  Hi kazim
  would u pls elaborate this , since i am working on same kind of scenario and finding solutions is difficult . Since encryption is done at our end and wen some user downloads an application he is unable to track where it was encrypted . What i have undestand about public /private is that they work in agreement between client and server and both has to come to agreement to share the data. Pls correct me if i am wrong.
  Ours is different senario we will send some key in download application and will want him to decrypt it . What would u suggest for this kind of scenario?
  Thanks in advance
  Janesh

• Unable to retrieve the operations and entities during service introspection

  Hi,
                    I created one sample flex mobile project using flash builder 4.5, i would like to invoke the web service (wsdl file), which is developed in java and hosted in remote machine server.i want to call a one getEmployeeList method from the webservice.
                        In flash builder i used the menu Data->connect to web service , i gave the url, changed the service name and package name, after that i clicked next button,
  the service introspection dialog appears and after a few seconds, flash builder 4.5 shows the message "Unable to retrieve the operations and entities from the web service" and "There was an error during service interospection".
                     I try to open the url in the browser window i could able to see the wsdl file.so, please help me to solve this issue!
  Thanks & Regards,
  siva
  Message was edited by: siva csc

  same problem also on my xampp installation , it worked perfect with REST service in the previous flex 3 release , is it my apache conf or something related on Flash builder
  this happens when I call my function that connect to mysql do the query and returns the array object
  Err log from Flash Builder 4:
  There was an error during service introspection.
  <br /><b>Warning</b>:  require_once(Zend/Loader/Autoloader.php) [<a href='function.require-once'>function.require-once</a>]: failed to open stream: No such file or directory in <b>C:\xampp\htdocs\MYAPP\bin-debug\gateway.php</b> on line <b>23</b><br /><br /><b>Fatal error</b>:  require_once() [<a href='function.require'>function.require</a>]: Failed opening required 'Zend/Loader/Autoloader.php' (include_path='.;C:\xampp\php\pear\;C:/xampp/htdocs/ZendFramework/library') in <b>C:\xampp\htdocs\MYAPP\bin-debug\gateway.php</b> on line <b>23</b><br />
  thanks in advance
  P

• PKCS#11 Provider unable to fetch asymmetric keys and certificates

  Hi,
  I'm facing a problem while getting keys and certificate from Eracom HSM (ProtectServer Orange:38039 Model: PSO:PL50) using Sun PKCS#11 Provider. It gets only the symmetric keys but NEVER gets the asymmetric keys.
  My code snippet and configuration file are:
       Java Code:
       java.io.InputStream is = new java.io.FileInputStream("pkcs11.cfg");
  sun.security.pkcs11.SunPKCS11 pkcs11_provider = new sun.security.pkcs11.SunPKCS11(is);
  System.out.println("Provider Name : " + pkcs11_provider.getName());
  java.security.Security.addProvider(pkcs11_provider);
  KeyStore ks = KeyStore.getInstance("PKCS11", pkcs11_provider);
  ks.load(null, "password".toCharArray());
  java.util.Enumeration obj_enumeration = ks.aliases();
  while (obj_enumeration.hasMoreElements()) {
  String str_certAlias = (String) obj_enumeration.nextElement();
  System.out.println("Alias : " + str_certAlias);
       pkcs11.cfg:
       name = Eracom
       library = G:\Eracom\cryptoki.dll
       slot = 0
       attributes(*, CKO_PRIVATE_KEY, *) = {
       CKA_TOKEN = false
       CKA_SENSITIVE = false
       CKA_EXTRACTABLE = true
       CKA_DECRYPT = true
       CKA_SIGN = true
       CKA_SIGN_RECOVER = true
       CKA_UNWRAP = true
       attributes(*, CKO_PUBLIC_KEY, *) = {
       CKA_ENCRYPT = true
       CKA_VERIFY = true
       CKA_VERIFY_RECOVER = true
       CKA_WRAP = true
  I also ran my program without specifying any attributes in configuration file, also tried many other combination, but in all cases (with or without attributes) only symmetric keys are loaded from HSM. I am able to get all keys (symmteric and asymmteric) and certificates from the same HSM using IAIK PKCS#11 Provider. Though, the Sun PKCS#11 Provider is working fine with SmartCard tokens (Rainbow, Alladin etc.)
  Any help to resolve my problem would be highly appreciated.
  Thanks in advance.

  I recently had a problem with ECDSA and the PKCS#11 library of nCipher. Here's info from one of their engineers about the PKCS11 library:
  "There are two separate issues - one is that our current pkcs11
  release doesn't support ECDSA signature with SHA-2 hashes
  (the v11.00 firmware adds support for it, but the main release version of
  the pkcs11 library hasn't been updated to take advantage of it yet).
  There is a hotfix version that does support SHA-2 hashes with some
  restrictions, talk to [email protected] for details, and V11.10
  should be out soon and have that merged in.
  But the issue with setting CKA_SIGN is that our underlying HSM API
  allows elliptic curve keys to be either key exchange (ECDH) or
  signature (ECDSA) keys, but not both at one.
  At the PKCS #11 level, if you specify CKA_DERIVE=true and let
  CKA_SIGN default, it will default to false, and vice versa.
  If you specify both CKA_DERIVE=true and CKA_SIGN=true, then we
  return CKR_TEMPLATE_INCONSISTENT because we can't do both with
  the same key. (However, the tests using C_GetMechanismInfo will
  show that we can do both mechanisms, because we can - so long
  as you use different keys, even though they have the same PKCS#11
  type.)
  I can't comment on when or how that will be changed."
  I was using the PKCS#11 library through NSS when I ran into the problem, but I imagine Java would run into similar problems also using the PKCS#11 library. I was able to generate keypairs but not create a CSR (which required making a signature, which required SHA-2).
  Can you just use the java classes to speak to the netHSM? I've never directly written code to do so myself, but I have used Corestreet's OCSP product that uses the java classes to speak to the nCipher HSMs (though not using EC). It might work better than going through the PKCS#11 layer. There should be a java directory under NFAST_HOME that contains some jars.
  Please post back if you figure anything out as I'll probably be playing with this stuff myself soon.
  Dave

• Bit Locker Data retrieval forgot key and password

  Hi All,
  I am using Windows 7 utlimate version and unfortunately i forgot my password and key as a result of which i cannot retrieve my data .
  Can anyone please tell how to recover data without using password and recovery key

  Hello,
  As far as I know it will be difficult to achieve this.
  Indeed if there's another way to do this, it means that there's a security hole on this protection.
  Regards,
  Follow me on Twitter http://www.twitter.com/liontux | My Blog (French/English) :
  http://security.sakuranohana.fr/

• Install fails at "Generating public key and SQL Server certificate"

  I'm attempting to install a Child Primary Site and am running into an issue.
  Currently there is a CAS and another Child Primary Site already deployed and running fine.
  I've re-installed the SQL instance for the Site I'm having an issue with as well as re-installed Server 2008 R2 for this site.
  During install I'm getting the following:
  Failed to retrieve SCCM-SQL.domain.local SQL Server SerializedEncodedCertificate. $$<Configuration Manager Setup><02-11-2014 08:47:54.180+480><thread=4572 (0x11DC)>
  ERROR: Failed to read CAS SQL Server information, store CAS SQL Sever certificate or register connection to the CAS database. $$<Configuration Manager Setup><02-11-2014 08:47:54.180+480><thread=4572 (0x11DC)>
  Invalid certificate $$<Configuration Manager Setup><02-11-2014 08:47:54.212+480><thread=4572 (0x11DC)>
  WARNING: Failed to remove SCCM-SQL.domain.local SQL Server certificate from store (TrustedPeople) on site server (FS1.domain.local). $$<Configuration Manager Setup><02-11-2014 08:47:54.212+480><thread=4572 (0x11DC)>
  The SQL instance has permissions added for the Computer account as well as the username that is being used to install the Site. Any leads on what is giving me this headache?

  Yes, each instance is currently running SQL Server 2008 R2 10.50.2811. Also, they all are on the same collation of SQL_Latin1_General_CP1_Cl_AS.

• How to get the private and public key?

  there is my code,i want to get the public key and the private key �Cbut i could not find the the approprite method to solve the problem.
  import java.security.Key;
  import javax.crypto.Cipher;
  import java.security.KeyPairGenerator;
  import java.security.KeyPair;
  import java.security.Security;
  public class PublicExample {
  public static void main(String[] args) throws Exception {
  if (args.length != 1) {
  System.err.println("Usage:java PublicExample <text>");
  System.exit(1);
  byte[] plainText = args[0].getBytes("UTF8");
  System.out.println("\nStart generating RSA key");
  KeyPairGenerator keyGen = KeyPairGenerator.getInstance("RSA");
  keyGen.initialize(512);
  KeyPair key = keyGen.generateKeyPair();
  System.out.println("Finish generating RSA key");
  Security.addProvider(new org.bouncycastle.jce.provider.BouncyCastleProvider());
  Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding", "BC");
  //System.out.println("\n" + cipher.getProvider().getInfo());
  System.out.println("\nStart encryption");
  cipher.init(Cipher.ENCRYPT_MODE, key.getPublic());
  byte[] cipherText = cipher.doFinal(plainText);
  System.out.println("Finish encryption:");
  System.out.println(new String(cipherText, "UTF8"));
  System.out.println("\nStart decryption");
  cipher.init(Cipher.DECRYPT_MODE, key.getPrivate());
  /*i want to get the private and public key in this method ,but i found the result was not
  the one i expected to get,how to solve the problem?
  thanks in advance!
  System.out.println("private key:" + key.getPrivate().toString());
  System.out.println("public key:" + key.getPublic().toString());
  byte[] newPlainText = cipher.doFinal(cipherText);
  System.out.println("Finish decryption:");
  System.out.println(new String(newPlainText, "UTF8"));
  thanks in advance!

  System.out.println("private key:" +
  " + key.getPrivate().toString());
  System.out.println("public key:" +
  + key.getPublic().toString());
  key.getPrivate() returns an instance of PrivateKey and key.getPublic() returns an instance of PublicKey. Since PublicKey and PrivateKey are interfaces then they will return one of the concrete implementations. Check out the Javadoc for PublicKey and PrivateKey.
  When you know which concreate implemenation you have then you can use the methods on that object (by appropriate casting) to find the information you want.

• How to get the private and public keys to use recaptcha?

  I have registered with google to get a recaptcha for my website. All I got was the site key and secret key! Though I need to get the public and private key for muse!

  Hello,
  Please use site Key as "Public Key"and Secret key as "Private Key".
  Regards
  Vivek

• Public key

  Hi
  I have a digital ID and I´d like to create a public key and send to my partners to allow them viewing my encripted documents
  How to create a public id?
  Thanks a lot

  Hi Steve
  Let me see if I´ve understood. I create a self-sign. After I export it to a FDF file and send to my partners. When encripting documents, they use that public key. I´m the only person who will be able to open that PDF.
  If I want to send someone an encrypted pdf, then I take its FDF and encrypt the document. My parner will be able to open.
  Am I right? ----->> According to this issue...Have you listened about any way to decrypt Pdfs without IDs...or up this time encrypt document with certification is 100% secure?
  Last question
  Is there any way to send PDfs over the web..the person is able to open (without using IDs) but not ever print or edit? I´ve experienced placing signature, certifying and password protection, but there is always a illegal program able to modify and edit or create a new pdf over that one.
  Is it possible? How could I do it?
  Thanks so much Steve
  Thanks a lot

• How to get Public Key Remainder?

  Hi Friends..
  Sorry, i have a little doubt regarding the Public Key Remainder..
  What is Public Key Remainder used for?.. is it a part of Public Key?.. How to get it from Public Key, especially in Java?
  As far as i know that the Public Key is constructed with Modulus and Exponent, and with this we can Encrypt and Verify data was signed by Private Key..
  In Java, we can expose Public Key's modulus and public exponent using RSAPublicKey, there's no method to expose Public Key's Remainder..
  Please help me regarding this..
  Thanks

  Leonardo Carreira wrote:
  Hi Shane,
  Thanks for your reply.. :)
  safarmer wrote:
  In that case the exponent and remainder are you public key (exponent and modulus) and the certificate is defined in the definitions section of Book 3. It is a secure way of verifying the public key and it's owner through a trusted certification authority.
  EMV Book 3 tends to use Remainder and Modulus interchangeably.You mean, the Issuer (in this case one of E,M, and V) should provide 2 certificates for 1 card?..
  This is implemented on SDA or DDA?..
  Sorry, i'm still have no idea..
  The Remainder and Modulus should be used interchangeably?..
  How the Host and Card can decides in each transaction whether it will use Remainder or Modulus?..I mean that the terminology is used interchangeably. They refer to the same thing as far as the actual key is concerned.
  Cheers,
  Shane

• Encrypting a vote with a servers public key...HELP!

  Hey, I really need some help( online voting application)....what I want to do it allow a voter to be able to submit a ballot(vote) via servlets, they encrypt the ballot with the servers public key and then the ballot is stored in a database, where at another time the administrator may decrypt the ballot(s) using the servers private key. I have already sorted the voters authentication(MD5), and at the moment the servlet submits the ballot in an unencrypted form....so I just need a little help from here. I enclose my code and I would be truly grateful of someone could give me a hand.
  import java.io.*;
  import javax.servlet.*;
  import javax.servlet.http.*;
  import java.sql.* ;
  public class CastVote extends HttpServlet{
  public void doPost(HttpServletRequest request, HttpServletResponse response)
  throws ServletException,IOException{
  try {
  String jmulligan= request.getParameter("jmulligan");
  String pkelly=request.getParameter("pkelly");
  String mjones=request.getParameter("mjones");
  response.setContentType("text/html");
  PrintWriter out=response.getWriter();
  Class.forName("sun.jdbc.odbc.JdbcOdbcDriver");
  Connection con = DriverManager.getConnection ("jdbc:odbc:evoting");
  Statement stmt = con.createStatement();
  stmt.executeUpdate(
  "INSERT INTO Ballot (JMulligan, PKelly, MJones)"
  + "VALUES ('"+jmulligan+"','"+pkelly+"','"+mjones+"') ");
  stmt.close();
  out.println("<HTML>\n"+
  "<HEAD><TITLE>EVoting</TITLE></HEAD>\n"+
  "<BODY BGCOLOR=\"127734\">\n"+
  "<H1>Your Ballot has been entered as follows</H1>\n"+
  "<H1>J Mulligan got "+ jmulligan +"</H1>\n"+
  "<H1> M Jones got "+ mjones +"</H1>\n"+
  "<H1> P Kelly got "+ pkelly +"</H1>\n"+
  "</BODY></HTML>");
  catch( Exception e ) {
  System.out.println(e.getMessage());
  e.printStackTrace();
  thanks
  Jacinta
  PS I have ssl configured, with a self signed cert.

  Hey!
  I am also in the middle of doing an en=voting application as part of my thesis! Its interesting to see the way other people do the voting. Well, my experience so far is that I cannot get public/private key encryption to work. I have posted many topics on this forum regarding it and the reason it wont work is that the ballot that I am trying to enctypt is too large for the ballot object . I used the RSA algoithm and it wasn't able to handle my large object. So instead I have just used a symmetric algorithm and that works fine. I think its the DES algorithm. The only problem with this is that you are using the same key to encrypt and decrypt the ballot. I dont think this is secure. It has been reccomended to me that I use this symmetric algorithm as it is, but that I then use public/private key to encrypt the symmetric key! I still have a problem with this because if the key is still encrypted with public key, the user must have acces to the private key to decrypt the symmetric key to decryt the ballot. See where I'm going?
  I would love to know of an asymmetric algorithm that can encrypt large objects. That would solve the whole security issue. I will post a replyhere if I find out the answer.
  By the way, how is your project going?
  All the best,
  Chris Moltisanti

• Public Key Encryption

  Hi guys,
  I have to sign some data (a byte array) using a Public Key.
  How can I do that?
  (I know it's a bit strange..but I have to do this....)
  Thanks a lot...bye!!

  What you're really asking for is to do something with the data that only the owner of the Private Key can use. What you should be looking at is encryption with the Public Key and not Signing with the Public Key. You will find many examples on this forum, in the JCE web-pages at Sun and in David Hook's Book "Beginning Cryptography in Java".