La Billetterie

Un peu de tout saupoudré délicatement

Affichage des articles dans Pki

http://msdn.microsoft.com/en-us/library/ms867088.aspx PKCS #12 File Types: Portable Protected Keys in .NET (de Michel I. Gallant) CryptAcquireContext( &m_hProvider, m_wszContainer, AesProviders[m_nIndex].params.lpwsz, AesProviders[m_nIndex].params.dwType, CRYPT_DELETEKEYSET ); ici aussi http://www.jensign.com/JavaScience/dotnet/PFXOpen/code/PfxOpen.cs Example C Program: Using CryptAcquireContext http://msdn.microsoft.com/en-us/library/aa382375(VS.85).aspx http://www.derkeiler.com/Newsgroups/microsoft.public.platformsdk.security/2005-01/0186.html CryptAcquireContext with CRYPT_DELETEKEYSET physically deletes the container and all data associated with it, so to say keys, names etc. http://www.derkeiler.com/Newsgroups/microsoft.public.platformsdk.security/2005-01/0195.html Some CSPs won’t care, […]

Apple iOS : problème de visualisation des PDF signé http://discussions.apple.com/thread.jspa?threadID=2514592&tstart=0 L’exemple de PDF signé utilisé : http://blogs.adobe.com/security/SampleSignedPDFDocument.pdf Complément : Notre méthode d’ajout de champs dans les PDF ne marche pas non plus, à voir avec xpdf sous linux s’il y a le même problème. Avec chrome 8 et le viewer intégré, même combat, j’ai ouvert […]

You should look into ECC and EC-DSA. A P-192 signature is 48 bytes

IEEE P1363 : http://grouper.ieee.org/groups/1363/StudyGroup/NewFam.html TSH-ESIGN: Efficient Digital Signature Scheme Using Trisection Size Hash […] more efficient than any representative signature scheme such as elliptic curve and RSA based signature schemes. Moreover, TSH-ESIGN is provably secure in the strongest sense (existentially unforgeable against adaptive chosen message attacks) in the random oracle model […] […] EPOC and […]

L’utilisation de SHA-1 est codé en dur dans le code : http://groups.google.fr/group/mozilla.dev.tech.crypto/msg/7a15dafef963fe20 https://mxr.mozilla.org/comm-central/source/mailnews/extensions/smime/src/nsMsgComposeSecure.cpp#496 Mais le message suivant dit que la couche correct est utilisée ? http://groups.google.fr/group/mozilla.dev.tech.crypto/msg/c442455aacd7eba7 Soit nsCMSMessage : http://mxr.mozilla.org/comm-central/ident?i=nsCMSMessage depuis mozilla/security/manager/ssl/src/nsCMS.cpp ??? A investiguer …

http://www.quadibloc.com/crypto/jscrypt.htm Zero-Knowledge Undeniable Signature : http://dsns.csie.nctu.edu.tw/research/crypto/HTML/PDF/E90/458.PDF The Decision Diffie-Hellman Problem : http://eprints.kfupm.edu.sa/69406/1/69406.pdf

The crypto object offers a logout method that does it. http://mxr.mozilla.org/security/source/security/manager/ssl/src/nsCrypto.cpp#2875 En fait cette fonction désactive tous les PIN déjà entré, et oblige à se relogguer sur tous les token I see no browser code that calls SSL_InvalidateSession http://mxr.mozilla.org/security/ident?i=SSL_InvalidateSession Ici, c’est bon, en appelant cela, on supprime la session.

http://kuix.de/conspiracy/ Cert Viewer Plus : Export certificat en PEM = 2 extension chinoises * CA Untrustworthy, Delete or disable CA certificates owned by CNNIC * Cert Alert, Notify the user if download any content from CNNIC SSL sites. Certificate Patrol : Permet de détecter tout renouvellement de certificat Key manager : You can think of […]

Customer Sues Bank After Phishing Attack MI-Based Business Lost $550,000 in Breach Texas Bank Sues Customer After $800,000 Scam Banks Asks Court to Declare Security Measures ‘Reasonable’

Biovein : http://www.easydenticgroup.org/index.php?RubID=1 http://www.biovein.com/ Cette technologie d’identification du réseau veineux est qualifiée de sans trace. […] l’analyse du réseau veineux d’un individu est unique et ne peut être reproduit. […] des rayons infrarouges révèle alors le réseau veineux du doigt de l’individu […] http://news.cnet.com/8301-17938_105-10154711-1.html http://www.usinenouvelle.com/article/biometrie-sony-authentifie-les-reseaux-veineux-des-doigts.N29640 http://www.ixplora.com/sony-discusses-finger-vein-authentication-system-for-mobile-devices/ http://www.hitachi.com/New/cnews/070720.html http://www.abiova.com/biometrie_veine.asp http://www.h-online.com/security/features/Vein-patterns-as-an-alternative-to-finger-prints-747147.html http://www.h-online.com/security/news/item/Vein-scanner-shrunk-1231462.html http://www.h-online.com/security/news/item/Hitachi-s-reader-and-SDK-for-biometric-vein-identification-now-available-733316.html It took 0.015 seconds […]

New AES software speed records, Sur http://cryptojedi.org/users/peter/ Cache-timing resistant AES for 64-bit Intel processors sur http://www.cryptojedi.org/crypto/index.shtml Cracker rapide de md 5 Implementation de Gladman : http://gladman.plushost.co.uk/oldsite/AES/index.php Diskcryptor aurait une implémentation particulièrement efficace d’AES en code généré. Optimizing OpenSolaris With Open Source regroupe pas mal d’info sur les meilleurs implémentations. Polyakov défend en commentaire ses choix […]

Voir cet article pour les interfaces Framework: http://msdn.microsoft.com/en-us/library/ms180945%28VS.80%29.aspx How to: Sign Messages by One Signer : This example creates a CMS/PKCS #7 signed message by using System.Security.Cryptography.Pkcs http://msdn.microsoft.com/en-us/library/ms180956(VS.80).aspx How to: Sign a Message by Multiple Signers : This example creates a CMS/PKCS #7 signed message by using System.Security.Cryptography.Pkcs. http://msdn.microsoft.com/en-us/library/ms180957.aspx Mais – CmsSigner Class Pas supporté […]

CertVerify : Vérifie la sécurité des programmes http://msdn.microsoft.com/en-us/library/aa925236.aspx Description de la sécurité module de WM 6 http://blogs.gotdotnet.com/ce_base/archive/2007/01/02/ce6-module-security.aspx Documentation msdn du Security Model de WM6 http://technet.microsoft.com/en-us/library/cc182298.aspx CSP disponibles: http://technet.microsoft.com/en-us/library/cc182284.aspx Windows CE Enhanced Cryptographic Service Provider 5.01 (this is the default for Windows Mobile-powered devices Le document suivant prouve que WM gère le SHA-2 : http://csrc.nist.gov/groups/STM/cmvp/documents/140-1/140sp/140sp560.pdf Version […]

Un exemple .Net [StructLayout(LayoutKind.Sequential,CharSet= CharSet.Unicode)] public struct CRYPTUI_VIEWCERTIFICATE_STRUCT { public int dwSize; public IntPtr hwndParent; public int dwFlags; [MarshalAs(UnmanagedType.LPWStr)] public String szTitle; public IntPtr pCertContext; public IntPtr rgszPurposes; public int cPurposes; public IntPtr pCryptProviderData; public Boolean fpCryptProviderDataTrustedUsage; public int idxSigner; public int idxCert; public Boolean fCounterSigner; public int idxCounterSigner; public int cStores; public IntPtr rghStores; […]

https://sunny1.flp.cs.tu-berlin.de/wikis/edu-ws06/images/f/fc/DNS-Documentation.pdf https://lists.berlios.de/pipermail/polish-users/2007-May/002118.html https://devel.nuclex.org/external/svn/directx/trunk/native/include/D3DX10tex.h https://svn.physiomeproject.org/svn/physiome/mozilla/old-trunk/security/manager/boot/src/nsSecureBrowserUIImpl.cpp https://www.certicom.com:8888/index.php?action=company,press_archive&view=523 https://www.support.modernisation.gouv.fr https://cryptolux.uni.lu/FAQ_on_the_attacks https://www.bountysource.com/ https://bytebucket.org/ Issued for bitbucket https://svn.boost.org/trac/boost/changeset/40558 http://svn.boost.org/trac/boost/wiki/ReleasePractices/HotFixes (the browser still shows the http URL when asking for connexion confirmation https://lists.berlios.de/pipermail/tslib-general/2010-July/000302.html https://www.register.facebook.com/pages/Camille-Pissarro/109222702437481?sk=info (*.facebook.com doesn’t match www.register.facebook.com) http://mail.printemps.com/ Was using a certificate that expires the 5/7/2011 on the 10/7/2011. 4072th French sites on Alexa, but truly it’s a top known […]

Explication du processus par la FSF : http://fsffrance.org/dcssi/dcssi.fr.html Le décret : http://www.legifrance.gouv.fr/affichTexte.do?cidTexte=JORFTEXT000000758922&fastPos=1&fastReqId=1141220367

Une doc sympa sur le xpointer: http://www.emilienkia.fr/wiki/doku.php?id=doc:web:xpointer Tuto zvon: http://www.zvon.org/xxl/XPointerTutorial/Output/index.html J’avais vu un tuto décrivant la forme: #xpointer(xmlns(ns= »uri ») xpointer(id(ns:xx)) mais ceci est plus simple : Un lien http://www.w3.org/TR/xptr-framework/ a aussi des exemples de fabrication d’URL avec des %20, etc.

http://blog.vamsoft.com/?p=48 if your .NET assembly is signed using Authenticode, every time the assembly is loaded, Windows performs the Certificate Revocation List check (depending on the user settings). This potentially means a couple of seconds wait to get your .NET program started or even more if the firewall prevents the program from accessing the CRL. Excellent […]

NSS 3.12 will support EV certificates : « Libpkix provides a much more complete an modern parsing of certificates, most importantly policy parsing and handling cross certificate environments correctly. Both of these are needed for EV (the primary driver of getting libpkix in). (It also includes such things a on the fly fetching of intermediate certs. » […]

NSS will refuse to close with NSS_Shutdown if any reference hasn’t been released. (See <news:ct639f$id65@ripley.netscape.com> : « The reason do this is to prevent our clients from re-initializing NSS for a different user while some NSS objects that may potentially provide access to secret information of the previous user are still around. ») But how to check […]