Using Thales HSM, the following commands were executed:
Generate 2 ZMK components using A2 command:
A20002U;[print fields]
Components are successfully generated and printed, in A3 response we have the encrypted component:
A300[component][CV]
Form a key from encrypted components:
A42000U[1st component][2nd component]
Key is successfully formed:
A500[key][CV]
Calculate check value of encrypted component:
BUFF1[1st component];000;001
Then we get parity error:
BV10 (Source key parity error)
How is it possible? Is "BU" command not appropriate for obtaining component check value?
Try to check the BU key type.
The key type should be 100 instead of 000
BUFF1[1st component];100;001
Related
I am trying to access this endpoint, where signature parameter has to be sent as query parameter
https://binance-docs.github.io/apidocs/spot/en/#current-open-orders-user_data
I am trying to understand what value for that signature key should be passed.
Firstly i thought it was secret key binance exchange given. But it was not, because when try to above endpoint it says that :
{
"code": -1022,
"msg": "Signature for this request is not valid."
}
^Postman
As you can see i passed my secret key as the value for signature key. It is not working. So what am i really missing here ? or do i need to do some transformations to the secret key ? please help me understand it and advance thanks!
It looks like you are putting the timestamp before the recvWindow in your query string.
timestamp is always the last parameter and the order of the parameters in the docs clearly puts recvWindow before timestamp.
I managed to get it working with query string recvWindow=60000×tamp=1652512756366
Secret key and signature are two different things.
You need to sign the parameters with your secret key. This process produces a signature. And then you pass this resulting signature to the payload.
I'm not sure how to produce the signature in C++, however Binance docs show an example of signing the data in console with openssl (scroll right on all 3 examples).
I am working on a cloud HSM service and I see CKA_ATTRIBUTE_INVALID error when I am trying to create a AES 256 key with following attributes:
CKA_TOKEN=0
CKA_SENSITIVE=0
CKA_PRIVATE=1
CKA_ENCRYPT=1
CKA_DECRYPT=1
CKA_SIGN=1
CKA_VERIFY=1
CKA_WRAP=1
CKA_UNWRAP=1
CKA_DERIVE=1
CKA_EXTRACTABLE=1
CKA_MODIFIABLE=0
and hence the error:
Status: C_DeriveKey returned error. (CKR_ATTRIBUTE_VALUE_INVALID)
I figured out if I pass CKA_SENSITIVE and CKA_PRIVATE both as 1 it passes and key gets created.
My question is how do I know which are the valid attribute combinations?
Can someone point me to a documentation, please.
I didn't find much details in standard PKCS#11 spec guide.
I would appreciate any help here!!
Cheers.
As far as I can see the following attributes are have wrong values:
CKA_SIGN=1
CKA_VERIFY=1
Symmetric key can't be used in signing.
Also this values are have some questions:
CKA_TOKEN=0
means that the key is session object,
CKA_SENSITIVE=0
means that the key value is "visible" - it is not secure.
From my experience:
try to remove attributes from template one by one and you can find which of them are wrong.
I am trying to understand the usage of SCP DEK in store data command.
As per GP Card spec 2.2.1- "The data encryption key (DEK) for decrypting sensitive data, e.g. secret or private keys. This key is a double length DES key and is used as a static key."
I requirement to encrypt the Store data APDU data. Now I have 3 questions
Is indeed SCP DEK used to encrypt EMV AUKs (Application Unique Keys) present in one of these store data commands?
If statement #1 is correct the which key is used to encrypt data field in the APDU?
Is the an indicator in commands prior to store data which says that data field in store data command would be Encrypted or NOT?
I would be able to set store data CLA, INS, P1 and P2 as per GP card 2.2.1 and Amendment D spec.
Asking this question here since crypto.stackexchange does not have global platform and cryptography tags
Any help is appreciated
Nevermind, I found answer
Yes
S-ENC Secure Channel Protocol '03' – Public Release v1.1.1
section 6.2.6 APDU Command C-MAC and C-DECRYPTION Generation and
Verification
External Authenticate command P1 as per 7.1.2.1 Reference Control Parameter P1 – Security Level - (Encrypted value =03 - C-DECRYPTION and C-MAC/ Clear value = 01 - C-MAC)
I am using revel to build my webapplication and trying to write authentication module.
I finished with sign up part and now heading to write sign in part.
I read about security part on The definitive guide to form-based website authentication and will use this recommendation.
What I am really do not know is, how sign in works. I am imaging that the process works like this:
User write username and password into the html form and press sign in
Server receive request and the controller will check, if user information match with data on database.
If yes, how continue.
The third point is where I am staying. But I have some idea how could works and not sure, if is the right way.
So when sign in information match with the database, I would set in session object(hash datatype) key value pair signed_in: true. Everytime when the user make a request to the webapplication, that need to be authenticated, I would look in the session object, if signed_in is true or not.
This is the way I would do, but as I mentioned above, I do not know if it is the right way.
Yes like #twotwotwo mentioned, give it the user id and also a role.
So server side rendered flow: Step 1
user sends username (or other identifier) and secret.
using scrypt or bcrypt the secret is checked against the stored salted hash in the database
if it matches you create a struct or a map
serialize struct or map into string (json, msgpack, gob)
encrypt the string with AES https://github.com/gomango/utility/blob/master/crypto.go (for instance). Set a global AES key.
create a unique cookie (or session) identifier (key)
store identifier and raw struct or map in database
send encrypted cookie out (id = encrypted_struct_or_map aka the encrypted string)
On a protected resource (or page): Step 2
read identifier from cookie
check if id exists in db
decode cookie value using AES key
compare values from cookie with stored values
if user.role == "allowed_to_access_this_resource" render page
otherwise http.ResponseWriter.WriteHeader(403) or redirect to login page
Now if you wanted you could also have an application-wide rsa key and before encrypting the cookie value sign the string with the rsa private key (in Step 1). In Step 2 decode with AES key, check if signature valid, then compare content to db stored content.
On any changes you have to update the cookie values (struct/map) and the info in the database.
I'm writing an iPad game that sends hi-score type data (ie data beyond what Game Center supports) to a Google appengine datastore. It sends these updates via http GET or POST requests, such as http://myapp.appspot.com/game/hiscore/925818
Here is how I thought to ensure the appengine datastore isn't spammed with false data.
zip/encrypt the payload data using hardcoded p#ssw0rd saved in the iOS binary. Encode that binary data as base64. Pass base64 payload in the url query string or in the POST data. At handler, unbase64, then unzip data with p#ssw0rd. Follow instructions in payload to update highscore-type data.
CON: If p#ssw0rd is somehow derived from the iOS binary, this scheme can be defeated.
Is this adequate/sufficient? Is there another way to do this?
There is absolutely no way to make sure it's your client that sends the data. All you can try is to obfuscate some thing to make it harder for spammers to submit data.
However I think there are two thing you can do:
Have some kind of secrect key saved in the binary
Have a custom algorithm calculating some checksum
Maybe you can go with a combination of both. Let me give you an example:
Create some custom (complex!) alorithm like (simplyfied):
var result = ((score XOR score / 5) XOR score * 8) BITSHIFT_BY 3
Then use your static stored key with that result and a well known hash function like:
var hash = SHA256(StaticKey + result)
Then send that hash with the score to the server. The server has to "validate" the hash by performing the exact same steps (evaluate algorithm + do the SHA256 stuff) and compare the hashes. If they match the score hopefully comes from your app otherwise throw it away, it comes from a spammer.
However this is only one thing you can do. Have a look at the link from mfanto, there are many other ideas that you can look at.
Be sure to not tell anybody about how you're doing it since this is security through obscurity.
Ok me, there are 2 methods to do this.
1) Purchase an SSL certificate for $FREE.99 and open HTTPS connections only to your server to submit hiscore type data. Connection speed should be around 500 ms due to handshake roundtrip time.
2) Embed an RSA public key certificate in your iOS app, and have the RSA private key on your server.
You can then do 1 of 2 things with this second scheme:
IF your data messages are really small (≤256 B) you can just encrypt and send 256B packages (RSA payload is limited by the number of bits in the key)
ELSE IF the data is too large (>256B), generate a random symmetric key (AES), and pack:
SYMMETRIC AES KEY ENCRYPTED WITH RSA PUBLIC KEY
BINARY DATA ENCODED WITH SYMMETRIC AES KEY
The server then takes the first 256 bytes and decodes it, then the server uses that AES key to decrypt the rest of the message.
The above 2 only prevent eavesdropping, but it means the data format of your messages is hidden. At some level, it is still a type of security by obscurity, since if the hacker has your public key AND your message format, they can manufacture messages.