SHA-3 | C # implementation of the SHA-3 algorithm | Cryptography library
kandi X-RAY | SHA-3 Summary
kandi X-RAY | SHA-3 Summary
C# implementation of the SHA-3 algorithm.
Support
Quality
Security
License
Reuse
Top functions reviewed by kandi - BETA
Currently covering the most popular Java, JavaScript and Python libraries. See a Sample of SHA-3
SHA-3 Key Features
SHA-3 Examples and Code Snippets
Community Discussions
Trending Discussions on SHA-3
QUESTION
I am working on signature verification using BouncyCastle using C# and .NET 4.7.
I was following an answer here on SO that explained the verification process using SHA-256withECDSA here.
As per that my code for verifying signature for that example using both approaches works well as per below code fragment.
...ANSWER
Answered 2021-Nov-03 at 16:44There are several issues:
- An analysis with an ASN.1 Parser shows that the public key is given in X.509 format, s. e.g. here. I.e. the raw key
x|y
results as the last2 * 48 = 96
bytes:
QUESTION
How to sign the Tx data including ETH Keccak256
hashed addresses signature with secp256k1 (ECDSA)
keys and encode to DER
format in hex and verify in php?
I want to use only php libraries come with, openssl and others, to make secp256k1
private and public keys, sign, and convert to DER
format in hex
for making a sample of my cryptcoin.
Ethereum addresses are made by secp256k1 EDSA
keys, hash the 256 bits/64 character
pubic key made from the private key with Keccak256
(sha-3-256) hash algorithm to calculate hash, then take last 40 characters from the hash string in hex, add checksum, and add x0
prefix to the hashed string.
The example is shown in github.com/simplito/elliptic-php
repo as toDER()
function in elliptic-php/lib/EC/Signature.php
. The library is using BN-php
, but I want to use only php library, openssl
and others.
ANSWER
Answered 2021-Sep-18 at 11:57Okay, now I know what you want I've looked into this, and unfortunately I think you're out of luck. First to clarify, for Ethereum you want the signature in DER and the key format can vary depending on your software, but for an Ethereum account address you do NOT want the key in DER. Specifically an address is computed by:
represent the publickey point as raw X,Y coordinates, with no metadata like DER or even a single byte like X9.62 and no encoding like base64 or hex
take a Keccak256 hash and take the last 20 bytes, which can be represented (e.g. displayed) in hex with 0x prefixed for a total of 42 characters
For step 1, the keys used by OpenSSL, and thus by php's builtin module, are PEM format, as you see in your example, which consists of an ASN.1 (DER or sometimes BER) body encoded in base64 with linebreaks and header/trailer lines. Specifically the publickey is in the format defined by RFC7468 section 13 whose content is the SubjectPublicKeyInfo structure defined by X.509 and PKIX i.e. RFC5280 4.1.2.7 whose contents for a particular algorithm is defined in other standards; the case here, X9-style EC, is defined in RFC3279 2.3.5 and simplified by RFC5480 2.2 which reference X9.62 and SEC1. (Whew!) While these standards allow several options, OpenSSL in PHP always uses X9.62-uncompressed point format and DER encoding, so for this curve the data you need for Ethereum is simply the last 64 bytes of the DER decoded from the PEM:
QUESTION
I need to generate a fixed length hash of 30 characters based on some input data (like a customer email address) in Java. After some searching, I found out about SHA-3 sponge functions, where I can specify the required length. I implemented the following using Bouncy Castle SHAKEDigest
class.
ANSWER
Answered 2021-Jun-01 at 18:12Nit: SHAKEn are actually Extensible Output Functions (XOFs) built on the Keccak sponge in the same way that the (fixed length) SHA3 hashes are; see https://en.wikipedia.org/wiki/SHA-3#Instances .
But the point you seem to have misunderstood is that the underlying sponge makes each/all of these deterministic -- a given instance (parameterization) produces the same output everytime for the same input, and is not affected by the output size as such. Thus SHA3-256(m) is not the first 256 bits of SHA3-512(m) because it has different parameters, while SHAKE128(m,256) is the first 256 bits of SHAKE128(m,512) but is not SHAKE256(m,256).
Yes, you can truncate any SHA3 hash (or SHA2 hash for that matter) to a size smaller than its normal size and get a smaller but otherwise equally good crypto hash (pseudo-random, irreversible and noncolliding for real data), and people have in fact been doing exactly this for decades. But you can't safely increase it, which you can with an XOF like SHAKE.
QUESTION
I am learning about hashing and encryption and can’t seem to understand this:
Client: New user logs in => Creates password => Sent to a server in plain text
Server: Server generates a random "salt" => plain text and salt are unified => Hash function (e.g. SHA-3) hashes the password+salt into a hash => Hash is stored in DB.
Client: Same user logs out and logs in => Password sent to a server in plain text.
Server: Password needs to re-add the same salt it generated when creating the account to get the same hash.
How does the server generate that same random and unique salt? Is the salt stored on a different DB altogether? If a DB is compromised the hackers would also gain access to the salt and just brute force rainbow tables with the salt and unhash them.
...ANSWER
Answered 2021-Feb-19 at 13:12The salt that was randomly generated must be stored in the database and linked to the user that logged in. It could be simply added as another column in the user table.
In a typical setting, the salt and the password (or its version after key stretching) are concatenated and processed with a cryptographic hash function, and the output hash value (but not the original password) is stored with the salt in a database
Source: https://en.wikipedia.org/wiki/Salt_(cryptography) retrieved 19/02/21
The generation of the salt depends on which technology you are using. The following stack overflow answer has an example for PHP:
Can we use uniqid() to generate a unique Salt in PHP
The password should also never be sent in plain text to the server. This can be done via HTTPS for example
QUESTION
I want to produce 384-bit elliptical curve signature with SHA-384, to generate the keys I run the steps below by looking at this SO Generate EC KeyPair from OpenSSL command line
...ANSWER
Answered 2021-Jan-15 at 19:34According to https://lapo.it/asn1js/ your private key in PEM encoding is still an encrypted one - directly visible with "-----BEGIN ENCRYPTED PRIVATE KEY-----":
QUESTION
I use:
...ANSWER
Answered 2021-Jan-06 at 07:48Try to use this URL:
http://timestamp.globalsign.com/scripts/timestamp.dll
instead.
In your code:
$oSignedCode.Timestamp("http://timestamp.globalsign.com/scripts/timestamp.dll")
QUESTION
In Ethereum, the wallet address is the last 20 bytes of the keccak256 hash of the public key of the wallet.
I am working with Hyperledger Fabric EVM, and I would like to know which is the mechanism that is used to generate the address from the public key.
I applied keccak256, sha256, and sha-3 256 to my public key, but I didn't get the correct address...
It is my private key in pem format:
...ANSWER
Answered 2020-Dec-08 at 12:55The address is the last 20 bytes of the sha3-256 of 3059301306072a8648ce3d020106082a8648ce3d030107034200 + public_key_hex
In my example, take the last 160 bits (20 bytes) of "result" :
QUESTION
I have been trying to build tomcat 9.0.38 for a few hours now ; have gone through every step specified in the install guide except the build.properties file but that doesn't seem to be the problem as the error is not due to writing permissions but rather that the build.xml file links to : Tomcat Downloadable
note that there is no such thing as a string that explicitly points to this version of commons-daemon-1.2.2 within the build.xml file but that link returns :The requested URL was not found on this server. if you remove /commons-daemon-1.2.2-bin.tar.gz you find that commons-daemon-1.2.3-bin.tar.gz is there instead
the error in CMD is as follows :
...ANSWER
Answered 2020-Oct-03 at 10:07well i fiddled around with the Build.properties.default file
the download link for the current versions is in line 96 and the one for the archives is in 97 i do not know why the ant build doesn't try the archives if it fails at using the current version of the files but all it took was to replace the value of base-apache.loc.1 by the value of base-apache.loc.2
it's a hodgepodge and a mess of a solution to be honest but it worked so if anyone has this problem go ahead and try it
QUESTION
How can I generate a SHA-3 (256) hash within SQL Server 2016 ?
HASHBYTES appears to only go up to SHA-2 (256) or SHA-2 (512).
Microsoft BOL isn't giving me a warm and fuzzy, that this is built in anywhere.
...ANSWER
Answered 2020-Aug-19 at 17:01You can achieve SHA-3 256 Hashing with a SQL Server CLR
integration
There is a project on GitHub that has most of the work done for you already and you could easily add SHA3 support to it.
https://github.com/sedenardi/sql-hashing-clr
There is no way of SHA3-256 hashing with pure dotnet core. I recommend you make use of BouncyCastle library (https://www.bouncycastle.org/csharp/index.html) that has a SHA3-256 support. There is a nuget library package that is a wrapper on top of BouncyCastle and could make SHA3-256 hashing relatively easy to achieve. https://www.nuget.org/packages/SHA3.Net/. You'll need to use this package and update HashUtil.cs
Pre Req: Build CLR .dll
QUESTION
I'm implementing SHA-3 following the official FIPS-202 document in Verilog. My state is represented by a one-dimensional register and I use a macro function to calculate the corresponding state index from the (x,y,z) coordinates in the document:
A[x, y, z] = S [W(5y + x) + z]
, W = 64
(p. 9)
I'm strictly following the guide on page 11 and came up with this:
...ANSWER
Answered 2020-Jul-20 at 18:10I think I found the solution. It is described in appendix of FIPS 202 B.1 (starting on page 26). A hint on this topic is given on page 25:
The convention for interpreting hexadecimal strings as bit strings for the inputs and outputs of the SHA-3 examples is different from the convention for other functions on the examples page. The conversion functions between hexadecimal strings and SHA-3 bit strings are specified in Sec. B.1. For byte-aligned messages, the hexadecimal forms of the padding for the SHA-3 functions are described in Sec. B.2.
There is a good explanation on how to circumvent this issue on cryptologie.net.
Community Discussions, Code Snippets contain sources that include Stack Exchange Network
Vulnerabilities
No vulnerabilities reported
Install SHA-3
Support
Reuse Trending Solutions
Find, review, and download reusable Libraries, Code Snippets, Cloud APIs from over 650 million Knowledge Items
Find more librariesStay Updated
Subscribe to our newsletter for trending solutions and developer bootcamps
Share this Page