digests | Digests extension for phpBB | Cron Utils library

According to this RFC about WWW Authentication (used in HTTTP) https://tools.ietf.org/html/rfc2617#page-7,

For the purposes of this document, an MD5 digest of 128 bits is
represented as 32 ASCII printable characters. The bits in the 128 bit digest are converted from most significant to least significant bit,
four bits at a time to their ASCII presentation as follows. Each four bits is represented by its familiar hexadecimal notation from the
characters 0123456789abcdef. That is, binary 0000 gets represented by the character '0', 0001, by '1', and so on up to the representation
of 1111 as 'f'.

Rust's MD5 crate implements the Digest trait: https://docs.rs/digest/0.9.0/digest/trait.Digest.html which digests to a GenericArray which consists of 8 16-bit slices.

How do I convert for this hash format from RFC? Why doesn't the md-5 crate has a simple feature that displays the digest as hexadecimal values?

The crate literal_hex does the opposite: converts from String of hexadecimal concatenated values to bytes.

How does docker handle digests?

I can see in plain text, when I run docker image --inspect, the digest of an image. And there's also the thing that local images don't have a digest until I push them to a registry (and AFAIK, if I push an image to various registries, it will have various digests, but never tried that).

I fear that docker might be actually using that info instead of calculating the hash every time that I use or pull an image.

Is there a way to actually tell docker: "Hey, I want you to recheck right now the hash of the image contents. Are they the exact same as when I first created the image? Or has someone manipulated it ever?"

And: does docker really calculate that hash every time an image is run (by digest), or at least every time an image is pulled (by digest)?

I am trying to send an authentificated message over an API at iconomi.com. I am used to sign message when dealing with other exchange API, but can't be authentificated with this specific one.

I read the official documentation for authentification:

You generate the ICN-SIGN header by creating a sha512 HMAC using the base64-decoded secret key on the prehash string timestamp + method + requestPath + body (where + represents string concatenation) and base64-encode the output, where:

the timestamp value is the same as the ICN-TIMESTAMP header. the body is the request body string or omitted if there is no request body (typically for GET requests). method must always be in upper case

Example: base64_encode(HMAC_SHA512(secret_key, timestamp + upper_case(method) + requestPath + body))

I found also a java client example on the official github, please see bellow signature generation in java :

First of all thank you for reading my question.

I am trying to reproduce what i recieved in python. So bsically I have two numbers and I am trying to make a hash out of them. But with crypto++ library i am a bit confused.

Basically I dont get how to use the update and calculate part.

My codes are

I'm in the process of taking my first shot at applying a signature generated by a third party AATL service to a PDF.

I feel like I'm calling everything almost-correctly, but somewhat unsurprisingly, when I view the signed document, I'm told that the signature is not valid. There are many steps in this process where things can go wrong and as I am learning, this stumbling is expected. 😉

Anyway, I'm looking for some guidance and to get some gaps in my knowledge filled. Before my code, I'll lay out what I think are the questions I need answered, you might see them in comments in the code as well:

1. Does it look like I'm using the right source for my digest? Namely data?
2. If the source is right, am I using the right technique to generate the digest? Namely, DigestAlgorithms.digest(...)?
3. The signature the third party service I call returns is base64 encoded. Do I need to convert it from base64 to something else before returning the representation as a ByteArray?
4. I know I have to somehow use the certificates they make available to me, I'm just not sure where or how?
5. What is the signer fieldName?
6. How do I determine the right value for the 8192 I'm using for the estimatedSize parameter of signer.signExternalContainer?
7. How would I add CRL/OCSP information to the PDF? Where does it typically come from when using a third party AATL signing service?

Please feel free to point out any other suggestions or errors not in the list above! 🙏🏻

I try to configure my Docker service via Terraform in the way, that when the Docker image is updated and the new image digest is available in the remote registry, with terraform apply I expect Terraform to detect the digest update and to update the running service.

I applied the configuration from https://registry.terraform.io/providers/kreuzwerker/docker/latest/docs/resources/registry_image so that my Terraform script looks like this:

I have the following implementation of HMAC:

Info: that's still not applicable to C# 9 Was planned for C# 10, but even from that #10 was recently moved away... Source: https://github.com/dotnet/csharplang/issues/2691

Original question body starts here:

With C# 9 the syntax for Dependency Inversion (Injection via ctor) was simplified.

From:

I'm signing a 32 byte challenge with RSA, using mbedtls.

The relevant lines of C code look like this; I'm creating a signature in 'signature' for the 32 byte 'challenge' array, using a private key: