16.04 – Does DPKG support GPG signature validation for Debian package files?

I'm trying to enable GPG checking in /etc/dpkg/dpkg.cfg by removing "no-debsig" in this configuration file:

, # Do not enable debsig-verify by default; Since the distribution does not use embedded signatures, debsig-verify rejects all packages.

# no-debsig

Then I tried to download and install some unsigned .deb files to my Ubuntu server, but I can install them as usual without further action (reject, warning).

So my question is this: Suppose I downloaded a .deb file from the Internet and then ran this file with "dpkg -i" to install it. How can I check if it's from a trusted source or not? I am using the Ubuntu server 16.04. Many Thanks!

Bitcoin wallet generation and TX signature

I am developing a Bitcoin Wallet in Javascript. I worked at ETH but it's my first time at BTC. Here are the questions if someone can help:

  1. How do we generate Bitcoin Wallet as in Ethereum? PrivateKey -> PubKey -> Address and Private Key is used to sign, search and send a rawTx. What I need to make this possible in Bitcoin.
  2. I went through the documents of some libraries Bitcore, Bcoin and cryptocoinjs, but all say that they connect to a node (test / live) to generate purses etc.
  3. Is there a way (lib) to generate a wallet, load privatekey wallet, sign TX of private keys all offline and then forward them to the node. How this is done in Bitcoin.
  4. Which Bitcoin node can I use for Mainnet?

Digital Signature – How do I sign ECDSA with the private pem key?

I have a private key with PEM format.

----- BEGIN EC PRIVATE KEY -----
MHQCAQEEIBAFWFAlCWPb8IvM4yHLLKBIN / mEJU9cZnM5JD2U2EmAoAcGBSuBBAAK
oUQDQgAErMGUjbHcEf7Gk9gVOOlWdqSaGc0YhE5HBPqhoniBUG8MTx5AT7mxtuyn
QkydMeOciHyvvyU0gf81UW9udef2nA ==
----- END EC PRIVATE KEY -----

I would like to sign with ruby ​​code as follows.

require & # 39; ecdsa & # 39;
def sign (str)
Digest = Digest :: SHA256.digest (str)
temp_key = str.size
Signature = ECDSA.sign ($ group, $ private_key, Digest, Temp_key)
The End

I would like to know how to encode for reading the private PEM keyfile and for signing.

Non-standard transaction – NBitcoin receives the signature without signature

After creating a new NBitcoin transaction (with a single non-standard pay-to-script input and multiple outputs), there is a way to calculate the transaction signature and insert it manually into the inputs[0].ScriptSig, along with other parameters used by the script?

A related issue is that when attempting to sign the transaction, an "Unsupported scriptPubKey" exception is thrown. Is this due to the non-standard script in the input?

dnd 5e – Is there a visible signature on the target of a teleport spell?

During today's session, Bad Guy used scrying to spy on the party (as Bad Guy had previously hit the party) and then used a teleport spell to send some monsters to attack them. I was not sure how to describe the appearing monsters. the magic just says that the goals "appear where you want". Is there a flash of light or a sound or anything? Or are they just suddenly and quiet?

The main reason I want to know is to find out if there is any indication that the wizard of the party could help to establish that the reason for the appearance of the monsters was a teleport spell, unlike any other form of Magic (or something that was just inherent in the behavior of these monsters).

I could only think up an answer or allow a kind of Arcana check to find out what the cause was. I just wanted to know if there was a precedent (maybe other issues) that I should know before I memorize anything.

signature

Hello,

How can my signature not save my URL? :(

I wanted to start advertising on the site, but I'm worried about how / why my signature was deleted and if things have changed in this forum, so it's not worth it.

Signature Advertising | Forum Promotion

The following ad sizes are sorted by my signature. Enjoy browsing!

125 x 125 button displays
Basic costs: 5 USD per month; 30 USD per 6 months; 60 USD per year.
Durable Duration * Cost: 300 USD
Total number of spots: 4
Available seats: 4
Method of Payment: Paypal only

* Durable is the duration while Forum Promotion is online, until your forum or website disappears without notice (new ad can be viewed by prior notification or within 15 days), until the time the link is removed should or may not be promoted to a linked website.


468×60 banner advertising
Would you like your 468×60 graphics or text ad to be added to the rotation in my signature? Do not look any further! The following are costs based on sponsorship, CPM and CPC.

Sponsoring
Get a guaranteed amount of 10% of pageviews for a period of time. A maximum of 5 individual sponsors. Each sponsor has access to its statistics and can submit changes to its sponsorship through the same access. Sponsorship upgrades available for purchase.
basic sponsorship
Info: Guarantees 10% of all page views. Access to statistics and banner changes. Max. 5 approved line items. A maximum of 10 ads per line item.
Cost per 6 months: 240 USD
Cost per 1 year: 480 USD

Advanced sponsorship
Info: Guarantees 20% of all page views. Access to statistics and banner changes. Max. 10 approved line items. A maximum of 25 ads per line item.
Cost per 6 months: 600 USD
Cost per year: USD 900 USD (USD 300 USD discount)

Standard CPM or CPC
Buy a preset number of page views or clicks to see your 468×60 graphic or text ad.
50,000 page views – $ 5.00
250,000 page views – $ 25.00
500,000 page views – $ 50.00
100 clicks – 15,00 USD
250 clicks – $ 37.50
500 clicks – 75 USD

Total admissible creatives for all sponsorship, CPM, or CPC orders:
5 Creatives Max, for orders totaling $ 25- $ 149 USD
10 Creatives Max, for orders worth $ 150 to $ 249
25 Creatives Max, for orders totaling $ 250 to $ 499
50 creatives max on orders totaling $ 500 and above
Creatives are individual ads that are specific to your ad request.

468×60 TEXT ADS information and policies
This must be carefully followed now if you want to include orders with text ads in the 468×60 banner and text display rotation. Anything that goes beyond the limit of the character is cropped.
heading – 30 characters MAX. Basically a catchy title. This will turn blue and the desired link will be displayed.
example: Win $ 25 in our posting contest (By the way, only an example)
Descriptive text – 120 characters MAX. This is the sentence or sentence that is so catchy enough that the user wants to click on the header text (URL) if they have not already clicked on it.
example: Do you have the skills to win money in a tendering competition? Click here for more information on how to win money!


Text URL / Link
Description: Add a text link for low specific costs to my signature. The text for the URL may consist of the name of the advertised website or a short slogan.
Basic costs: 2 USD per month; 12 USD per 6 months; 24 USD per year.
Total number of spots: 5
Available seats: 4
Method of Payment: Paypal only


ORDER
The following form must be filled out so that all orders can be accepted.
Order type: (125 x 125, 468 x 60 banner advertising, text URL / link)

(ONLY 125×125 and TEXT URL / Link orders)
Length searched:
For 125×125 graphic link:
For text link, advertising text:
Target URL:

(ONLY 468 x 60 banner advertising)
Sponsorship, page views or clicks:
Duration of sponsorship:
Page views or number of clicks:
Graphic image link:
TEXT:
Target URL:

Certificates – Sign a JAR file using the XMSS Signature Scheme (PQC) with JarSigner

I'm trying to use JarSigner to sign .jar files with XMSS signatures.
With the BouncyCastle JCA / JCE Post-Quantum Cryptography Provider, it is possible to programmatically generate XMSS and XMSSMT KeyPairs (example).
To use JarSigner, it is important, as far as I know, to provide a KeyStore and the alias of the entry with which the code should be signed: jarsigner -keystore myKeystore -storetype JKS -storepass password -keypass password myjarfile.jar keystoreEntryAlias The KeyStore entry contains the Public / Secret KeyPair and its associated X.509 certificate.

The "normal" way to sign a Jar file with the JarSigner is as follows:

  1. Use keytool to generate the Public / Secret key pair and a certificate, and save it to a KeyStore (keytool -genkeypair -alias keystoreEntryAlias ​​-keyalg RSA -sigalg SHA256withRSA -dname CN = MyCompanyName -store-type JKS -keypass -key -key myoreystore.jks -storepass password)
  2. Use JarSigner to sign the JAR file with the SecretKey stored in mykeystore.jks with the alias keysotreEntryAlias ​​(jarsigner -keystore mykeystore.jks -store-type jks -storepass passeword -keypass-password myjarfile.jar keystoreEntryAlias)

To sign my file with an XMSS key, I theoretically have two options:

  1. Use BCPQC to programmatically create, save, and use XMSS KeyPairs in mykeystore jarsigner -keystore mykeystore -alias xmss via CLI to sign my file.
  2. Use the BCPQC provider with the keytool to generate XMSS KeyPairs directly from the CLI and store them in mykeystore (keytool would need 2 more arguments here: -providerclass org.bouncycastle.pqc.jcajce.provider.BouncyCastlePQCProvider and -providerpath C: path to BouncyCastle provider bcprov-jdk15on-160.jarThen sign the file with JarSigner with the keystore entry

Unfortunately I have problems with both possibilities:

  1. Since I have not found a way to use JarSigner without CLI, I need to save my generated XMSS KeyPairs to a KeyStore. But I need the certificate that contains the public XMSS key. BouncyCastle provides an X.509CertificateBuilder that can be used to generate the required certificate. However, something seems to go wrong when you look at the generated certificate, especially signature algorithm and public key (source code below) [CertificateBuilderExample]with XMSSMT)
  2. It seems that keytool only uses the init (int) overload of BCPQCProvider and that XMSSKeyPairGeneratorSpi rejects it. It would like AlgorithmParameterSpec to be specially XMSSParameterSpec or not Init at all – and if I try the latter, a key pair is generated, but the resulting keys can not be encoded and thus not stored in the KeyStore.

My question would be:

Does anyone know of a way to sign .jar files with JarSigner using XMSS / XMSSMT, and can provide a more or less detailed explanation of what he / she did right that I did wrong?
Or if I was wrong about anything I mentioned above, make a correction and point out a way?

UPDATE 1: I am now able to work with another X509CertificateGenerator (source code below) [X509CertificateGenerator]) and to gather information from here, here and here Signing JAR files successfully programmatically with RSA from BouncyCastle (source code for signing below) [RSA_JarSigner]).

When I try to apply the same scheme that was used to sign with RSA for signing with XMSS or XMSSMT, I come up against it JarSignerException: Error in signer materialscaused by NoSuchAlgorithmException: Name of unrecognized algorithm: XMSS (Source code for XMSS / XMSSMT below [SignXMSS] [SignXMSSMT],

Hopefully someone can help me find out where the problem lies!

[CertificateBuilderExample]

import org.bouncycastle.asn1.x500.X500Name;
import org.bouncycastle.asn1.x509.BasicConstraints;
import org.bouncycastle.asn1.x509.Extension;
import org.bouncycastle.asn1.x509.KeyUsage;
import org.bouncycastle.cert.X509v3CertificateBuilder;
import org.bouncycastle.cert.jcajce.JcaX509CertificateConverter;
import org.bouncycastle.cert.jcajce.JcaX509v3CertificateBuilder;
import org.bouncycastle.operator.jcajce.JcaContentSignerBuilder;
import org.bouncycastle.pqc.jcajce.provider.BouncyCastlePQCProvider;
import org.bouncycastle.pqc.jcajce.spec.XMSSMTParameterSpec;

import java.io.FileOutputStream;
import java.io.IOException;
import java.math.BigInteger;
Import java.security. *;
import java.security.cert.CertificateEncodingException;
Import java.security.cert.X509Certificate;
import java.text.SimpleDateFormat;
import java.util.Arrays;
import java.util.Date;
import java.util.Random;


public class app {

public static void main (String[] args) throws exception {
Security.addProvider (new BouncyCastlePQCProvider ());

SimpleDateFormat sdf = new SimpleDateFormat ("dd-M-yyyy hh: mm: ss");
String datefrom = "12-08-2018 10:20:56";
String dateunt to = "12-05-2020 10:20:56";
Date from = sdf.parse (datefrom);
Date to = sdf.parse (fileuntil);

// Create a self-signed root CA certificate
KeyPair rootCAKeyPair = generateKeyPair ();
X509v3CertificateBuilder Builder = new JcaX509v3CertificateBuilder (
new X500Name ("CN = rootCA"), // issuer authority
BigInteger.valueOf (new Random (). NextInt ()), // serial number of the certificate
ab, // start of validity
to // the end of the validity of the certificate
new X500Name ("CN = rootCA"), // name of the requestor of the certificate
rootCAKeyPair.getPublic ()); // public key of the certificate
// key restrictions
builder.addExtension (Extension.keyUsage, true, new KeyUsage (KeyUsage.keyCertSign));
builder.addExtension (Extension.basicConstraints, false, new BasicConstraints (true));
X509Certificate rootCA = new JcaX509CertificateConverter (). GetCertificate (Builder)
.build (new JcaContentSignerBuilder ("SHA256withXMSSMT"). setProvider ("BCPQC").
build (rootCAKeyPair.getPrivate ()))); // private key of the signing authority, here it is self-signed
saveToFile (rootCA, "rootCA.cer");

}

private static keyPair generateKeyPair () returns NoSuchAlgorithmException, NoSuchProviderException, InvalidAlgorithmParameterException. {
KeyPairGenerator kpGen = KeyPairGenerator.getInstance ("XMSSMT", "BCPQC");
kpGen.initialize (new XMSSMTParameterSpec (20, 10, XMSSMTParameterSpec.SHA256), new SecureRandom ());
KeyPair kp = kpGen.generateKeyPair ();
System.out.print ("Public key:" + Arrays.toString (kp.getPublic (). GetEncoded ()));
return kp;
}

private static void saveToFile (X509Certificate certificate, String filePath) throws IOException, CertificateEncodingException {.
FileOutputStream fileOutputStream = new FileOutputStream (filePath);
fileOutputStream.write (certificate.getEncoded ());
fileOutputStream.flush ();
fileOutputStream.close ();
}

}

[X509CertificateGenerator]

public X509Certificate generateCertificate (String dn, KeyPair keyPair, int valid, String sigAlgName) raises GeneralSecurityException, IOException {.
PrivateKey privateKey = keyPair.getPrivate ();

X509CertInfo info = new X509CertInfo ();

Date from = new date ();
Date to = new date (from.getTime () + validity * 1000L * 24L * 60L * 60L);

CertificateValidity interval = new CertificateValidity (from, to);
BigInteger serialNumber = new BigInteger (64, new SecureRandom ());
X500Name owner = new X500Name (DN);
AlgorithmId sigAlgId = new AlgorithmId (AlgorithmId.md5WithRSAEncryption_oid);

info.set (X509CertInfo.VALIDITY, interval);
info.set (X509CertInfo.SERIAL_NUMBER, new CertificateSerialNumber (serial number));
info.set (X509CertInfo.SUBJECT, owner);
info.set (X509CertInfo.ISSUER, owner);
info.set (X509CertInfo.KEY, new CertificateX509Key (keyPair.getPublic ()));
info.set (X509CertInfo.VERSION, new CertificateVersion (CertificateVersion.V3));
info.set (X509CertInfo.ALGORITHM_ID, new CertificateAlgorithmId (sigAlgId));

// Sign the cert to identify the algorithm used.
X509CertImpl certificate = new X509CertImpl (info);
certificate.sign (privateKey, sigAlgName);

// Update the algorithm and step back.
sigAlgId = (AlgorithmId) certificate.get (X509CertImpl.SIG_ALG);
info.set (CertificateAlgorithmId.NAME + "." + CertificateAlgorithmId.ALGORITHM, sigAlgId);
Certificate = new X509CertImpl (info);
certificate.sign (privateKey, sigAlgName);

return receipt
}

[RSA_JarSigner]

public class JarSignerTest {

public static void main (String[] args) throws exception {
JarSignerTest jst = new JarSignerTest ();
jst.SignRSA ();
}

public void SignRSA () throws an exception {
Security.addProvider (new BouncyCastleProvider ());
File inputFile = new file ("C: \ path \ to \ jar \ toSign \ jarfile.jar"),
Output file = new file ("C: \ path \ to \ signedJar \ jarfile.jar");
X509CertificateGen x509certgen = new X509CertificateGen ();
KeyPairGenerator kpGen = KeyPairGenerator.getInstance ("RSA", "BC");
kpGen.initialize (1024, new SecureRandom ());
KeyPair keyPair = kpGen.generateKeyPair ();
certificate[] chain = {x509certgen.generateCertificate ("cn = unknown", keyPair, 356, "SHA256withRSA")};
list foo = Arrays.asList (string);
CertificateFactory certificateFactory = CertificateFactory.getInstance ("X.509");
CertPath certPath = certificateFactory.generateCertPath (foo);
JarSigner signer = new JarSigner.Builder (keyPair.getPrivate (), certPath)
.digestAlgorithm ("SHA-256")
.signatureAlgorithm ("SHA256withRSA")
.to build();
try (ZipFile in = new ZipFile (inputFile);
FileOutputStream out = new FileOutputStream (output file)) {
signer.sign (in, out);
}
}
}

[SignXMSS]

public void SignXMSS () throws an exception {
Security.addProvider (new BouncyCastlePQCProvider ());
File inputFile = new file ("C: \ path \ to \ jar \ toSign \ jarfile.jar"),
Output file = new file ("C: \ path \ to \ signedJar \ jarfile.jar");
X509CertificateGen x509certgen = new X509CertificateGen ();
KeyPairGenerator kpGen = KeyPairGenerator.getInstance ("XMSS", "BCPQC");
kpGen.initialize (new XMSSParameterSpec (10, XMSSParameterSpec.SHA256), new SecureRandom ());
KeyPair keyPair = kpGen.generateKeyPair ();
certificate[] chain = {x509certgen.generateCertificate ("cn = unknown", keyPair, 356, "SHA256withXMSS")};
list foo = Arrays.asList (string);
CertificateFactory certificateFactory = CertificateFactory.getInstance ("X.509");
CertPath certPath = certificateFactory.generateCertPath (foo);
JarSigner signer = new JarSigner.Builder (keyPair.getPrivate (), certPath)
.digestAlgorithm ("SHA-256")
.signatureAlgorithm ("SHA256withXMSS", new BouncyCastlePQCProvider ())
.to build();
try (ZipFile in = new ZipFile (inputFile);
FileOutputStream out = new FileOutputStream (output file)) {
signer.sign (in, out);
}
}

[SignXMSSMT]

public void SignXMSSMT () throws an exception {
Security.addProvider (new BouncyCastlePQCProvider ());
File inputFile = new file ("C: \ path \ to \ jar \ toSign \ jarfile.jar"),
Output file = new file ("C: \ path \ to \ signedJar \ jarfile.jar");
X509CertificateGen x509certgen = new X509CertificateGen ();
KeyPairGenerator kpGen = KeyPairGenerator.getInstance ("XMSSMT", "BCPQC");
kpGen.initialize (new XMSSMTParameterSpec (20, 10, XMSSMTParameterSpec.SHA256), new SecureRandom ());
KeyPair keyPair = kpGen.generateKeyPair ();
certificate[] chain = {x509certgen.generateCertificate ("cn = unknown", keyPair, 356, "SHA256withXMSSMT")};
list foo = Arrays.asList (string);
CertificateFactory certificateFactory = CertificateFactory.getInstance ("X.509");
CertPath certPath = certificateFactory.generateCertPath (foo);
JarSigner signer = new JarSigner.Builder (keyPair.getPrivate (), certPath)
.digestAlgorithm ("SHA-256")
.signatureAlgorithm ("SHA256withXMSSMT")
.to build();
try (ZipFile in = new ZipFile (inputFile);
FileOutputStream out = new FileOutputStream (output file)) {
signer.sign (in, out);
}
}

Reference Request – Can information be extracted from the signature (rough path theory) to construct a part of the signal?

This question refers to the Grobpfadtheorie. Suppose we obtained a signature obtained from a set of discrete data points that postulate linearly from one data point to another. This signature is used in some machine learning applications. A link to such an application is: https://sutdbrain.files.wordpress.com/2017/07/nengli_lim_sutd_technical_talk-first-half.pdf

I'm looking for a way to extract information from the signature to build the signal. This would be similar to filtering as in digital signal processing https://en.wikipedia.org/wiki/Digital_signal_processing.

Does anyone know such a signature application? More importantly, there is an arbitrary model (in the literature) of the original discrete data points based on the linear (or other) combination of signature elements.