Does the YubiHSM 2's attestation mechanism support attesting for Ed25519 keypairs?
The following yubihsm-shell session fails:
connect
session open 1 password
generate asymmetric 0 100 test-key 1 sign-eddsa ed25519
attest asymmetric 0 100 0
with the following message:
Failed to attest asymmetric key: Malformed command / invalid data
Meanwhile, attestations of both RSA and NIST-B EC keypairs (i.e., ecp256, ecp384) work as expected. The YubiHSM documentation doesn't make any reference to this deficiency.
As of YubiHSM2 release 2019.12, the Known Issues and Limitations page states:
Attestation currently does not support ed25519 keys.
Related
I'm developing an OBD-II reader where I want to query requests to read PID parameters with a stm32 processor. I already understand what should go on the data field, but the ID is giving me a headache. As I have read, one must send 0x7DF to broadcast a request, and each ECU will respond with his own ID. However, I have been asked to do this within the SAE J1939 protocol, which uses the 29 bit extended identifier, and I don't know what I need to add to this ID.
As I stated in the title, could someone show me some actual data from a bus using this method? I've been searching on the internet for real frames but did not have any luck so far.
I woud also appreciate if someone could shred some light to if the OBD-II communication needs some acknowledgment to work properly.
Thanks
I would suggest you to take a look on the SAE J1939 documentation, in the more specifically on the J1939/21,J1939-71 and J1939/73.
Generally, a J1939 transport protocol response sequence can be processed as follows:
Identify the BAM frame, indicating a new sequence being initiated
(via the PGN 60416 - 0xEC00 can be reach by 0x1CECFF00 )
Extract the J1939 PGN from bytes 6-8 of the BAM payload to use as the
identifier of the new frame
Construct the new data payload by concatenating bytes 2-8 of the data
transfer frames (i.e. excl. the 1st byte)
A J1939 data transfer messages with ID 1CEBFF00 (PGN 60160 or EB00).
Above, the last 3 bytes of the BAM equal E3FE00. When reordered, these equal the PGN FEE3 aka Engine Configuration 1 (EC1). Further, the payload is found by combining the the first 39 bytes across the 6 data transfer packets/fram
The administrative control device or any device issuing the vehicle use status PID should be sensitive to the run switch status (SPN 3046 - 0xFDC0 which probably can be reach by 0xCFDC000) and any other locally defined criteria for authorized use (i.e., driver log-ons) before the vehicle use status PID is used to generate an unauthorized use alarm.
Also, you can't forget to uses a read/send to extend ID message, since that is a 24-bit.
In fact, i will suggest you to use can-utils to make your a analyses even easier. A simple can-dump or can-sniffer you can see what is coming on your broadcast.
Some car's dbc https://github.com/commaai/opendbc
I was trying to create a python program to convert ETH to BTC. I was using the command :
client.transfer_money("ETH Account ID ", to="BTC Account ID", amount="0.1", currency=:"ETH")
I had obtained the account IDs using the command :
client.get_accounts()
And copy pasted the IDs onto my transfer command. However i get this error :
~/opt/anaconda3/envs/Coinbase/lib/python3.8/site-packages/coinbase/wallet/client.py in transfer_money(self, account_id, **params)
338 params['type'] = 'transfer'
339 response = self._post('v2', 'accounts', account_id, 'transactions', data=params)
--> 340 return self._make_api_object(response, Transaction)
341
342 def request_money(self, account_id, **params):
~/opt/anaconda3/envs/Coinbase/lib/python3.8/site-packages/coinbase/wallet/client.py in _make_api_object(self, response, model_type)
143 # All valid responses have a "data" key.
144 if data is None:
--> 145 raise build_api_error(response, blob)
146 # Warn the user about each warning that was returned.
147 warnings_data = blob.get('warnings', None)
APIError: APIError(id=):
Would someone be able to isolate what this error is ?
The official library is deprecated.
There were three errors introduced recently (which werenot handled since it's deprecated), I have handled those error in this fork library and published in pypi. You can try using that, if issues still persists, submit an issue on GitHub repo
The Google Cast protocol v2 has widely been reverse-engineered and is therefore already well-known. A good example of this is the Cast v2 Node library repository on GitHub which includes a detailed description of the cast v2 protocol.
However, whilst writing my own implementation of the protocol in Java using Netty, I realized that the auth response message is way more complex than described in the linked repository.
According to the repository, the message should look like:
message AuthResponse {
required bytes signature = 1;
required bytes client_auth_certificate = 2;
repeated bytes client_ca = 3;
}
However, the client sends 3 more fields. They have the indices 4, 6 and 7.
Field 4 is of wiretype VARINT and stands, as far as I know, for the SignatureAlgorithm the Cast-enabled device (Chromecast Gen2 and Chromecast Audio) has been challenged with.
Field 6 is also of type VARINT, but I have no idea what it stands for. During testing, it always had the value 0. (Maybe it stands for the client_ca certificate used for signing the client_auth_certificate?)
Field 7 is of wiretype LENGTH_DELIMITED. It is definetly not an UTF-8 encoded String since printing it out results in an unreadable mess. However, the sequence printed out contains the complete address that's also been used in the client_ca and client_auth_certificate, so I believe it has something to do with it. I've already tested whether this might be a certificate or RSA key, but both tests were negative. A file containing the raw byte sequence can be found here.
This brings me finally to my question:
Do you know what fields 6 and 7 stand for? Guesses based on the file's structure are also highly appreciated.
As I've found out, the protocol is practically open-source since the Chromium project includes the corresponding .proto-files in order to support streaming on Cast-enabled devices.
The complete protocol can be found here: https://github.com/chromium/chromium/blob/master/components/cast_channel/proto/cast_channel.proto
The structure of the AuthResponse message is therefore
message AuthResponse {
required bytes signature = 1;
required bytes client_auth_certificate = 2;
repeated bytes intermediate_certificate = 3;
optional SignatureAlgorithm signature_algorithm = 4
[default = RSASSA_PKCS1v15];
optional bytes sender_nonce = 5;
optional HashAlgorithm hash_algorithm = 6 [default = SHA1];
optional bytes crl = 7;
}
last week I published my first Windows 8.1 app on the Windows Store. So far everything works fine but now two user reported that the app crashes immediately when being launched.
Additionally I discovered that there is a CrashDump listed in the Reports/Quality section of the Dashboard. I dowloaded the CrashDump and tried to find the source of the problem using WinDbg by following this instruction: http://blogs.msdn.com/b/ntdebugging/archive/2014/01/13/debugging-a-windows-8-1-store-app-crash-dump.aspx
I was able to follow the instruction almost up to the end but then the sos library is not found:
0:006> .sympath SRV*C:\Symbols*http://msdl.microsoft.com/download/symbols
...
0:006> .exr -1
ExceptionAddress: 769eb1d7 (combase+0x000fb1d7)
ExceptionCode: c000027b
ExceptionFlags: 00000001
NumberParameters: 2
Parameter[0]: 03f3f32c
Parameter[1]: 00000001
0:006> !error c000027b
Error code: (NTSTATUS) 0xc000027b (3221226107) - Anwendungsinterne Ausnahme.
0:006> .ecxr
eax=03f3f030 ebx=00000000 ecx=00000000 edx=00000000
esi=03f3f360 edi=03f3f030 eip=769eb01f esp=03f3f314
ebp=03f3f3bc iopl=0 nv up ei pl nz ac po nc cs=001b
ss=0023 ds=0023 es=0023 fs=003b gs=0000 efl=00000212
combase+0xfb01f: 769eb01f 6a03 push 3
0:006> knL
*** Stack trace for last set context - .thread/.cxr resets it
...
0:006> dt 03f3f32c combase!_STOWED_EXCEPTION_INFORMATION_HEADER*
0x05f182e4
+0x000 Size : 0x28
+0x004 Signature : 0x53453032
0:006> .formats 0x53453032
Evaluate expression:
Hex: 53453032
Decimal: 1397043250
Octal: 12321230062
Binary: 01010011 01000101 00110000 00110010
Chars: SE02
Time: Wed Apr 09 13:34:10 2014
Float: low 8.46917e+011 high 0
Double: 6.90231e-315
0:006> dt -a1 03f3f32c combase!_STOWED_EXCEPTION_INFORMATION_V2*
[0] # 03f3f32
---------------------------------------------
0x05f182e4
+0x000 Header : _STOWED_EXCEPTION_INFORMATION_HEADER
+0x008 ResultCode : 80131500
+0x00c ExceptionForm : 0y01
+0x00c ThreadId : 0y000000000000000000010001100101 (0x465)
+0x010 ExceptionAddress : 0x76943bff Void
+0x014 StackTraceWordSize : 4
+0x018 StackTraceWords : 0xa
+0x01c StackTrace : 0x04c6c010 Void
+0x010 ErrorText : 0x76943bff "趍ﯰ???" +0x
+0x020 NestedExceptionType : 0x314f454c
+0x024 NestedException : 0x05f1be44 Void
0:006> !error 80131500
Error code: (HRESULT) 0x80131500 (2148734208) - <Unable to get error code text>
0:006> dpS 0x04c6c010 La 7697a9f1 combase!RoOriginateLanguageException+0x3b [d:\blue_gdr\com\combase\winrt\error\error.cpp # 1083]
63da3bc6 mscorlib_ni+0x9b3bc6
63e41976 mscorlib_ni+0xa51976
63e415c1 mscorlib_ni+0xa515c1
5b72f9df System_Runtime_WindowsRuntime_ni+0x1f9df
5b72f965 System_Runtime_WindowsRuntime_ni+0x1f965
6372de66 mscorlib_ni+0x33de66
5b72f934 System_Runtime_WindowsRuntime_ni+0x1f934
5b6bff16 Windows_UI_ni+0x9ff16
64492a36 clr!COMToCLRDispatchHelper+0x28
0:006> !sos.pe
The call to LoadLibrary(sos) failed, Win32 error 0n2
"The system cannot find the file specified."
Please check your debugger configuration and/or network access.
0:006> .loadby sos clr
The call to LoadLibrary(c:\symbols\clr.dll\52E0B78469b000\sos) failed, Win32 error 0n126
"The system cannot find the file specified."
Please check your debugger configuration and/or network access.
I does not have experience with this kind of debugging and without the instruction I would not have known any of the commands that I had to use in WinDbg.
Does anyone have an idea how to go on from here?
I have uploaded the CrashDump to my OneDrive. Would be great if anyone with more experience could have a look at it:
http://1drv.ms/1gZzrRK
Is it somehow possible to get additional information from the users who reported the crash to the support? Can they extract a crash dump / error report from their systems?
Is there any possibility to supply a changed version to these users to check if these changes influence the problem?
Thank you very much!
In order to get more insight into what your app is doing when it's running on users' devices, you could add logging of some kind. Local logging to file is an option, but a poor one, since you have to let your user dig into hidden files to retreive your application log. It might be acceptable though, depending on your scenario. In that case you might want to look at this logging sample for Windows Store Apps that uses EWT to log.
Alternatives would be using some kind of logging framework. I haven't got any experience in any of those so I couldn't tell you which one to use.
As for getting a changed version to your user: simply build an app-package locally, put it on OneDrive and send them a link to it. They can sideload the app themselves (although it requires running a Powershell script and logging in with a live-account). I've used this approach with several clients and it's workable.
We would like know below mentioned details to use dom4j,iCal4j and backport-util-concurrent in commercial product
Can anyone tell me if the Java code contains encryption - or even better
can anyone tell me what will be export code (ECCN) for dom4j,iCal4j and backport-util-concurrent?
can anyone tell me what export code (ECCN) to use when distributing product with dom4j,iCal4j and backport-util-concurrent?
more info on ECCN Ref: http://en.wikipedia.org/wiki/Export_Control_Classification_Number
With Regards,
Kasim Basha Shaik
iCal4j ECCN is n/a(not applicable).since,ical4j is not developed in the US so I don't believe it is subject to export restrictions. Either way there is not really any encryption code in ical4j, with the only encoding being BASE64 encoding of binary values.
(above information is provided by the "Ben" creator of iCal4j URL here )
In both dom4j source from here and
backport-util-concurrent source from here
I scanned through the code for the following key words.
- AlgorithmParameters
- CertificateFactory
- CertPathBuilder
- CertPathValidator
- CertStore
- Cipher
- AES
- DES
- DESede
- RSA
- KeyFactory
- KeyGenerator
- Hmac
- KeyPairGenerator
- KeyStore
- Mac
- MessageDigest
- SecretKeyFactory
- Signature
- TransformService
- XMLSignatureFactory
Encryption related code not found and above encryption key word are taken from here
form the above code scan,I came a conclusion that ECCN for dom4j and backport-util-concurrent is n/a