ASN.1 Decoder
Lapo Luchini created a useful decoder for ASN.1. For me it’s useful for doing in-depth inspection of X.509 certificates and signing requests. https://lapo.it/asn1js/
Lapo Luchini created a useful decoder for ASN.1. For me it’s useful for doing in-depth inspection of X.509 certificates and signing requests. https://lapo.it/asn1js/
Michael Driscoll created a very nice illustrated guide on how the TLS 1.2 and TLS 1.3 handshakes work, including how the various cryptographic primitives are used to secure the connection. TLS 1.3: https://tls13.xargs.org/ TLS 1.2: https://tls12.xargs.org/ Bonus: An animated explanation on how elliptic curve crypto works: https://curves.xargs.org/
This is a brief overview of how to issue certificates with certreq commands. It might be of use for someone administrating an ADCS instance. Issuing a leaf certificate This will create a certificate of the CertTemplateName template. certreq -submit -attrib "CertificateTemplate:CertTemplateName" .\signing_request.csr Issuing an issuing CA template This assumes that the root CA is not running in enterprise CA mode. This command will create an issuing CA certificate valid for 1 (one) year....
When calling EncryptByKey() in SQL server you will get a bunch of bytes in return. This article from Microsoft describes the structure of these bytes. If you pay close attention, it is even possible to work with this format outside of SQL server. Both decrypting and encrypting is possible, given that you can get the encryption key available outside of SQL Server. Using a HSM with the EKM integration is one way to do this, as SQL server has no native integration for exporting and importing keys....