Search Results

Search found 15280 results on 612 pages for 'encrypted home'.

Page 126/612 | < Previous Page | 122 123 124 125 126 127 128 129 130 131 132 133 | Next Page >

Using AesCryptoServiceProvider in VB.NET

- by Collegeman

My problem is actually a bit more complicated than just how to use AES in VB.NET, since what I'm really trying to do is use AES in VB.NET from within a Java application across JACOB. But for now, what I need to focus on is the AES implementation itself. Here's my encryption code Public Function EncryptAES(ByVal toEncrypt As String, ByVal key As String) As Byte() Dim keyArray = Convert.FromBase64String(key) Dim toEncryptArray = Encoding.Unicode.GetBytes(toEncrypt) Dim aes = New AesCryptoServiceProvider aes.Key = keyArray aes.Mode = CipherMode.ECB aes.Padding = PaddingMode.ISO10126 Dim encryptor = aes.CreateEncryptor() Dim encrypted = encryptor.TransformFinalBlock(toEncryptArray, 0, toEncryptArray.Length) aes.Clear() Return encrypted End Function Once back in the Java code, I turn the byte array into a hexadecimal String. Now, to reverse the process, here's my decryption code Public Function DecryptAES(ByVal toDecrypt As String, ByVal key As String) As Byte() Dim keyArray = Convert.FromBase64String(key) Dim toDecryptArray = Convert.FromBase64String(toDecrypt) Dim aes = New AesCryptoServiceProvider aes.Key = keyArray aes.Mode = CipherMode.ECB aes.Padding = PaddingMode.ISO10126 Dim decryptor = aes.CreateDecryptor() Dim decrypted = decryptor.TransformFinalBlock(toDecryptArray, 0, toDecryptArray.Length) aes.Clear() Return decrypted End Function When I run the decryption code, I get the following error message Padding is invalid and cannot be removed.

Read the article
WCF message encryption

- by DMcKenna

Is it possible to host a WCF service in IIS, access it over HTTP and have the message body encrypted using a wsHttpBinding configuration?

Read the article
SQL Server CLR Integration to acheive Encryption/Decryption

- by Aakash

I have a requirement to store the data in encrypted form in database tables. I want to do it at database level but the problems I am facing: ( a) Data Type of the field should be Varbinary. ( b) Encryption is not supported by Workgroup edition ( c) Is it possible to encrypt Numeric Fields? I want to access the encrypted data in tables to fetch in views and stored procedure for some processing but due to above problems I am not able to. Here is my Environment: Development Platform - ASP.Net,.Net Framework 3.5,Visual studio 2008 Server Operating System - Windows Server 2008 Database - SQL Server 2008 Work group edition I was also thinking to adopt a different approach to resolve this issue (yet to test it's feasibility). I was just wondering if I could create a CLR function (which could take parameters to encrypt and decrypt data using Cryptography types provided in .Net framework) and use the CLR integration feature of SQL Server and call that function from stored procedure and views. I am not sure if I am thinking in right direction? Any advice on this as well please.

Read the article
Help with OpenSSL request using Python

- by Ldn

Hi i'm creating a program that has to make a request and then obtain some info. For doing that the website had done some API that i will use. There is an how-to about these API but every example is made using PHP. But my app is done using Python so i need to convert the code. here is the how-to: The request string is sealed with OpenSSL. The steps for sealing are as follows: • Random 128-bit key is created. • Random key is used to RSA-RC4 symettrically encrypt the request string. • Random key is encrypted with the public key using OpenSSL RSA asymmetrical encryption. • The encrypted request and encrypted key are each base64 encoded and placed in the appropriate fields. In PHP a full request to our API can be accomplished like so: <?php // initial request. $request = array('object' => 'Link', 'action' => 'get', 'args' => array( 'app_id' => 303612602 ) ); // encode the request in JSON $request = json_encode($request); // when you receive your profile, you will be given a public key to seal your request in. $key_pem = "-----BEGIN PUBLIC KEY----- MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALdu5C6d2sA1Lu71NNGBEbLD6DjwhFQO VLdFAJf2rOH63rG/L78lrQjwMLZOeHEHqjaiUwCr8NVTcVrebu6ylIECAwEAAQ== -----END PUBLIC KEY-----"; // load the public key $pkey = openssl_pkey_get_public($key_pem); // seal! $newrequest and $enc_keys are passed by reference. openssl_seal($request, $enc_request, $enc_keys, array($pkey)); // then wrap the request $wrapper = array( 'profile' => 'ProfileName', 'format' => 'RSA_RC4_Sealed', 'enc_key' => base64_encode($enc_keys[0]), 'request' => base64_encode($enc_request) ); // json encode the wrapper. urlencode it as well. $wrapper = urlencode(json_encode($wrapper)); // we can send the request wrapper via the cURL extension $ch = curl_init(); curl_setopt($ch, CURLOPT_URL, 'http://api.site.com/'); curl_setopt($ch, CURLOPT_POST, 1); curl_setopt($ch, CURLOPT_POSTFIELDS, "request=$wrapper"); curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); $data = curl_exec($ch); curl_close($ch); ?> Of all of that, i was able to convert "$request" and i'v also made the JSON encode. This is my code: import urllib import urllib2 import json url = 'http://api.site.com/' array = {'app_id' : "303612602"} values = { "object" : "Link", "action": "get", "args" : array } data = urllib.urlencode(values) json_data = json.dumps(data) What stop me is the sealing with OpenSSL and the publi key (that obviously i have) Using PHP OpenSSL it's so easy, but in Python i don't really know how to use it Please, help me!

Read the article
Concurrency Problem in Java ...

- by Tara Singh

I am designing a client-server chat application in Java. This is a secure application where the messages are exchanged using cryptographic algorithms. I have one server and it can support many clients. My problem is that when one client logs on the server it works fine, but when another user logs into the system, the server starts giving me bad padding exceptions for the encrypted text. I am not able to figure out the problem, according to my logic, when new connection request to server is made, the server creates a thread for listening to the client. Is it possible that once the instance of thread class is created, it does all the processing correctly for the first client, but not for the second client because the variables in server listener thread class already have some previous value, and thus the encrypted text is not decrypted properly? Please advise how I can make this process more robust so that the number of clients does not affect how well the server functions.

Read the article
AES/Rijndael implementation for SQL Server 2000?

- by Victor Rodrigues

Do you know any function implementation I could use for decrypting data encrypted by AES/Rijndael in SQLSERVER2000?

Read the article
Thoughts on security model to store credit card details

- by Faisal Abid

Here is the model we are using to store the CC details how secure does this look? All our information is encrypted using public key encryption and the keypair is user dependent (its generated on the server and the private key is symmetric encrypted using the users password which is also Hashed on the database) So basically on first run the user sends in his password via a SSL connection and the password is used with the addition of salt to generate an MD5 hash, also the password is used to encrypt the private key and the private key is stored on the server. When the user wants to make a payment, he sends his password. The password decrypts the private key, and the private key decrypts the CC details and the CC details are charged.

Read the article
PHP/GnuPG Decryption -- Syntax error?

- by NeedBeerStat

I'm using php to invoke gpg, but I'm getting a pipe error. I thought that if I read in the password from a file, I could then pipe it to the command itself? But, I keep getting: Syntax error: "|" unexpected Here's the code: (Note: The files are being iterated over in a foreach loop...) foreach($files as $k => $v) { $encrypted = $v; $filename = explode('.',$v); $decrypted = $filename[0].'.txt'; shell_exec("echo $passphrase | gpg --no-tty --passphrase-fd 0 -o $decrypted -d $encrypted"); }

Read the article
How to encrypt the mobile configuration profiles in iOS (in OTA deployments)?

- by user1353477

I am trying to sign and encrypt .mobileconfig profiles for iOS devices. Signing works perfectly using openssl::pkcs7 sign function in ruby, however using encrypt function, I get an encrypted data but Safari fails to install the profile saying "Invalid Profile". There are two questions in this regard: Which data from the .mobileconfig profile is actually encrypted that goes into the .. section of the EncryptedPayloadContent ? Is the data in binary format (.der) or base64 encoded? Any help in this regard would be helpful as APPLE severly lacks any documentation in encrypting the profiles.

Read the article
Problem requesting a HTTPS with TCL

- by Javier

Hi Everybody, I'm trying to do the following request using TCL (OpenACS) http::register https 443 tls::socket set url "https://encrypted.google.com" set token [http::geturl $url -timeout 30000] set status [http::status $token] set answer [http::data $token] http::cleanup $token http::unregister https The problem is that when I read the $status variable I get "eof" and the $answer variable becomes empty. I tried enabling tls V.1 http::register https 443 [list tls::socket -tls1 1] and it works only for the site https://www.galileo.edu, but not for https://encrypted.google.com. The site what I'm trying to connect is https://graph.facebook.com/me/feed?access_token=... but it doesn't work. I used curl to retrieve the contents of the pages in HTTPS and it works, I have installed OpenSSL, so I can't see the problem, there is another way to do HTTPS connections with TCL?. I can't see if this is a problem of coding (maybe I'm registered wrong the https protocol) or maybe It is a bad configuration of my server. Hope somebody helps!! Thanks!

Read the article
C# check age of db Item

- by Jacob Huggart

Hello All, I am using C# to send an email with an encrypted link. The encrypted portion of the link contains a time stamp that needs to be used to verify if the link is more than 48 hours old. How do I compare an old time to the current time and find out if the old time is more than 48 hours ago? This is what I have now: var hours = DateTime.Now.Ticks - data.DTM.Value.Ticks; //data.DTM = stored time stamp if (hours.CompareTo(48) > 1) //if link is more than 48 hours old, deny access. return View("LinkExpired"); } Comparing ticks seems like it's a very backwards way to do it and I know that the hours.CompareTo would have to be adjusted if I stick with comparing ticks. How can I just get a value for the number of hours that have passed?

Read the article
Java Memory Management

- by Tara Singh

I am designing a client-server chat application in Java. This is a secure application where the messages are exchanged using cryptographic algorithms. I have one server and it can support many clients. My problem is that when one client logs on the server it works fine, but when another user logs into the system, the server starts giving me bad padding exceptions for the encrypted text. I am not able to figure out the problem, according to my logic, when new connection request to server is made, the server creates a thread for listening to the client. Is it possible that once the instance of thread class is created, it does all the processing correctly for the first client, but not for the second client because the variables in server listener thread class already have some previous value, and thus the encrypted text is not decrypted properly? Please advise how I can make this process more robust so that the number of clients does not affect how well the server functions.

Read the article
How do I compute the approximate entropy of a bit string?

- by dreeves

Is there a standard way to do this? Googling -- "approximate entropy" bits -- uncovers multiple academic papers but I'd like to just find a chunk of pseudocode defining the approximate entropy for a given bit string of arbitrary length. (In case this is easier said than done and it depends on the application, my application involves 16,320 bits of encrypted data (cyphertext). But encrypted as a puzzle and not meant to be impossible to crack. I thought I'd first check the entropy but couldn't easily find a good definition of such. So it seemed like a question that ought to be on StackOverflow! Ideas for where to begin with de-cyphering 16k random-seeming bits are also welcome...) See also this related question: http://stackoverflow.com/questions/510412/what-is-the-computer-science-definition-of-entropy

Read the article
sqlcipher command line not working

- by Min Lin

I have a encrypted sqlite db and its key. (Which is generated by an android program). However, when I open the db in command line I can not read the db. The command line tool is installed by: brew install sqlcipher I open the database by: sqlcipher EnDB.db >pragma key="6b74fcd"; >select * from bizinfo; It keeps telling me "Error: file is encrypted or is not a database" However, if I open the database file with gui app sqlite database browser (which is a windows program and I run it in wine). It pops up a window for me to enter the key, with 6b74fcd as the key it successfully read the database. As I want to automatically process the db in the future, I can not depend on the GUI. Do you know why the command line is not working?

Read the article
Generating short license keys with OpenSSL

- by Marc Charbonneau

I'm working on a new licensing scheme for my software, based on OpenSSL public / private key encryption. My past approach, based on this article, was to use a large private key size and encrypt an SHA1 hashed string, which I sent to the customer as a license file (the base64 encoded hash is about a paragraph in length). I know someone could still easily crack my application, but it prevented someone from making a key generator, which I think would hurt more in the long run. For various reasons I want to move away from license files and simply email a 16 character base32 string the customer can type into the application. Even using small private keys (which I understand are trivial to crack), it's hard to get the encrypted hash this small. Would there be any benefit to using the same strategy to generated an encrypted hash, but simply using the first 16 characters as a license key? If not, is there a better alternative that will create keys in the format I want?

Read the article
Interoperability between two AES algorithms

- by lpfavreau

Hello, I'm new to cryptography and I'm building some test applications to try and understand the basics of it. I'm not trying to build the algorithms from scratch but I'm trying to make two different AES-256 implementation talk to each other. I've got a database that was populated with this Javascript implementation stored in Base64. Now, I'm trying to get an Objective-C method to decrypt its content but I'm a little lost as to where the differences in the implementations are. I'm able to encrypt/decrypt in Javascript and I'm able to encrypt/decrypt in Cocoa but cannot make a string encrypted in Javascript decrypted in Cocoa or vice-versa. I'm guessing it's related to the initialization vector, nonce, counter mode of operation or all of these, which quite frankly, doesn't speak to me at the moment. Here's what I'm using in Objective-C, adapted mainly from this and this: @implementation NSString (Crypto) - (NSString *)encryptAES256:(NSString *)key { NSData *input = [self dataUsingEncoding: NSUTF8StringEncoding]; NSData *output = [NSString cryptoAES256:input key:key doEncrypt:TRUE]; return [Base64 encode:output]; } - (NSString *)decryptAES256:(NSString *)key { NSData *input = [Base64 decode:self]; NSData *output = [NSString cryptoAES256:input key:key doEncrypt:FALSE]; return [[[NSString alloc] initWithData:output encoding:NSUTF8StringEncoding] autorelease]; } + (NSData *)cryptoAES256:(NSData *)input key:(NSString *)key doEncrypt:(BOOL)doEncrypt { // 'key' should be 32 bytes for AES256, will be null-padded otherwise char keyPtr[kCCKeySizeAES256 + 1]; // room for terminator (unused) bzero(keyPtr, sizeof(keyPtr)); // fill with zeroes (for padding) // fetch key data [key getCString:keyPtr maxLength:sizeof(keyPtr) encoding:NSUTF8StringEncoding]; NSUInteger dataLength = [input length]; // See the doc: For block ciphers, the output size will always be less than or // equal to the input size plus the size of one block. // That's why we need to add the size of one block here size_t bufferSize = dataLength + kCCBlockSizeAES128; void* buffer = malloc(bufferSize); size_t numBytesCrypted = 0; CCCryptorStatus cryptStatus = CCCrypt(doEncrypt ? kCCEncrypt : kCCDecrypt, kCCAlgorithmAES128, kCCOptionECBMode | kCCOptionPKCS7Padding, keyPtr, kCCKeySizeAES256, nil, // initialization vector (optional) [input bytes], dataLength, // input buffer, bufferSize, // output &numBytesCrypted ); if (cryptStatus == kCCSuccess) { // the returned NSData takes ownership of the buffer and will free it on deallocation return [NSData dataWithBytesNoCopy:buffer length:numBytesCrypted]; } free(buffer); // free the buffer; return nil; } @end Of course, the input is Base64 decoded beforehand. I see that each encryption with the same key and same content in Javascript gives a different encrypted string, which is not the case with the Objective-C implementation that always give the same encrypted string. I've read the answers of this post and it makes me believe I'm right about something along the lines of vector initialization but I'd need your help to pinpoint what's going on exactly. Thank you!

Read the article
SQL Encryption - Asymmetric Key - 2nd Server

- by Jason Heine

Hello, I created an asymmetric key on one of my SQL servers (2008). I encrypted a password field and I am able to retrieve that password just fine on my development server. The issue comes into play where I need to move this data to a production server. Here is the code for the key that was created: CREATE MASTER KEY ENCRYPTION BY PASSWORD='#########' CREATE ASYMMETRIC KEY UserEncryptionKey WITH ALGORITHM = RSA_2048 Now, when I run this on the production server, it creates the key just fine. However, when I run my sproc to get the password, it returns NULL. SQL: SELECT EncryptByAsymKey(AsymKey_ID('UserEncryptionKey'), Password ) FROM Users WHERE UserName = '######' Any thoughts on what I need to do to get the encrypted field to work on multiple SQL Servers? Please let me know if I need to clarify something. Thanks

Read the article
Writing email sniffer

- by Rampage

Hello, I am interested in writing an email sniffer that saves all emails sent via web based clients to hd, but I can't work out how to do this. How can I catch HTTPS mail before it is encrypted? I would really appriciate some useful info. I cannot find anything information on the web. There's a program called HTTP Analyzer V5 that does the exact thing I want to make. How should I start? If I make a packet sniffer, it's useless because all data is encrypted. Is there any other option?

Read the article
SSIS XML Decryption Message

- by Vaccano

My SSIS package says it is successful, but when it runs it ends not doing anything (that I can see). The only thing wrong is this message (that it does not qualify as an error). Description: Failed to decrypt an encrypted XML node because the password was not specified or not correct. Package load will attempt to continue without the encrypted information I do have a password on my packages, but I don't see anywhere to put the password in when I load the Package into SSIS. Am I missing a step?

Read the article
Using mcrypt to pass data across a webservice is failing

- by adam

Hi I'm writing an error handler script which encrypts the error data (file, line, error, message etc) and passes the serialized array as a POST variable (using curl) to a script which then logs the error in a central db. I've tested my encrypt/decrypt functions in a single file and the data is encrypted and decrypted fine: define('KEY', 'abc'); define('CYPHER', 'blowfish'); define('MODE', 'cfb'); function encrypt($data) { $td = mcrypt_module_open(CYPHER, '', MODE, ''); $iv = mcrypt_create_iv(mcrypt_enc_get_iv_size($td), MCRYPT_RAND); mcrypt_generic_init($td, KEY, $iv); $crypttext = mcrypt_generic($td, $data); mcrypt_generic_deinit($td); return $iv.$crypttext; } function decrypt($data) { $td = mcrypt_module_open(CYPHER, '', MODE, ''); $ivsize = mcrypt_enc_get_iv_size($td); $iv = substr($data, 0, $ivsize); $data = substr($data, $ivsize); if ($iv) { mcrypt_generic_init($td, KEY, $iv); $data = mdecrypt_generic($td, $data); } return $data; } echo "<pre>"; $data = md5(''); echo "Data: $data\n"; $e = encrypt($data); echo "Encrypted: $e\n"; $d = decrypt($e); echo "Decrypted: $d\n"; Output: Data: d41d8cd98f00b204e9800998ecf8427e Encrypted: ê÷#¯KÂžViiÖŠŒÆÜ,ÑFÕUW£´Œt?†÷>c×åóéè+„N Decrypted: d41d8cd98f00b204e9800998ecf8427e The problem is, when I put the encrypt function in my transmit file (tx.php) and the decrypt in my recieve file (rx.php), the data is not fully decrypted (both files have the same set of constants for key, cypher and mode). Data before passing: a:4:{s:3:"err";i:1024;s:3:"msg";s:4:"Oops";s:4:"file";s:46:"/Applications/MAMP/htdocs/projects/txrx/tx.php";s:4:"line";i:80;} Data decrypted: Mª4:{s:3:"err";i:1024@7OYªç`^;g";s:4:"Oops";s:4:"file";sôÔ8F•Ópplications/MAMP/htdocs/projects/txrx/tx.php";s:4:"line";i:80;} Note the random characters in the middle. My curl is fairly simple: $ch = curl_init($url); curl_setopt($ch, CURLOPT_POST, true); curl_setopt($ch, CURLOPT_POSTFIELDS, 'data=' . $data); curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); $output = curl_exec($ch); Things I suspect could be causing this: Encoding of the curl request Something to do with mcrypt padding missing bytes I've been staring at it too long and have missed something really really obvious If I turn off the crypt functions (so the transfer tx-rx is unencrypted) the data is received fine. Any and all help much appreciated! Thanks, Adam

Read the article
RSA implementations for Java, alternative to BC

- by Tom Brito

The RSA implementation that ships with Bouncy Castle only allows the encrypting of a single block of data. The RSA algorithm is not suited to streaming data and should not be used that way. In a situation like this you should encrypt the data using a randomly generated key and a symmetric cipher, after that you should encrypt the randomly generated key using RSA, and then send the encrypted data and the encrypted random key to the other end where they can reverse the process (ie. decrypt the random key using their RSA private key and then decrypt the data). I can't use the workarond of using symmetric key. So, are there other implementations of RSA than Bouncy Castle?

Read the article
Node.js and wss://

- by CNelson

I'm looking to start using javascript on the server, most likely with node.js, as well as use websockets to communicate with clients. However, there doesn't seem to be a lot of information about encrypted websocket communication using TLS and the wss:// handler. In fact the only server that I've seen explicitly support wss:// is Kaazing. This TODO is the only reference I've been able to find in the various node implementations. Am I missing something or are the websocket js servers not ready for encrypted communication yet? Another option could be using something like lighttpd or apache to proxy to a node listener, has anyone had success there?

Read the article
Encryption-Decryption in Rails

- by Salil

Hi All, I am using require 'digest/sha1' to encrypt my password and save into database. During login I authenticate by matching the encrypted password saved in database and again encrypted the one use enter in password field. As of now everything works fine but now I want to do 'Forgot Password' functionality. To do this I need to decrypt the password which is saved in database to find original one. How to decrypt using digest/sha1? Or does anyone know any algorithm which supports encryption & decryption as well? I am using ruby on rails so I need Ruby way to accomplish it.

Read the article
crypto++ / pycrypto with google app engine

- by Joey

Hi, I am using crypto++ to send AES encrypted http requests to app engine, planning to decrypt them there. My plan is to encrypt the portion after the '?' so it's something like: http://myurl.com/Command?eiwjfsdlfjldkjfs when it is encrypted. However, I'm stuck figuring out how to decrypt it at the other end and still user get() on the response to get the args. Can someone advise if I am taking the wrong approach? Should I be decrypting and not using get() but my own parser then?

Read the article
Accessing cookies in php which are set in java web application

- by user866937

I am setting a cookie at the domain level on encrypted connection in Java web application running on tomcat and I would like it to be accessible in a php web application running on a same domain but different subdomain. Java web application running on https://javaapp.mycompany.com php web application running on https://phpapp.mycompany.com/subpath/index.php From java, I am setting the cookie with following parameters: Domain: .mycompany.com Send For: Encrypted connections only Expires: After 2 months Path: /subpath Name: __C Value: 1 Dumping all the cookies from my php web application running on https, I do not see any cookies getting dumped by the php web application. Whereas if I set the cookies in Java for any type of connection, only then php web application is able to see them if I run the php app on http instead of https. I believe php web app should be able to retrieve then cookies set for https only and for particular domain and all immediate sub-domains. What am I doing wrong here? Thanks in advance for the help.

Read the article

< Previous Page | 122 123 124 125 126 127 128 129 130 131 132 133 | Next Page >