Search Results

Search found 1053 results on 43 pages for 'encrypt'.

Page 16/43 | < Previous Page | 12 13 14 15 16 17 18 19 20 21 22 23  | Next Page >

  • Blackberry - application settings save/load

    - by Max Gontar
    Hi! I know two ways to save/load application settings: use PersistentStore use filesystem (store, since SDCard is optional) I'd like to know what are you're practicies of working with application settings? Using PersistentStore to save/load application settings The persistent store provides a means for objects to persist across device resets. A persistent object consists of a key-value pair. When a persistent object is committed to the persistent store, that object's value is stored in flash memory via a deep copy. The value can then be retrieved at a later point in time via the key. Example of helper class for storing and retrieving settings: class PSOptions { private PersistentObject mStore; private LongHashtableCollection mSettings; private long KEY_URL = 0; private long KEY_ENCRYPT = 1; private long KEY_REFRESH_PERIOD = 2; public PSOptions() { // "AppSettings" = 0x71f1f00b95850cfeL mStore = PersistentStore.getPersistentObject(0x71f1f00b95850cfeL); } public String getUrl() { Object result = get(KEY_URL); return (null != result) ? (String) result : null; } public void setUrl(String url) { set(KEY_URL, url); } public boolean getEncrypt() { Object result = get(KEY_ENCRYPT); return (null != result) ? ((Boolean) result).booleanValue() : false; } public void setEncrypt(boolean encrypt) { set(KEY_ENCRYPT, new Boolean(encrypt)); } public int getRefreshPeriod() { Object result = get(KEY_REFRESH_PERIOD); return (null != result) ? ((Integer) result).intValue() : -1; } public void setRefreshRate(int refreshRate) { set(KEY_REFRESH_PERIOD, new Integer(refreshRate)); } private void set(long key, Object value) { synchronized (mStore) { mSettings = (LongHashtableCollection) mStore.getContents(); if (null == mSettings) { mSettings = new LongHashtableCollection(); } mSettings.put(key, value); mStore.setContents(mSettings); mStore.commit(); } } private Object get(long key) { synchronized (mStore) { mSettings = (LongHashtableCollection) mStore.getContents(); if (null != mSettings && mSettings.size() != 0) { return mSettings.get(key); } else { return null; } } } } Example of use: class Scr extends MainScreen implements FieldChangeListener { PSOptions mOptions = new PSOptions(); BasicEditField mUrl = new BasicEditField("Url:", "http://stackoverflow.com/"); CheckboxField mEncrypt = new CheckboxField("Enable encrypt", false); GaugeField mRefresh = new GaugeField("Refresh period", 1, 60 * 10, 10, GaugeField.EDITABLE|FOCUSABLE); ButtonField mLoad = new ButtonField("Load settings", ButtonField.CONSUME_CLICK); ButtonField mSave = new ButtonField("Save settings", ButtonField.CONSUME_CLICK); public Scr() { add(mUrl); mUrl.setChangeListener(this); add(mEncrypt); mEncrypt.setChangeListener(this); add(mRefresh); mRefresh.setChangeListener(this); HorizontalFieldManager hfm = new HorizontalFieldManager(USE_ALL_WIDTH); add(hfm); hfm.add(mLoad); mLoad.setChangeListener(this); hfm.add(mSave); mSave.setChangeListener(this); loadSettings(); } public void fieldChanged(Field field, int context) { if (field == mLoad) { loadSettings(); } else if (field == mSave) { saveSettings(); } } private void saveSettings() { mOptions.setUrl(mUrl.getText()); mOptions.setEncrypt(mEncrypt.getChecked()); mOptions.setRefreshRate(mRefresh.getValue()); } private void loadSettings() { mUrl.setText(mOptions.getUrl()); mEncrypt.setChecked(mOptions.getEncrypt()); mRefresh.setValue(mOptions.getRefreshPeriod()); } }

    Read the article

  • Process for Securing Web Sites and Applications

    - by Aamir Hasan
    The following quick-start guide provides a detailed overview of how to configure security for IIS 6.0. Reduce the Attack Surface of the Web Server 1.       Enable only essential Windows Server 2003 components and services. 2.       Enable only essential IIS 6.0 components and services. 3.       Enable only essential Web service extensions. 4.       Enable only essential Multipurpose Internet Mail Extensions (MIME) types. 5.       Configure Windows Server 2003 security settings. Prevent Unauthorized Access to Web Sites and Applications 1.       Store content on a dedicated disk volume. 2.       Set IIS Web site permissions. 3.       Set IP address and domain name restrictions. 4.       Set the NTFS file system permissions. Isolate Web Sites and Applications 1.       Evaluate the effects of impersonation on application compatibility: 2·         Identify the impersonation behavior for ASP applications. 3·         Select the impersonation behavior for ASP.NET applications. 4.       Configure Web sites and applications for isolation. Configure User Authentication 1.       Configure Web site authentication. 2·         Select the Web site authentication method. 3·         Configure the Web site authentication method. 4.       Configure File Transfer Protocol (FTP) site authentication. Encrypt Confidential Data Exchanged with Clients 1.       Use Secure Sockets Layer (SSL) to encrypt confidential data. 2.       Use Internet Protocol security (IPSec) or virtual private network (VPN) with remote administration. Maintain Web Site and Application Security 1.       Obtain and apply current security patches. 2.       Enable Windows Server 2003 security logs. 3.       Enable file access auditing for Web site content. 4.       Configure IIS logs. 5.       Review security policies, processes, and procedures.  Note:To secure the Web sites and applications in a Web farm, use the process described in this chapter to configure security for each server in the Web farm. Link:http://www.studentacad.com/post/2010/04/28/Process-for-Securing-Web-Sites-and-Applications.aspx

    Read the article

  • Using the Rijndael Object in VB.NET

    - by broke
    I'm trying out the Rijndael to generate an encrypted license string to use for our new software, so we know that our customers are using the same amount of apps that they paid for. I'm doing two things: Getting the users computer name. Adding a random number between 100 and 1000000000 I then combine the two, and use that as the license number(This probably will change in the final version, but I'm just doing something simple for demonstration purposes). Here is some sample codez: Private Sub Main_Load(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles MyBase.Load Dim generator As New Random Dim randomValue As Integer randomValue = generator.Next(100, 1000000000) ' Create a new Rijndael object to generate a key ' and initialization vector (IV). Dim RijndaelAlg As Rijndael = Rijndael.Create ' Create a string to encrypt. Dim sData As String = My.Computer.Name.ToString + randomValue.ToString Dim FileName As String = "C:\key.txt" ' Encrypt text to a file using the file name, key, and IV. EncryptTextToFile(sData, FileName, RijndaelAlg.Key, RijndaelAlg.IV) ' Decrypt the text from a file using the file name, key, and IV. Dim Final As String = DecryptTextFromFile(FileName, RijndaelAlg.Key, RijndaelAlg.IV) txtDecrypted.Text = Final End Sub That's my load event, but here is where the magic happens: Sub EncryptTextToFile(ByVal Data As String, ByVal FileName As String, ByVal Key() As Byte, ByVal IV() As Byte) Dim fStream As FileStream = File.Open(FileName, FileMode.OpenOrCreate) Dim RijndaelAlg As Rijndael = Rijndael.Create Dim cStream As New CryptoStream(fStream, _ RijndaelAlg.CreateEncryptor(Key, IV), _ CryptoStreamMode.Write) Dim sWriter As New StreamWriter(cStream) sWriter.WriteLine(Data) sWriter.Close() cStream.Close() fStream.Close() End Sub There is a couple things I don't understand. What if someone reads the text file and recognizes that it is Rijndael, and writes a VB or C# app that decrypts it? I don't really understand all of this code, so if you guys can help me out I will love you all forever. Thanks in advance

    Read the article

  • Why RSA encryption can return different results with C# and Java?

    - by ActioN
    I using: c#: RSACryptoServiceProvider JAVA: KeyFactory.getInstance("RSA")+Cipher I sending public key (exponent + modulus) as byte array from java to c#. It's ok, there is the same bytes. But when i try to encrypt some data with one key in Java and c# - there is different results. Java Key Generation: KeyPairGenerator keyGen = KeyPairGenerator.getInstance("RSA"); keyGen.initialize( Config.CRYPTO_KEY_NUM_BITS ); m_KeyPair = keyGen.genKeyPair(); m_PublicKey = KeyFactory.getInstance("RSA").generatePublic( newX509EncodedKeySpec(m_KeyPair.getPublic().getEncoded())); byte[] exponent = m_PublicKey.getPublicExponent().toByteArray(); byte[] modulus = m_PublicKey.getModulus().toByteArray(); // then sending... C# Key Recieve: // Recieved... m_ExternKey = new RSAParameters(); m_ExternKey.Exponent = exponent; m_ExternKey.Modulus = modulus; m_RsaExtern = new RSACryptoServiceProvider(); m_RsaExtern.ImportParameters(m_ExternKey); byte[] test = m_RsaExtern.Encrypt(bytesToEncrypt, true); and problem is that encrypted bytes is different. Thank you.

    Read the article

  • RSA Decrypting a string in C# which was encrypted with openssl in php 5.3.2

    - by panny
    maybe someone can clear me up. I have been surfing on this a while now. I used openssl from console to create a root certificate for me (privatekey.pem, publickey.pem, mycert.pem, mycertprivatekey.pfx). See the end of this text on how. The problem is still to get a string encrypted on the PHP side to be decrypted on the C# side with RSACryptoServiceProvider. Any ideas? PHP side I used the publickey.pem to read it into php: $server_public_key = openssl_pkey_get_public(file_get_contents("C:\publickey.pem")); // rsa encrypt openssl_public_encrypt("123", $encrypted, $server_public_key); and the privatekey.pem to check if it works: openssl_private_decrypt($encrypted, $decrypted, openssl_get_privatekey(file_get_contents("C:\privatekey.pem"))); Coming to the conclusion, that encryption/decryption works fine on the php side with these openssl root certificate files. C# side In same manner I read the keys into a .net C# console program: X509Certificate2 myCert2 = new X509Certificate2(); RSACryptoServiceProvider rsa = new RSACryptoServiceProvider(); try { myCert2 = new X509Certificate2(@"C:\mycertprivatekey.pfx"); rsa = (RSACryptoServiceProvider)myCert2.PrivateKey; } catch (Exception e) { } string t = Convert.ToString(rsa.Decrypt(rsa.Encrypt(test, false), false)); coming to the point, that encryption/decryption works fine on the c# side with these openssl root certificate files. key generation on unix 1) openssl req -x509 -nodes -days 3650 -newkey rsa:1024 -keyout privatekey.pem -out mycert.pem 2) openssl rsa -in privatekey.pem -pubout -out publickey.pem 3) openssl pkcs12 -export -out mycertprivatekey.pfx -in mycert.pem -inkey privatekey.pem -name "my certificate"

    Read the article

  • Decrypting a string in C# which was encrypted with openssl in php 5.3.2

    - by panny
    maybe someone can clear me up. I have been surfing on this a while now. I used openssl from console to create a root certificate for me (privatekey.pem, publickey.pem, mycert.pem, mycertprivatekey.pfx). See the end of this text on how. The problem is still to get a string encrypted on the PHP side to be decrypted on the C# side with RSACryptoServiceProvider. Any ideas? PHP side I used the publickey.pem to read it into php: $server_public_key = openssl_pkey_get_public(file_get_contents("C:\publickey.pem")); // rsa encrypt openssl_public_encrypt("123", $encrypted, $server_public_key); and the privatekey.pem to check if it works: openssl_private_decrypt($encrypted, $decrypted, openssl_get_privatekey(file_get_contents("C:\privatekey.pem"))); Coming to the conclusion, that encryption/decryption works fine on the php side with these openssl root certificate files. C# side In same manner I read the keys into a .net C# console program: X509Certificate2 myCert2 = new X509Certificate2(); RSACryptoServiceProvider rsa = new RSACryptoServiceProvider(); try { myCert2 = new X509Certificate2(@"C:\mycertprivatekey.pfx"); rsa = (RSACryptoServiceProvider)myCert2.PrivateKey; } catch (Exception e) { } string t = Convert.ToString(rsa.Decrypt(rsa.Encrypt(test, false), false)); coming to the point, that encryption/decryption works fine on the c# side with these openssl root certificate files. key generation on unix 1) openssl req -x509 -nodes -days 3650 -newkey rsa:1024 -keyout privatekey.pem -out mycert.pem 2) openssl rsa -in privatekey.pem -pubout -out publickey.pem 3) openssl pkcs12 -export -out mycertprivatekey.pfx -in mycert.pem -inkey privatekey.pem -name "my certificate"

    Read the article

  • How to configure database connection securely

    - by chiccodoro
    Similar but not the same: How to securely store database connection details Securely connecting to database within a application Hi all, I have a C# WinForms application connecting to a database server. The database connection string, including a generic user/pass, is placed in a NHibernate configuration file, which lies in the same directory as the exe file. Now I have this issue: The user that runs the application should not get to know the username/password of the general database user because I don't want him to rummage around in the database directly. Alternatively I could hardcode the connection string, which is bad because the administrator must be able to change it if the database is moved or if he wants to switch between dev/test/prod environments. So long I've found three possibilities: The first referenced question was generally answered by making the file only readable for the user that runs the application. But that's not not enough in my case (the user running the application is a person. The database user/pass are general and shouldn't even be accessible by the person.) The first answer additionally proposed to encrypt the connection data before writing it to the file. With this approach, the administrator is not able anymore to configure the connection string because he cannot encrypt it by hand. The second referenced question provides an approach for this very scenario but it seems very complicated. My questions to you: This is a very general issue, so isn't there any general "how-to-do-it" way, somehow a "design pattern"? Is there some support in .NET's config infrastructure? (optional, maybe out of scope) Can I combine that easily with the NHibernate configuration mechanism?

    Read the article

  • Why is my program printing out the null termination character?

    - by Tyler Pfaff
    When I run this, it will SOMETIMES print out a null termination character. Most of the time it will, and probably 1/5 times it will print just the characters. void cryptogram::Encrypt(){ cout<<"encrypt"<tempS){ len=tempS.length(); int a=0; for(int j=0;j if(j!=len){ //if the word still has more characters j++; a=0; }else{ //if the word is done being scanned cout<<" "; } } } } } } } So that's it and this is the corresponding EXPECTED output that is printed SOMETIMES xvk bkikhxlr wggbtfkj wiylekgbdhx wjjm hko wigbtubxt xvk iwhj uedjkm glctb gvrmdiwhj iebbdielmeggtbx ctb xvtmk gbtubxvk wjjdxdthgbtubodll khvxvk imkbfdik xt xvk bkudth whj gbtfdjk hko tgxdthm whj tggtbxehdxdkm ctb mxejkhxmibdzdhtltur whj pemxdik mxejdkm mxdh cok wbk wlmt gbkgctb cteb hko zdh cgvrmdikjeiwhj qdhkmdtlturzzkjdydtivkzdmxbrw zdh zdjjlkkjeiwhj w jtixtbdh kjeiwjzdhdmxbittgkbodxv mjme whj eimj This is what normally prints though xvkÈ bkikhxlrÈ wggbtfkjÈ wiylekgbdhxÈ wjjmÈ hkoÈ wigbtubxtÈ xvkÈ iwhjÈ uedjkmÈ glctbÈ gvrmdiwhjÈ iebbdielmeggtbxÈ ctbÈ xvtmkÈ gbtubxvkÈ wjjdxdthgbtubodllÈ khvxvkÈ imkbfdikÈ xtÈ xvkÈ bkudthÈ whjÈ gbtfdjkÈ hkoÈ tgxdthmÈ whjÈ tggtbxehdxdkmÈ ctbÈ mxejkhxmibdzdhtlturÈ whjÈ pemxdikÈ mxejdkmÈ mxdhÈ cokÈ wbkÈ wlmtÈ gbkgctbÈ ctebÈ hkoÈ zdhÈ cgvrmdikjeiwhjÈ qdhkmdtlturzzkjdydtivkzdmxbrwÈ zdhÈ zdjjlkkjeiwhjÈ wÈ jtixtbdhÈ kjeiwjzdhdmxbittgkbodxvÈ mjmeÈ whjÈ eimj or some variation of an odd character at the end of each word This is what the cryptogram array is filled with by the way wyijkcuvdpqlzhtgabmxefonrs

    Read the article

  • Decrypting a string in C# 3.5 which was encrypted with openssl in php 5.3.2

    - by panny
    Hi everyone, maybe someone can clear me up. I have been surfing on this a while now. I used openssl from console to create a root certificate for me (privatekey.pem, publickey.pem, mycert.pem, mycertprivatekey.pfx). See the end of this text on how. The problem is still to get a string encrypted on the PHP side to be decrypted on the C# side with RSACryptoServiceProvider. Any ideas? PHP side I used the publickey.pem to read it into php: $server_public_key = openssl_pkey_get_public(file_get_contents("C:\publickey.pem")); // rsa encrypt openssl_public_encrypt("123", $encrypted, $server_public_key); and the privatekey.pem to check if it works: openssl_private_decrypt($encrypted, $decrypted, openssl_get_privatekey(file_get_contents("C:\privatekey.pem"))); Coming to the conclusion, that encryption/decryption works fine on the php side with these openssl root certificate files. C# side In same manner I read the keys into a .net C# console program: X509Certificate2 myCert2 = new X509Certificate2(); RSACryptoServiceProvider rsa = new RSACryptoServiceProvider(); try { myCert2 = new X509Certificate2(@"C:\mycertprivatekey.pfx"); rsa = (RSACryptoServiceProvider)myCert2.PrivateKey; } catch (Exception e) { } string t = Convert.ToString(rsa.Decrypt(rsa.Encrypt(test, false), false)); coming to the point, that encryption/decryption works fine on the c# side with these openssl root certificate files. key generation on unix 1) openssl req -x509 -nodes -days 3650 -newkey rsa:1024 -keyout privatekey.pem -out mycert.pem 2) openssl rsa -in privatekey.pem -pubout -out publickey.pem 3) openssl pkcs12 -export -out mycertprivatekey.pfx -in mycert.pem -inkey privatekey.pem -name "my certificate"

    Read the article

  • How to efficiently convert String, integer, double, datetime to binary and vica versa?

    - by Ben
    Hi, I'm quite new to C# (I'm using .NET 4.0) so please bear with me. I need to save some object properties (their properties are int, double, String, boolean, datetime) to a file. But I want to encrypt the files using my own encryption, so I can't use FileStream to convert to binary. Also I don't want to use object serialization, because of performance issues. The idea is simple, first I need to somehow convert objects (their properties) to binary (array), then encrypt (some sort of xor) the array and append it to the end of the file. When reading first decrypt the array and then somehow convert the binary array back to object properties (from which I'll generate objects). I know (roughly =) ) how to convert these things by hand and I could code it, but it would be useless (too slow). I think the best way would be just to get properties' representation in memory and save that. But I don't know how to do it using C# (maybe using pointers?). Also I though about using MemoryStream but again I think it would be inefficient. I am thinking about class Converter, but it does not support toByte(datetime) (documentation says it always throws exception). For converting back I think the only options is class Converter. Note: I know the structure of objects and they will not change, also the maximum String length is also known. Thank you for all your ideas and time. EDIT: I will be storing only parts of objects, in some cases also parts of different objects (a couple of properties from one object type and a couple from another), thus I think that serialization is not an option for me.

    Read the article

  • How to decrypt a string encrypted with HMACSHA1?

    - by Bob
    I'm an encryption novice trying to pass some values back and forth between systems. I can encrypt the value, but can't seem to figure out how to decrypt on the other end. I've created a simple Windows Forms application using VB.NET. Trying to input a value and a key, encrypt and then decrypt to get the original value. Here's my code so far. Any help greatly appreciated. Thanks. Imports System Imports System.IO Imports System.Security.Cryptography Imports System.Text Public Class Form1 Private Sub btnEncode_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles btnEncode.Click Dim hmacsha1 As New HMACSHA1(Encoding.ASCII.GetBytes(txtKey.Text)) Dim hashValue As Byte() = hmacsha1.ComputeHash(Encoding.ASCII.GetBytes(txtValue.Text)) txtResult.Text = BytesToHexString(hashValue) hmacsha1.Clear() End Sub Private Sub btnDecode_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles btnDecode.Click '??? End Sub Private Function BytesToHexString(ByVal bytes As Byte()) As String Dim output As String = String.Empty Dim i As Integer = 0 Do While i < bytes.Length output += bytes(i).ToString("X2") i += 1 Loop Return output End Function End Class

    Read the article

  • ASP MVC: E-mail Verification (Encrypting the activation link)

    - by wh0emPah
    Okay i'm a little bit stuck on how to solve this problem. When a user registers. I want to send him a link so that he can verify hes email address. But i have troubles generating the link. I've already written the controller to accept the links with the correct keys. i only have no idea on how to generate the activation keys. So when the user registers i'll send him a link by mail like this: Your activation link is : http://site.com/user/verify?key=keyhere Now i have created this method (called by the controller/action) to handle the key in the link: public string Verify(string value) { String email = Decrypt(value); user u = gebRep.GetUsers().WithEmail(email).SingleOrDefault(); if (u != null) { u.emailValid = true; userReppository.Save(); } return "Invallid validation value!"; } Now my problem is I have no idea on how to encrypt and decrypt the email into some sort of key (url friendly) So i can mail it with the link and can use it to verify the email. I need some kind of (not to complicated but secure) way to encrypt the email into a urlfriendly key. Tyvm

    Read the article

  • Best practices for encrypting continuous/small UDP data

    - by temp
    Hello everyone, I am having an application where I have to send several small data per second through the network using UDP. The application need to send the data in real-time (no waiting). I want to encrypt these data and insure that what I am doing is as secure as possible. Since I am using UDP, there is no way to use SSL/TLS, so I have to encrypt each packet alone since the protocol is connectionless/unreliable/unregulated. Right now, I am using a 128-bit key derived from a passphrase from the user, and AES in CBC mode (PBE using AES-CBC). I decided to use a random salt with the passphrase to derive the 128-bit key (prevent dictionary attack on the passphrase), and of course use IVs (to prevent statistical analysis for packets). However I am concerned about few things: Each packet contains small amount of data (like a couple of integer values per packet) which will make the encrypted packets vulnerable to known-plaintext attacks (which will result in making it easier to crack the key). Also, since the encryption key is derived from a passphrase, this will make the key space way less (I know the salt will help, but I have to send the salt through the network once and anyone can get it). Given these two things, anyone can sniff and store the sent data, and try to crack the key. Although this process might take some time, once the key is cracked all the stored data will be decrypted, which will be a real problem for my application. So my question is, what is the best practices for sending/encrypting continuous small data using a connectionless protocol (UDP)? Is my way the best way to do it? ...flowed? ...Overkill? ... Please note that I am not asking for a 100% secure solution, as there is no such thing. Cheers

    Read the article

  • Best practices for encrytping continuous/small UDP data

    - by temp
    Hello everyone, I am having an application where I have to send several small data per second through the network using UDP. The application need to send the data in real-time (on waiting). I want to encrypt these data and insure that what I am doing is as secure as possible. Since I am using UDP, there is no way to use SSL/TLS, so I have to encrypt each packet alone since the protocol is connectionless/unreliable/unregulated. Right now, I am using a 128-bit key derived from a passphrase from the user, and AES in CBC mode (PBE using AES-CBC). I decided to use a random salt with the passphrase to derive the 128-bit key (prevent dictionary attack on the passphrase), and of course use IVs (to prevent statistical analysis for packets). However I am concerned about few things: Each packet contains small amount of data (like a couple of integer values per packet) which will make the encrypted packets vulnerable to known-plaintext attacks (which will result in making it easier to crack the key). Also, since the encryption key is derived from a passphrase, this will make the key space way less (I know the salt will help, but I have to send the salt through the network once and anyone can get it). Given these two things, anyone can sniff and store the sent data, and try to crack the key. Although this process might take some time, once the key is cracked all the stored data will be decrypted, which will be a real problem for my application. So my question is, what is the best practices for sending/encrypting continuous small data using a connectionless protocol (UDP)? Is my way the best way to do it? ...flowed? ...Overkill? ... Please note that I am not asking for a 100% secure solution, as there is no such thing. Cheers

    Read the article

  • slowAES encryption and java descryption

    - by amnon
    Hi , I've tried to implement the same steps as discussed in AES .NET but with no success , i can't seem to get java and slowAes to play toghter ... attached is my code i'm sorry i can't add more this is my first time trying to deal with encryption would appreciate any help private static final String ALGORITHM = "AES"; private static final byte[] keyValue = getKeyBytes("12345678901234567890123456789012"); private static final byte[] INIT_VECTOR = new byte[16]; private static IvParameterSpec ivSpec = new IvParameterSpec(INIT_VECTOR); public static void main(String[] args) throws Exception { String encoded = encrypt("watson?"); System.out.println(encoded); } private static Key generateKey() throws Exception { Key key = new SecretKeySpec(keyValue, ALGORITHM); // SecretKeyFactory keyFactory = SecretKeyFactory.getInstance(ALGORITHM); // key = keyFactory.generateSecret(new DESKeySpec(keyValue)); return key; } private static byte[] getKeyBytes(String key) { byte[] hash = DigestUtils.sha(key); byte[] saltedHash = new byte[16]; System.arraycopy(hash, 0, saltedHash, 0, 16); return saltedHash; } public static String encrypt(String valueToEnc) throws Exception { Key key = generateKey(); Cipher c = Cipher.getInstance("AES/CBC/PKCS5Padding"); c.init(Cipher.ENCRYPT_MODE, key,ivSpec); byte[] encValue = c.doFinal(valueToEnc.getBytes()); String encryptedValue = new BASE64Encoder().encode(encValue); return encryptedValue; } public static String decrypt(String encryptedValue) throws Exception { Key key = generateKey(); Cipher c = Cipher.getInstance(ALGORITHM); c.init(Cipher.DECRYPT_MODE, key); byte[] decordedValue = new BASE64Decoder().decodeBuffer(encryptedValue); byte[] decValue = c.doFinal(decordedValue); String decryptedValue = new String(decValue); return decryptedValue; } the bytes returned are different thanks in advance .

    Read the article

  • Is encrypting session id (or other authenticate value) in cookie useful at all?

    - by Ji
    In web development, when session state is enabled, a session id is stored in cookie(in cookieless mode, query string will be used instead). In asp.net, the session id is encrypted automatically. There are plenty of topics on the internet regarding how you should encrypt your cookie, including session id. I can understand why you want to encrypt private info such as DOB, but any private info should not be stored in cookie at first place. So for other cookie values such as session id, what is the purpose encryption? Does it add security at all? no matter how you secure it, it will be sent back to server for decryption. Be be more specific, For authentication purpose, turn off session, i don't want to deal with session time out any more store some sort of id value in the cookie, on the server side, check if the id value exists and matches, if it is, authenticate user. let the cookie value expire when browser session is ended, this way. vs Asp.net form authentication mechanism (it relies on session or session id, i think) does latter one offer better security?

    Read the article

  • Facebook Tagging friends to the picture

    - by Rajesh Dante
    Below code tag only first uid then then its shows Fatal error: Uncaught OAuthException: (#100) Invalid parameter and can i use exact location for tagging.. as in below code x and y values are in pixel $facebook = new Facebook ( array ( 'appId' => FBAPPID, 'secret' => FBSECRETID ) ); $facebook->setFileUploadSupport ( true ); if (isset ( $_POST ['image'] ) && isset ( $_POST ['tname'] )) { $path_to_image = encrypt::instance ()->decode ( $_POST ['image'] ); $tags = (array)encrypt::instance ()->decode ( $_POST ['tname'] ); /* * Output $tags = array ( 0 => '[{"tag_uid":"100001083191675","x":100,"y":100},{"tag_uid":"100001713817872","x":100,"y":230},{"tag_uid":"100000949945144","x":100,"y":360},{"tag_uid":"100001427144227","x":230,"y":100},{"tag_uid":"100000643504257","x":230,"y":230},{"tag_uid":"100001155130231","x":230,"y":360}]' ); */ $args = array ( 'message' => 'Von ', 'source' => '@' . $path_to_image, 'access_token' => $this->user->fbtoken ) ; $photo = $facebook->api ( $this->user->data->fbid . '/photos', 'post', $args ); // upload works but not tags if (is_array ( $photo ) && ! empty ( $photo ['id'] )) { echo 'Photo uploaded. Check it on Graph API Explorer. ID: ' . $photo ['id']; foreach ( $tags as $key => $t ) { $tagRe = json_encode ( $t ); $args = array ( 'tags' => $tagRe, 'access_token' => $this->user->fbtoken ); $facebook->api ( '/' . $photo ['id'] . '/tags', 'post', $args ); } } }

    Read the article

  • Encrypting XML Element

    - by Kanta
    I have created XML file called users.xml Looks like this: <Users> <user> <uin>"0012345"</uin> <name>black</name> <email>"[email protected]"</email> <created>"3/02/2010"</created> </user> <user> <uin>"123456780"</uin> <name>sam</name> <email>"[email protected]"</email> <created>"3/02/2010"</created> </user> <user> <uin>"123456799"</uin> <name>kblack</name> <email>"[email protected]"</email> <created>"3/02/2010"</created> </user> </Users> I want to encrypt the element. Using code like XmlElement uinelement = (XmlElement)xmldoc.SelectSingleNode("Users/user/uin"); ...encrypts only first UIN from the user.xml file. How can I Encrypt all UIN elements? Thank you Kanta

    Read the article

  • Custom authentication module inheriting IHttpModule issue.

    - by Chandan Khatwani
    LoginPage.aspx:- protected void Button1_Click(object sender, EventArgs e) { Context.Items["Username"] = txtUserId.Text; Context.Items["Password"] = txtPassword.Text; // FormsAuthenticationTicket ticket = new FormsAuthenticationTicket(1, Context.Items["Username"].ToString(), DateTime.Now, DateTime.Now.AddMinutes(10), true, "users", FormsAuthentication.FormsCookiePath); // Encrypt the cookie using the machine key for secure transport string hash = FormsAuthentication.Encrypt(ticket); HttpCookie cookie = new HttpCookie( FormsAuthentication.FormsCookieName, // Name of auth cookie hash); // Hashed ticket // Set the cookie's expiration time to the tickets expiration time if (ticket.IsPersistent) cookie.Expires = ticket.Expiration; Response.Cookies.Add(cookie); Response.Redirect("Default.aspx"); } Global.asax file:- void Application_AuthenticateRequest(object sender, EventArgs e) { if (HttpContext.Current.User != null) { if (HttpContext.Current.User.Identity.IsAuthenticated) { if (HttpContext.Current.User.Identity is FormsIdentity) { FormsIdentity id = (FormsIdentity)HttpContext.Current.User.Identity; FormsAuthenticationTicket ticket = id.Ticket; // Get the stored user-data, in this case, our roles string userData = ticket.UserData; string[] roles = userData.Split(','); HttpContext.Current.User = new System.Security.Principal.GenericPrincipal(id, roles); Response.Write(HttpContext.Current.User.Identity.Name); Response.Redirect("Default.aspx"); } } } } I get the following error after signing in This webpage has a redirect loop. The webpage at http://localhost:1067/Default.aspx has resulted in too many redirects. Clearing your cookies for this site or allowing third-party cookies may fix the problem. If not, it is possibly a server configuration issue and not a problem with your computer.

    Read the article

  • [PHP] Script looking for string in file breaks

    - by Kel
    Hey guys. I'm running a script that looks for a specific term in a pdf file. Well, actually I'm reading the pdf file as a txt file and look for the term there. The script processes over 20k files. But, unexpectedly, the script breaks after it hits a file that is over 50mb long. It stops. What could the reason be? Here's an excerpt of the script: // Proceed if file exists if(file_exists($sourcePath)){ echo "file exists\n"; if(filesize($sourcePath) > 0){ echo "filesize is greater than 0\n"; $pdfFile = fopen($sourcePath,"rb"); $data = fread($pdfFile, filesize($sourcePath)); fclose($pdfFile); // Search for string if(stripos($data,$searchFor)){ echo "Success. encrypt found\r\n"; fwrite($errorFileHandler,"Success. encrypt found\r\n"); }else{ ..... } ... ... What could be the problem?

    Read the article

  • no default constructor exists for class

    - by MixedCoder
    #include "Includes.h" enum BlowfishAlgorithm { ECB, CBC, CFB64, OFB64, }; class Blowfish { public: struct bf_key_st { unsigned long P[18]; unsigned long S[1024]; }; Blowfish(BlowfishAlgorithm algorithm); void Dispose(); void SetKey(unsigned char data[]); unsigned char Encrypt(unsigned char buffer[]); unsigned char Decrypt(unsigned char buffer[]); char EncryptIV(); char DecryptIV(); private: BlowfishAlgorithm _algorithm; unsigned char _encryptIv[200]; unsigned char _decryptIv[200]; int _encryptNum; int _decryptNum; }; class GameCryptography { public: Blowfish _blowfish; GameCryptography(unsigned char key[]); void Decrypt(unsigned char packet[]); void Encrypt(unsigned char packet[]); Blowfish Blowfish; void SetKey(unsigned char k[]); void SetIvs(unsigned char i1[],unsigned char i2[]); }; GameCryptography::GameCryptography(unsigned char key[]) { } Error:IntelliSense: no default constructor exists for class "Blowfish" ???!

    Read the article

  • CodePlex Daily Summary for Saturday, June 11, 2011

    CodePlex Daily Summary for Saturday, June 11, 2011Popular ReleasesSimplePlanner: v2.0b: For 2011-2012 Sem 1 ???2011-2012 ????Econ NetVert: 2.4.2.14 Production: Many thanks to paulhickman for testing and reporting issues. - this release has lots of bugfixes in codeconversion when using NRefactory 4.0 (local) and VisualStudio Projects conversionVisual Studio 2010 Help Downloader: 1.0.0.3: Domain name support for proxy Cleanup old packages bug Writing to EventLog with UAC enabled bug Small fixes & RefactoringMedia Companion: MC 3.406b weekly: With this version change a movie rebuild is required when first run -else MC will lock up on exit. Extract the entire archive to a folder which has user access rights, eg desktop, documents etc. Refer to the documentation on this site for the Installation & Setup Guide Important! If you find MC not displaying movie data properly, please try a 'movie rebuild' to reload the data from the nfo's into MC's cache. Fixes Movies Readded movie preference to rename invalid or scene nfo's to info ext...SCCM Client Actions Tool: SCCM Client Actions Tool v0.5.1: SCCM Client Actions Tool v0.5.1 is currently the most stable version and includes all of the functionality requested so far. It comes with following changes since last version: Fixed an incorrect path to x64 client setup folder. It comes as a ZIP file that contains three files: ClientActionsTool.hta – The tool itself. Cmdkey.exe – command line tool for managing cached credentials. This is needed for alternate credentials feature when running the HTA on Windows XP. Cmdkey.exe is natively a...Windows Azure VM Assistant: AzureVMAssist V1.0.0.5: AzureVMAssist V1.0.0.5 (Debug) - Test Release VersionSizeOnDisk: 1.8.0.3: Fix (issue 317): Main window icon loading error on windows server 2003 32bit runing on x86 cpu. Bypass of the Microsoft windows comexception.NetOffice - The easiest way to use Office in .NET: NetOffice Release 0.9: Changes: - fix examples (include issue 16026) - add new examples - 32Bit/64Bit Walkthrough is now available in technical Documentation. Includes: - Runtime Binaries and Source Code for .NET Framework:......v2.0, v3.0, v3.5, v4.0 - Tutorials in C# and VB.Net:..............................................................COM Proxy Management, Events, etc. - Examples in C# and VB.Net:............................................................Excel, Word, Outlook, PowerPoint, Access - COMAddi...Reusable Library: V1.1.3: A collection of reusable abstractions for enterprise application developerClosedXML - The easy way to OpenXML: ClosedXML 0.54.0: New on this release: 1) Mayor performance improvements. 2) AdjustToContents now take into account the text rotation. 3) Fixed issues 6782, 6784, 6788HTML-IDEx: HTML-IDEx .15 ALPHA: This release fixes line counting a little bit and adds the masshighlight() sub, which highlights pasted and inserted code.AutoLoL: AutoLoL v2.0.3: - Improved summoner spells are now displayed - Fixed some of the startup errors people got - Double clicking an item selects it - Some usability changes that make using AutoLoL just a little easier - Bug fixes AutoLoL v2 is not an update, but an entirely new version! Please install to a different directory than AutoLoL v1Host Profiles: Host Profiles 1.0: Host Profiles 1.0 Release Quickly modify host file Automatically flush dnsVidCoder: 0.9.2: Updated to HandBrake 4024svn. This fixes problems with mpeg2 sources: corrupted previews, incorrect progress indicators and encodes that incorrectly report as failed. Fixed a problem that prevented target sizes above 2048 MB.SharePoint Search XSL Samples: SharePoint 2010 Samples: I have updated some of the samples from the 2007 release. These all work in SharePoint 2010. I removed the Pivot on File Extension because SharePoint 2010 search has refiners that perform the same function.AcDown????? - Anime&Comic Downloader: AcDown????? v3.0 Beta5: ??AcDown?????????????,??????????????,????、????。?????Acfun????? ????32??64? Windows XP/Vista/7 ????????????? ??:????????Windows XP???,?????????.NET Framework 2.0???(x86)?.NET Framework 2.0???(x64),?????"?????????"??? ??v3.0 Beta5 ?????????? ???? ?? ???????? ???"????????"?? ????????????? ????????/???? ?? ???"????"??? ?? ??????????? ?? ?? ??????????? ?? ?????????????????? ??????????????????? ???????????????? ????????????Discussions???????? ????AcDown??????????????VFPX: GoFish 4 Beta 1: Current beta is Build 144 (released 2011-06-07 ) See the GoFish4 info page for details and video link: http://vfpx.codeplex.com/wikipage?title=GoFishShowUI: Write-UI -in PowerShell: ShowUI: ShowUI is a PowerShell module to help you write rich user interfaces in script.SharePoint 2010 FBA Pack: SharePoint 2010 FBA Pack 1.0.3: Fixed User Management screen when "RequiresQuestionAndAnswer" set to true Reply to Email Address can now be customized User Management page now only displays users that reside in the membership database Web parts have been changed to inherit from System.Web.UI.WebControls.WebParts.WebPart, so that they will display on anonymous application pages For installation and configuration steps see here.TerrariViewer: TerrariViewer v2.5: Added new items associated with Terraria v1.0.3 to the character editor. Fixed multiple bugs with Piggy Bank EditoryNew Projects.NET MVC Base by OST: The OST .NET MVC project is currently in infancy but contains html helper extensions, model binders and other extensions to the mvc 3 framework. It also contains a separate project for easily consuming JQGrid requests and return the correct JSON to the jQuery plugin.Asterisk AMI Proxy suite: The AMI Proxy suite project will bridge the gap between your asterisk phone system and your windows based applications. The AMI Proxy is a service that can be used to simply proxy AMI connections to your asterisk server but also adds call stat generation and line monitors.Augusta Developers Guild: The web site for the user group Augusta Developers GuildAzure Blob Pusher: File uploader allows bulk upload of files from client to Azure blob storage. FileSystemWatcher notices new files in configured directory. SQL Express database tracks files as they are pushed up to blob storage and then processed. Local Directory is cleaned up after acknowledgement.Basic Class Library: A collection of functions created to eased up the programmers life in order to solved basic task like validation, AmountTowords, Encrypt & Decryption it also has capability to Connect and retrieve sql data just in one line of code, and some other Basic but very Important task.Basic RTS Game using RolePlayingGame Tool kit based XNA: this is a basic RTS Game. i can make it easy by using RolePlayingGame Took Kit based XNA.Batch Scheduler using .Net 4, MEF and Entity framework 4.1 (Magic Unicorn): Simple Batch Architecture written on C#. Uses the .NET 4, MEF and Entity Framework 4.1 Code First. If you dont need a scheduler, just use the sample code. Agents can be scheduled through a central database table. Plug-ins (or jobs) are launched through MEF. DropBox Linker: The goal of DropBox Linker project is to improve DropBox service client usability. It intellectually automates copying URLs to clipboard after publishing a file. Multiple files at once is supported. Additionally, it corrects URL on file rename after its link been copied.Exchange Spigot for NodeXL: Exchange Spigot for NodeXL enables Microsoft Excel plugin NodeXL to collect messaging data from the Microsoft Exchange Server and display that data as a graph. It is developed in C#.G - Low Level Graphics API: A low level graphics api, in similar style to OpenGL, but more OO. Can drastically speed up OpenGL based apps. Makes full use of Net4.0 features such as lambada expressions where useful. (C#, OpenTK powered. This is not for C++) GpgAPI - A C# Api for Gpg: GpgAPI is a C# API for Gpg. Gpg is a command line software to encrypt, decrypt files with a symmetric or assymetric key. You can also managed public keys, import keys from the web, export your public keys, etc. GpgAPI is an interface to Gpg. In C#, with a few lines, you can execute gpg to encrypt, decrypt, etc. The license of this project is "GPL v3"; it is NOT GPL v2. GPL v3 is not present in the licenses list so I had to choose GPL v2. So if use GpgAPI, you must accept the GPL v...iDreamBoard: iDreamBoard is an application to ease the process of creating and editing dreamboard themes for iOS devices. UNDER DEVELOPMENTIETouch: Use IE Touch to access multitouch events from JavaScript in IE. This project uses some of the code from Windows 7 Multitouch .NET Interop Sample Library available in http://archive.msdn.microsoft.com/WindowsTouch/Release/ProjectReleases.aspx?ReleaseId=2127iMaker-Lion: Applications post installation pour Mac OS X sur PC.Informatic System Ma Chung University Alumni Center: Informatic System Ma Chung University Alumni Center is a website for alumni at Information System Faculty at Ma Chung University at Malang, IndonesiaJasc (just another script compressor): Just another script compressor, but that's by far the easiest to use! Use Jasc to merge compress your javascript (JS) and style sheets (CSS). Just drop the executable in your javascript / CSS folder and run it. Voyla! It will handle everything by itself. Compression is based on Microsoft Ajax Minifier. Jasc can handle single or multiple files, will accept regular expressions to remove specific lines from the source code, and can also optimize the results by shrinking variable names and twe...LINQ Extensions Library: A library of useful LINQ extensions allowing for arithmetic manipulation of sequences, statistical analysis, sequence generation, sequence manipulation, pattern detection and more.Mail2FotoFrame: Pulls emails from a POP3-Account, extracts picture-attachments and saves them to a SD-card, so you can view them on a fotoframe.Make web (or sharepoint) pages screenshots with Powershell: From a text file containing url, make screenshot of each page. This powershell script use iecapt.exe project. You can manage width format and delay for each captureModé Internationalé (E-Commerce Site): Mode International is a fictional clothing store, and this website project is meant to be the e-Commerce site for this store. So far, the project has been developed using Java Enterprise Edition and Sockets, but I am considering making the use of C# in ASP .NET in the future.Music House: Site dedicado a musica e afiliadosNiphor's ToolBox: ?????????Nordic nRF24L01+ .NET Micro Framework Driver: Library that enables .NET Micro Framework developers to use Nordic 2.4 GHz wireless tranceivers. This library can be used on any net mf device with SPI interface.Petey's Game Engine: Petey's Game Engine is a XNA 4.0 game engine with a featured blog describing each step of the development. This is a learning project so people may follow and learn as my project evolves.ReportGenerator: ReportGenerator converts XML reports generated by PartCover or NCover into a readable HTML report.Rise of the rabbits: Rise of the RabbitsSapaFinance: SapaFinanceSCSM Copy Object: SCSM Copy Object is a CodePlex project that enables users to select objects in the System Center Service Manager console, click a task in the task pane and create a copy of the selected object(s). Objects can also be copied from command line executables.SharePoint 2010 Language Pack Downloader: SharePoint 2010 Language Pack Downloader is a tool to quickly download multiple language pack files for the SharePoint 2010 Server platform.SharePoint XQuery Reporting Solution: My company's project needs this technology because of the current company has a lot of data is stored in SharePoint, through Infopath data collection, data storage and not all InfoPath field values ​​are saved into a database, a considerable number of data in XML File, which caused difficulties in query and print a report, need a solution. Simply explained the thinking: First step:Put SharePoint, InfoPath XML file later (I did a small tool XMLToDB) or through the Event Handle sync sav...The Pacman: A simple single player game similar to Pacman. Developed using XNA game framework and C#. Game demonstrates usage of fuzzy logic for controlling the AI ghosts. This game is developed to test the effect of fuzzy logic AI in Pacman game.TodoStrike: Todo Strike is a simple todo list keeper.WallpaperDeleter: Simple program to delete the current background wallpaper image.Windows Phone 7 Continuous Integration Testing Framework: WP7 CI is a port of the Silverlight Toolkit Test Framework with added CI support, allowing tests to be run in the emulator from the command lineWolfpack - Distributed System Monitoring: Wolfpack is an extensible, .Net windows service framework for running jobs to monitor your software, system & business KPI's. The data collected can be sent directly to Growl, Geckoboard, WCF, SQL, SQLite, NServiceBus. It comes loaded with some tasks but it's simple to implement your own!

    Read the article

  • Converting Encrypted Values

    - by Johnm
    Your database has been protecting sensitive data at rest using the cell-level encryption features of SQL Server for quite sometime. The employees in the auditing department have been inviting you to their after-work gatherings and buying you drinks. Thousands of customers implicitly include you in their prayers of thanks giving as their identities remain safe in your company's database. The cipher text resting snuggly in a column of the varbinary data type is great for security; but it can create some interesting challenges when interacting with other data types such as the XML data type. The XML data type is one that is often used as a message type for the Service Broker feature of SQL Server. It also can be an interesting data type to capture for auditing or integrating with external systems. The challenge that cipher text presents is that the need for decryption remains even after it has experienced its XML metamorphosis. Quite an interesting challenge nonetheless; but fear not. There is a solution. To simulate this scenario, we first will want to create a plain text value for us to encrypt. We will do this by creating a variable to store our plain text value: -- set plain text value DECLARE @PlainText NVARCHAR(255); SET @PlainText = 'This is plain text to encrypt'; The next step will be to create a variable that will store the cipher text that is generated from the encryption process. We will populate this variable by using a pre-defined symmetric key and certificate combination: -- encrypt plain text value DECLARE @CipherText VARBINARY(MAX); OPEN SYMMETRIC KEY SymKey     DECRYPTION BY CERTIFICATE SymCert     WITH PASSWORD='mypassword2010';     SET @CipherText = EncryptByKey                          (                            Key_GUID('SymKey'),                            @PlainText                           ); CLOSE ALL SYMMETRIC KEYS; The value of our newly generated cipher text is 0x006E12933CBFB0469F79ABCC79A583--. This will be important as we reference our cipher text later in this post. Our final step in preparing our scenario is to create a table variable to simulate the existence of a table that contains a column used to hold encrypted values. Once this table variable has been created, populate the table variable with the newly generated cipher text: -- capture value in table variable DECLARE @tbl TABLE (EncVal varbinary(MAX)); INSERT INTO @tbl (EncVal) VALUES (@CipherText); We are now ready to experience the challenge of capturing our encrypted column in an XML data type using the FOR XML clause: -- capture set in xml DECLARE @xml XML; SET @xml = (SELECT               EncVal             FROM @tbl AS MYTABLE             FOR XML AUTO, BINARY BASE64, ROOT('root')); If you add the SELECT @XML statement at the end of this portion of the code you will see the contents of the XML data in its raw format: <root>   <MYTABLE EncVal="AG4Skzy/sEafeavMeaWDBwEAAACE--" /> </root> Strangely, the value that is captured appears nothing like the value that was created through the encryption process. The result being that when this XML is converted into a readable data set the encrypted value will not be able to be decrypted, even with access to the symmetric key and certificate used to perform the decryption. An immediate thought might be to convert the varbinary data type to either a varchar or nvarchar before creating the XML data. This approach makes good sense. The code for this might look something like the following: -- capture set in xml DECLARE @xml XML; SET @xml = (SELECT              CONVERT(NVARCHAR(MAX),EncVal) AS EncVal             FROM @tbl AS MYTABLE             FOR XML AUTO, BINARY BASE64, ROOT('root')); However, this results in the following error: Msg 9420, Level 16, State 1, Line 26 XML parsing: line 1, character 37, illegal xml character A quick query that returns CONVERT(NVARCHAR(MAX),EncVal) reveals that the value that is causing the error looks like something off of a genuine Chinese menu. While this situation does present us with one of those spine-tingling, expletive-generating challenges, rest assured that this approach is on the right track. With the addition of the "style" argument to the CONVERT method, our solution is at hand. When dealing with converting varbinary data types we have three styles available to us: - The first is to not include the style parameter, or use the value of "0". As we see, this style will not work for us. - The second option is to use the value of "1" will keep our varbinary value including the "0x" prefix. In our case, the value will be 0x006E12933CBFB0469F79ABCC79A583-- - The third option is to use the value of "2" which will chop the "0x" prefix off of our varbinary value. In our case, the value will be 006E12933CBFB0469F79ABCC79A583-- Since we will want to convert this back to varbinary when reading this value from the XML data we will want the "0x" prefix, so we will want to change our code as follows: -- capture set in xml DECLARE @xml XML; SET @xml = (SELECT              CONVERT(NVARCHAR(MAX),EncVal,1) AS EncVal             FROM @tbl AS MYTABLE             FOR XML AUTO, BINARY BASE64, ROOT('root')); Once again, with the inclusion of the SELECT @XML statement at the end of this portion of the code you will see the contents of the XML data in its raw format: <root>   <MYTABLE EncVal="0x006E12933CBFB0469F79ABCC79A583--" /> </root> Nice! We are now cooking with gas. To continue our scenario, we will want to parse the XML data into a data set so that we can glean our freshly captured cipher text. Once we have our cipher text snagged we will capture it into a variable so that it can be used during decryption: -- read back xml DECLARE @hdoc INT; DECLARE @EncVal NVARCHAR(MAX); EXEC sp_xml_preparedocument @hDoc OUTPUT, @xml; SELECT @EncVal = EncVal FROM OPENXML (@hdoc, '/root/MYTABLE') WITH ([EncVal] VARBINARY(MAX) '@EncVal'); EXEC sp_xml_removedocument @hDoc; Finally, the decryption of our cipher text using the DECRYPTBYKEYAUTOCERT method and the certificate utilized to perform the encryption earlier in our exercise: SELECT     CONVERT(NVARCHAR(MAX),                     DecryptByKeyAutoCert                          (                            CERT_ID('AuditLogCert'),                            N'mypassword2010',                            @EncVal                           )                     ) EncVal; Ah yes, another hurdle presents itself! The decryption produced the value of NULL which in cryptography means that either you don't have permissions to decrypt the cipher text or something went wrong during the decryption process (ok, sometimes the value is actually NULL; but not in this case). As we see, the @EncVal variable is an nvarchar data type. The third parameter of the DECRYPTBYKEYAUTOCERT method requires a varbinary value. Therefore we will need to utilize our handy-dandy CONVERT method: SELECT     CONVERT(NVARCHAR(MAX),                     DecryptByKeyAutoCert                          (                             CERT_ID('AuditLogCert'),                             N'mypassword2010',                             CONVERT(VARBINARY(MAX),@EncVal)                           )                     ) EncVal; Oh, almost. The result remains NULL despite our conversion to the varbinary data type. This is due to the creation of an varbinary value that does not reflect the actual value of our @EncVal variable; but rather a varbinary conversion of the variable itself. In this case, something like 0x3000780030003000360045003--. Considering the "style" parameter got us past XML challenge, we will want to consider its power for this challenge as well. Knowing that the value of "1" will provide us with the actual value including the "0x", we will opt to utilize that value in this case: SELECT     CONVERT(NVARCHAR(MAX),                     DecryptByKeyAutoCert                          (                            CERT_ID('SymCert'),                            N'mypassword2010',                            CONVERT(VARBINARY(MAX),@EncVal,1)                           )                     ) EncVal; Bingo, we have success! We have discovered what happens with varbinary data when captured as XML data. We have figured out how to make this data useful post-XML-ification. Best of all we now have a choice in after-work parties now that our very happy client who depends on our XML based interface invites us for dinner in celebration. All thanks to the effective use of the style parameter.

    Read the article

  • Encouter error "Linux ip -6 addr add failed" while setting up OpenVPN client

    - by Mickel
    I am trying to set up my router to use OpenVPN and have gotten quite far (I think), but something seems to be missing and I am not sure what. Here is my configuration for the client: client dev tun proto udp remote ovpn.azirevpn.net 1194 remote-random resolv-retry infinite auth-user-pass /tmp/password.txt nobind persist-key persist-tun ca /tmp/AzireVPN.ca.crt remote-cert-tls server reneg-sec 0 verb 3 OpenVPN client log: Nov 8 15:45:13 rc_service: httpd 15776:notify_rc start_vpnclient1 Nov 8 15:45:14 openvpn[27196]: OpenVPN 2.3.2 arm-unknown-linux-gnu [SSL (OpenSSL)] [LZO] [EPOLL] [MH] [IPv6] built on Nov 1 2013 Nov 8 15:45:14 openvpn[27196]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts Nov 8 15:45:14 openvpn[27196]: Socket Buffers: R=[116736->131072] S=[116736->131072] Nov 8 15:45:14 openvpn[27202]: UDPv4 link local: [undef] Nov 8 15:45:14 openvpn[27202]: UDPv4 link remote: [AF_INET]178.132.75.14:1194 Nov 8 15:45:14 openvpn[27202]: TLS: Initial packet from [AF_INET]178.132.75.14:1194, sid=44d80db5 8b36adf9 Nov 8 15:45:14 openvpn[27202]: WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this Nov 8 15:45:14 openvpn[27202]: VERIFY OK: depth=1, C=RU, ST=Moscow, L=Moscow, O=Azire Networks, OU=VPN, CN=Azire Networks, name=Azire Networks, [email protected] Nov 8 15:45:14 openvpn[27202]: Validating certificate key usage Nov 8 15:45:14 openvpn[27202]: ++ Certificate has key usage 00a0, expects 00a0 Nov 8 15:45:14 openvpn[27202]: VERIFY KU OK Nov 8 15:45:14 openvpn[27202]: Validating certificate extended key usage Nov 8 15:45:14 openvpn[27202]: ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication Nov 8 15:45:14 openvpn[27202]: VERIFY EKU OK Nov 8 15:45:14 openvpn[27202]: VERIFY OK: depth=0, C=RU, ST=Moscow, L=Moscow, O=AzireVPN, OU=VPN, CN=ovpn, name=ovpn, [email protected] Nov 8 15:45:15 openvpn[27202]: Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key Nov 8 15:45:15 openvpn[27202]: Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication Nov 8 15:45:15 openvpn[27202]: Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key Nov 8 15:45:15 openvpn[27202]: Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication Nov 8 15:45:15 openvpn[27202]: Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 2048 bit RSA Nov 8 15:45:15 openvpn[27202]: [ovpn] Peer Connection Initiated with [AF_INET]178.132.75.14:1194 Nov 8 15:45:17 openvpn[27202]: SENT CONTROL [ovpn]: 'PUSH_REQUEST' (status=1) Nov 8 15:45:17 openvpn[27202]: PUSH: Received control message: 'PUSH_REPLY,ifconfig-ipv6 2a03:8600:1001:4010::101f/64 2a03:8600:1001:4010::1,route-ipv6 2000::/3 2A03:8600:1001:4010::1,redirect-gateway def1 bypass-dhcp,dhcp-option DNS 194.1.247.30,tun-ipv6,route-gateway 178.132.77.1,topology subnet,ping 3,ping-restart 15,ifconfig 178.132.77.33 255.255.255.192' Nov 8 15:45:17 openvpn[27202]: OPTIONS IMPORT: timers and/or timeouts modified Nov 8 15:45:17 openvpn[27202]: OPTIONS IMPORT: --ifconfig/up options modified Nov 8 15:45:17 openvpn[27202]: OPTIONS IMPORT: route options modified Nov 8 15:45:17 openvpn[27202]: OPTIONS IMPORT: route-related options modified Nov 8 15:45:17 openvpn[27202]: OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified Nov 8 15:45:17 openvpn[27202]: TUN/TAP device tun0 opened Nov 8 15:45:17 openvpn[27202]: TUN/TAP TX queue length set to 100 Nov 8 15:45:17 openvpn[27202]: do_ifconfig, tt->ipv6=1, tt->did_ifconfig_ipv6_setup=1 Nov 8 15:45:17 openvpn[27202]: /usr/sbin/ip link set dev tun0 up mtu 1500 Nov 8 15:45:18 openvpn[27202]: /usr/sbin/ip addr add dev tun0 178.132.77.33/26 broadcast 178.132.77.63 Nov 8 15:45:18 openvpn[27202]: /usr/sbin/ip -6 addr add 2a03:8600:1001:4010::101f/64 dev tun0 Nov 8 15:45:18 openvpn[27202]: Linux ip -6 addr add failed: external program exited with error status: 254 Nov 8 15:45:18 openvpn[27202]: Exiting due to fatal error Any ideas are most welcome!

    Read the article

< Previous Page | 12 13 14 15 16 17 18 19 20 21 22 23  | Next Page >