Search Results

Search found 19359 results on 775 pages for 'natural key'.

Page 30/775 | < Previous Page | 26 27 28 29 30 31 32 33 34 35 36 37  | Next Page >

  • SSL with private key on an HSM

    - by Jason
    I have a client-server architecture in my application that uses SSL. Currently, the private key is stored in CAPI's key store location. For security reasons, I'd like to store the key in a safer place, ideally a hardware signing module (HSM) that is built for this purpose. Unfortunately, with the private key stored on such a device, I can't figure out how to use it in my application. On the server, I am simply using the SslStream class and the AuthenticateAsServer(...) call. This method takes an X509Certificate object that has its private key loaded, but since the private key is stored in a secure (e.g. non exportable) location on the HSM, I don't know how to do this. On the client, I am using an HttpWebRequest object and then using the ClientCertificates property to add my client authentication certificate, but I have the same problem here: how do I get the private key? I know there are some HSMs that act as SSL accelerators but I don't really need an accelerator. Also, these products tend to have special integration with web servers such as IIS and Apache which I'm not using. Any ideas? The only thing I can think of would be to write my own SSL library that would allow me to hand off the signing portion of the transaction to the HSM, but this seems like a huge amount of work.

    Read the article

  • Memcache key generation strategy

    - by Maxim Veksler
    Given function f1 which receives n String arguments, would be considered better random key generation strategy for memcache for the scenario described below ? Our Memcache client does internal md5sum hashing on the keys it gets public class MemcacheClient { public Object get(String key) { String md5 = Md5sum.md5(key) // Talk to memcached to get the Serialization... return memcached(md5); } } First option public static String f1(String s1, String s2, String s3, String s4) { String key = s1 + s2 + s3 + s4; return get(key); } Second option /** * Calculate hash from Strings * * @param objects vararg list of String's * * @return calculated md5sum hash */ public static String stringHash(Object... strings) { if(strings == null) throw new NullPointerException("D'oh! Can't calculate hash for null"); MD5 md5sum = new MD5(); // if(prevHash != null) // md5sum.Update(prevHash); for(int i = 0; i < strings.length; i++) { if(strings[i] != null) { md5sum.Update("_" + strings[i] + "_"); // Convert to String... } else { // If object is null, allow minimum entropy by hashing it's position md5sum.Update("_" + i + "_"); } } return md5sum.asHex(); } public static String f1(String s1, String s2, String s3, String s4) { String key = stringHash(s1, s2, s3, s4); return get(key); } Note that the possible problem with the second option is that we are doing second md5sum (in the memcache client) on an already md5sum'ed digest result. Thanks for reading, Maxim.

    Read the article

  • Serializing and deserializing a map with key as string

    - by Grace K
    Hi! I am intending to serialize and deserialize a hashmap whose key is a string. From Josh Bloch's Effective Java, I understand the following. P.222 "For example, consider the case of a harsh table. The physical representation is a sequence of hash buckets containing key-value entries. Which bucket an entry is placed in is a function of the hash code of the key, which is not, in general guaranteed to be the same from JVM implementation to JVM implementation. In fact, it isn't even guranteed to be the same from run to run on the same JVM implementation. Therefore accepting the default serialized form for a hash table would constitute a serious bug. Serializing and deserializing the hash table could yield an object whose invariants were seriously corrupt." My questions are: 1) In general, would overriding the equals and hashcode of the key class of the map resolve this issue and the map can be correctly restored? 2) If my key is a String and the String class is already overriding the hashCode() method, would I still have problem described above. (I am seeing a bug which makes me think this is probably still a problem even though the key is String with overriding hashCode.) 3)Previously, I get around this issue by serializing an array of entries (key, value) and when deserializing I would reconstruct the map. I am wondering if there is a better approach. 4) If the answers to question 1 and 2 are that I still can't be guaranteed. Could someone explain why? If the hashCodes are the same would they go to the same buckets across JVMs? Thanks, Grace

    Read the article

  • Cryptography: best practices for keys in memory?

    - by Johan
    Background: I got some data encrypted with AES (ie symmetric crypto) in a database. A server side application, running on a (assumed) secure and isolated Linux box, uses this data. It reads the encrypted data from the DB, and writes back encrypted data, only dealing with the unencrypted data in memory. So, in order to do this, the app is required to have the key stored in memory. The question is, is there any good best practices for this? Securing the key in memory. A few ideas: Keeping it in unswappable memory (for linux: setting SHM_LOCK with shmctl(2)?) Splitting the key over multiple memory locations. Encrypting the key. With what, and how to keep the...key key.. secure? Loading the key from file each time its required (slow and if the evildoer can read our memory, he can probably read our files too) Some scenarios on why the key might leak: evildoer getting hold of mem dump/core dump; bad bounds checking in code leading to information leakage; The first one seems like a good and pretty simple thing to do, but how about the rest? Other ideas? Any standard specifications/best practices? Thanks for any input!

    Read the article

  • Locating SSL certificate, key and CA on server

    - by jovan
    Disclaimer: you don't need to know Node to answer this question but it would help. I have a Node server and I need to make it work with HTTPS. As I researched around the internet, I found that I have to do something like this: var fs = require('fs'); var credentials = { key: fs.readFileSync('path/to/ssl/private-key'), cert: fs.readFileSync('path/to/ssl/cert'), ca: fs.readFileSync('path/to/something/called/CA') }; var app = require('https').createServer(credentials, handler); I have several problems with this. First off, all the examples I found use completely different approaches. Some link to .pem files for both the certificate and key. I don't know what pem files are but I know my certificate is .crt and my key is .key. Some start off at the root folder and some seem to just have these .pem files in the application directory. I don't. Some use the ca thing too and some don't. This CA is supposed to be my domain's CA bundle according to some articles - but none explain where to find this file. In the ssl directory on my server I have one .crt file in the certs directory and one .key file in the keys directory, in addition to an empty csrs directory and an ssl.db file. So, where do I find these 3 files (key, cert, ca) and how do I link to them correctly?

    Read the article

  • In FLEX, How can you stop ENTER Key from my Alert being caught by the control that initiated the Al

    - by WeeJavaDude
    I am having an issue where I show an AlertBox message when the user hits ENTER and the focus is in a text area. The pop up works fine, but when the user hits enter the Alert closes as expected, but the TextArea listener receives the ENTER event from the Alert and pops the dialog up again. I have tried a number of ways to catch and eat the event but so far I have not been lucky. Is there way to accomplish this? public function init():void { myTextInput.addEventListener(KeyboardEvent.KEY_UP, handleKeyStrokes); } public function handleKeyStrokes(evt:KeyboardEvent):void { if(evt.keyCode == Keyboard.ENTER) { myAlert = Alert.show("This is a test and only a test", "Title", 4, null, alertCallBack); } } <mx:TextInput id="myTextInput" left="600" top="10"> </mx:TextInput>

    Read the article

  • pulling a value from NSMutableDictionary

    - by Jared Gross
    I have a dictionary array with a key:@"titleLabel". I am trying to load a pickerView with ONE instance of each @"titleLabel" key so that if there are multiple objects with the same @"titleLabel" only one title will be displayed. I've done some research on this forum and looked at apples docs but haven't been able to put the puzzle together. Below is my code but I am having trouble pulling the values. Right now when I run this code it throws an error Incompatible pointer types sending 'PFObject *' to parameter of type 'NSString' which i understand but am just not sure how to remedy. Cheers! else { // found messages! self.objectsArray = objects; NSMutableDictionary *dict = [[NSMutableDictionary alloc] init]; for(id obj in self.objectsArray){ PFObject *key = [self.objectsArray valueForKey:@"titleLabel"]; if(![dict objectForKey:@"titleLabel"]){ [dict setValue:obj forKey:key]; } } for (id key in dict) { NSLog(@"Objects array is %d", [self.objectsArray count]); NSLog(@"key: %@, value: %@ \n", key, [dict objectForKey:key]); } [self.pickerView reloadComponent:0]; } }];` Here is where I define the PFObject and keys: PFObject *image = [PFObject objectWithClassName:@"Images"]; [image setObject:file forKey:@"file"]; [image setObject:fileType forKey:@"fileType"]; [image setObject:title forKey:@"titleLabel"]; [image setObject:self.recipients forKey:@"recipientIds"]; [image setObject:[[PFUser currentUser] objectId] forKey:@"senderId"]; [image setObject:[[PFUser currentUser] username] forKey:@"senderName"]; [image saveInBackground];

    Read the article

  • Android - How to prevent the phone screen from turning on when volume or camera key is pressed?

    - by 2Real
    I have an activity that shows up when the phone screen goes to sleep/turns off ie turns black. For some reason, the phone turns on when the volume buttons or the camera buttons are pressed. By turns on, I mean the screen wakes up or comes back from the black screen state. I've tried using dispatchKeyEvent(KeyEvent event) and the buttons are disabled on the activity, but they still wake up the phone.

    Read the article

  • SQL Server insert performance with and without primary key

    - by Eric
    Summary: I have a table populated via the following: insert into the_table (...) select ... from some_other_table Running the above query with no primary key on the_table is ~15x faster than running it with a primary key, and I don't understand why. The details: I think this is best explained through code examples. I have a table: create table the_table ( a int not null, b smallint not null, c tinyint not null ); If I add a primary key, this insert query is terribly slow: alter table the_table add constraint PK_the_table primary key(a, b); -- Inserting ~880,000 rows insert into the_table (a,b,c) select a,b,c from some_view; Without the primary key, the same insert query is about 15x faster. However, after populating the_table without a primary key, I can add the primary key constraint and that only takes a few seconds. This one really makes no sense to me. More info: The estimated execution plan shows 0% total query time spent on the clustered index insert SQL Server 2008 R2 Developer edition, 10.50.1600 Any ideas?

    Read the article

  • Creating Key Flex Field (KFF) Bean in OAF

    - by Manoj Madhusoodanan
    This blog describes how to create KFF in OAF Page.Here I am going to demonstrate with standard Job KFF. I have created a new structure in Job KFF which I am going to use it in my custom OAF page.Please see the below pic. In the above created structure I have created following segments.You can see the valuesets also. In the custom page I have created an item with following properties. In the Segment List property you can give which segments are going to use in the KFF. The syntax for defining it is  KFF Code|Segment1|Segment2|Segment3|Segment4|Segment N In the table just create a field to hold the code combination.Please click here to see table script. Code combination will goes into JOB_ID field of the table. In the processRequest method of the page controller add following code snippet to attach the KFF structure and CCID column to the KFF bean. Deploy the files belonging to this solution to the server. Following is the output of the above solution. If you click on JobId you can see the KFF window.   Code Combination Id has created in the table.      

    Read the article

  • Extract Key and Certificate from Kemp Loadmaster?

    - by Matt Simmons
    I'm trying very hard to get away from a set of Kemp Loadmasters that I bought years ago to provide HA access to our website. Part of that process is going to be putting the key and certificate in the new solution (HAproxy with nginx doing SSL). Unfortunately, I've come up against a problem... The Kemp has built-in certificate management, and it generates CSR's at the touch of a button. It also supported importing of signed certificates, however it does not, so far as I can tell, allow any kind of export of the key itself. There is a "backup key and certificates" ability, however here's the text from the manual: LoadMaster supports exporting of ALL certificate information. This includes private key, host and intermediate certificates. The export file is designed to be used for import into another LoadMaster and is encrypted. Export and import can be completed using the WUI at Certificates -> Backup/Restore Certs. Please make sure to note the pass phrase used to create the export, it will be required to complete the import. You can selectively resort only Virtual Service certificates including private keys, intermediate certificates or both. Well, that is great, but as for actually DEALING with the certs, I'm apparently out of luck. Of course, I'm not going to give up that easily. I ran "file" on the saved cert bundle and got this: $ file client1.certs.backup client1.certs.backup: gzip compressed data, from Unix Well, awesome, I thought. Maybe it's just a .tar.gz, so I unzipped it, and that went fine, but my attempts to untar it didn't work, and running "file" on it now just gives this: $ file client1.certs.backup client1.certs.backup: data So that's where I'm stuck. Anyone have experience with these?

    Read the article

  • Visual Studio Key board Binding Poster

    - by Jeev
    If you prefer to use keyboard short cuts more than the mouse   ,please find below the links for the Visual studio Keyboard Binding PostersVisual Studio 2010 (inludes links for C++,VB,C# & F#)Visual Studio 2008 (C#) Visual Studio 2008(VB)

    Read the article

  • How do you preseed an ssh key?

    - by Wes Felter
    I tried this: d-i preseed/late_command string mkdir -p /target/root/.ssh d-i preseed/late_command string cp /cdrom/id_rsa.pub /target/root/.ssh/authorized_keys d-i preseed/late_command string chmod -R go-rwx /target/root/.ssh (I'm using a USB installer and I put id_rsa.pub in the root directory of the USB drive.) The /root/.ssh directory is not created and the installer complains that the chmod command failed (not surprising if the directory doesn't exist).

    Read the article

  • BitLocker with Windows DPAPI Encryption Key Management

    - by bigmac
    We have a need to enforce resting encryption on an iSCSI LUN that is accessible from within a Hyper-V virtual machine. We have implementing a working solution using BitLocker, using Windows Server 2012 on a Hyper-V Virtual Server which has iSCSI access to a LUN on our SAN. We were able to successfully do this by using the "floppy disk key storage" hack as defined in THIS POST. However, this method seems "hokey" to me. In my continued research, I found out that the Amazon Corporate IT team published a WHITEPAPER that outlined exactly what I was looking for in a more elegant solution, without the "floppy disk hack". On page 7 of this white paper, they state that they implemented Windows DPAPI Encryption Key Management to securely manage their BitLocker keys. This is exactly what I am looking to do, but they stated that they had to write a script to do this, yet they don't provide the script or even any pointers on how to create one. Does anyone have details on how to create a "script in conjunction with a service and a key-store file protected by the server’s machine account DPAPI key" (as they state in the whitepaper) to manage and auto-unlock BitLocker volumes? Any advice is appreciated.

    Read the article

  • 3 Key Trends For Mobile Commerce – Location, Location, Location

    - by Michael Hylton
    This past weekend I was at a major bookstore chain and looking for a particular book.  Rather than ask the clerk, I went to my smartphone and went online to find the book title, author, and competing price.  I know I’m not alone in this effort and more and more individuals (and businesses) will use the power of mobility to tilt the scale in their favor. Armed with a mobile device – smartphone or tablet – folks will use them to research, compare, and ultimately purchase.  A recent PayPal survey found that 46% of respondents plan to use a mobile device this holiday season to make a purchase.   An astounding 27% of consumers in an e-tailing group survey commissioned by Oracle, use a tablet device daily or several times a week to research products and services. Beyond researching or making purchases, 35% of consumers use their smartphone to receive offers and coupons, and 32% access coupons and redeem them at their local retail store.  And with GPS capabilities in smartphones and tablet (and with user’s approval), retailers will start pushing coupons and offers directly to phone users based on their proximity to their store (or their competitors). Security is one concern that both shoppers, companies and phone manufacturers will have to deal with in the coming years.  In that same Oracle-sponsored e-tailing group consumer survey, 32% of consumers were concerned about giving their credit card information via a smartphone. You can gain further insight into the mind of today’s consumer by reading the e-tailing group white paper, titled “the connected consumer”.

    Read the article

  • 3 Key Trends For Mobile Commerce – Location, Location, Location

    - by Michael Hylton
    This past weekend I was at a major bookstore chain and looking for a particular book.  Rather than ask the clerk, I went to my smartphone and went online to find the book title, author, and competing price.  I know I’m not alone in this effort and more and more individuals (and businesses) will use the power of mobility to tilt the scale in their favor. Armed with a mobile device – smartphone or tablet – folks will use them to research, compare, and ultimately purchase.  A recent PayPal survey found that 46% of respondents plan to use a mobile device this holiday season to make a purchase.   An astounding 27% of consumers in an e-tailing group survey commissioned by Oracle, use a tablet device daily or several times a week to research products and services. Beyond researching or making purchases, 35% of consumers use their smartphone to receive offers and coupons, and 32% access coupons and redeem them at their local retail store.  And with GPS capabilities in smartphones and tablet (and with user’s approval), retailers will start pushing coupons and offers directly to phone users based on their proximity to their store (or their competitors). Security is one concern that both shoppers, companies and phone manufacturers will have to deal with in the coming years.  In that same Oracle-sponsored e-tailing group consumer survey, 32% of consumers were concerned about giving their credit card information via a smartphone. You can gain further insight into the mind of today’s consumer by reading the e-tailing group white paper, titled “the connected consumer”.

    Read the article

  • Key Techniques For Search Engine Optimization in 2010

    The art of creating web pages which will rank high in search engine returns is called Search Engine Optimization or SEO. By optimizing certain elements or sections in the HTML code of each page, SEO can be accomplished. The search engines specifically read these sections. The level of optimization can help determine the amount free referral traffic.

    Read the article

  • An XKB keyboard map that responds to the left and right shift key individually

    - by mbfisher
    First off, excuse my ignorance of X and XKB; I've been trying to hack together a solution in the hope of being able to achieve what I want without requiring a detailed grasp of it. I'm trying to create an XKB keyboard map on Ubuntu 12.04 that allows me to stipulate which of the two shift keys constitutes the Level2 modifier. Specifically, the 4 key should only produce a $ when the right shift is held, not the left. My reading so far: http://www.charvolant.org/~doug/xkb/html/node5.html http://people.uleth.ca/~daniel.odonnell/Blog/custom-keyboard-in-linuxx11 http://www.x.org/releases/X11R7.5/doc/input/XKB-Enhancing.html Lots of searching! I've attempted to define a custom type, and then refer to it explicitly in a symbols map: /usr/share/X11/xkb/types/mbfisher: default xkb_types "mbfisher" { type "RIGHT_SHIFT" { modifiers = None+Shift_R; map[None] = Level1; map[Shift_R] = Level2; }; } /usr/share/X11/xkb/symbols/mbfisher: default partial alphanumeric_keys xkb_symbols "basic" { name[Group1]= "mbfisher"; key <AE04> { type= "RIGHT_SHIFT", symbols[Group1]= [ 4, dollar ] }; }; I'm then selecting the map with the Ubuntu Keyboard Layout GUI. This obviously disables the alphanumeric keyboard apart from the 4 key, but the dollar sign can still be typed with either shift key. I'm conscious of writing a massive question with lots of useless information so I'll stop here; please ask for anything I've missed out. Any ideas?

    Read the article

  • How to submit a form on pressing enter key

    - by SAMIR BHOGAYTA
    function clickButton(e, buttonid) { var bt = document.getElementById(buttonid); if (typeof bt == 'object'){ if(navigator.appName.indexOf("Netscape")(-1)){ if (e.keyCode == 13){ bt.click(); return false; } } if (navigator.appName.indexOf("Microsoft Internet Explorer")(-1)) { if (event.keyCode == 13){ bt.click(); return false; } } } } //Call this function on last text box of a form with onKeyPress="clickButton(this)"

    Read the article

  • Installing a different edition of Windows 8 on an OEM system

    - by user22105
    My PC comes with an OEM copy of Windows 8 (regular), but I only have a Windows 8 Professional DVD. Will Windows 8 automatically detect the edition associated with the product key in my BIOS and install Windows 8 (regular) instead of allowing me to enter the key for the Professional edition? (I have an Asus Q200E Win 8 Core OEM laptop. I borrowed a Windows 8 Professional DVD from my friends, so naturally, I can’t use his product key.)

    Read the article

  • Ctrl + 1 and Ctrl + 2 key combinations don't work

    - by musicfreak
    I noticed back in August (when I got StarCraft 2) that the key combinations Ctrl + 1 and Ctrl + 2 didn't work. I thought this was weird because Ctrl + 3 and all the other combinations worked fine (including Shift + 1, etc), so I didn't think much of it; I just shrugged it off as a SC2 bug. Now, 4 months later, I decided to play a completely unrelated game--Dawn of War 2--and noticed the same thing: those two specific key combinations don't work. To make sure I wasn't going insane, I tried it in Chrome and a couple other applications, and alas, it didn't work. I remember playing strategy games over the summer before StarCraft 2 and it worked fine. Any idea as to what went wrong? My keyboard, a Microsoft Wireless Keyboard 1000 (I know, insert Microsoft joke here), is a little over a year old, so I'm going to assume it's not dying until proven otherwise. Things I've tried ActiveHotkeys says the key combination is not a global hotkey. Tried another keyboard--still doesn't work. The key combinations do work in a virtual machine (tried with both Windows and Ubuntu as guests).

    Read the article

  • Keyword Research - The Key to Web Traffic?

    Keywords are only one strategy used by web surfers in search of information on the Internet but they are an important strategy. Keyword research has been refined and made much more versatile. In order to gain exposure and increase efficiency for web site owners trying to increase traffic, keyword search is just as important as it is to have a web site advertising your products and/or services.

    Read the article

  • Disabling Password and Key Login

    - by Matthew Miller
    I want to disable the login prompt to access the Passwords and Keys. Right clicking the prompt does not bring up a change password dialogue. Under Applications System Tools Preferences there is "Passwords and Keys" but right clicking that does not allow me to change the password either. There is no Password and Keys selection under Accessories. I used to be able to change the password to a blank character, which allowed it to automatically login, but there doesn't seem to be an option for that now. Using Gnome 3 in 12.10 Thank you

    Read the article

< Previous Page | 26 27 28 29 30 31 32 33 34 35 36 37  | Next Page >