Search Results

Search found 1485 results on 60 pages for 'encrypted'.

Page 31/60 | < Previous Page | 27 28 29 30 31 32 33 34 35 36 37 38  | Next Page >

  • Capture SOAP Envelope (C# WinForm calling .ASMX external vendor service)

    - by NealWalters
    I'm calling a third-party vendor's external SSL web service from a .NET 3.5 client (WinForm). The vendor has asked me to send them the Soap Header to verify why things aren't working. I used WireShark to capture packets, but since the web service is SSL, the packets are encrypted. Is there a few magic lines of code to add to my C# client to save or display the Soap Envelope either right before I call their web/method or right after?

    Read the article

  • Session Id in url and/or cookie? [closed]

    - by Jacco
    Most people advice against rewriting every (internal) url to include the sessionId (both GET and POST). The standard argument against it seems to be:   If an attacker gets hold of the sessionId, they can hijack the session.   With the sessionId in the url, it easily leaks to the attacker (by referer etc.) But what if you put the sessionId in both an (encrypted) cookie and the url. if the sessionId in either the cookie or the url is missing or if they do not match, decline the request. Let's pretend the website in question is free of xss holes, the cookie encryption is strong enough, etc. etc. Then what is the increased risk of rewriting every url to include the sessionId? UPDATE: @Casper That is a very good point. so up to now there are 2 reasons: bad for search engines / SEO if used in public part of the website can cause trouble when users post an url with a session Id on a forum, send it trough email or bookmark the page apart from the:   It increases the security risk, but it is not clear what the increased risk is. some background info: I've a website that offers blog-like service to travellers. I cannot be sure cookies work nor can I require cookies to work. Most computers in internet cafes are old and not (even close to) up-to-date. The user has no control over them and the connection can be very unreliable for some more 'off the beaten path' locations. Binding the session to an IP-address is not possible, some places use load-balancing proxies with multiple IP addresses. (and from China there is The Great Firewall). Upon receiving the first cookie back, I flag cookies as mandatory. However, if the cookie was flagged as mandatory but not there, I ask for their password once more, knowing their session from the url. (Also cookies have a 1 time token in them, but that's not the point of this question). UPDATE 2: The conclusion seems to be that there are no extra *security* issues when you expose you session id trough the URL while also keeping a copy of the session id in an encrypted cookie. Do not hesitate to add additional information about any possible security implications

    Read the article

  • What couse this error?? Fatal error: Call to undefined function mcrypt_encrypt()

    - by Jin Yong
    Does Anyone know whcy this error message display (Call to undefined function mcrypt_encrypt() ) when I run the following code below? Am I missing some steps perhaps any setting in PHP I have to do before this code can work? $key = 'password to (en/de)crypt'; $string = 'string to be encrypted'; $test = mcrypt_encrypt(MCRYPT_RIJNDAEL_256, md5($key), $string, MCRYPT_MODE_CBC, md5(md5($key)));

    Read the article

  • Users Login Info in INFORMIX-SQL

    - by Frank Developer
    INFORMIX-SQL 4.1 - There's this ASCII UNIX file called "passwd" in /usr/informix/etc which holds all the user id's and encrypted passwords to log into ISQL. Is there a system catalog table which holds the logged in users? I see a SYSUSERS.DAT file but when I queried it, it didnt show my login id, date or time.

    Read the article

  • use bouncy castle libraries to encrypt files using public key from digital certificate

    - by mike
    I got the public key from the certificate, keypair is a java.security.KeyPair object String public_key = keypair.getPublic().toString(); I want to send this to the via an http connection to a J2me application. I cannot find any documentation to convert the transmitted string to a Public key that can be used to encrypt Strings. I also want the J2me to verify signed strings from the server. I want to then send the encrypted strings back to the server.

    Read the article

  • How to overwrite the data in a file with bash

    - by Stefan Liebenberg
    I'm writing a bash script that encrypts the data of a folder or file #!/bin/bash file_name=$1 tmp_file=/tmp/tmpfile.tar # tar compress file tar -cf $tmp_file $file_name; # encrypt file gpg -c $tmp_file # remove temp file rm -rf $tmp_file $file_name # mv encrypted file to orignal place mv ${tmp_file}.gpg $file_name but the data will still be recoverable by using photorec or similar methods... Is there a way to ensure the absolute deletion of the original file in bash? Thank You Stefan

    Read the article

  • Single Sign on- From our customer's Active Directory

    - by jbarker7
    We have an ASP.NET MVC website that a customer is requesting Active Directory single sign on. My thought is that we will need something behind their firewall in order to send encrypted credentials or a user's ID over to our server... any best practices or products that do this would be extremely helpful! Thanks! jbarker7

    Read the article

  • Whats wrong with my triple DES wrapper??

    - by Chen Kinnrot
    it seems that my code adds 6 bytes to the result file after encrypt decrypt is called.. i tries it on a mkv file.. please help here is my code class TripleDESCryptoService : IEncryptor, IDecryptor { public void Encrypt(string inputFileName, string outputFileName, string key) { EncryptFile(inputFileName, outputFileName, key); } public void Decrypt(string inputFileName, string outputFileName, string key) { DecryptFile(inputFileName, outputFileName, key); } static void EncryptFile(string inputFileName, string outputFileName, string sKey) { var outFile = new FileStream(outputFileName, FileMode.OpenOrCreate, FileAccess.ReadWrite); // The chryptographic service provider we're going to use var cryptoAlgorithm = new TripleDESCryptoServiceProvider(); SetKeys(cryptoAlgorithm, sKey); // This object links data streams to cryptographic values var cryptoStream = new CryptoStream(outFile, cryptoAlgorithm.CreateEncryptor(), CryptoStreamMode.Write); // This stream writer will write the new file var encryptionStream = new BinaryWriter(cryptoStream); // This stream reader will read the file to encrypt var inFile = new FileStream(inputFileName, FileMode.Open, FileAccess.Read); var readwe = new BinaryReader(inFile); // Loop through the file to encrypt, line by line var date = readwe.ReadBytes((int)readwe.BaseStream.Length); // Write to the encryption stream encryptionStream.Write(date); // Wrap things up inFile.Close(); encryptionStream.Flush(); encryptionStream.Close(); } private static void SetKeys(SymmetricAlgorithm algorithm, string key) { var keyAsBytes = Encoding.ASCII.GetBytes(key); algorithm.IV = keyAsBytes.Take(algorithm.IV.Length).ToArray(); algorithm.Key = keyAsBytes.Take(algorithm.Key.Length).ToArray(); } static void DecryptFile(string inputFilename, string outputFilename, string sKey) { // The encrypted file var inFile = File.OpenRead(inputFilename); // The decrypted file var outFile = new FileStream(outputFilename, FileMode.OpenOrCreate, FileAccess.ReadWrite); // Prepare the encryption algorithm and read the key from the key file var cryptAlgorithm = new TripleDESCryptoServiceProvider(); SetKeys(cryptAlgorithm, sKey); // The cryptographic stream takes in the encrypted file var encryptionStream = new CryptoStream(inFile, cryptAlgorithm.CreateDecryptor(), CryptoStreamMode.Read); // Write the new unecrypted file var cleanStreamReader = new BinaryReader(encryptionStream); var cleanStreamWriter = new BinaryWriter(outFile); cleanStreamWriter.Write(cleanStreamReader.ReadBytes((int)inFile.Length)); cleanStreamWriter.Close(); outFile.Close(); cleanStreamReader.Close(); } }

    Read the article

  • What causes this error? Fatal error: Call to undefined function mcrypt_encrypt()

    - by Jin Yong
    Does anyone know why this error message: (Call to undefined function mcrypt_encrypt() ) displays when I run the following code below? Am I missing some steps perhaps any setting in PHP I have to do before this code can work? $key = 'password to (en/de)crypt'; $string = 'string to be encrypted'; $test = mcrypt_encrypt(MCRYPT_RIJNDAEL_256, md5($key), $string, MCRYPT_MODE_CBC, md5(md5($key)));

    Read the article

  • decrypt excel files

    - by locojay
    Hi I have 1000 encrypted workbooks which I would like to decrypt by providing a pwd. I could not find a decrypt method under apache poi or python's xlrd module. Does anyone know a library which could handle this (wbc.decrypt(pwd)). I would prefer a lib i could you use from a unix box. Thanks

    Read the article

  • Is ASP.Net State Server an elegant solution?

    - by alchemical
    We have an ASP.Net MVC project that will start with a single web server but likely soon scale into a small web farm. As ASP.Net Authentication stores a UserID, and data caching may also be useful, we would likely need to make the jump to state server fairly soon. I'd like to hear from others how State Server has been to work with and how it scales from a performance perspective. Alternateively, we could architect it as completely stateless by not using data caching and tracking sessions with an encrypted cookie.

    Read the article

  • Steganography : Encoded audio and video file not being played, getting corrupted. What is the issue

    - by Shantanu Gupta
    I have made a steganography program to encrypt/Decrypt some text under image audio and video. I used image as bmp(54 byte header) file, audio as wav(44 byte header) file and video as avi(56 byte header) file formats. When I tries to encrypt text under all these file then it gets encrypted successfully and are also getting decrypted correctly. But it is creating a problem with audio and video i.e these files are not being played after encrypted result. What can be the problem. I am working on Turbo C++ compiler. I know it is super outdated compiler but I have to do it in this only. Here is my code to encrypt. int Binary_encode(char *txtSourceFileName, char *binarySourceFileName, char *binaryTargetFileName,const short headerSize) { long BinarySourceSize=0,TextSourceSize=0; char *Buffer; long BlockSize=10240, i=0; ifstream ReadTxt, ReadBinary; //reads ReadTxt.open(txtSourceFileName,ios::binary|ios::in);//file name, mode of open, here input mode i.e. read only if(!ReadTxt) { cprintf("\nFile can not be opened."); return 0; } ReadBinary.open(binarySourceFileName,ios::binary|ios::in);//file name, mode of open, here input mode i.e. read only if(!ReadBinary) { ReadTxt.close();//closing opened file cprintf("\nFile can not be opened."); return 0; } ReadBinary.seekg(0,ios::end);//setting pointer to a file at the end of file. ReadTxt.seekg(0,ios::end); BinarySourceSize=(long )ReadBinary.tellg(); //returns the position of pointer TextSourceSize=(long )ReadTxt.tellg(); //returns the position of pointer ReadBinary.seekg(0,ios::beg); //sets the pointer to the begining of file ReadTxt.seekg(0,ios::beg); //sets the pointer to the begining of file if(BinarySourceSize<TextSourceSize*50) //Minimum size of an image should be 50 times the size of file to be encrypted { cout<<"\n\n"; cprintf("Binary File size should be bigger than text file size."); ReadBinary.close(); ReadTxt.close(); return 0; } cout<<"\n"; cprintf("\n\nSize of Source Image/Audio File is : "); cout<<(float)BinarySourceSize/1024; cprintf("KB"); cout<<"\n"; cprintf("Size of Text File is "); cout<<TextSourceSize; cprintf(" Bytes"); cout<<"\n"; getch(); //write header to file without changing else file will not open //bmp image's header size is 53 bytes Buffer=new char[headerSize]; ofstream WriteBinary; // writes to file WriteBinary.open(binaryTargetFileName,ios::binary|ios::out|ios::trunc);//file will be created or truncated if already exists ReadBinary.read(Buffer,headerSize);//reads no of bytes and stores them into mem, size contains no of bytes in a file WriteBinary.write(Buffer,headerSize);//writes header to 2nd image delete[] Buffer;//deallocate memory /* Buffer = new char[sizeof(long)]; Buffer = (char *)(&TextSourceSize); cout<<Buffer; */ WriteBinary.write((char *)(&TextSourceSize),sizeof(long)); //writes no of byte to be written in image immediate after header ends //to decrypt file if(!(Buffer=new char[TextSourceSize])) { cprintf("Enough Memory could not be assigned."); return 0; } ReadTxt.read(Buffer,TextSourceSize);//read all data from text file ReadTxt.close();//file no more needed WriteBinary.write(Buffer,TextSourceSize);//writes all text file data into image delete[] Buffer;//deallocate memory //replace Tsize+1 below with Tsize and run the program to see the change //this is due to the reason that 50-54 byte no are of colors which we will be changing ReadBinary.seekg(TextSourceSize+1,ios::cur);//move pointer to the location-current loc i.e. 53+content of text file //write remaining image content to image file while(i<BinarySourceSize-headerSize-TextSourceSize+1) { i=i+BlockSize; Buffer=new char[BlockSize]; ReadBinary.read(Buffer,BlockSize);//reads no of bytes and stores them into mem, size contains no of bytes in a file WriteBinary.write(Buffer,BlockSize); delete[] Buffer; //clear memory, else program can fail giving correct output } ReadBinary.close(); WriteBinary.close(); //Encoding Completed return 0; } Code to decrypt int Binary_decode(char *binarySourceFileName, char *txtTargetFileName, const short headerSize) { long TextDestinationSize=0; char *Buffer; long BlockSize=10240; ifstream ReadBinary; ofstream WriteText; ReadBinary.open(binarySourceFileName,ios::binary|ios::in);//file will be appended if(!ReadBinary) { cprintf("File can not be opened"); return 0; } ReadBinary.seekg(headerSize,ios::beg); Buffer=new char[4]; ReadBinary.read(Buffer,4); TextDestinationSize=*((long *)Buffer); delete[] Buffer; cout<<"\n\n"; cprintf("Size of the File that will be created is : "); cout<<TextDestinationSize; cprintf(" Bytes"); cout<<"\n\n"; sleep(1); WriteText.open(txtTargetFileName,ios::binary|ios::out|ios::trunc);//file will be created if not exists else truncate its data while(TextDestinationSize>0) { if(TextDestinationSize<BlockSize) BlockSize=TextDestinationSize; Buffer= new char[BlockSize]; ReadBinary.read(Buffer,BlockSize); WriteText.write(Buffer,BlockSize); delete[] Buffer; TextDestinationSize=TextDestinationSize-BlockSize; } ReadBinary.close(); WriteText.close(); return 0; } int text_encode(char *SourcefileName, char *DestinationfileName) { ifstream fr; //reads ofstream fw; // writes to file char c; int random; clrscr(); fr.open(SourcefileName,ios::binary);//file name, mode of open, here input mode i.e. read only if(!fr) { cprintf("File can not be opened."); getch(); return 0; } fw.open(DestinationfileName,ios::binary|ios::out|ios::trunc);//file will be created or truncated if already exists while(fr) { int i; while(fr!=0) { fr.get(c); //reads a character from file and increments its pointer char ch; ch=c; ch=ch+1; fw<<ch; //appends character in c to a file } } fr.close(); fw.close(); return 0; } int text_decode(char *SourcefileName, char *DestinationName) { ifstream fr; //reads ofstream fw; // wrrites to file char c; int random; clrscr(); fr.open(SourcefileName,ios::binary);//file name, mode of open, here input mode i.e. read only if(!fr) { cprintf("File can not be opened."); return 0; } fw.open(DestinationName,ios::binary|ios::out|ios::trunc);//file will be created or truncated if already exists while(fr) { int i; while(fr!=0) { fr.get(c); //reads a character from file and increments its pointer char ch; ch=c; ch=ch-1; fw<<ch; //appends character in c to a file } } fr.close(); fw.close(); return 0; }

    Read the article

  • Facing Memory Leaks in AES Encryption Method.

    - by Mubashar Ahmad
    Can anyone please identify is there any possible memory leaks in following code. I have tried with .Net Memory Profiler and it says "CreateEncryptor" and some other functions are leaving unmanaged memory leaks as I have confirmed this using Performance Monitors. but there are already dispose, clear, close calls are placed wherever possible please advise me accordingly. its a been urgent. public static string Encrypt(string plainText, string key) { //Set up the encryption objects byte[] encryptedBytes = null; using (AesCryptoServiceProvider acsp = GetProvider(Encoding.UTF8.GetBytes(key))) { byte[] sourceBytes = Encoding.UTF8.GetBytes(plainText); using (ICryptoTransform ictE = acsp.CreateEncryptor()) { //Set up stream to contain the encryption using (MemoryStream msS = new MemoryStream()) { //Perform the encrpytion, storing output into the stream using (CryptoStream csS = new CryptoStream(msS, ictE, CryptoStreamMode.Write)) { csS.Write(sourceBytes, 0, sourceBytes.Length); csS.FlushFinalBlock(); //sourceBytes are now encrypted as an array of secure bytes encryptedBytes = msS.ToArray(); //.ToArray() is important, don't mess with the buffer csS.Close(); } msS.Close(); } } acsp.Clear(); } //return the encrypted bytes as a BASE64 encoded string return Convert.ToBase64String(encryptedBytes); } private static AesCryptoServiceProvider GetProvider(byte[] key) { AesCryptoServiceProvider result = new AesCryptoServiceProvider(); result.BlockSize = 128; result.KeySize = 256; result.Mode = CipherMode.CBC; result.Padding = PaddingMode.PKCS7; result.GenerateIV(); result.IV = new byte[] { 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 }; byte[] RealKey = GetKey(key, result); result.Key = RealKey; // result.IV = RealKey; return result; } private static byte[] GetKey(byte[] suggestedKey, SymmetricAlgorithm p) { byte[] kRaw = suggestedKey; List<byte> kList = new List<byte>(); for (int i = 0; i < p.LegalKeySizes[0].MaxSize; i += 8) { kList.Add(kRaw[(i / 8) % kRaw.Length]); } byte[] k = kList.ToArray(); return k; }

    Read the article

  • Java Encryption issue

    - by r1k0
    I am using PBE encryption to encrypt and decrypt some text on an Android application but I get the BadPaddingException: with the "pad block corrupted" message when I use the wrong private key to decrypt the text. My question, since I am not well versed with encryption in Java, is if this is the normal behavior of the encryption API, because I need to do some logic in the case when the wrong key is entered, but I do not know the private key, nor do I store it anywhere (storing just the encrypted and decrypted check text). Thanks, Mihai

    Read the article

  • Javascript to encode cookie contents into a get or post?

    - by beeky
    I want to pass cookie contents from one domain to another. I don't want to get involved with actual cross-domain cookies. I was thinking of reading the cookie on the domain that sets it and then sending it as an encrypted JSON object to the domain that wants to use it. Is there an accepted way of doing this and/or a toolkit that handles this sort of thing? Thanks for any help or advice, -=b

    Read the article

  • Generate reasonable length license key with asymmetric encryption?

    - by starkos
    I've been looking at this all day. I probably should have walked away from it hours ago; I might be missing something obvious at this point. Short version: Is there a way to generate and boil down an asymmetrically encrypted hash to a reasonable number of unambiguous, human readable characters? Long version: I want to generate license keys for my software. I would like these keys to be of a reasonable length (25-36 characters) and easily read and entered by a human (so avoid ambiguous characters like the number 0 and the capital letter O). Finally--and this seems to be the kicker--I'd really like to use asymmetric encryption to make it more difficult to generate new keys. I've got the general approach: concatenate my information (user name, product version, a salt) into a string and generate a SHA1() hash from that, then encrypt the hash with my private key. On the client, build the SHA1() hash from the same information, then decrypt the license with the public key and see if I've got a match. Since this is a Mac app, I looked at AquaticPrime, but that generates a relatively large license file rather than a string. I can work with that if I must, but as a user I really like the convenience of a license key that I can read and print. I also looked at CocoaFob which does generate a key, but it is so long that I'd want to deliver it as a file anyway. I fooled around with OpenSSL for a while but couldn't come up with anything of a reasonable length. So...am I missing something obvious here? Is there a way to generate and boil down an asymmetrically encrypted hash to a reasonable number of unambiguous, human readable characters? I'm open to buying a solution. But I work on a number of different of platforms, so I'd want something portable. Everything I've looked at so far has been platform specific. Many, many thanks for a solution! PS - Yes, I know it will still be cracked. I'm trying to come up with something reasonable that, as a user, I would still find friendly.

    Read the article

  • C# Encryption Functions

    - by KHALID
    i have table in my database that have senestive data such as password field i want to encrypt data before inserting it to table and then i want not to decrypt data but i want only to compare encrypted password with the input password without decrypting

    Read the article

  • AES code throwing NoSuchPaddingException: Padding NoPaddin unknown

    - by Tom Brito
    The following code is a try to encrypt data using AES with asymmetric key: import java.io.OutputStream; import java.math.BigInteger; import java.security.Key; import java.security.KeyFactory; import java.security.interfaces.RSAPrivateKey; import java.security.interfaces.RSAPublicKey; import java.security.spec.RSAPrivateKeySpec; import java.security.spec.RSAPublicKeySpec; import javax.crypto.Cipher; public class AsyncronousKeyTest { private final Cipher cipher; private final KeyFactory keyFactory; private final RSAPrivateKey privKey; private AsyncronousKeyTest() throws Exception { cipher = Cipher.getInstance("AES/CBC/NoPaddin", "BC"); keyFactory = KeyFactory.getInstance("AES", "BC"); // create the keys // TODO should this numbers be random? RSAPrivateKeySpec privKeySpec = new RSAPrivateKeySpec(new BigInteger( "d46f473a2d746537de2056ae3092c451", 16), new BigInteger("57791d5430d593164082036ad8b29fb1", 16)); privKey = (RSAPrivateKey) keyFactory.generatePrivate(privKeySpec); } public void generateAuthorizationAct(OutputStream outputStream) throws Exception { // TODO Ticket #14 - GenerateAuthorization action KeyFactory keyFactory = KeyFactory.getInstance("AES", "BC"); // TODO should this numbers be random? RSAPublicKeySpec pubKeySpec = new RSAPublicKeySpec(new BigInteger("d46f473a2d746537de2056ae3092c451", 16), new BigInteger("11", 16)); RSAPublicKey pubKey = (RSAPublicKey) keyFactory.generatePublic(pubKeySpec); byte[] data = new byte[] {0x01}; byte[] encrypted = encryptAO(pubKey, data); outputStream.write(encrypted); } /** Encrypt the AuthorizationObject. */ public byte[] encryptAO(Key pubKey, byte[] data) throws Exception { cipher.init(Cipher.ENCRYPT_MODE, pubKey); byte[] cipherText = cipher.doFinal(data); return cipherText; } public byte[] decrypt(byte[] cipherText) throws Exception { cipher.init(Cipher.DECRYPT_MODE, privKey); byte[] decyptedData = cipher.doFinal(cipherText); return decyptedData; } public static void main(String[] args) throws Exception { System.out.println("start"); AsyncronousKeyTest auth = new AsyncronousKeyTest(); auth.generateAuthorizationAct(System.out); System.out.println("done"); } } but at line cipher = Cipher.getInstance(AesEncrypter.getTransformation(), "BC"); it throws NoSuchPaddingException: Padding NoPaddin unknown. What is this? And how to solve?

    Read the article

  • Cracking WEP wireless networks [closed]

    - by John
    I have a problem.I am new to linux and would like to know how to crack a WEP and WAP wireless encrypted network.I have been typing the command "airmon-ng" i have even initialized the wlan0 with the following command on Backtrack 4 but it has failed,When I use airmon-ng command, it does not display my wireless driver.SomeOne please xplain to me from scratch.Would really appreciate it.

    Read the article

  • use bouncy castle to create public key on j2me

    - by mike
    I got the public key from the certificate, keypair is a java.security.KeyPair object String public_key = keypair.getPublic().toString(); I want to send this to the via an http connection to a J2me application. I cannot find any documentation to convert the transmitted string to a Public key that can be used to encrypt Strings. I also want the J2me to verify signed strings from the server. I want to then send the encrypted strings back to the server.

    Read the article

  • Protect Windows folder without encrypting the contents

    - by Jad
    Hi, I want to protect the "www" folder in my Apache server. Checked some tools on the net like TrueCrypt, FolderEncrypt etc. All these encrypt the folder contents. If the www folder is encrypted, then my php won't work. Is there a way to lock the folder in windows without encrypting its contents.[ A little harder to crack then no lock at all] Regards Jad

    Read the article

< Previous Page | 27 28 29 30 31 32 33 34 35 36 37 38  | Next Page >