Search Results

Search found 2089 results on 84 pages for 'symmertric encryption'.

Page 35/84 | < Previous Page | 31 32 33 34 35 36 37 38 39 40 41 42  | Next Page >

  • Retrieving Encrypted Rich Text file and showing it in a RichTextBox C#

    - by Ranhiru
    OK, my need here is to save whatever typed in the rich text box to a file, encrypted, and also retrieve the text from the file again and show it back on the rich textbox. Here is my save code. private void cmdSave_Click(object sender, EventArgs e) { FileStream fs = new FileStream(filePath, FileMode.Create, FileAccess.Write); AesCryptoServiceProvider aes = new AesCryptoServiceProvider(); aes.GenerateIV(); aes.GenerateKey(); aes.Mode = CipherMode.CBC; TextWriter twKey = new StreamWriter("key"); twKey.Write(ASCIIEncoding.ASCII.GetString(aes.Key)); twKey.Close(); TextWriter twIV = new StreamWriter("IV"); twIV.Write(ASCIIEncoding.ASCII.GetString(aes.IV)); twIV.Close(); ICryptoTransform aesEncrypt = aes.CreateEncryptor(); CryptoStream cryptoStream = new CryptoStream(fs, aesEncrypt, CryptoStreamMode.Write); richTextBox1.SaveFile(cryptoStream, RichTextBoxStreamType.RichText); } I know the security consequences of saving the key and iv in a file but this just for testing :) Well, the saving part works fine which means no exceptions... The file is created in filePath and the key and IV files are created fine too... OK now for retrieving part where I am stuck :S private void cmdOpen_Click(object sender, EventArgs e) { OpenFileDialog openFile = new OpenFileDialog(); openFile.ShowDialog(); FileStream openRTF = new FileStream(openFile.FileName, FileMode.Open, FileAccess.Read); AesCryptoServiceProvider aes = new AesCryptoServiceProvider(); TextReader trKey = new StreamReader("key"); byte[] AesKey = ASCIIEncoding.ASCII.GetBytes(trKey.ReadLine()); TextReader trIV = new StreamReader("IV"); byte[] AesIV = ASCIIEncoding.ASCII.GetBytes(trIV.ReadLine()); aes.Key = AesKey; aes.IV = AesIV; ICryptoTransform aesDecrypt = aes.CreateDecryptor(); CryptoStream cryptoStream = new CryptoStream(openRTF, aesDecrypt, CryptoStreamMode.Read); StreamReader fx = new StreamReader(cryptoStream); richTextBox1.Rtf = fx.ReadToEnd(); //richTextBox1.LoadFile(fx.BaseStream, RichTextBoxStreamType.RichText); } But the richTextBox1.Rtf = fx.ReadToEnd(); throws an cryptographic exception "Padding is invalid and cannot be removed." while richTextBox1.LoadFile(fx.BaseStream, RichTextBoxStreamType.RichText); throws an NotSupportedException "Stream does not support seeking." Any suggestions on what i can do to load the data from the encrypted file and show it in the rich text box?

    Read the article

  • Converting a md5 hash byte array to a string

    - by Blankman
    How can I convert the hashed result, which a byte array, to a string? byte[] bytePassword = Encoding.UTF8.GetBytes(password); using (MD5 md5 = MD5.Create()) { byte[] byteHashedPassword = md5.ComputeHash(bytePassword); } So I need to convert byteHashedPassword to a string

    Read the article

  • HowTo Crypt/Encrypt some string (e.g. Password) on Qt simple

    - by mosg
    Hi. Here what I have got: Qt SDK version 4.6.2 Windows XP Question: how can I simply crypt and encrypt simple QString value? I need this to be able to save some crypted string into the INI file, and after reopening application encrypt string to normal password string value. PS: I'm looking simple and nice solution. Thanks for help!

    Read the article

  • I am getting a Radix out of range exception on performing decryption

    - by user3672391
    I am generating a keypair and converting one of the same into string which later is inserted into the database using the following code: KeyPairGenerator keyGen = KeyPairGenerator.getInstance("RSA"); keyGen.initialize(2048); KeyPair generatedKeyPair = keyGen.genKeyPair(); PublicKey pubkey = generatedKeyPair.getPublic(); PrivateKey prvkey = generatedKeyPair.getPrivate(); System.out.println("My Public Key>>>>>>>>>>>"+pubkey); System.out.println("My Private Key>>>>>>>>>>>"+prvkey); String keyAsString = new BigInteger(prvkey.getEncoded()).toString(64); I then retrieve the string from the database and convert it back to the original key using the following code (where rst is my ResultSet): String keyAsString = rst.getString("privateKey").toString(); byte[] bytes = new BigInteger(keyAsString, 64).toByteArray(); //byte k[] = "HignDlPs".getBytes(); PKCS8EncodedKeySpec encodedKeySpec = new PKCS8EncodedKeySpec(bytes); KeyFactory rsaKeyFac = KeyFactory.getInstance("RSA"); PrivateKey privKey = rsaKeyFac.generatePrivate(encodedKeySpec); On using the privKey for RSA decryption, I get the following exception java.lang.NumberFormatException: Radix out of range at java.math.BigInteger.<init>(BigInteger.java:294) at com.util.SimpleFTPClient.downloadFile(SimpleFTPClient.java:176) at com.Action.FileDownload.processRequest(FileDownload.java:64) at com.Action.FileDownload.doGet(FileDownload.java:94) Please guide.

    Read the article

  • Encrypt parameters passed to a swf

    - by 23tux
    Hi, does anyone know how to encrypt the parameters that are passed to a flash movie? The case is, that the user should not be able to read the parameters in the source code in plaintext. And of course, I have to able to decrypt the parameter in actionscript 3 ;-) thx, tux

    Read the article

  • how to display the decrypted and splited Strings in order?

    - by sebby_zml
    Hi everyone, i need some help and guidance in displaying the splitted Strings in order. let say, i have username, password, nonceInString. i had successfully encrypted and decrypted those. then i split the decrypted data. it was done, too. i want to display the decrypted data in order. something like this. userneme: sebastian password: harrypotter nonce value: sdgvay1saq3qsd5vc6dger9wqktue2tz* i tried the following code, but it didn't display like i wish to. pls help. thanks a lot in advance. String codeWord = username + ";" + password + ";" + nonceInString; String encryptedData = aesEncryptDecrypt.encrypt(codeWord); String decryptedData = aesEncryptDecrypt.decrypt(encryptedData); String[] splits = decryptedData.split(";"); String[] variables = {"username", "password", "nonce value"}; for (String data : variables){ for (String item : splits){ System.out.println( data + ": "+ item); } }

    Read the article

  • Scrambling URLS for dynamic data

    - by ggonsalv
    What is the best method to obfuscate the urls created in Dynamic Data? eg \Products\List.aspx?ProductId=2 could become \Products\List.aspx?x=UHJvZHVjdElkPTI= where "ProductId=2" is base 64 encoded to prevent casual snooping on \Products\List.aspx?ProductId=3 \Products\List.aspx?ProductId=4 etc...? I will probably have to inherit from an existing object and override some function The question is which object and what function GetActionPath of the Metamodel object seems interesting, but how does the DynamicRoute "{table}/{Action}.aspx" play in into it... Right now on Asp.net 1.1 site I use an custom implementation of the following code. http://www.mvps.org/emorcillo/en/code/aspnet/qse.shtml It is HTTPModule that uses regular expression to rewrite all the querystrings and also with reflection changes the Querystring collection with decoded values. So where is the hook to affect the change.

    Read the article

  • Securely Storing Optional Entropy While Using DPAPI

    - by Changeling
    So I am trying to store the symmetric key using DPAPI. All is well and great, but what to do with the entropy? This answered question here really doesn't provide enough insight. It seems like a slippery slope - I could use the machine store to store the entropy but then what prevents someone from getting at that as well? Note: I am storing the current key using the User Scope. So my question is - what is the best way to store the entropy using DPAPI?

    Read the article

  • How to create encrypted Jar file?

    - by Kartik Mistry
    I am working on project that must need to protect data (revealing code is not main problem) files. We are using Java + Netbeans. Is there any facility that will create jar in encrypted format? We are also using sqlite for database - so putting text file in encrypted format is not proper option for us too.

    Read the article

  • Decrypting PKCS#7 encrypted data in C#

    - by Johnny Egeland
    I am working on a solution that needs to decrypt PKCS#7 encrypted data, preferably in C#. As far as I can see, the .NET api has support for this through the System.Security.Cryptography.Pkcs namespace. However it seems that the implementation can only work on byte arrays. So what do I do when I have a large encrypted file that does not fit into the memory? Am I missing something here, or is there another way to do this on a Stream level instead of using bytearrays?

    Read the article

  • Salt question - using a "random salt"

    - by barfoon
    Hey everyone, Further to my question here, I have another question regarding salts. When someone says "use a random salt" to pre/append to a password, does this mean: Creating a static a 1 time randomly generated string of characters, or Creating a string of characters that changes at random every time a password is created? If the salt is random for every user and stored along with the hashed password, how is the original salt ever retrieved back for verification? Thanks!

    Read the article

  • How to pass variable value to gpg commands

    - by trainee
    $importkey = system('gpg --import newkey.asc . $username'); need to pass the file name as a variable.so that file name with its contents can be import in gnupg keyring. $gpg = system('gpg --recipient userid --output filename --armor --encrypt filename to encrypt', $retvalue); how can i pass the recipient email id(userid) and the filename as variable to gpg commands thanks!

    Read the article

  • How to Verify Signature, Loading PUBLIC KEY From PEM file?

    - by bbirtle
    I'm posting this in the hope it saves somebody else the hours I lost on this really stupid problem involving converting formats of public keys. If anybody sees a simpler solution or a problem, please let me know! The eCommerce system I'm using sends me some data along with a signature. They also give me their public key in .pem format. The .pem file looks like this: -----BEGIN PUBLIC KEY----- MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDe+hkicNP7ROHUssGNtHwiT2Ew HFrSk/qwrcq8v5metRtTTFPE/nmzSkRnTs3GMpi57rBdxBBJW5W9cpNyGUh0jNXc VrOSClpD5Ri2hER/GcNrxVRP7RlWOqB1C03q4QYmwjHZ+zlM4OUhCCAtSWflB4wC Ka1g88CjFwRw/PB9kwIDAQAB -----END PUBLIC KEY----- Here's the magic code to turn the above into an "RSACryptoServiceProvider" which is capable of verifying the signature. Uses the BouncyCastle library, since .NET apparently (and appallingly cannot do it without some major headaches involving certificate files): RSACryptoServiceProvider thingee; using (var reader = File.OpenText(@"c:\pemfile.pem")) { var x = new PemReader(reader); var y = (RsaKeyParameters)x.ReadObject(); thingee = (RSACryptoServiceProvider)RSACryptoServiceProvider.Create(); var pa = new RSAParameters(); pa.Modulus = y.Modulus.ToByteArray(); pa.Exponent = y.Exponent.ToByteArray(); thingee.ImportParameters(pa); } And then the code to actually verify the signature: var signature = ... //reads from the packet sent by the eCommerce system var data = ... //reads from the packet sent by the eCommerce system var sha = new SHA1CryptoServiceProvider(); byte[] hash = sha.ComputeHash(Encoding.ASCII.GetBytes(data)); byte[] bSignature = Convert.FromBase64String(signature); ///Verify signature, FINALLY: var hasValidSig = thingee.VerifyHash(hash, CryptoConfig.MapNameToOID("SHA1"), bSignature);

    Read the article

  • Secure Password Storage and Transfer

    - by Andras Zoltan
    I'm developing a new user store for my organisation and am now tackling password storage. The concepts of salting, HMAC etc are all fine with me - and want to store the users' passwords either salted and hashed, HMAC hashed, or HMAC salted and hashed - not sure what the best way will be - but in theory it won't matter as it will be able to change over time if required. I want to have an XML & JSON service that can act as a Security Token Service for client-side apps. I've already developed one for another system, which requires that the client double-encrypts a clear-text password using SHA1 first and then HMACSHA1 using a 128 unique key (or nonce) supplied by the server for that session only. I'd like to repeat this technique for the new system - upgrading the algo to SHA256 (chosen since implementations are readily available for all aforementioned platforms - and it's much stronger than SHA1) - but there is a problem. If I'm storing the password as a salted hash in the user-store, the client will need to be sent that salt in order to construct the correct hash before being HMACd with the unique session key. This would completely go against the point of using a salt in the first place. Equally, if I don't use salt for password storage, but instead use HMAC, it's still the same problem. At the moment, the only solution I can see is to use naked SHA256 hashing for the password in the user store, so that I can then use this as a starting point on both the server and the client for a more secure salted/hmacd password transfer for the web service. This still leaves the user store vulnerable to a dictionary attack were it ever to be accessed; and however unlikely that might be - assuming it will never happen simply doesn't sit well with me. Greatly appreciate any input.

    Read the article

  • How to read public key from PFX file in java

    - by articlestack
    I am able to read private key from PFX file but not public key. I am using following code to read public key. InputStream inStream = new FileInputStream(certFile); CertificateFactory cf = CertificateFactory.getInstance("X.509"); BufferedInputStream bis = new BufferedInputStream(inStream); // if (bis.available() > 0) { java.security.cert.Certificate cert = cf.generateCertificate(bis); System.out.println("This part is not getting printed in case of PFX file"); // } puk = (PublicKey) cert.getPublicKey(); This code is working properly when i read from .cer file. Please help

    Read the article

  • How to implement RSA-CBC?(I have uploaded the request document)

    - by tq0fqeu
    I don't konw more about cipher, I just want to implement RSA-CBC which maybe mean that the result of RSA encrypt in CBC mode, and I have implemented RSA. any code languages will be ok, java will be appreciated thx I copy the request as follow(maybe has spelling wrong), but that's French I don't konw that: Pr´esentation du mini-projet Le but du mini-projet est d’impl´ementer une version ´el´ementaire du chi?rement d’un bloc par RSA et d’inclure cette primitive dans un systeme de chi?rement par bloc avec chaˆinage de blocs et IV (Initial Vector ) al´eatoire. Dans ce systeme, un texte clair (`a chi?rer) est d´ecompos´e en blocs de taille t (?x´ee par l’utilisa- teur), chaque bloc (clair) est chi?r´e par RSA en un bloc crypt´e de mˆeme taille, puis le cryptogramme associ´e au texte clair initial est obtenu en chaˆinant les blocs crypt´es par la m´ethode CBC (cipher- block chaining) d´ecrite dans le cours (voir poly “Block Ciphers”) Votre programme devra demander a l’utilisateur la taille t, puis, apres g´en´eration des cl´es publique et priv´ee, lui proposer de chi?rer ou d´echi?rer un (court) ?chier ASCII. Il est indispensable que votre programme soit au moins capable de traiter le cas (tres peu r´ealiste du point de vue de la s´ecurit´e) t = 32. Pour les traiter des blocs plus grands, il vous faudra impl´ementer des routines d’arithm´etique multi-pr´ecision ; pour cela, je vous conseille de faire appela des bibliotheques libres comme GMP (GNU Multiprecision Library). Pour la g´en´eration al´eatoire des nombres premiers p et q, vous pouvez ´egalement faire appela des bibliotheques sp´ecialis´ees,a condition de me donner toutes les pr´ecisions n´ecessaires. Vous devez m’envoyer (avant une date qui reste a ?xer)a mon adresse ´electronique ([email protected]) un courriel (sujet : [MI1-crypto] : devoir, corps du message : les noms des ´etudiants ayant travaill´e sur le mini-projet) auquel sera attach´e un dossier compress´e regroupant vos sources C ou Java comment´ees, votre programme ex´ecutable, et un ?chier texte ou PDF donnant toutes les pr´ecisions sur les biblioth`eques utilis´ees, vos choix algorithmiques et d’impl´ementation, et les raisons de ces choix (complexit´e algorithmique, robus- tesse, facilit´e d’impl´ementation, etc.). Vous pouvez travailler en binˆome ou en trinˆome, mais je serai nettement plus exigeant avec les trinˆomes I have uploaded the request at http://uploading.com/files/22emmm6b/enonce_projet.pdf/ thx

    Read the article

  • What is an s2k algorithm?

    - by WilliamKF
    What is the definition of an s2k algorithm? For example, "PBKDF2(SHA-1)" is an s2k algorithm. Here is some Botan code that refers to s2k: AutoSeeded_RNG rng; std::auto_ptr<S2K> s2k(get_s2k("PBKDF2(SHA-1)")); s2k->set_iterations(8192); s2k->new_random_salt(rng, 8); SymmetricKey bc_key = s2k->derive_key(key_len, "BLK" + passphrase); InitializationVector iv = s2k->derive_key(iv_len, "IVL" + passphrase); SymmetricKey mac_key = s2k->derive_key(16, "MAC" + passphrase); Also, what is a 'salt' in s2k?

    Read the article

  • Handling User Authentication in C#.NET?

    - by Daniel
    Hi! I am new to .NET, and don't have much experience in programming. What is the standard way of handling user authentication in .NET in the following situation? In Process A, User inputs ID/Password Process A sends the ID/Password to Process B over a nonsecure public channel. Process B authenticates the user with the recieved ID/Password what are some of the standard cryptographic algorithms I can use in above model? thank you for your time!

    Read the article

  • Best practices to store CreditCard information into DataBase

    - by Garis Suero
    In my country the online payments are not an old thing, the first time i saw a web application taking payments directly to a local bank account was last year. So, Im a newbie coding web payment system. My question is, what are the best practices to store creditcard information into the database... I have many ideas: encrypting the creditcard, database security restriction, etc. What have you done?

    Read the article

  • How to secure licensekey generation

    - by Jakob Gade
    Scenario, simplified for brevity: A developer creates an application for a customer. The customer sells this app to end-users. The app requires a license key to run, and this key is generated by the customer for each end-user with a simple tool created by the developer. The license key contains an expiry date for the license and is encrypted so the end-user can’t tamper with it. The problem here is that the developer (or anybody who has a copy of the license key generator) can easily create valid license keys. Should this generator fall into the wrong hands, it could spell disaster for the customers business. Ideally, the customer would have to use a password to create new license keys. And this password would be unknown to the developer, and somehow baked into the decryption algorithm in the application so it will fail if an attempt to use an unauthorized key is made. How would you implement a solution for this problem that is both transparent and secure?

    Read the article

< Previous Page | 31 32 33 34 35 36 37 38 39 40 41 42  | Next Page >