Search Results

Search found 1053 results on 43 pages for 'encrypt'.

Page 37/43 | < Previous Page | 33 34 35 36 37 38 39 40 41 42 43 | Next Page >

"Downloading" a computed value form JavaScript

- by Travis Jensen

I'm hoping you can prove me wrong here (please, please, please! ;). I have a situation where I need to download encrypted data from a Server D (for "Data"). Server K (for "Key") has the encryption key. For security sake, I would really prefer that Server D never know the key that Server K knows. What I want is my client (e.g. your browser) to connect to Server D for the data and Server K for the key and doe the decryption locally so the unencrypted stuff never leaves your computer. I can do this fine for text areas in the dom by replacing the contents of the HTML. However, sometimes, I would like to do larger files that I stream to the file system. For instance, perhaps I want to encrypt a movie and decrypt it and stream the contents to the my video player. I am not a JavaScript guru by any stretch, especially when it comes to the edge cases of things like the security sandbox. For Small D, I can handle the decryption, but I don't know how to save the decrypted file. Large D seems problematic as memory runs out. Anybody have any ideas that don't involve native plugins? Thanks!

Read the article
Unable to render php files in browser

- by p1

Hello, I am very new to php, and I am trying to develop a facebook application using php. I am using Joyent as my hosting platform. Currently, I am trying to do some simple scripts in php and then build on them. However I am unable to see any php files being rendered properly in my application. For eg: I have a simple script called phpinfo.php: If I execute this on terminal like php phpinfo.php , I can see all the configurations. However if I try to access the same file as http://xxxxxx.facebook.joyent.us/phpinfo.php, I get : Internal Server Error The server encountered an internal error or misconfiguration and was unable to complete your request. Even if I rename this file to index.php its still the same. However I am able to access other html files [index.html] on the same location . These are some of my php settings: These are some of the settings: [fbkusoni:~/web/public] aafhe7vh$ php phpinfo.php | grep On allow_url_fopen = On = On auto_globals_jit = On = On enable_dl = On = On file_uploads = On = On ignore_repeated_errors = On = On ignore_repeated_source = On = On implicit_flush = On = On log_errors = On = On register_argc_argv = On = On report_memleaks = On = On y2k_compliance = On = On Multibyte regex (oniguruma) backtrack check = On mysql.allow_persistent = On = On session.bug_compat_warn = On = On session.use_cookies = On = On suhosin.cookie.cryptdocroot = On = On suhosin.cookie.cryptua = On = On suhosin.mt_srand.ignore = On = On suhosin.protectkey = On = On suhosin.server.encode = On = On suhosin.server.strip = On = On suhosin.session.cryptdocroot = On = On suhosin.session.cryptua = On = On suhosin.session.encrypt = On = On suhosin.srand.ignore = On = On suhosin.stealth = On = On The answer might be very naive, but I am just trying to get started and looking for any suggestions regarding this and also using Joyent and cakephp to develop facebook applications. Thanks.

Read the article
Paypal Encrypted Website payments

- by John Isaacks

I am trying to integrate a PayPal Website Payments Standard Cart Upload payment type into my shopping cart. I integrated Google Checkout a while back and I did not find it overly confusing as I do paypal. I am getting info on how to encrypt it from here: https://cms.paypal.com/us/cgi-bin/?&cmd=_render-content&content_ID=developer/e_howto_html_encryptedwebpayments#id08A3I0P017Q Paypal says I need to generate a private key and a public certificate using OpenSSL. I went to OpenSSL and downloaded the latest release, which is just a folder containing various files but I see no application I can use, not sure what to do here. Even if I were to get OpenSSL to generate me a private key and public cert, the next step is to download either an MS or Java command line tool to create the encrypted cart ahead of time with the cart-total, tax, etc. which sounds crazy to me, like I am supposed to manually do this prior to every order?? Obviously I do not know the items in the cart the customer is going to buy before hand so I need this to be done on the fly on my website using PHP. But I am completely lost. There has to be a way to setup dynamic secure cart uploads to paypal. Can someone please point me in the right direction?

Read the article
oData/ADO.NET Data Services using LINQ-to-SQL with a decryption layer

- by Program.X

I have written an application using LINQ-to-SQL that submits a web form into a database. I absact the LINQ-to-SQL away using a Repository pattern. This repository has the basic methods: Get(), Save(), etc. As a development of the project, I needed to encrypt certain fields in the form. This was trivial, as I just added the encryption calls to the Get(), Save() methods in the Repository. Now, I want to put an oData layer over it, to allow RESTful extraction from MS Excel 2010 (when it comes out). I have this working, after a few stumbles on useless error messages, etc. However, obviously, those encrypted fields are still encrypted. My repository pattern would have decrypted these for me. As far as I know, I have to directly bind my oData service to the LINQ-to-SQL context for the schema, etc. to work - unless I enter a whole world of pain (any URLs appreciated). Is there a way I can insert my encryption/decryption layer into the request so decryption is done "on the fly"? I looked at the OnStartProcessingRequest() overload of DataService but this doesn't seem that useful.

Read the article
How do you save and retrieve a Key/IV pair securely?

- by Shawn Steward

I'm using VB.Net's RijndaelManaged (RM) to encrypt files, using the RM.GenerateKey and RM.GenerateIV methods to generate the Key and IV and encrypting the file using the CryptoStream class. I'm planning on saving this Key and IV to a file and want to make sure I'm doing it the right way. I am combining the IV+Key, and encrypting that with my RSA Public key and writing it out to a file. Then, to decrypt I use the RSA Private key on this file to get the IV+Key, split them up and set RM.Key and RM.IV to these values and run the decryptor. Is this the best method to accomplish this, or is there a preferred method for saving the IV & Key? Also, what's the best way to construct and deconstruct the byte array? I used the .Concat method to join them together and that seems to work well but I can't seem to find something as easy to deconstruct it. I played with the .Take method that takes the first x # of bytes and it works for the first part but can't find anything that gets the rest of it.

Read the article
Trouble with an depreciated constructor visual basic visual studio 2010

- by VBPRIML

My goal is to print labels with barcodes and a date stamp from an entry to a zebra TLP 2844 when the user clicks the ok button/hits enter. i found what i think might be the code for this from zebras site and have been integrating it into my program but part of it is depreciated and i cant quite figure out how to update it. below is what i have so far. The printer is attached via USB and the program will also store the entered numbers in a database but i have that part done. any help would be greatly Appreciated. Public Class ScanForm Inherits System.Windows.Forms.Form Public Const GENERIC_WRITE = &H40000000 Public Const OPEN_EXISTING = 3 Public Const FILE_SHARE_WRITE = &H2 Dim LPTPORT As String Dim hPort As Integer Public Declare Function CreateFile Lib "kernel32" Alias "CreateFileA" (ByVal lpFileName As String, ByVal dwDesiredAccess As Integer, ByVal dwShareMode As Integer, <MarshalAs(UnmanagedType.Struct)> ByRef lpSecurityAttributes As SECURITY_ATTRIBUTES, ByVal dwCreationDisposition As Integer, ByVal dwFlagsAndAttributes As Integer, ByVal hTemplateFile As Integer) As Integer Public Declare Function CloseHandle Lib "kernel32" Alias "CloseHandle" (ByVal hObject As Integer) As Integer Dim retval As Integer <StructLayout(LayoutKind.Sequential)> Public Structure SECURITY_ATTRIBUTES Private nLength As Integer Private lpSecurityDescriptor As Integer Private bInheritHandle As Integer End Structure Private Sub OKButton_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles OKButton.Click Dim TrNum Dim TrDate Dim SA As SECURITY_ATTRIBUTES Dim outFile As FileStream, hPortP As IntPtr LPTPORT = "USB001" TrNum = Me.ScannedBarcodeText.Text() TrDate = Now() hPort = CreateFile(LPTPORT, GENERIC_WRITE, FILE_SHARE_WRITE, SA, OPEN_EXISTING, 0, 0) hPortP = New IntPtr(hPort) 'convert Integer to IntPtr outFile = New FileStream(hPortP, FileAccess.Write) 'Create FileStream using Handle Dim fileWriter As New StreamWriter(outFile) fileWriter.WriteLine(" ") fileWriter.WriteLine("N") fileWriter.Write("A50,50,0,4,1,1,N,") fileWriter.Write(Chr(34)) fileWriter.Write(TrNum) 'prints the tracking number variable fileWriter.Write(Chr(34)) fileWriter.Write(Chr(13)) fileWriter.Write(Chr(10)) fileWriter.Write("A50,100,0,4,1,1,N,") fileWriter.Write(Chr(34)) fileWriter.Write(TrDate) 'prints the date variable fileWriter.Write(Chr(34)) fileWriter.Write(Chr(13)) fileWriter.Write(Chr(10)) fileWriter.WriteLine("P1") fileWriter.Flush() fileWriter.Close() outFile.Close() retval = CloseHandle(hPort) 'Add entry to database Using connection As New SqlClient.SqlConnection("Data Source=MNGD-LABS-APP02;Initial Catalog=ScannedDB;Integrated Security=True;Pooling=False;Encrypt=False"), _ cmd As New SqlClient.SqlCommand("INSERT INTO [ScannedDBTable] (TrackingNumber, Date) VALUES (@TrackingNumber, @Date)", connection) cmd.Parameters.Add("@TrackingNumber", SqlDbType.VarChar, 50).Value = TrNum cmd.Parameters.Add("@Date", SqlDbType.DateTime, 8).Value = TrDate connection.Open() cmd.ExecuteNonQuery() connection.Close() End Using 'Prepare data for next entry ScannedBarcodeText.Clear() Me.ScannedBarcodeText.Focus() End Sub

Read the article
Execute binary from memory in C# .net with binary protected from a 3rd party software

- by NoobTom

i've the following scenario: i've a C# application.exe i pack application.exe inside TheMida, a software anti-piracy/reverse engineering. i encrypt application.exe with aes256. (i wrote my own aes encryption/decryption and it is working) Now, when i want to execute my application i do the following: decrypt application.exe in memory execute the application.exe with the following code: BinaryReader br = new BinaryReader(decOutput); byte[] bin = br.ReadBytes(Convert.ToInt32(decOutput.Length)); decOutput.Close(); br.Close(); // load the bytes into Assembly Assembly a = Assembly.Load(bin); // search for the Entry Point MethodInfo method = a.EntryPoint; if (method != null) { // create an istance of the Startup form Main method object o = a.CreateInstance(method.Name); // invoke the application starting point method.Invoke(o, null); the application does not execute correctly. Now, the problem i think, is that this method is only to execute .NET executable. Since i packed my application.exe inside TheMida this does not work. Is there a workaround to this situation? Any suggestion? Thank you in advance.

Read the article
Deterministic and non uniform long string generation from seed

- by Limonup

I had this weird idea for an encryption that I wanted to try out, it may be bad, and it may have done before, but I'm just doing it for fun. The short version of the question is: Is it possible to generate a long, deterministic and non-uniformly distributed string/sequence of numbers from a small seed? Long(er) version: I was thinking to encrypt a text by changing encoding. The new encoding would be generated via Huffman algorithm. To work well, the Huffman algorithm would need a fairly long text with non uniform distribution. Then characters can have different bit-lengths which would be the primary strength of this encryption. The problem is that its impractical to enter in/remember a long text each time you want to decrypt the text. So I was wondering if it was possible to generate a text from password seed? It doesn't matter what the text is, as long as it has non uniform distribution of characters and that the exact same sequence can be recreated each time you give it the same seed. Preferably, are there any functions/extensions in Python that can do this? EDIT: To expand on the "strength" of varying bit length: if I have a string "test", ASCII values 116, 101, 115, 116, which gives bit values of 1110100 1100101 1110011 1110100 Then, say my Huffman algorithm generates encoding like t = 101 e = 1100111 s = 10001 The final string is 101 1100111 10001 101, if we encode this back to ASCII, we get 1011100 1111000 1101000, which is 3 entirely different characters. Obviously its impossible to perform any kind of frequency analysis or something like that on this.

Read the article
Set HttpContext.Current.User from Thread.CurrentPrincipal

- by Argons

I have a security manager in my application that works for both windows and web, the process is simple, just takes the user and pwd and authenticates them against a database then sets the Thread.CurrentPrincipal with a custom principal. For windows applications this works fine, but I have problems with web applications. After the process of authentication, when I'm trying to set the Current.User to the custom principal from Thread.CurrentPrincipal this last one contains a GenericPrincipal. Am I doing something wrong? This is my code: Login.aspx protected void btnAuthenticate_Click(object sender, EventArgs e) { Authenticate("user","pwd"); FormsAuthenticationTicket authenticationTicket = new FormsAuthenticationTicket(1, "user", DateTime.Now, DateTime.Now.AddMinutes(30), false, ""); string ticket = FormsAuthentication.Encrypt(authenticationTicket); HttpCookie authenticationCookie = new HttpCookie(FormsAuthentication.FormsCookieName, ticket); Response.Cookies.Add(authenticationCookie); Response.Redirect(FormsAuthentication.GetRedirectUrl("user", false)); } Global.asax (This is where the problem appears) protected void Application_AuthenticateRequest(object sender, EventArgs e) { HttpCookie authCookie = Context.Request.Cookies[FormsAuthentication.FormsCookieName]; if (authCookie == null) return; if (HttpContext.Current.User != null && HttpContext.Current.User.Identity.IsAuthenticated && HttpContext.Current.User.Identity is FormsIdentity) { HttpContext.Current.User = System.Threading.Thread.CurrentPrincipal; //Here the value is GenericPrincipal } Thanks in advance for any help. }

Read the article
Archiver Securing SQLite Data without using Encryption on iPhone

- by Redrocks

I'm developing an iphone app that uses Core Data with a SQLite data store and lots of images in the resource bundle. I want a "simple" way to obfuscate the file structure of the SQLite database and the image files to prevent the casual hacker/unscrupulous developer from gaining access to them. When the app is deployed, the database file and image files would be obfuscated. Upon launching the app it would read in and un-obfuscate the database file, write the un-obfuscated version to the users "tmp" directory for use by core data, and read/un-obfuscate image files as needed. I'd like to apply a simple algorithm to the files that would somehow scramble/manipulate the file data so that the sqlite database data isn't discernible when the db is opened in a text editor and so that neither is recognized by other applications (SQLite Manager, Photoshop, etc.) It seems, from the information I've read, that I could use NSFileManager, NSKeyedArchiver, and NSData to accomplish this but I'm not sure how to proceed. Been developing software for many years but I'm new to everything CocoaTouch, Mac and iPhone. Also never had to secure/encrypt my data so this is new. Any thoughts, suggestions, or links to solutions are appreciated.

Read the article
ASP.NET Webforms site using HTTPCookie with 100 year timeout times out after 20 minutes

- by Rob

I have a site that is using Forms Auth. The client does not want the site session to expire at all for users. In the login page codebehind, the following code is used: // user passed validation FormsAuthentication.Initialize(); // grab the user's roles out of the database String strRole = AssignRoles(UserName.Text); // creates forms auth ticket with expiration date of 100 years from now and make it persistent FormsAuthenticationTicket fat = new FormsAuthenticationTicket(1, UserName.Text, DateTime.Now, DateTime.Now.AddYears(100), true, strRole, FormsAuthentication.FormsCookiePath); // create a cookie and throw the ticket in there, set expiration date to 100 years from now HttpCookie cookie = new HttpCookie(FormsAuthentication.FormsCookieName, FormsAuthentication.Encrypt(fat)) { Expires = DateTime.Now.AddYears(100) }; // add the cookie to the response queue Response.Cookies.Add(cookie); Response.Redirect(FormsAuthentication.GetRedirectUrl(UserName.Text, false)); The web.config file auth section looks like this: <authentication mode="Forms"> <forms name="APLOnlineCompliance" loginUrl="~/Login.aspx" defaultUrl="~/Course/CourseViewer.aspx" /> </authentication> When I log into the site I do see the cookie correctly being sent to the browser and passed back up: However, when I walk away for 20 minutes or so, come back and try to do anything on the site, the login window reappears. This solution was working for a while on our servers - now it's back. The problem doesn't occur on my local dev box running Cassini in VS2008. Any ideas on how to fix this?

Read the article
Exposed onsite vs IFD deployments for MS Dynamics CRM

- by Greg McGuffey

I'm working for the first time on a MS Dyanmics CRM 4.0 project. Our company has a high number of remote employees and even more remote consultants. As such it will be necessary to make the CRM solution available over the internet. As near as I can tell, I have three options: Have everyone use a VPN to access an intranet site (typical onsite deployment). However, we have found that VPNs are far from trouble free and cause many support issues. We avoid them like the plague. Use IFD to expose the CRM on the internet. I don't know much about this except that the URL will be different than the onsite URL, which could cause some headaches (see below). Expose the CRM site by opening the site to the internet, using SSL to encrypt traffic. We currently do this with our MS sharepoint sites. I'm not sure how secure this would be (one of the reasons for this question). I'd like to avoid using both the onsite intranet deployment and the IFD together for a couple of reasons. One of the requests for the solution is use email to notify users that they've been assigned a task, and include the URL to the task within the email. For this reason. If both deployments are used, then I'll need to include two URLs and the user would need to know which to use. Which leads to the second reason, the main users of the solution split time between being in the office and being remote. Thus they would need to access the solution two different ways, and know when to use which. Bad. So, what are the advantages/disadvantages of any of these methods? Any other options? Is there any issue using IFD from within the intranet? Security issues? Thanks!

Read the article
how to edit a text message ( sms ) as it arrives in windows mobile 6 using managed code

- by x86shadow

I want to make an application to be installed on two pocket PCs and send Encrypted text messages and receive and decrypt them on the other device. I already made an application that gets special text messages ( starting with !farenc! ) and I know how to Encrypt/Decrypt the messages as well but I don't know how to edit a text message as it's arrive ( for decryption ). please help. thanks in advance and sorry for my bad English using System; using System.Linq; using System.Collections.Generic; using System.ComponentModel; using System.Data; using System.Drawing; using System.Text; using System.Windows.Forms; using Microsoft.WindowsMobile; using Microsoft.WindowsMobile.PocketOutlook; using Microsoft.WindowsMobile.PocketOutlook.MessageInterception; namespace SMSDECRYPT { public partial class Form1 : Form { MessageInterceptor _SMSCatcher = new MessageInterceptor(InterceptionAction.Notify, true); MessageCondition _SMSFilter = new MessageCondition(); public Form1() { InitializeComponent(); _SMSFilter.Property = MessageProperty.Body; _SMSFilter.ComparisonType = MessagePropertyComparisonType.StartsWith; _SMSFilter.CaseSensitive = true; _SMSFilter.ComparisonValue = "!farenc!"; _SMSCatcher.MessageCondition = _SMSFilter; _SMSCatcher.MessageReceived += new MessageInterceptorEventHandler(_SMSCatcher_MessageReceived); } private void Form1_Load(object sender, EventArgs e) { //... } void _SMSCatcher_MessageReceived(object sender, MessageInterceptorEventArgs e) { SmsMessage mySMS = (SmsMessage)e.Message; string sms = mySMS.Body.ToString(); sms = sms.Substring(8); //Decryption //... //Update the received message and replace it with the decrypted text //!!!HELP!!! } } }

Read the article
I have a generic implementation of mcrypt and its not working.

- by Ken Mitchner

class Crypt_Data { protected $_mcrypt=null; protected $_iv=null; protected $_key=null; public function __construct() { $this->_mcrypt = mcrypt_module_open('rijndael_256', '', 'cbc', ''); $key_size = mcrypt_enc_get_key_size($this->_mcrypt); for($i=0;$i<$key_size;$i++) $test_key .= "0"; $this->_iv = $test_key; $this->_key = $test_key; mcrypt_generic_init($this->_mcrypt,$this->_key,$this->_iv); } public function dataEncrypt($data) { return base64_encode(mcrypt_generic($this->_mcrypt, $data)); } public function dataDecrypt($data) { return mdecrypt_generic($this->_mcrypt, base64_decode($data)); } } $crypt = new Crypt_Data(); $string = "encrypt me"; $encrypted = $crypt->dataEncrypt($string); echo $encrypted."<BR>"; $decrypted = $crypt->dataDecrypt($encrypted); echo $decrypted."<BR>"; output: JJKfKxZckkqwfZ5QWeyVR+3PkMQAsP0Gr1hWaygV20I= qÌÌi_ÖZí(®`iÜ¥wÝÿ ô0€Í6Ÿhf[%ër No idea why this isn't working, everything seems to be find on my end.. i tried decrypting it with mcrypt_cbc(); and it decrypted it properly.. so it has something to do with my mdecrypt_generic.. any ideas?

Read the article
I have a generic implementation of PHP mcrypt module and its not decrypting

- by Ken Mitchner

class Crypt_Data { protected $_mcrypt=null; protected $_iv=null; protected $_key=null; public function __construct() { $this->_mcrypt = mcrypt_module_open('rijndael_256', '', 'cbc', ''); $key_size = mcrypt_enc_get_key_size($this->_mcrypt); for($i=0;$i<$key_size;$i++) $test_key .= "0"; $this->_iv = $test_key; $this->_key = $test_key; mcrypt_generic_init($this->_mcrypt,$this->_key,$this->_iv); } public function dataEncrypt($data) { return base64_encode(mcrypt_generic($this->_mcrypt, $data)); } public function dataDecrypt($data) { return mdecrypt_generic($this->_mcrypt, base64_decode($data)); } } $crypt = new Crypt_Data(); $string = "encrypt me"; $encrypted = $crypt->dataEncrypt($string); echo $encrypted."<BR>"; $decrypted = $crypt->dataDecrypt($encrypted); echo $decrypted."<BR>"; output: JJKfKxZckkqwfZ5QWeyVR+3PkMQAsP0Gr1hWaygV20I= qÌÌi_ÖZí(®`iÜ¥wÝÿ ô0€Í6Ÿhf[%ër No idea why this isn't working, everything seems to be fine on my end.. i tried decrypting it with mcrypt_cbc(); and it decrypted it properly.. so it has something to do with my mdecrypt_generic.. any ideas?

Read the article
Creating a global variable on the fly. [PHP ENCRYPTION]

- by stormdrain

Is there a way to dynamically create constant variables on the fly? The idea is that upon logging into the system, a user would be asked to upload a small text file that would be fread, and assigned to a var that would be accessible throughout the system. If this is possible, just to be clear, would this variable then only be accessible to that user and only while the session is alive? Security being the main concern here, would it be more practical to store the var in a session variable? The plan: Data in the db will be encrypted via mcrypt, and the key will be stored on USB thumbdrives. The user will insert the thumbdrive when going to access the system. Upon logging in, the app will prompt the user to upload the key. They will navigate to the thumbdrive and key. Via fopen and fread, the key will be assigned to a global var which will then allow access to encrypted data, and will be used to encrypt new info being entered to the db. When the user logs out, or session times out, the global var will become empty. Thanks!

Read the article
Powershell scripts to backup SQL, SVN

- by bszom

I'm trying to use PowerShell to create some backups, and then to copy these to a web folder (or, in other words, upload them to a WebDAV share). At first I thought I'd do the WebDAV stuff from within PowerShell, but it seems this still requires a fair amount of "manual labour", ie: constructing HTTP requests. I then settled for creating a web folder from the script and letting Windows handle the WebDAV stuff. It seems that all it takes to create a web folder is to create a standard shortcut, as described here. What I can't figure out is how to actually copy files to the shortcut's target..? Maybe I'm going about this the wrong way. It would be ideal if I could somehow encrypt the credentials for the WebDAV in the script, then have it create the web folder, shunt over the files, and delete the web folder again. Or even better, not use a web folder at all. Third option would be to just create the web folder manually and leave it there, though I'd rather not. Any ideas/pointers/tips? :)

Read the article
Credit Card storage solution

- by jtnire

Hi Everyone, I'm developing a solution that is designed to store membership details, as well as credit card details. I'm trying to comply with PCI DSS as much as I can. Here is my design so far: PAN = Primary account number == long number on credit card Server A is a remote server. It stores all membership details (Names, Address etc..) and provides indivudal Key A's for each PAN stored Server B is a local server, and actually holds the encrypted PANs, as well as Key B, and does the decryption. To get a PAN, the client has to authenticate with BOTH servers, ask Server A for the respective Key A, then give Key A to server B, which will return the PAN to the client (provided authentication was sucessful). Server A will only ever encrypt Key A with Server B's public Key, as it will have it beforehand. Server B will probably have to send a salt first though, however I doin't think that has to be encrypted I havn't really thought about any implementation (i.e. coding) specifics yet regarding the above, however the solution is using Java's Cajo framework (wrapper for RMI) so that is how the servers will communicate with each other (Currently, membership details are transfered in this way). The reason why I want Server B to do the decryption, and not the client, is that I am afraid of decryption keys going into the client's RAM, even though it's probably just as bad on the server... Can anyone see anything wrong with the above design? It doesn't matter if the above has to be changed. Thanks jtnire

Read the article
How can I log any login operation in case of "Remember Me" option ?

- by Space Cracker

I have an asp.net login web form that have ( username textBox - password textBox ) plus Remember Me CheckBox option When user login i do the below code if (provider.ValidateUser(username, password)) { int timeOut = 0x13; DateTime expireDate = DateTime.Now.AddMinutes(19.0); if (rememberMeCheckBox.Checked) { timeOut = 0x80520; expireDate = DateTime.Now.AddYears(1); } FormsAuthenticationTicket ticket = new FormsAuthenticationTicket(username, true, timeOut); string cookieValue = FormsAuthentication.Encrypt(ticket); HttpCookie cookie = new HttpCookie(FormsAuthentication.FormsCookieName, cookieValue); cookie.Expires = expireDate; HttpContext.Current.Response.Cookies.Add(cookie); AddForLogin(username); Response.Redirect("..."); } as in code after user is authenticated i log that he login in db by calling method AddForLogin(username); But if user choose remember me in login and then he try to go to site any time this login method isn't executed as it use cookies ... so i have many questions: 1- Is this the best way to log login operation or is there any other better ? 2- In my case how to log login operation in case of remember me chosen by user ?

Read the article
Can't decrypt after encrypting with blowfish Java

- by user2030599

Hello i'm new to Java and i have the following problem: i'm trying to encrypt the password of a user using the blowfish algorithm, but when i try to decrypt it back to check the authentication it fails to decrypt it for some reason. public static String encryptBlowFish(String to_encrypt, String salt){ String dbpassword = null; try{ SecretKeySpec skeySpec = new SecretKeySpec( salt.getBytes(), "Blowfish" ); // Instantiate the cipher. Cipher cipher = Cipher.getInstance("Blowfish/CBC/PKCS5Padding"); cipher.init(Cipher.ENCRYPT_MODE, skeySpec); //byte[] encrypted = cipher.doFinal( URLEncoder.encode(data).getBytes() ); byte[] encrypted = cipher.doFinal( to_encrypt.getBytes() ); dbpassword = new String(encrypted); } catch (Exception e) { System.out.println("Exception while encrypting"); e.printStackTrace(); dbpassword = null; } finally { return dbpassword; } } public static String decryptBlowFish(String to_decrypt, String salt){ String dbpassword = null; try{ SecretKeySpec skeySpec = new SecretKeySpec( salt.getBytes(), "Blowfish" ); // Instantiate the cipher. Cipher cipher = Cipher.getInstance("Blowfish/CBC/PKCS5Padding"); cipher.init(Cipher.DECRYPT_MODE, skeySpec); //byte[] encrypted = cipher.doFinal( URLEncoder.encode(data).getBytes() ); byte[] encrypted = cipher.doFinal( to_decrypt.getBytes() ); dbpassword = new String(encrypted); } catch (Exception e) { System.out.println("Exception while decrypting"); e.printStackTrace(); dbpassword = null; } finally { return dbpassword; } } When i call the decrypt function it gives me the following error: java.security.InvalidKeyException: Parameters missing Any ideas? Thank you

Read the article
Programming an IPTV application- Client/Server

- by Sumit Ghosh

I am part of a team which has been given a task to deploy an IPTV solution for a company. The system has been architect-ed like this. There is Video capture card , which receives satellite signals from a satellite receiver. This video capture card is part of a windows 7 machine. The signals need to be trans coded here and passed to a streaming server which will be received by end users. The end users will be desktop users having a C#.NET application installed to view the channels. I am confused at the choice of server software as I have multiple choices - Windows Media Server, VideoLan (VLC project), or Flash Media Server, it also supports MPEG-2 HD. My main aim to be able to stream MPEG-2 channels with HD quality and encrypt the channels at the server end so that the streams can be protected. I know reversing is possible but it wont be easy as for every naive user with wireshark snooping my streams. If any of you here has ever done such an implementation please do suggest me the best technologies I should go for. Iam open to C#,C++ and other similar languages. Any help shall be deeply appreciated. edit: End Users shall be part of Internet and not necessarily a lan, reason for this question is internet doesn't support multicast like Lan, so I need some suggestions.

Read the article
How can I edit an incoming text message (sms) as it arrives in windows mobile 6 using managed code

- by x86shadow

I want to make an application for pocket PCs to send and receive Encrypted text messages. I have already made an application that gets special text messages ( starting with !farenc! ) and I know how to Encrypt/Decrypt the messages as well. The problem is that I don't know how to edit a text message after it's arrived (for decryption). See code below for more info. using System; using System.Linq; using System.Collections.Generic; using System.ComponentModel; using System.Data; using System.Drawing; using System.Text; using System.Windows.Forms; using Microsoft.WindowsMobile; using Microsoft.WindowsMobile.PocketOutlook; using Microsoft.WindowsMobile.PocketOutlook.MessageInterception; namespace SMSDECRYPT { public partial class Form1 : Form { MessageInterceptor _SMSCatcher = new MessageInterceptor(InterceptionAction.Notify, true); MessageCondition _SMSFilter = new MessageCondition(); public Form1() { InitializeComponent(); _SMSFilter.Property = MessageProperty.Body; _SMSFilter.ComparisonType = MessagePropertyComparisonType.StartsWith; _SMSFilter.CaseSensitive = true; _SMSFilter.ComparisonValue = "!farenc!"; _SMSCatcher.MessageCondition = _SMSFilter; _SMSCatcher.MessageReceived += new MessageInterceptorEventHandler(_SMSCatcher_MessageReceived); } private void Form1_Load(object sender, EventArgs e) { //... } void _SMSCatcher_MessageReceived(object sender, MessageInterceptorEventArgs e) { SmsMessage mySMS = (SmsMessage)e.Message; string sms = mySMS.Body.ToString(); sms = sms.Substring(8); //Decryption //... //Update the received message and replace it with the decrypted text //!!!HELP!!! } } }

Read the article
XML Decryption Bug (referencing issue)

- by OrangePekoe

Hi, Needing some explanation of what exactly the decryption is doing, in addition to some help on solving the problem. Currently, when a portion of XML is encrypted, and then decrypted, the DOM appears to work correctly. We can see the element is encrypted and then see it return back once it is decrypted. Our problem lies when a user tries to change data in that same element after decryption has occurred. When a user changes some settings, data in the XML should change. However, if the user attempts to change an XML element that has been decrypted the changes are not reflected in the DOM. We have a reference pointer to the XML element that is used to bind the element to an object. If you encrypt the node and then decrypt it, the reference pointer now points to a valid orphaned XML element that is no longer part of the DOM. After decryption, there will be 2 copies of the XML element. One in the DOM as expected (though will not reflect new changes), and one orphaned element in memory that is still referenced by our pointer. The orphaned element is valid (reflects new changes). We can see that this orphaned element is owned by the DOM, but when we try to return its parent, it returns null. The question is: Where did this orphaned xml element come from? And how can we get it to correctly append (replace old data) to the DOM? The code resembles: public static void Decrypt(XmlDocument Doc, SymmetricAlgorithm Alg) { if (Doc == null) throw new ArgumentNullException("Doc"); if (Alg == null) throw new ArgumentNullException("Alg"); XmlElement encryptedElement = Doc.GetElementsByTagName("EncryptedData")[0] as XmlElement; if (encryptedElement == null) { throw new XmlException("The EncryptedData element was not found."); } EncryptedData edElement = new EncryptedData(); edElement.LoadXml(encryptedElement); EncryptedXml exml = new EncryptedXml(); byte[] rgbOutput = exml.DecryptData(edElement, Alg); exml.ReplaceData(encryptedElement, rgbOutput); }

Read the article
encryption in c#

- by Raja

i am implementing on algorithm in c#. it has encrypt one word . i have check using decrypt also. now i am using a textbox. want to pass a string in that text box that gives my whole string as cypher text. i dont know how to use. i have mad one loop there and calacated the string length. now suppose my function is it is PasswordEncryptor.cs file public static double REncryptText(double m) {// code } this fuction is doing a single number convertion into the encrpt and in code i know this is wrong i want try in this for (int i = 0; i <= 32; i++) { int [] cyph = new int[5]; // cyph=PasswordEncryptor.REncryptText(i); cypherText.Text = c; } i want that after entering the string into textbox it will call that string till string length and and by adding all the part of string one by one, i will get a final encrpytion code and will use further please help me in doing this

Read the article
How to connect to a third party website in classic asp using javascript for password encryption and yet not giving in the password.

- by Abbi

Hi I have to make changes to classic asp website where once a button is clicked it autologins to a third party website with a intermediate page that warns that you are logging in to a third party website. The thirdparty is providing us with a username and password and gave us an examle javascript to encode the password to send to them. Now where do I store the userid and password. I cannot execute the javascript on the serverside. It has to go to the client. If the asp page which has the encryption javascript goes to the client side then the source can be viewed and the username and password is given out. Is there a way that I can have hidden asp page whose only job is to encrypt the password and create a new url and auto redirect it to that new url. So when the user clicks ok on the intermediate warning page I redirect it to this hidden asp page which does the encryption and a creates a url for get method and redirects to that page. I am a novice as far as java script and classic asp is concerned. Any ideas/ advice will be appreciated. Thanks, --Abbi

Read the article

< Previous Page | 33 34 35 36 37 38 39 40 41 42 43 | Next Page >