Search Results

Search found 1329 results on 54 pages for 'aes encrypt'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 9/54 | < Previous Page | 5 6 7 8 9 10 11 12 13 14 15 16  | Next Page >

  • How to resolve deprecation warnings for OpenSSL::Cipher::Cipher#encrypt

    - by Olly
    I've just upgraded my Mac to Snow Leopard and got my Rails environment up and running. The only difference -- OSX aside -- with my previous install is that I'm now running ruby 1.8.7 (2008-08-11 patchlevel 72) [universal-darwin10.0] (Snow Leopard default) rather than 1.8.6. I'm now seeing deprecation warnings relating to OpenSSL when I run my code: warning: argumtents for OpenSSL::Cipher::Cipher#encrypt and OpenSSL::Cipher::Cipher#decrypt were deprecated; use OpenSSL::Cipher::Cipher#pkcs5_keyivgen to derive key and IV Example of my code which is causing these warnings (it decodes an encrypted string) on line 4: 1. def decrypt(data) 2. encryptor = OpenSSL::Cipher::Cipher.new('DES-EDE3-CBC') 3. key = "my key" 4. encryptor.decrypt(key) 5. text = encryptor.update(data) 6. text << encryptor.final 7. end I'm struggling to understand how I can resolve this, and Google isn't really helping. Should I try and downgrade to Ruby 1.8.6 (and if so, what's the best way of doing this?), should I try and just hide the warnings (bury my head in the sand?!) or is there an easy fix I can apply in the code?

    Read the article

  • Java - encrypt / decrypt user name and password from a configuration file

    - by nzpcmad
    We are busy developing a Java web service for a client. There are two possible choices: Store the encrypted user name / password on the web service client. Read from a config. file on the client side, decrypt and send. Store the encrypted user name / password on the web server. Read from a config. file on the web server, decrypt and use in the web service. The user name / password is used by the web service to access a third-party application. The client already has classes that provide this functionality but this approach involves sending the user name / password in the clear (albeit within the intranet). They would prefer storing the info. within the web service but don't really want to pay for something they already have. (Security is not a big consideration because it's only within their intranet). So we need something quick and easy in Java. Any recommendations? The server is Tomkat 5.5. The web service is Axis2. What encrypt / decrypt package should we use? What about a key store? What configuration mechanism should we use? Will this be easy to deploy?

    Read the article

  • Python IOError: Not a gzipped file (Gzip and Blowfish Encrypt/Compress)

    - by notbad.jpeg
    I'm having some problems with python's built-in library gzip. Looked through almost every other stack question about it, and none of them seem to work. MY PROBLEM IS THAT WHEN I TRY TO DECOMPRESS I GET THE IOError I'm Getting: Traceback (most recent call last): File "mymodule.py", line 61, in return gz.read() File "/usr/lib/python2.7/gzip.py", line 245, readself._read(readsize) File "/usr/lib/python2.7/gzip.py", line 287, in _readself._read_gzip_header() File "/usr/lib/python2.7/gzip.py", line 181, in _read_gzip_header raise IOError, 'Not a gzipped file'IOError: Not a gzipped file This is my code to send it over SMB, it might not make sense why i do things, but it's normally in a while loop and memory efficient, I just simplified it. buffer = cStringIO.StringIO(output) #output is from a subprocess call small_buffer = cStringIO.StringIO() small_string = buffer.read() #need a string to write to buffer gzip_obj = gzip.GzipFile(fileobj=small_buffer,compresslevel=6, mode='wb') gzip_obj.write(small_string) compressed_str = small_buffer.getvalue() blowfish = Blowfish.new('abcd', Blowfish.MODE_ECB) remainder = '|'*(8 - (len(compressed_str) % 8)) compressed_str += remainder encrypted = blowfish.encrypt(compressed_str) #i send it over smb, then retrieve it later Then this is the code that retrieves it: #buffer is a cStringIO object filled with data from smb retrieval decrypter = Blowfish.new('abcd', Blowfish.MODE_ECB) value = buffer.getvalue() decrypted = decrypter.decrypt(value) buff = cStringIO.StringIO(decrypted) buff.seek(0) gz = gzip.GzipFile(fileobj=buff) return gz.read() Here's the problem return gz.read()

    Read the article

  • Encrypt a file base upon a pregenerated "key" C#

    - by Anubis
    Hello everyone. I'm trying to determine the best course of action to implement a simple "licensing" system with a partner of mine. The concept is: Generate an encrypted value based upon several internal hardware components. Have the customer send this value to us which we will implement into our key generator. Once we have that, we add any other restrictions on the license (user, expires, etc.). From there we generate a file which we send to the customer they can add to their installation and voila, happy people about. I have the first part all done. My next part is trying to figure out which encryption methodology I would need to use. I already know Symmetric Encryption is pretty much the only route I can take. Most of the information I have found involves .NET already creating a key from its own internal methods. That's a bit of background, my question is: "Which encryption method could I use which would allow me to encrypt the restrictions based upon the "id" I was given from the customer's computer?" I'm writing this in C# by the way. Any ideas would be greatly appreciated! Take Care!

    Read the article

  • How to encrypt/decrypt a file in Java?

    - by Petike
    Hello, I am writing a Java application which can "encrypt" and consequently "decrypt" whatever binary file. I am just a beginner in the "cryptography" area so I would like to write a very simple application for the beginning. For reading the original file, I would probably use the java.io.FileInputStream class to get the "array of bytes" byte originalBytes[] of the file. Then I would probably use some very simple cipher, for example "shift up every byte by 1" and then I would get the "encrypted" bytes byte encryptedBytes[] and let's say that I would also set a "password" for it, for example "123456789". Next, when somebody wants to "decrypt" that file, he has to enter the password ("123456789") first and after that the file could be decrypted (thus "shift down every byte by 1") and consequently saved to the output file via java.io.FileOutputStream I am just wondering how to "store" the password information to the encrypted file so that the decrypting application knows if the entered password and the "real" password equals? Probably it would be silly to add the password (for example the ASCII ordinal numbers of the password letters) to the beginning of the file (before the encrypted data). So my main question is how to store the password information to the encrypted file?

    Read the article

  • Best practice to hide/encrypt email adress in webpage

    - by Sebi
    I couldn't find a similar question, that's why here it is: Whats the best way to hide or encrypt an email link in a website, so that a crawler can't read it, but the user can nevertheless click it? I don't want to conufse the users by typing the email like this: john (at) mail.com or similar ways. (and i think this kind of links can nevertheless read by crawlers?) I also tried things like that: <script>// <![CDATA[eval(unescape('%76%61%72%20%73%3D%27%61%6D%6C%69%6F%74%72%3A%62%61%40%65%64%61%6E%6F%6C%2E%69%27%3B%76%61%72%20%72%3D%27%27%3B%66%6F%72%28%76%61%72%20%69%3D%30%3B%69%3C%73%2E%6C%65%6E%67%74%68%3B%69%2B%2B%2C%69%2B%2B%29%7B%72%3D%72%2B%73%2E%73%75%62%73%74%72%69%6E%67%28%69%2B%31%2C%69%2B%32%29%2B%73%2E%73%75%62%73%74%72%69%6E%67%28%69%2C%69%2B%31%29%7D%64%6F%63%75%6D%65%6E%74%2E%77%72%69%74%65%28%27%3C%61%20%68%72%65%66%3D%22%27%2B%72%2B%27%22%3E%4F%62%65%72%70%61%72%6C%65%69%74%65%72%3C%2F%61%3E%27%29%3B'))]]></script> but i heard this can also be read by crawler and it isn't really good practices are ther any common approaches?

    Read the article

  • My C disk show 33gb less space then i have bcs of hidden or encrypted files i cant find

    - by Peter
    Hello I was hoping some one could help me my drive has 92gbs used space, 95gbs free out of 220 partition 33gbs in the air i cant find, already did cleanup, emptied recycle bin, history and temp files also and I believe sin Ive seen before its possibly space my brother used with a program he uses to hide (possibly encrypted) files dont know the name just seen him do it on usb and pc dont appear visible or hidden and result is what you read above is there any way of finding them to delete them hence my brother is nowhere to b found or could it be something else??? already tried freecommander also.

    Read the article

  • NSData to NSString by changing the value null is returned. I need you help

    - by kevin
    *cipher.h, cipher.m all code : http://watchitlater.com/blog/2010/02/java-and-iphone-aes-interoperability Cipher.m -(NSData *)encrypt:(NSData *)plainText{ return [self transform:KCCEncrypt data:plainText; } step1. Cipher *cipher = [[Cipher alloc]initWithKey:@"1234567890"]; NSData *input = [@"kevin" dataUsingEncoding:NSUTF8StringEncoding]; NSData *data = [cipher encrypt:input]; data variables NSLog print : <4d1c4d7f 1592718c fd588cec 84053e35 step2. NSString *changeVal = [[NSString alloc] initWithData:data encoding:NSUTF8StringEncoding]; data variables NSLog print : null NSData to NSString by changing the value null is returned. By converting NSString NSURLConnection want to transfer. I need you help

    Read the article

  • AESlibrary only two lines

    - by user303968
    Does anyone know a c++ library that uses advanced encryption standard encryption that can achieve encryption and decryption (using counter mode) in just two lines of codes. No need of padding or buffering the plaintexts the library will take care of all this. I have had a look at crypto++, openssl and libtomcrypt but in these it seems I need to write codes to buffer and pad the plaintexts which I don't want. In brief, I need something along these lines: ciphertext = encrypt(ctr_mode(),plaintext,key) plaintext = decrypt(ctr_mode(),ciphertext,key) Thanks!

    Read the article

  • Why does the web page I fetch with Perl look odd?

    - by Tichomir Mitkov
    I have a Perl script to open this page http://svejo.net/popular/all/new/ and filter the names of the posts but except headers everything seems encrypted. Nothing can be read. When I open the same page in a browser everything looks fine including the source code. How is it possible to encrypt a page for a script and not for a browser? My Perl script sends the same headers as my browser (Google Chrome).

    Read the article

  • Encrypted HTML page without HTTPS

    - by Tichomir Mitkov
    I have a Perl script to open this page http://svejo.net/popular/all/new/ and filter the names of the posts but except headers everything seems encrypted. Nothing can be read. When I open the same page in a browser everything looks fine including the source code. How is it possible to encrypt a page for a script and not for a browser? My Perl script sends the same headers as my browser (Google Chrome).

    Read the article

  • WCF client encrypt message to JAVA WS using username_token with message protection client policy

    - by Alex
    I am trying to create a WCF client APP that is consuming a JAVA WS that uses username_token with message protection client policy. There is a private key that is installed on the server and a public certificate file was exported from the JKS keystore file. I have installed the public key into certificate store via MMC under Personal certificates. I am trying to create a binding that will encrypt the message and pass the username as part of the payload. I have been researching and trying the different configurations for about a day now. I found a similar situation on the msdn forum: http://social.msdn.microsoft.com/Forums/en/wcf/thread/ce4b1bf5-8357-4e15-beb7-2e71b27d7415 This is the configuration that I am using in my app.config <customBinding> <binding name="certbinding"> <security authenticationMode="UserNameOverTransport"> <secureConversationBootstrap /> </security> <httpsTransport requireClientCertificate="true" /> </binding> </customBinding> <endpoint address="https://localhost:8443/ZZZService?wsdl" binding="customBinding" bindingConfiguration="cbinding" contract="XXX.YYYPortType" name="ServiceEndPointCfg" /> And this is the client code that I am using: EndpointAddress endpointAddress = new EndpointAddress(url + "?wsdl"); P6.WCF.Project.ProjectPortTypeClient proxy = new P6.WCF.Project.ProjectPortTypeClient("ServiceEndPointCfg", endpointAddress); proxy.ClientCredentials.UserName.UserName = UserName; proxy.ClientCredentials.ClientCertificate.SetCertificate(StoreLocation.CurrentUser, StoreName.My, X509FindType.FindByThumbprint, "67 87 ba 28 80 a6 27 f8 01 a6 53 2f 4a 43 3b 47 3e 88 5a c1"); var projects = proxy.ReadProjects(readProjects); This is the .NET CLient error I get: Error Log: Invalid security information. On the Java WS side I trace the log : SEVERE: Encryption is enabled but there is no encrypted key in the request. I traced the SOAP headers and payload and did confirm the encrypted key is not there. Headers: {expect=[100-continue], content-type=[text/xml; charset=utf-8], connection=[Keep-Alive], host=[localhost:8443], Content-Length=[731], vsdebuggercausalitydata=[uIDPo6hC1kng3ehImoceZNpAjXsAAAAAUBpXWdHrtkSTXPWB7oOvGZwi7MLEYUZKuRTz1XkJ3soACQAA], SOAPAction=[""], Content-Type=[text/xml; charset=utf-8]} Payload: <s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" xmlns:u="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"><s:Header><o:Security s:mustUnderstand="1" xmlns:o="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"><o:UsernameToken u:Id="uuid-5809743b-d6e1-41a3-bc7c-66eba0a00998-1"><o:Username>admin</o:Username><o:Password>admin</o:Password></o:UsernameToken></o:Security></s:Header><s:Body xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema"><ReadProjects xmlns="http://xmlns.dev.com/WS/Project/V1"><Field>ObjectId</Field><Filter>Id='WS-Demo'</Filter></ReadProjects></s:Body></s:Envelope> I have also tryed some other bindings but with no success: <basicHttpBinding> <binding name="basicHttp"> <security mode="TransportWithMessageCredential"> <message clientCredentialType="Certificate"/> </security> </binding> </basicHttpBinding> <wsHttpBinding> <binding name="wsBinding"> <security mode="Message"> <message clientCredentialType="UserName" negotiateServiceCredential="false" /> </security> </binding> </wsHttpBinding> Your help will be greatly aprreciatted! Thanks!

    Read the article

  • JSON + 3des encrypt dosen't work

    - by oscurodrago
    i'm trying to pass some JSON data encrypted to my app but seem when i decrypt it my script add some 00 to hexe code making it impossible to be serialized i've tried to pass data uncrypted and crypted and the only difference i found is 00 at the end that is how i read JSON if isn't Encrypted NSLog(@"A) %@", response ); NSMutableArray *json = [NSJSONSerialization JSONObjectWithData:response options:kNilOptions error:&error]; NSLog(@"B) %@", error); that is NSLog Output 2012-03-28 00:43:58.399 VGCollect[5583:f803] A) <5b7b2274 69746c65 223a2252 696c6173 63696174 61206c61 20707269 6d612045 7370616e 73696f6e 65206469 20526167 6e61726f 6b204f64 79737365 79222c22 63617465 676f7279 223a225b 20505356 69746120 5d222c22 696d6755 726c223a 22494d41 4745535c 2f323031 325c2f30 335c2f30 30303038 3536345f 31353078 38302e6a 7067227d 2c7b2274 69746c65 223a2250 68616e74 61737920 53746172 204f6e6c 696e6520 3220616e 63686520 73752069 4f532065 20416e64 726f6964 20222c22 63617465 676f7279 223a225b 20495048 4f4e452c 2050432c 20505356 69746120 5d222c22 696d6755 726c223a 22494d41 4745535c 2f323031 325c2f30 335c2f30 30303038 3437355f 31353078 38302e6a 7067227d 2c7b2274 69746c65 223a2250 72696d69 20536372 65656e73 686f7420 696e2061 6c747261 20726973 6f6c757a 696f6e65 20706572 202e6861 636b5c2f 5c2f7665 72737573 222c2263 61746567 6f727922 3a225b20 50533320 5d222c22 696d6755 726c223a 22494d41 4745535c 2f323031 325c2f30 335c2f30 30303038 3437325f 31353078 38302e6a 7067227d 2c7b2274 69746c65 223a2269 6c206e75 6f766f20 444c4320 64692046 696e616c 2046616e 74617379 20584949 492d3220 636f6e66 65726d61 746f2061 6e636865 20696e20 416d6572 69636122 2c226361 7465676f 7279223a 225b2050 53332c20 58333630 205d222c 22696d67 55726c22 3a22494d 41474553 5c2f3230 31325c2f 30335c2f 30303030 38343439 5f313530 7838302e 6a706722 7d2c7b22 7469746c 65223a22 52656769 73747261 746f2069 6c206d61 72636869 6f205461 6c657320 6f662058 696c6c69 6120696e 20457572 6f706122 2c226361 7465676f 7279223a 225b2050 5333205d 222c2269 6d675572 6c223a22 494d4147 45535c2f 32303132 5c2f3033 5c2f3030 30303834 34385f31 35307838 302e6a70 67227d2c 7b227469 746c6522 3a225376 656c6174 69202e68 61636b5c 2f5c2f56 65727375 732e2065 202e6861 636b5c2f 5c2f5365 6b616920 6e6f204d 756b6f75 206e6922 2c226361 7465676f 7279223a 225b2050 5333205d 222c2269 6d675572 6c223a22 494d4147 45535c2f 32303132 5c2f3033 5c2f3030 30303834 33345f31 35307838 302e6a70 67227d2c 7b227469 746c6522 3a22476f 6e205061 6b752050 616b7520 50616b75 2050616b 75204164 76656e74 75726520 756e206e 756f766f 2067696f 636f2064 69204e61 6d636f20 42616e64 6169222c 22636174 65676f72 79223a22 5b203344 53205d22 2c22696d 6755726c 223a2249 4d414745 535c2f32 3031325c 2f30335c 2f303030 30383432 385f3135 30783830 2e6a7067 227d2c7b 22746974 6c65223a 224e756f 76652069 6d6d6167 696e6920 6520696e 666f2064 69204669 72652045 6d626c65 6d204177 616b656e 696e6722 2c226361 7465676f 7279223a 225b2033 4453205d 222c2269 6d675572 6c223a22 494d4147 45535c2f 32303132 5c2f3033 5c2f3030 30303834 31365f31 35307838 302e6a70 67227d2c 7b227469 746c6522 3a225072 696d6520 696d6d61 67696e69 20646569 206e756f 76692044 4c432064 69204669 6e616c20 46616e74 61737920 58494949 2d32222c 22636174 65676f72 79223a22 5b205053 332c2058 33363020 5d222c22 696d6755 726c223a 22494d41 4745535c 2f323031 325c2f30 335c2f30 30303038 3431325f 31353078 38302e6a 7067227d 2c7b2274 69746c65 223a2249 6e206172 7269766f 20717565 73746f20 41757475 6e6e6f20 45706963 204d6963 6b657920 323a2054 68652050 6f776572 206f6620 54776f22 2c226361 7465676f 7279223a 225b2050 53332c20 5769692c 20583336 30205d22 2c22696d 6755726c 223a2249 4d414745 535c2f32 3031325c 2f30335c 2f303030 30383430 385f3135 30783830 2e6a7067 227d5d> 2012-03-28 00:43:58.410 VGCollect[5583:f803] B) (null) instead that is how i serialize my crypted JSON NSData *decryptBase64 = [GTMBase64 decodeData:response]; NSData *decrypt3DES = [Crypt TripleDES:decryptBase64 encryptOrDecrypt:kCCDecrypt key:@"2b9534b45611cbb2436e625d"]; NSLog(@"A) %@", decrypt3DES ); NSMutableArray *json = [NSJSONSerialization JSONObjectWithData:decrypt3DES options:kNilOptions error:&error]; NSLog(@"B) %@", error); and that is the NSLog output 2012-03-28 00:41:51.525 VGCollect[5529:f803] A) <5b7b2274 69746c65 223a2252 696c6173 63696174 61206c61 20707269 6d612045 7370616e 73696f6e 65206469 20526167 6e61726f 6b204f64 79737365 79222c22 63617465 676f7279 223a225b 20505356 69746120 5d222c22 696d6755 726c223a 22494d41 4745535c 2f323031 325c2f30 335c2f30 30303038 3536345f 31353078 38302e6a 7067227d 2c7b2274 69746c65 223a2250 68616e74 61737920 53746172 204f6e6c 696e6520 3220616e 63686520 73752069 4f532065 20416e64 726f6964 20222c22 63617465 676f7279 223a225b 20495048 4f4e452c 2050432c 20505356 69746120 5d222c22 696d6755 726c223a 22494d41 4745535c 2f323031 325c2f30 335c2f30 30303038 3437355f 31353078 38302e6a 7067227d 2c7b2274 69746c65 223a2250 72696d69 20536372 65656e73 686f7420 696e2061 6c747261 20726973 6f6c757a 696f6e65 20706572 202e6861 636b5c2f 5c2f7665 72737573 222c2263 61746567 6f727922 3a225b20 50533320 5d222c22 696d6755 726c223a 22494d41 4745535c 2f323031 325c2f30 335c2f30 30303038 3437325f 31353078 38302e6a 7067227d 2c7b2274 69746c65 223a2269 6c206e75 6f766f20 444c4320 64692046 696e616c 2046616e 74617379 20584949 492d3220 636f6e66 65726d61 746f2061 6e636865 20696e20 416d6572 69636122 2c226361 7465676f 7279223a 225b2050 53332c20 58333630 205d222c 22696d67 55726c22 3a22494d 41474553 5c2f3230 31325c2f 30335c2f 30303030 38343439 5f313530 7838302e 6a706722 7d2c7b22 7469746c 65223a22 52656769 73747261 746f2069 6c206d61 72636869 6f205461 6c657320 6f662058 696c6c69 6120696e 20457572 6f706122 2c226361 7465676f 7279223a 225b2050 5333205d 222c2269 6d675572 6c223a22 494d4147 45535c2f 32303132 5c2f3033 5c2f3030 30303834 34385f31 35307838 302e6a70 67227d2c 7b227469 746c6522 3a225376 656c6174 69202e68 61636b5c 2f5c2f56 65727375 732e2065 202e6861 636b5c2f 5c2f5365 6b616920 6e6f204d 756b6f75 206e6922 2c226361 7465676f 7279223a 225b2050 5333205d 222c2269 6d675572 6c223a22 494d4147 45535c2f 32303132 5c2f3033 5c2f3030 30303834 33345f31 35307838 302e6a70 67227d2c 7b227469 746c6522 3a22476f 6e205061 6b752050 616b7520 50616b75 2050616b 75204164 76656e74 75726520 756e206e 756f766f 2067696f 636f2064 69204e61 6d636f20 42616e64 6169222c 22636174 65676f72 79223a22 5b203344 53205d22 2c22696d 6755726c 223a2249 4d414745 535c2f32 3031325c 2f30335c 2f303030 30383432 385f3135 30783830 2e6a7067 227d2c7b 22746974 6c65223a 224e756f 76652069 6d6d6167 696e6920 6520696e 666f2064 69204669 72652045 6d626c65 6d204177 616b656e 696e6722 2c226361 7465676f 7279223a 225b2033 4453205d 222c2269 6d675572 6c223a22 494d4147 45535c2f 32303132 5c2f3033 5c2f3030 30303834 31365f31 35307838 302e6a70 67227d2c 7b227469 746c6522 3a225072 696d6520 696d6d61 67696e69 20646569 206e756f 76692044 4c432064 69204669 6e616c20 46616e74 61737920 58494949 2d32222c 22636174 65676f72 79223a22 5b205053 332c2058 33363020 5d222c22 696d6755 726c223a 22494d41 4745535c 2f323031 325c2f30 335c2f30 30303038 3431325f 31353078 38302e6a 7067227d 2c7b2274 69746c65 223a2249 6e206172 7269766f 20717565 73746f20 41757475 6e6e6f20 45706963 204d6963 6b657920 323a2054 68652050 6f776572 206f6620 54776f22 2c226361 7465676f 7279223a 225b2050 53332c20 5769692c 20583336 30205d22 2c22696d 6755726c 223a2249 4d414745 535c2f32 3031325c 2f30335c 2f303030 30383430 385f3135 30783830 2e6a7067 227d5d00> 2012-03-28 00:41:51.530 VGCollect[5529:f803] B) Error Domain=NSCocoaErrorDomain Code=3840 "The operation couldn’t be completed. (Cocoa error 3840.)" (Garbage at end.) UserInfo=0x6ccdd40 {NSDebugDescription=Garbage at end.} as u can see the only difference between 2 NSlogs is 00 at the end of second hexcode and the error on serialization of it do u know how fix that ? idk if is needed, that is my script for encrypt data +(NSData*)TripleDES:(NSData*)plainData encryptOrDecrypt:(CCOperation)encryptOrDecrypt key:(NSString*)key { const void *vplainText; size_t plainTextBufferSize; plainTextBufferSize = [plainData length]; vplainText = (const void *)[plainData bytes]; CCCryptorStatus ccStatus; uint8_t *bufferPtr = NULL; size_t bufferPtrSize = 0; size_t movedBytes = 0; // uint8_t ivkCCBlockSize3DES; bufferPtrSize = (plainTextBufferSize + kCCBlockSize3DES) & ~(kCCBlockSize3DES - 1); bufferPtr = malloc( bufferPtrSize * sizeof(uint8_t)); memset((void *)bufferPtr, 0x0, bufferPtrSize); // memset((void *) iv, 0x0, (size_t) sizeof(iv)); // NSString *key = @"123456789012345678901234"; NSString *initVec = @"init Vec"; const void *vkey = (const void *) [key UTF8String]; const void *vinitVec = (const void *) [initVec UTF8String]; ccStatus = CCCrypt(encryptOrDecrypt, kCCAlgorithm3DES, (kCCOptionPKCS7Padding | kCCOptionECBMode) , vkey, //"123456789012345678901234", //key kCCKeySize3DES, vinitVec, //"init Vec", //iv, vplainText, //"Your Name", //plainText, plainTextBufferSize, (void *)bufferPtr, bufferPtrSize, &movedBytes); NSData *result = [NSData dataWithBytes:(const void *)bufferPtr length:(NSUInteger)movedBytes]; return result; }

    Read the article

  • Enigmail - how to encrypt only part of the message?

    - by Lukasz Zaroda
    When I confirmed my OpenPGP key on launchpad I got a mail from them, that was only partially encrypted with my key (only few paragraphs inside the message). Is it possible to encrypt only chosen part of the message with Enigmail? Or what would be the easiest way to accomplish it? Added #1: I found a pretty convenient way for producing ASCII armoured encrypted messages by using Nautilus interface (useful for ones that for some reason doesn't like to work with terminal). You need to install Nautilus-Actions Configuration Tool, and add there a script with a name eg. "Encrypt in ASCII" and parameters: path: gpg parameters: --batch -sear %x %f The trick is that now you can create file, with extension that would be name of your recipient, you can then fill it with your message, right click it in Nautilus, choose "Encrypt in ASCII", and you will have encrypted ascii file which content you can (probably) just copy to your message. But if anybody knows more convenient solution please share it. Added #1B: In the above case if you care more about security of your messages, It's worth to turning off invisible backup files that gedit creates every time, you create new document, or just remember to delete them.

    Read the article

  • Compute the AES-encryption key given the plaintext and its ciphertext?

    - by Null Pointers etc.
    I'm tasked with creating database tables in Oracle which contain encrypted strings (i.e., the columns are RAW). The strings are encrypted by the application (using AES, 128-bit key) and stored in Oracle, then later retrieved from Oracle and decrypted (i.e., Oracle itself never sees the unencrypted strings). I've come across this one column that will be one of two strings. I'm worried that someone will notice and presumably figure out what those two values to figure out the AES key. For example, if someone sees that the column is either Ciphertext #1 or #2: Ciphertext #1: BF,4F,8B,FE, 60,D8,33,56, 1B,F2,35,72, 49,20,DE,C6. Ciphertext #2: BC,E8,54,BD, F4,B3,36,3B, DD,70,76,45, 29,28,50,07. and knows the corresponding Plaintexts: Plaintext #1 ("Detroit"): 44,00,65,00, 74,00,72,00, 6F,00,69,00, 74,00,00,00. Plaintext #2 ("Chicago"): 43,00,68,00, 69,00,63,00, 61,00,67,00, 6F,00,00,00. can he deduce that the encryption key is "Buffalo"? 42,00,75,00, 66,00,66,00, 61,00,6C,00, 6F,00,00,00. I'm thinking that there should be only one 128-bit key that could convert Plaintext #1 to Ciphertext #1. Does this mean I should go to a 192-bit or 256-bit key instead, or find some other solution? (As an aside, here are two other ciphertexts for the same plaintexts but with a different key.) Ciphertext #1 A ("Detroit"): E4,28,29,E3, 6E,C2,64,FA, A1,F4,F4,96, FC,18,4A,C5. Ciphertext #2 A ("Chicago"): EA,87,30,F0, AC,44,5D,ED, FD,EB,A8,79, 83,59,53,B7.

    Read the article

  • how to display the decrypted and splited Strings in order?

    - by sebby_zml
    Hi everyone, i need some help and guidance in displaying the splitted Strings in order. let say, i have username, password, nonceInString. i had successfully encrypted and decrypted those. then i split the decrypted data. it was done, too. i want to display the decrypted data in order. something like this. userneme: sebastian password: harrypotter nonce value: sdgvay1saq3qsd5vc6dger9wqktue2tz* i tried the following code, but it didn't display like i wish to. pls help. thanks a lot in advance. String codeWord = username + ";" + password + ";" + nonceInString; String encryptedData = aesEncryptDecrypt.encrypt(codeWord); String decryptedData = aesEncryptDecrypt.decrypt(encryptedData); String[] splits = decryptedData.split(";"); String[] variables = {"username", "password", "nonce value"}; for (String data : variables){ for (String item : splits){ System.out.println( data + ": "+ item); } }

    Read the article

  • If attacker has original data and encrypted data, can they determine the passphrase?

    - by Brad Cupit
    If an attacker has several distinct items (for example: e-mail addresses) and knows the encrypted value of each item, can the attacker more easily determine the secret passphrase used to encrypt those items? Meaning, can they determine the passphrase without resorting to brute force? This question may sound strange, so let me provide a use-case: User signs up to a site with their e-mail address Server sends that e-mail address a confirmation URL (for example: https://my.app.com/confirmEmailAddress/bill%40yahoo.com) Attacker can guess the confirmation URL and therefore can sign up with someone else's e-mail address, and 'confirm' it without ever having to sign in to that person's e-mail account and see the confirmation URL. This is a problem. Instead of sending the e-mail address plain text in the URL, we'll send it encrypted by a secret passphrase. (I know the attacker could still intercept the e-mail sent by the server, since e-mail are plain text, but bear with me here.) If an attacker then signs up with multiple free e-mail accounts and sees multiple URLs, each with the corresponding encrypted e-mail address, could the attacker more easily determine the passphrase used for encryption? Alternative Solution I could instead send a random number or one-way hash of their e-mail address (plus random salt). This eliminates storing the secret passphrase, but it means I need to store that random number/hash in the database. The original approach above does not require storage in the database. I'm leaning towards the the one-way-hash-stored-in-the-db, but I still would like to know the answer: does having multiple unencrypted e-mail addresses and their encrypted counterparts make it easier to determine the passphrase used?

    Read the article

  • If attacker has original data, and encrypted data, can they determine the passphrase?

    - by Brad Cupit
    If an attacker has several distinct items (for example: e-mail addresses) and knows the encrypted value of each item, can the attacker more easily determine the secret passphrase used to encrypt those items? Meaning, can they determine the passphrase without resorting to brute force? This question may sound strange, so let me provide a use-case: User signs up to a site with their e-mail address Server sends that e-mail address a confirmation URL (for example: https://my.app.com/confirmEmailAddress/bill%40yahoo.com) Attacker can guess the confirmation URL and therefore can sign up with someone else's e-mail address, and 'confirm' it without ever having to sign in to that person's e-mail account and see the confirmation URL. This is a problem. Instead of sending the e-mail address plain text in the URL, we'll send it encrypted by a secret passphrase. (I know the attacker could still intercept the e-mail sent by the server, since e-mail are plain text, but bear with me here.) If an attacker then signs up with multiple free e-mail accounts and sees multiple URLs, each with the corresponding encrypted e-mail address, could the attacker more easily determine the passphrase used for encryption? Alternative Solution I could instead send a random number or one-way hash of their e-mail address (plus random salt). This eliminates storing the secret passphrase, but it means I need to store that random number/hash in the database. The original approach above does not require this extra table. I'm leaning towards the the one-way hash + extra table solution, but I still would like to know the answer: does having multiple unencrypted e-mail addresses and their encrypted counterparts make it easier to determine the passphrase used?

    Read the article

  • [C#] How to receive uncrackable data or so ? ;P

    - by Prix
    Hi, I am working on an C# application to communicate with my website and retrieve some information from it, using SSL which is working just fine. Now what i want/need is a way to receive encrypted or codified or obfuscated data that if some one cracks my application they will not be able to decrypt the data because it needs something from the server (api, website) but yet the application needs to decrypt it in order to use it... initally i was thinking of an inside RSA pair or keys, to send and receive the encrypt data but let's consider that someone has cracked the application, they could just replace those keys for keys they have made, so i was looking into some methods but havent found or been able to think of any way to harder this... I was learning about RSA, encryption and such and started developing this as a self learning and got involved with it and now i am trying to figure out a way to receive data like that... I have considered obfuscating and compiling my code with packers and etc but this is not about packing it etc... i am more interested in knowing a better way to secure what i described i know it may or is impossible but yet i am looking forward to some approch. I would appreciate advices, suggestions and C# code samples, if you need more information or anything please let me know.

    Read the article

  • encrypting passwords in a python conf file on a windows platform

    - by Richard
    Hello all. I have a script running on a remote machine. db info is stored in a configuration file. I want to be able to encrypt the password in the conf text so that no one can just read the file and gain access to the database. This is my current set up: My conf file sensitive info is encoded with base64 module. The main script then decodes the info. I have compiled the script using py2exe to make it a bit harder to see the code. My question is: Is there a better way of doing this? I know that base64 is not a very safe way of encrypting. Is there a way to encode using a key? I also know that py2exe can be reversed engineered very easily and the key could be found. Any other thoughts? I am also running this script on a windows machine, so any modules that are suggested should be able to run in a windows environment with ease. I know there are several other posts on this topic but I have not found one with a windows solution, or at least one that is will explained.

    Read the article

  • How to encrypt Amazon CloudFront signature for private content access using canned policy

    - by Chet
    Has anyone using .net actually worked out how to successfully sign a signature to use with CloudFront private content? After a couple of days of attempts all I can get is Access Denied. I have been working with variations of the following code and also tried using OpenSSL.Net and AWSSDK but that does not have a sign method for RSA-SHA1 yet. The signature (data) looks like this {"Statement":[{"Resource":"http://xxxx.cloudfront.net/xxxx.jpg","Condition":?{"DateLessThan":?{"AWS:EpochTime":1266922799}}}]} This method attempts to sign the signature for use in the canned url. So of the variations have included chanding the padding used in the has and also reversing the byte[] before signing as apprently OpenSSL do it this way. public string Sign(string data) { using (SHA1Managed SHA1 = new SHA1Managed()) { RSACryptoServiceProvider provider = new RSACryptoServiceProvider(); RSACryptoServiceProvider.UseMachineKeyStore = false; // Amazon PEM converted to XML using OpenSslKey provider.FromXmlString("<RSAKeyValue><Modulus>....."); byte[] plainbytes = System.Text.Encoding.UTF8.GetBytes(data); byte[] hash = SHA1.ComputeHash(plainbytes); //Array.Reverse(sig); // I have see some examples that reverse the hash byte[] sig = provider.SignHash(hash, "SHA1"); return Convert.ToBase64String(sig); } } Its useful to note that I have verified the content is setup correctly in S3 and CloudFront by generating a CloudFront canned policy url using my CloudBerry Explorer. How do they do it? Any ideas would be much appreciated. Thanks

    Read the article

  • How to connect to WPA2 encrypted wireless-network when booted from CloneZilla Live-CD?

    - by caligula
    My intention is to perform a backup of my laptop's (Dell Vostro 3350) sda1 disk to my desktop. After some googling I decided to use CloneZilla for that purpose. I have an OpenSSH server installed and running on my desktop. So I inserted CloneZilla CD to CD-rom, booted from it, then chose an option smth like "use ssh server to store image". Then I got an invitation to choose a network interface. I chose wlan0 and entered shell to manualy configure connection. And that's where I got into trouble, for wifi-network which I wanted to use is WPA2-encrypted, and I don't know how to connect to it from command line. Can somebody assist me. Appreciation for advance.

    Read the article

  • Setup 2003 R2 Radius server to work on vista/seven

    - by Fox
    Hi All, I'm currently trying to configure my 2003 R2 server RADIUS module to enable WIFI client to authenticate throught my Active Directory. The RADIUS server use MS-CHAP V2 as encryption method. I got several Access Point running DD-WRT, configured to use WPA2-Enterprise security that use Radius Server. Everything is setup, and almost working. When I say almost working, I mean, I can login using my AD Credential on my IPod or even on a MacBook running OS X, Windows XP also work with some little tweak in connection properties. The problem is Windows Vista or Windows Seven clients computers that are not inside domain. It doesn't work at all, it doesn't even prompt for user/password/domain. I already install the patch for IAS to make the certsrv compatible with Vista and Seven, but still doesn't work. Anyone ever encounter the same issue I have right now? I'm searching for a solution to this for several already and still not find anything. Looks like many people have the same issue too. Thanks all for you eventual answers.

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 5 6 7 8 9 10 11 12 13 14 15 16  | Next Page >