w3hello.com logo
Home PHP C# C++ Android Java Javascript Python IOS SQL HTML videos Categories
aes.js & crypto.js best use
If you look at the bottom of the page of aes.js you pointed at you will find: Interoperability With OpenSSL Encrypt with OpenSSL: openssl enc -aes-256-cbc -in infile -out outfile -pass pass:"Secret Passphrase" -e -base64 Decrypt with CryptoJS: <script src="http://crypto-js.googlecode.com/svn/tags/3.1.2/build/rollups/aes.js"></script> <script> var decrypted = CryptoJS.AES.decrypt(openSSLEncrypted, "Secret Passphrase"); </script> So aes.js will use OpenSSL compatible key derivation if you use a passphrase. Now if you look at the key derivation mechanism performed by OpenSSL, EVP_BytesToKey, you will find this remark: Newer applications should use more standard algorithms such as PBKDF2 as defined in PKCS#5v2.1 for key derivation.

Categories : Javascript

Using Crypto.js in meteor
The reason this is happening is due to the variable scoping in meteor. Try putting the cryptojs library files in /server/compatibility. This way the cryptojs library can be accessed in other files. You could also get it working without putting it in /compatibility by removing the var used in the cryptojs source files. The thing is if you do this its harder to keep the files up to date.

Categories : Javascript

Crypto RSA in Python
You are correct in the fact that ssh-keygen is run to convert the generated PEM Format Public Key into a OpenSSH Format Public Key. There's no really good way to do this in Python as far as I know. The OpenSSH format only exists for a Public Key. So, no, you do not need to convert the Private Key if it begins with -------- BEGIN PRIVATE KEY --------- or -------- BEGIN RSA PRIVATE KEY ---------

Categories : Python

Crypto API - CryptRetrieveTimeStamp
MSDN - The CryptRetrieveTimeStamp function encodes a time stamp request and retrieves the time stamp token from a location specified by a URL to a Time Stamping Authority (TSA). Most likely you didn't provide the valid TSA in first parameter, which is - wszUrl [in] A pointer to a null-terminated wide character string that contains the URL of the TSA to which to send the request. Edit - The suggested solution is to change time stamping authority.

Categories : C++

Qt + Crypto++ can't build
Step 7 of the instructions you linked to here appear to be strange. Normally you'd select /MD and /MDd for Release and Debug respectively, or you'd select /MT and /MTd. The crux is that you have your Release build of crypto linked to the Dynamic version of the C Runtime Library (via /MD), but your test exe is set to link to the Static version (via /MT). You should only link to a single version of the CRT - i.e. recompile crypto++ in Release mode with /MT set instead of /MD, or change your test exe to use /MD. For further info on these flags, see the msdn docs.

Categories : C++

Alternatives to Windows Crypto API for C# RSA PKI?
Bouncycastle has a c# crypto library. It generally tracks their Java library but not perfectly. It is not well documented. However, I have found the source code to be very readable. What I have done in the past is use the Javadocs for the Java API as a starting point, then looked through the roughly corresponding classes in the c# library.

Categories : C#

Decoding Hex Encoded Value with Crypto++
The Crypto++ wiki has a number of examples, including use of the HexEncoder and HexDecoder classes. From the wiki: byte decoded[] = { 0xFF, 0xEE, 0xDD, 0xCC, 0xBB, 0xAA, 0x99, 0x88, 0x77, 0x66, 0x55, 0x44, 0x33, 0x22, 0x11, 0x00 }; string encoded; StringSource ss(decoded, sizeof(decoded), true, new HexEncoder( new StringSink(encoded) ) // HexEncoder ); // StringSource cout << encoded << endl; ... $ ./cryptopp-test.exe FFEEDDCCBBAA99887766554433221100

Categories : C++

Protecting crypto keys in RAM?
There is no programmatical way. You can not stop an attacker from freezing your computer and removing the RAM chips for analysis. If someone gains access to your hardware - everything you have on it is in the hands of the attacker. Always keep in mind: http://cdn.howtogeek.com/wp-content/uploads/2013/03/xkcd-security.png

Categories : C

How to use Crypto++ with Jni or NDK for a Android application
The Crypto++ wiki has a page with build instructions from the command line at Android (Command Line). The steps are: Modify the source files to accommodate Android Modify the GNUmakefile to accommodate Android Set a cross compile environment via setenv-android.sh Run make The process will create the various libraries and show you how to build cryptest.exe and verify the library on a device. But you will still need to create you wrapper project using Android's build system. Piotr Morgwai Kotarbiński has a page on building the Crypto++ library with Android's modified build system. See Building Crypto++ with NDK toolchain. I don't believe Piotr's article verifies the library on a device.

Categories : Android

javax.crypto JDK source code, again
The sources are available over Mercurial. For example, the sources for jdk8-b132's javax.crypto are here. Notice that if you are suspecting a backdoor, you have no (easy) way to verify that those sources are actually the sources of the binaries you are using. You should build the JDK yourself to be sure…

Categories : Java

SW 0x6f50 when trying to install crypto applet
It's hard to tell what the problem is as the card returns a proprietary status word that it normally should not return. The 6Fxx error codes are used for unknown errors in the ISO/IEC 7816-4 standards. The value 50 is therefore proprietary to the smart card implementation. Contact the vendor. The datasheet shows us a very limited Java Card platform, it only shows support for the following cryptographic algorithms: DES and TDEA (triple DES) secure and pseudo random SHA-1 So if you go outside of these specifications you should expect a status word denoting an error. Normally you would expect 6A80 though, indicating something is wrong within the command data. The fact that you get an error while instantiating the applet shows that the code is accepted, but that instantiating or initializ

Categories : Java

Trying to obfuscate my project using Crypto broke it
I had this same issue recently and so, although outdated, here is the answer for anyone else. It is related to your build order. I found that the build order in VS did not always correspond to the actual build order. I suggest looking through the output window after a failed build and see which projects are built first and last (you need these to configure Crypto). Obviously, don't forget to ignore any projects that are setup projects or projects not being built in release mode. All that is required, is to reconfigure crypto with the correct first and last projects, reload your solution and it will build.

Categories : C#

Node.js Builtin Crypto: RSA Decryption
As there isn't any asymmetric encryption happening in the nodejs, I think you are more or less lost in the woods. You will require another library if you want to encrypt anything with RSA. The openssl list-cipher-algorithms documentation that crypto.createCipher(algorithm, password) and crypto.createCipheriv(algorithm, key, iv) only lists symmetric algorithms such as AES and DES (etc.). An IV is only used for symmetric algorithms in general in either way. nodejs only seems to support RSA signing and verification. I would really suggest to get deeper into the subject matter before continuing on your development path.

Categories : Node Js

TripleDES encoding in C# and crypto++ differs
The FeedBackSize you have changed, relates to the CFB mode of operation (msdn documentation). Therefore you should also check that Feedback size in C++ and C# are the same. I believe that your bug could be maligned BlockSizes between the C++ code and the C# code. Have you tried setting BlockSize = 8 in the C# implementation?

Categories : C#

pyOpenSSL on Windows 7 Crypto error
You can download pyOpenSsl built msi here! If u use 64bit windows, u can just download 32bit built package, and when install, choose the python location manually. good luck.

Categories : Python

Make CNG crypto API work on Windows XP?
As you certainly already know, CNG rely on a windows vista/seven/8 CNG keyisolation service (keyiso) it's provided by the operating system and not available in XP. You can rely on cryptoAPI which is availaible in XP. It will certainly be cheaper to provide win 7/8 licence than to try to redevelop the service and to port the SDK for XP which was a nice OS but not the future.

Categories : C++

Decrypting string with Microsoft Crypto API with C#
Your external contractor doesn't know what he is talking about. Hashes are used as a trap door function, a way to recognize something without been told what that thing IS. It is a digital fingerprint. The way a CRYPTOGRAPHICALLY SECURE hash is made, means even given the hash and the algorithm it is difficult to create an object that matches the fingerprint. AES is a non-deterministic cypher. The non-determinisism comes from the Initialization Vector, which is meant to be a random number each time (not hard coded from a die roll, ahem Sony). This means for all intents and purposes, the output of AES is pure random (unless you have the key). Good cyphers are all designed to produce data that is statistically random (thus there is little data to form an attack from). So by feeding data int

Categories : C#

Tracing CSP calls within Windows Crypto API
advapi32.dll used to contain cryptography implementation some time ago, but now this functionality has been moved to cryptsp.dll. Windows team sometimes moves implementation of public methods from one DLL into another. See more examples on this in The Old New Thing Blog. Advapi32.dll simply calls into corresponding functions in cryptsp.dll. Apparently certificate APIs in mmc that you were trying to debug are calling directly into cryptsp.dll. Example from a call stack on Windows 8: 0:000> k Child-SP RetAddr Call Site 00000000`0059c278 000007fd`6c1b7d8b CRYPTSP!CryptAcquireContextA 00000000`0059c280 000007fd`6c1ace66 CRYPT32!I_CryptGetDefaultCryptProv+0xbc 00000000`0059c2d0 000007fd`6c1ae1b3 CRYPT32!FastCreateCtlElement+0x4a6 00000000`0059c4e0 000007fd`6c1a248a CRYP

Categories : Windows

System.Web.Helpers.Crypto - Where's the salt?
Answer All passwords need to be salted in order to hash them securely. In this case, however, you are correct. System.Web.Helpers.Crypto takes care of creating a salt for you. You don't need to create one. It is stored in the string returned by Crypto.HashPassword(). Example All you need to do is something like this. using System.Web.Helpers; public void SavePassword(string unhashedPassword) { string hashedPassword = Crypto.HashPassword(unhashedPassword); //Save hashedPassword somewhere that you can retrieve it again. //Don't save unhashedPassword! Just let it go. } public bool CheckPassword(string unhashedPassword) { string savedHashedPassword = //get hashedPassword from where you saved it return Crypto.VerifyHashedPassword(savedHashedPassword, unhashedPassword)

Categories : C#

Installing paramik / Crypto on ubuntu
It worked when I tried it (OS X): $ pip install git+git://github.com/paramiko/paramiko.git $ python Python 2.7.2 (default, Oct 11 2012, 20:14:37) [GCC 4.2.1 Compatible Apple Clang 4.0 (tags/Apple/clang-418.0.60)] on darwin Type "help", "copyright", "credits" or "license" for more information. >>> import paramiko >>> from Crypto import Random >>> I do notice that it requires PyCrypto != 2.4; is it possible that's the version you have installed? How did you install paramiko/PyCrypto?

Categories : Python

Convert Hex string to bytes in crypto++
There is a HexDecoder class in Crypto++. You need to feed this characters. It seems that Crypto++ does not directly distinguish between characters and bytes. So the following line of code supplied by varren will work: StringSink ss(source, new HexEncoder(new StringSink(destination))); const byte* result = (const byte*) destination.data();

Categories : C++

Python Crypto installation issue
If you have i.e. deb-src http://archive.ubuntu.com/ubuntu quantal main in your /etc/apt/sources.list then You don't need to download zip file you can download source using apt-get source like; apt-get install debhelper apt-get source python-crypto apt-get build-dep python-crypto tar xvf python-crypto*debian*tar.gz cd python-crypto* debian/rules binary You can modify your debian/rules file to add custom flags if you need before run debian/rules binary After build is complete you can install packages using dpkg -i *.deb It's also possible that your distro version doesn't meet requirements for installing latest vesion of python-crypto.

Categories : Python

AES encrypt in .NET and decrypt with Node.js crypto?
You should simply write new AesManaged(). You don't need to call Create(). You then need to set Key and IV, then call CreateDecryptor() and put it in a CryptoStream.

Categories : C#

SecurityException Even After Replacing Crypto Policy Jars
The two policy files go into the "jre7/lib/security" folder as the README.txt file instructs, overwriting the existing files, and not into the "jre7" root folder. Also note that you have to use the correct files that match your JRE – the Java 7 policy files probably won't work in Java 6 and vice versa. Also see this question: "Unlimited Strength" JCE Policy Files

Categories : Java

MD4 hashing with Crypto++ results in wrong hash?
Okay, I found the solution by myself. It doesn't work the way I posted above. Here the correct code, it may be useful for someone else: std::string value; CryptoPP::Weak1::MD4 hashmd4; CryptoPP::StringSource (password, true, new CryptoPP::HashFilter( hashmd4, new CryptoPP::HexEncoder( new CryptoPP::StringSink(value) ) ) );

Categories : C++

SALT and HASH password in nodejs w/ crypto
You get the salt by reading the existing hash in your persistence mechanism. If each password has a different salt, you must save that information (typically along with the hash result). You would then compare the new plain text password, hash that using the same salt (and iterations), then compare the byte sequence with the stored one.

Categories : Node Js

How to encrypt using PHP mcrypt and decrypt with node crypto
https://github.com/tugrul/node-mcrypt var mcrypt = require('mcrypt'); var bfEcb = new mcrypt.MCrypt('rijndael-128', 'ecb'); bfEcb.open('M02cnQ51Ji97vwT4'); var ciphertext = new Buffer('6tJ67oaF1X12X/FE4ahLdOrSeu6GhdV9dl/xROGoS3Tq0nruhoXVfXZf8UThqEt06tJ67oaF1X12X/FE4ahLdOrSeu6GhdV9dl/xROGoS3Q=', 'base64'); var plaintext = bfEcb.decrypt(ciphertext); console.log(plaintext.toString());

Categories : PHP

Matching PHP's mcrypt_encrypt() with node.js crypto.createCipher()
There were only four problems with my code: The output doesn't need to be identical. It just needs to decipher to the same plaintext. Given that node and PHP pad differently, chasing identical ciphers was silly of me. ECB mode doesn't use an IV. I was mislead my PHP's mcrypt_get_iv_size(MCRYPT_BLOWFISH, MCRYPT_MODE_ECB) which reports 8 instead of saying "you are a fool". I mistyped crypto.createCipheriv(), which uses the key as given. crypto.createCipher() uses a derivation of the given key (md5, I think). The return value of update() must not be thrown away. So the working solution is: var data, encrypt, sharedSecret; sharedSecret = 'secret'; data = 'whatever'; encrypt = function(d) { var cipher, crypto; crypto = require('crypto'); cipher = crypto.createCipheriv

Categories : PHP

"javax.crypto.IllegalBlockSizeException" when decrypt data from database
You should divide DataDemo variable into 8 byte pieces. public List<Byte[]> divideInto8(Byte[] bytes) { int length = bytes.length; List<Byte[]> returnValues = new ArrayList<Byte[]>(); for (int i = 0; i < length; i = i + 8) { Byte[] thebytes = new Byte[8]; for (int j = 0; j < 8; j++) { thebytes[j] = bytes[i * 8 + j]; } returnValues.add(thebytes); } return returnValues; }

Categories : Java

Configure errror -- Library 'crypto' is required for OpenSSL
For cryptography, PostgreSQL use Zlib, so, you need to install Zlib headers in your Mac, to be able to compile it with crypto support. You can see an example but is for Ubuntu. You need to figure out how to install zlib in Mac: To read more about the pgcrypto module, visit this link.

Categories : Osx

Unable to do RSA Encrption/Decryption using Crypto++ (isValidCoding is false)
This is probably not be correct: byte blockSize = encryptor.FixedMaxPlaintextLength(); ... encryptor.Encrypt(prng, (byte*)plaintext, blockSize, (byte*)output); return cipherSize; Try: size_t maxLength = encryptor.FixedMaxPlaintextLength(); size_t cipherLength = encryptor.CiphertextLength( blockSize ); ... SecureByteBlock secBlock(cipherLength); cipherLength = encryptor.Encrypt(prng, (byte*)plaintext, blockSize, secBlock); secBlock.resize(cipherLength); FixedMaxPlaintextLength returns a size_t, not a byte. You should probably be calling CiphertextLength on plaintext. I'm not really sure how you are just returning an uint_t from encrypt(). You might do better by starting fresh, and using an example from the Crypto++ as a starting point. I'm not sure this design is worth pursuing.

Categories : C++

AES - Encryption with Crypto (node-js) / decryption with Pycrypto (python)
So we started from the "How can i decrypt... OpenSSL" 's answer. We needed to modify the encryption script which gave: crypto = require "crypto" [...] var iv = new Buffer('asdfasdfasdfasdf') var key = new Buffer('asdfasdfasdfasdfasdfasdfasdfasdf') var cipher = crypto.createCipheriv('aes-256-cbc', key, iv); cipher.update(new Buffer("mystring")); var enc = cipher.final('base64'); [...] iv needs to be 16bytes long, key is 32bytes. And we changed createCipher to createCipheriv. Back to the python decryption script: Process was simply reading PyCrypto's documentation, and compare with the code we started from. Then we decided to just stick to the API, and start from scratch. And it gave: from base64 import b64decode from Crypto.Cipher import AES [...] iv = 'asdfasdfasdfasdf' key = 'asdf

Categories : Python

how to make google crypto.js cypher output a string?
Short answer: answer.toString( CryptoJS.enc.Utf8 ); Long answer: The decrypted otuput you're seeing is the original readout string encoded as hex. The reason it's encoded as hex is because the cipher algorithms have no way to know the original character encoding. Was it Latin1? Utf8? Utf16? Etc. By passing the Utf8 encoder to the toString method, we can tell it to use that character encoding.

Categories : Javascript

How to randomize an array with random numbers from crypto.getRandomValues?
There's nothing wrong with this code (although using strings for the numbers 1 to 14 seems pointlessly slow and complex--what's wrong with just the numbers 1 to 14?). You're certainly free to use whatever RNG algorithm you like. But different algorithms are designed to be best suited for different tasks. Generally speaking, RNGs designed for simulations will not be secure for cryptography; cryptographically secure RNGs will be acceptable for simulations, but will probably be too slow. If you only want to play a few games, no problem. But if you want to simulate a billion hands of blackjack or poker, or do Monte Carlo integration with billions of datapoints, using a cryptographic RNG may well take your code from running in minutes to running in weeks for no benefit.

Categories : Javascript

javax.crypto.BadPaddingException as I try to convert hex string to byte array. Why do I get it?
You can never decrypt with a random key. If you do, you will get plaintext consisting of random bytes. The cipher however tries to unpad the message. As it does not find a valid padding, you will get this exception. Note that - by "luck", about once in 256 - the padding may be correct, in which case you simply retrieve random bytes as plaintext.

Categories : Java

Resolve javax.crypto.IllegalBlockSizeException: last block incomplete in decryption
Try this way Replace this byte[] iv = { 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 }; WITH byte[] iv = { '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0','0' };

Categories : Javascript

Javascript: Generate a random number within a range using crypto.getRandomValues
The easiest way is probably by rejection sampling (see http://en.wikipedia.org/wiki/Rejection_sampling). For example, assuming that max - min is less than 256: function getRandomInt(min, max) { // Create byte array and fill with 1 random number var byteArray = new Uint8Array(1); window.crypto.getRandomValues(byteArray); var range = max - min + 1; var max_range = 256; if (byteArray[0] >= Math.floor(max_range / range) * range) return getRandomInt(min, max); return min + (byteArray[0] % range); }

Categories : Javascript

How to resolve "javax.crypto.IllegalBlockSizeException: last block incomplete in decryption" in this code
You are using AES/ECB/PKCS5Padding for decrypting the file but not while encrypting the file. Add AES/ECB/PKCS5Padding for the encryption process as well. So it should be Cipher cipher = Cipher.getInstance("AES/ECB/PKCS5Padding"); Hope this helps

Categories : Java

Android AES decryption and data from iOS:javax.crypto.BadPaddingException: pad block corrupted
I can see several differences in the way you generate the key: In iOS, a key of 16 bytes / 128 bit is generated; in Android it's 256 bits. In iOS, the password is UTF-8 encoded while Android either takes the lower 8 bits or the full 16 bits of each characters (I don't know the details of the specific algorithm). In iOS, you pass an invalid length for the password (the number of characters instead the number of bytes in UTF-8 encoding). You better invest some time in better matching the key generation and comparing the keys before decryption.

Categories : Android

com.sun.crypto.provider.SunJCE is not supported by Google App Engine's Java runtime environment
AppEngine's Java runtime environment has a whitelist of all the classes from the JRE that can be used. https://developers.google.com/appengine/docs/java/jrewhitelist The code sample in this email thread shows one way of doing AES encryption on AppEngine. That would be a good place to start. https://groups.google.com/forum/#!topic/google-appengine/YM8axluLtHg

Categories : Java



© Copyright 2017 w3hello.com Publishing Limited. All rights reserved.