I order to set up SSO and function as Service Provider with my Identity Provider I need to specify which certificate I want to use for signing and encrypting in the exchanged metadata XML file. But how do I create the encrypted and encoded representation (like below) of my certificate so it can be put into the XML. What process do I need...
This is a question about an authentication scheme. Say I have a shared secret string S, and two computers, C1 and C2 Computer one (C1) sends a random string (R) to computer two (C2) C2 hashes (say SHA256) the concatenation of S and R (SR) C2 sends the hash of SR to C1, along with some instructions C1 compares the received hash of SR w...
I am writing an application which reads information from am xml plist in the bundle upon startup. The information in the plist has been compiled through many days of work and I would like to ensure that it cannot be extracted easily from the app bundle by another party after distribution. Is there any way to secure or encrypt xml plists...
I have been tasked with encrypting a string using S/Mime encryption. Eons ago, the firm I work for bought a component for this (from IPWorks) but we have had untold bundles of grief getting their component to play nicely on our servers. Not a functionality issue, more licensing. So in short, I must do it myself. I have trawled the MSDN ...
Hi, Does anyone have a good example of how to do https over http (or a socket)? The embedded java platform doesn't support https out of the box, but I'm sure it should be possible using some 3rd party libraries or source code snippets. If anyone can point me to the correct direction I'd be very grateful ...
I'm trying to write some Perl to inter operate with hash functions in other languages, namely Java at this point. We have found what is presumably a correct source, RFC 4868 which includes some test keys & strings along with their hashed values. I'm using the following snippet, and can't get Perl to come up with the same result. I can ...
Reposting from http://www.mentalis.org/forum/thread.qpx/971 because I need an answer. I hope you guys can help me out. The component in question is Org.Mentalis.SecurityServices.dll. Hey all. I'm having troubles. CryptographicException: Couldn't acquire crypto service provider context. StackTrace: at Org.Mentalis.SecurityServices....
I am interested if it's possible to do string encryption/decryption using Excel Visual Basic and some cryptographic service provider. I have found a walkthrough Encrypting and Decrypting Strings in Visual Basic, but it seems it's valid for standalone Visual Basic only. So would you suggest me another encryption method or show how the w...
I'm looking to encrypt a string in VBScript, and decrypt it in PHP. I have full control over the VBScript/ASP Classic environment, but zero control over my PHP environment. Given this, what sort of encryption could I use that would be adequate enough to secure a string? Apologies for the vagueness of the question, but I do not know wh...
I'm trying to exchange encrypted data between my ASP.NET application and another developer's CF app using TripleDES. Here's his CF code (fictitious key and IV of course): <cfset variables.theKey = "rpaSPvIvVLlrcmtzPU9/c67Gkj7yL1S5"> <cfset variables.theIV = BinaryDecode("password","Base64")> <cfset variables.theAlgorithm = "DESEDE"> <...
My Application can perform 5 business functions. I now have a requirement to build this into the licensing model for the application. My idea is to ship a "keyfile" with the application. The file should contain some encrypted data about which functions are enabled in the app and which are not. I want it semi hack proof too, so that not...
I want to create a portal website for log-in, news and user management. And another web site for a web app that the portal redirects to after login. One of my goals is to be able to host the portal and web-app on different servers. The portal would transmit the user's id to the web-app, once the user had successfully logged in and bee...
I've read several stackoverflow posts about this topic, particularly this one: http://stackoverflow.com/questions/401656/secure-hash-and-salt-for-php-passwords but I still have a few questions, I need some clarification, please let me know if the following statements are true and explain your comments: If someone has access to your d...
I started implementing an RSA2 encrypt / decrypt routine because I thought it would do what I need. Essentially a way to control the encryption and decryption in a way that is NOT machine specific, or using THE REGISTRY OR MACHINE STORE. I really thought the .net libraries in RSA2 allow you to encrypt decrypt based on a private / public...
I have a .net application. What I need to do is store a text value encrypted in a file, then retrieve the encrypted value somewhere else in the code, and decrypt it. I don't need the strongest or most secure encryption method on earth, just something that will suffice to say - I have the value encrypted, and am able to decrypt it. I'...
I would like to use the button encryption in django-paypal, but it requires M2Crypto which will not build on webfaction servers. Tech support at Webfaction told me that pycrypto is already installed on the system, but I am too dumb to translate from M2Crypto to pycrypto. Can anyone tell me how to convert the following to work with pycr...
I'm working on a Grails 1.0.4 project that has to be released in less than 2 weeks, and the customer just came up with a requirement that all data in the database should be encrypted. Since encryption of every database access in the application itself could take a lot of time and will be error prone, the solution I seek is some kind of ...
How would one "sign" an outgoing email using PHP? The proper header I am looking at is: signed-by mydomain.com ...
Below is my current encryption function. define('ENCRYPT_KEY', 'ldkKKmeJddeFffKdjeddd'); function market_dock_api_encrypt($string) { $key = ENCRYPT_KEY; //preset key to use on all encrypt and decrypts. $result = ''; for($i=0; $i<strlen($string); $i++) { $char = substr($string, $i, 1); $keychar = substr($ke...
I am about to sell a program I have written in C# and I want to control licenses for it, strictly. That means I want to let the client connect to my server every single time it starts. This also gives me the ability to disable keys (in case of chargebacks on paypal or distribution of the code). Of course this might be a hassle for other ...