UPDATED I have made the changes to the C# code so it uses a block size of 256. but now the hello world looks like this http://pastebin.com/5sXhMV11 and I cant figure out what I should use with rtrim() to get ride of the mess at the end. Also when you say the IV should be random, by this do you mean don't use the same IV more then once ...
Most of the information that I found and read about properly storing passwords in a database say that I should Hash the password clear text with a unique salt value for each user and then store that hash in the database. But this process doesn't work for my needs... I have a windows service written in C# that needs to connect to other r...
I am using the as3crypto library to encrypt mp3 files in an Adobe Air application. The code below runs without error but I realized that only the first few bytes of the mp3 file are getting encrypted but not the whole file. I have no idea what’s the problem. Could someone please be so kind and have a look at my code below? import com.h...
Hello! How are you supposed to create an autologin feature on your webpage using phpass as encryption of the passwords? I mean, the way it checks the password is by giving the CheckPassword method the password in clear-text and a hashed string of that password (a previously stored hash that is). Then it returns true/false wheter its cor...
Hi, There have been many questions with regard to IV generation, encryption and sharing the IV between the sender and receiver, but I want to make an explicit post regarding the best way to send the IV from the sender to the receiver. From all the posts that I've seen so far, I'm uncertain as to whether it is safe to send the IV in "pl...
Hi all, I cannot get an encryption class to work (it's in a seperate file in the classes folder). The code for the class is: class SymmetricCrypt { // Encryption/decryption key. private static $msSecretKey = "Hello"; // The initialisation vector. private static $msHexaIv = "c7098adc8d6128b5d4b4f7b2fe7f7f05"; // Us...
This code generates a pair of public/private keys: KeyPairGenerator keyGen = KeyPairGenerator.getInstance("RSA"); keyGen.initialize(1024); KeyPair keypair = keyGen.genKeyPair(); PrivateKey privateKey = keypair.getPrivate(); PublicKey publicKey = keypair.getPublic(); What I'd like to know is how do you usually store the public key: Op...
I'm trying do some encrypt something using 3des on the iphone that must match the results from java and .NET. the code i have is: + (NSString*) doCipher:(NSString*)plainText:(CCOperation)encryptOrDecrypt { const void *vplainText; size_t plainTextBufferSize; if (encryptOrDecrypt == kCCDecrypt) { NSData *EncryptData = [NSData dataW...
Digital signature, if I understood right, means sending the message in clear along with a hash of the message which is encrypted using a private key. The recipient of the message calculates the hash, decrypts the received hash using the public key, then compares the two hashes for a match. How safe is this? I mean, you can obtain the ...
I need to send data from my iPhone application to my webserver, and back. To do this securely, I'm using an encryption algorithm. It requires a key that must be known by both the server and the user so that decryption can take place. I was thinking about just using a simple static string in my app and on the server as the key, but the...
Are there any simple encrypt/decrypt functions in Classic ASP? The data that needs to be encrypted and decrypted is not super sensitive. So simple functions would do. ...
setKeyEntry() allows a password to protect a single private key, and store() allows a password to encrypt the entire keyStore. I'm using pkcs12 keystore type with the BC as the provider, and I can't figure out what it's using for encryption. Am I able to specify the kind of encryption used in these methods? ...
I'm creating an application that requires passing email addresses around in querystrings and linking to these pages in public documents. I'd like to prevent my site from becoming spambot heaven, so I'm looking for a simple algorithm (preferably in JavaScript) to encrypt/obfuscate the address so it can be used publicly ina URL without m...
Good day all. I've took out some .net hosting with web fusion but are fighting to get answers regarding their security set up. Specifically i'm used to full trust enviroments as i work for a large utilities company. Usually i would encrypt some / all of my web.config, this i cannot do on their medium trust IIS7 enviroment, nor will t...
Hello! I need to know how to generate this kind of hash. What dows it look like? What could be algorythm name that generated it? 3MJVKXEPzins+VZjNUq1Xw== ...
Howdy, Got an application (C# WPF) that needs to "call home" and get updated stuff from a home server. In theory there could be thousands of client out there, needing to communicate over the public internet. Each user will first register with a username and a password. Then, as the application runs, it will call home every now and then...
Here is my scenario: I have file called gen.asp, when ever someone requests this file It needs to generate a encrypted-random-key and pass it back. (Gen.asp can not store the key it generated, anywhere no session, no database) I have a different file called GenValid.asp, in this file I need to verify weather the encrypted-random-key is...
I need to thread state through the client, but only for particular get requests (aka links). As such, I don't want to add this state to the client's ViewState, cluttering it up. The state needs to be encrypted. How can I create a new ViewState-like dictionary and encrypt it with the key and settings from MachineKey in machine.config? If ...
I have a username and a password for an smtp server. Currently they are hardcoded in my code: string userName = "username"; string password = "password"; Currently, anyone who disassembles my dll could see these strings, correct? I wish to store these securely in the registry, in case of future changes to the smtp server, and/or the ...
Assuming that I created a cloud-based website application that people literally all over the world could use, are there any countries in particular that do not like personal data being encrypted and stored within a database and used in this manner? I'm not saying about storing unencrypted data, I mean about countries that do not like th...