AES doubt
I tried to encrypt/decrypt plaintext using AES. Though the Encryption/Decryption was success, It generated a doubt, and I am stuck !
If my input length is <=15 characters, the output is of 16 bytes, as it should be. AES is a 128 bit block cipher, then how it is that I input a plaintext of exactly 16 bytes (A string of 16 characters), it outputs a byte array of 32 elements (that is 32*8= 256 bits) ??? On the other hand, the same input has been given to a Pearl-code, which is generating a cipherText of 16 bytes which is the same as the first 16 bytes of the 32 bytes generated in Java.
Please Help!
This seems to be a padding problem. I don't know that I'd call it a "problem" - it's just padding doing its job.
It may be the your java AES implementation is
defaulting to a more conservative level of security.Java providers generally make many cipher/mode/padding combinations available. To get at them, you have to be explicit - "AES/CBC/PKCS5Padding", for example. If you're not explicit (e.g., "AES"), then you get whatever mode and padding the Provider-writer decided was "most usual".
I never use the defaults any more. Especially when you're doing crypto between entities using different libraries, it's just too easy for things to Not match.
Grant
Similar Messages
-
AES Encryption - Encrypted value lengths
HI all -
I am attempting to use CF 8's AES encryption feature, and
have not found a critical piece of info in the docs to enable me to
progress.
I am using the function to encrypt a password that can be
from 6 to 16 characters long, which will be stored in a database. I
am using generateSecretKey("AES"), and that gives me a 24 character
key that I'm storing for future decryption use. I find that when I
use the key to encrypt a 6 character password the resulting
encrypted string is 32 characters long, but when I encrypt a 16
character password I get a 64 character encrypted string. This is
the case whether I specify "HEX" or "UU" as the encoding.
Without knowing how the length of the resulting encoded
string is determined, I cannot know how large to make my database
column. (MySQL's AES encryption gives the formula 16 ×
(trunc(string_length / 16) + 1) to arrive at the resulting string's
length, but that formula doesn't yield the results I'm seeing in
CFMX). Can anyone point me to a doc, or explain to me how to
determine the column length for storing the resulting encrypted
value?No. Only things like key, encoding and string size should
matter. If the encoding is "hex", 1-15 characters should produce
size 32, 16-31 characters should produce 64, etcetera. Unless space
is at a premium, you could always increase the field size if that
makes you feel more comfortable.
Well, the results are dictated by the AES standard and basic
string encoding rules, not CF. I highly doubt either one is going
to change any time soon ;-) I agree documentation is good. However,
unlike aes_encrypt, the encrypt function supports many different
algorithms. Most of which have a distinct set of rules. So it would
probably be difficult to provide accurate information about all of
them. Especially as the specifications for each one alone probably
spans volumes ;-) -
hi i have a doubt....
in fbl1n transaction, there are open items and cleared items.
in it the cleared items for certain document types such as invoice etc is not present in the open item table (bsik)
however the cleared items for document types such as general voucher its present in the open items table (bsik)
is this possible as all cleared item entries shld b present in the open item table with an indicator set for cleared or not...
plz exlain!Hi
There are 2 tables(open and Closed Items) in FI for Account Payables and Account Receivables and GL accounts
1.Account payables: BSIK is Open Items and BSAK is Closed items
2.Account Receivables; BSID and BSAD for OPEN and closed items
3/GL accounts : BSIS and BSAS for Open and Closed Items
<b>Reward points for useful Answers</b>
Regards
Anji -
Doubt in creation of a new object
Hi All,
I have one doubt in creation of a new object.If a new object is to be created and it is not a subtype
of any existing object, then what should we enter in the Program field for creating the object?
I hope I am clear with my question.
Thanks in Advance,
Saket.Hi Saket,
Following will be required for created a custom business object.
1. Object Type - ZTEST (Internal Techincal Key)
2. Object Name - ZTESTNAME (Technical Key Name)
3. Name - TEST (Name of BO, it is used while selecting the object type)
4. Description - (Short Description of BO)
5. Program - ZTESTPROGRAM (ABAP program in which the methods of the object type are implemented)
6. Application - A or B.. etc (Area to which your BO is related)
Please remember that you can learn these basic things by giving F1 help on those fields and in HELP.SAP.COM.
Regards,
Gautham Paspala -
Hi Everyone,
Can we read and validate the attachment of the mail.If so how to do it.
Thanks in advance,
SakthiHi Sakthi,
Please refere the below links:
http://help.sap.com/saphelp_nw2004s/helpdata/en/ad/bf93409c663228e10000000a1550b0/frameset.htm
http://help.sap.com/saphelp_nw2004s/helpdata/en/0d/52b240ac052817e10000000a1550b0/frameset.htm
Let me know if you have any doubts regarding this.
Thanks,
sekhar. -
PI' RFC Connection pool doubt.
Hi PI exports:
i have a doubt about pi' RFC Connection pool ,pi RFC receive channel can set the conn pool size ,but when start the rfc receiver channel ,is there always only one Connection pool ,or there is only one Connection pool instance?
thinks
Edited by: kevin liang on Oct 19, 2009 6:45 AMHi,
Connection poolins size means how many number of connection you want to make open to send data to ECC, We can define maximum number of connection in Receiver RFC Adapter,Go to additional parameters section and define Max Number of connection give the number there,thats it.Internally it works as Connection poolin mechanism.
Regards,
Raj -
Small Doubt Regarding SY-MANDT
Hi All,
SELECT changenr FROM cdhdr CLIENT SPECIFIED INTO CORRESPONDING FIELDS OF TABLE it_cdhdr
WHERE mandant = syst-mandt
AND objectclas = 'MATERIAL'
AND objectid = wa_matl-matnr
AND tcode = 'MM02'.
I have written the select stament as shown above.
In this i have a doubt like adding a field sy-mandt in the where condition will increase the Efficiency of program or not.
regards,
raghu.Hi..
No doubt the efficency would be affected but from business point of view there will many things that need to be checked as in:
If you are viewing data from CDHDR and CDPOS which is client specific then you are not viewing complete data.
These tables give us and document changes made to a particular object in SAP but if anything is cross client like company code(lets assume) then changes to it wont be visible in all the clients..
so there can be some key information you can miss out while working on some of the objects.
else in this case its good to make query cross client.
regards
vishal -
Doubts with control break statements on internal table loops (AT/ENDAT)
Hi, i've had a couple of doubts for a long while which I hope someone can clarify today:
1) I know how to use the AT statements, however, i'm not sure I get correctly what this part of help regarding this commands means:
<i>"The control level structure with internal tables is static. It corresponds exactly to the sequence of columns in the internal table (from left to right). In this context, the criteria according to which you sort the internal table are unimportant."</i>
I've always sorted the internal table before the control break and it works that way. For example:
SORT ITAB BY EBELN EBELP.
LOOP AT ITAB.
AT NEW EBELN.
* Code for the order header
ENDAT.
ENDLOOP.
If I <b>don't</b> sort the internal table, it doesn't work! (i get dupplicated processing). In the example, if i have more than one register with the same EBELN and they're not consecutive, the header gets processed twice. I really don't get that part of the help text.
2) I know this: <i>"At the start of a new control level (i.e. immediately after AT), the following occurs in the output area of the current LOOP statement:
All character type fields (on the right) are filled with "*" after the current control level key.
All other fields (on the right) are set to their initial values after the current control level key."</i>
My doubt is: WHY is that this way? Because sometimes (most times) I need those fields INSIDE the statement! So when that happened i've solved it in one of three ways:
LOOP AT ITAB INTO WA_ITAB.
WA_ITAB_AUX = WA_ITAB.
AT NEW FIELD.
WA_ITAB = WA_ITAB_AUX.
* ...Rest of the code for the first register
ENDAT.
ENDLOOP.
LOOP AT ITAB INTO WA_ITAB.
AT NEW FIELD.
READ TABLE ITAB INDEX SY-TABIX INTO WA_ITAB.
* ...Rest of the code for the first register
ENDAT.
ENDLOOP.
* (Without AT)
LOOP AT ITAB INTO WA_ITAB.
IF WA_ITAB-FIELD <> FIELD_AUX.
FIELD_AUX = WA_ITAB_FIELD.
* ...Rest of the code for the first register
ENDIF.
ENDLOOP.
Is there any problem with this way of coding? Can be done better?
Thank you very much in advance.Hi..,
1)
See if u sort the table on a field on which u r using AT ENDAT .. then all the records which are having the same value for that field will form a group or those reocrds will be at one place.. so when u sort the table for all the records AT ENDAT will get executed onli once..
If u dont sort this table on this field then all these records will be at different places and in between there may be records with different value for this field.. so this AT ENDAT will get executed for each record !!
2)
No u cannot use the Right hand fields of the field in the table .. Because these AT events work as Group based operations... So till that field on which AT ENDAT is working it breaks that record into two groups.. One is the left hand fields including that field.. and right hand fields as another group.. and makes the right hand group as stars ****. Thats y u can observe that even any one field in the left hand group changes the AT ENDAT will get executed !!!!
Hope u understood !!!
regards,
sai ramesh -
CREATE PACKAGE EMP_PKG AS
CURSOR EMP_CUR IS
SELECT EMPNO,DEPTNO,SAL,HIREDATE
FROM EMP
WHERE DEPTNO=30;
PROCEDURE P_EMP;
PROCEDURE P_GET_SAL(V_EMPNO NUMBER);
PROCEDURE P_GET_LOC(V_EMPNO NUMBER);
Now inside my Package Body
INSIDE THE MAINPROCEDURE P_EMP
I WILL BE CALLING THE BELOW TWO PROCEDURES
PROCEDURE P_EMP
BEGIN
FOR I IN EMP_CUR LOOP
P_GET_SAL(I.EMPNO);-- DO I NEED TO LOOP AGAIN IN P_GET_SAL PROC?
P_GET_LOC(I.DEPTNO);
END LOOP;
END;
NOW WHAT IAM DOING IS
in my P_GET_SAL Procedure is
PROCEDURE P_GET_SAL(V_EMPNO NUMBER)
V_SAL EMP.SAL%TYPE;
BEGIN
FOR I IN EMP_CUR LOOP
SELECT SAL INTO V_SAL FROM EMP
WHERE EMPNO=I.EMPNO --DOUBT HERE
END;
I WANT TO KNOW WHETHER I NEED TO LOOP AGAIN
HERE OR INSTEAD OF THAT
PROCEDURE P_GET_SAL(V_EMPNO NUMBER)
V_SAL EMP.SAL%TYPE;
BEGIN
SELECT SAL INTO V_SAL FROM EMP
WHERE EMPNO =V_EMPNO;
END;
SINCE iam calling V_EMPNO WITH CURSOR FROM MY
MAINPROCEDURE ..
WILL THE PROCEDURE USES THE CURSOR VALUES
AND LOOP ITSELF FOR EVERY EMPLOYEE TO
GET THE SALALRY ?
PLEASE LET ME KNOW SINCE MY PACKAGE IS MORE THAN 3000
LINES I cant proceed unless its confirmed i can
do so ..Hi all,
Thanks for Looking into my Problem
I Got answer by MySelf ..i dont need to loop again my sub procedures
if i try to do that iam getting the error
ERROR at line 1:
ORA-06511: PL/SQL: cursor already open
Thank you all once again .. -
Doubt on Rows and Coloums in BEx Query Designer.
Hello, Experts.
I have a Doubt in BEx Query Designer.
In the Rows I have a Fiscal year Period, if the user enters the Fiscal year period for e.g. : 001/2006 .
in the columns i have forecast for the Fiscal year period which user entered ( 001/2006 ), and we have another column pervious ( Prior )fiscal year period ( 001/2005 ).
My Questions is , as we are Restricting with 001/2006 will the query retrieve the values of 2005 or not?
Thanks in Advance .
Sharpyes i am Doing Offest.
I moved this Fiscal year Period to Free char, and i Restricted with Pervious Fical Year period and Fical year period . it worked. but
when i kept this in Rows and deleted Previous Fiscal Year period . it is displaying blanks. in prior years forecast.
is it because i am Ristricting it to only fical year period which user entered
Colums--> Forcast ( User Entered year ) Prior year
Rows
Fiscal year period
Fiscal year period( user enterd )
Thanks -
Doubt regarding facebook integration for windows phone 8.1 silverlight app?
Hi,
I am developing a windows phone 8.1 silverlight application . For my application I integrated the facebook login. For this facebook integration I used the login with facebook app method.
My doubt is after getting the app id from the dev center , I updated the appid at developers.facebook.com , wmmanifest.xml (In extensions protocol (msft-appid without dashes)) . Or do I need to change the product id in the place holder also , I tried to
change the productid also but I am getting error like some signature is wrong try with different signature. I am confused how to do it .
Any help,
Thanks...
Suresh.MHi Suresh,
According to your description, I assume you want to complete facebook configuration in windows phone silverlight app. Please refer to the following link to see how.
http://facebooksdk.net/docs/phone/config/.
You can find code sample from
https://github.com/facebook-csharp-sdk/facebook-winclient-sdk/tree/master/Samples.
Facebook API is third-party library and it is our of our support range. You can post questions on here.
https://github.com/facebook-csharp-sdk/facebook-winclient-sdk/issues.
Regards,
We are trying to better understand customer views on social support experience, so your participation in this interview project would be greatly appreciated if you have time. Thanks for helping make community forums a great place. Click HERE to participate
the survey. -
IPad: Open AES-encrypted zip files?
Is there an app which allows one to open zip files that were encrypted with AES-128 or AES-256? There was a discussion last year (https://discussions.apple.com/message/12429143) saying that there were none at the time, but I'm hoping for some progress since then. GoodReader, Filer LIte, and USB Disk Pro all failed to read files encrypted with either algorithm. Thanks,
JohnIs there an app which allows one to open zip files that were encrypted with AES-128 or AES-256? There was a discussion last year (https://discussions.apple.com/message/12429143) saying that there were none at the time, but I'm hoping for some progress since then. GoodReader, Filer LIte, and USB Disk Pro all failed to read files encrypted with either algorithm. Thanks,
John -
Dear Gurus,
i have a doubt regarding use of infoset in BI.
An infoset consist of , on the left, a DSO containing line items loaded from R/3.
On the right is a master data attribute loaded data from a user defined datasource based on a transparent table in r/3.
This master data has a single Key. Its a numeric like serial number field.
The transaction data in the DSO also has this field as part of the transaction data field (non-key).
A Left Outer Join is made between the 2 using several fields joining together. However, the key field in the master data is not joined even though both sides has it. Both this field in each are not joined.
So, by theory of a left outer join, All data not found in the master data will still be selected via the infoset.
I wish to understand :
1. by a 'join' does it mean its not a union? I assume so. But based on the meaning of left outer join, it sounds to me like a union?
Correct me if i am wrong.
2. what is the effect of not joining the master data key field to the same field found in the data part of the transaction data?
best regards
Basshi,
point 1:
am i right to say
If all data on the left is picked, and some latest data in the master data is not found in the left, only all the left side data is displayed am i right? so, what is not in the right (master data attr) will not be selected by the infoset?
left outer join will be more clear with an example to you, suppose you are joining cube and master data to pick attribute value from master data. let us say the master data has below value.
master data attribute
100 ABC
102 XYZ
103 DEF
Now in cube you have data
cube field
100
101
105
106
the infoset wll be returning the value as shown below for different scenarios
left outer join: all values in cube.
field attribute
100 ABC
101 # (no value in master data)
105 # (no value in master data)
106 # (no value in master data)
Inner join: common records
field attribute
100 ABC
Right outer join
field attribute
100 ABC
102 XYZ
103 DEF
point 2:
am i right to say
its just slower performance and the rest being similar effect as joining the key field?
So, if i join the key field it will be faster and the result is the same as not joining the key field of the master data to the transaction data?
no the join determines the amount of data it will be returning as explained above, you should define the joining conditions based on your business logic, like in the above case if the two fields should have same value and are the comparing criteria then you should join those as it would help in retrieving faster results.regards,
Arvind. -
Hi All,
I want to know the functionality of the Key Field in the DSO.
I know based on the Key Fields(Primary Key) data is pulled to DSO, but please explain me the below scenario
E.g
I have 3 records in the Extractor( Generic) and i am pulling data to DSO - Full load.
Material Qty Date
100 20 1-Jan-2010
100 30 5-Jan-2010
100 10 10-Jan-2010
In DSO i have only one Key field called 0MAT_NM (Material Number), but i have 3 records in the Extractor , shown above.
Now my Question is
On what basis data will be pulled to DSO?
Whether latest date records will be pulled to DSO or let me know correct method? because i have got material no 100
but date and Qty is different (means one time it is taking Qty - 30 and date as 1st Jan 2010, other run it is taking differnet).
Please clear my doubt.
Regards,
Nithi.in your dso you can have one record per key. keyfigures will be in addition or overwrite option. if in "addition' the value will be the sum of all the values for a given key. in 'overwrite', you'll only keep the last record written to the dso; char are always in overwrite, so you'll keep the last record written to the dso
M. -
Doubts regarding db connection with encrypted password usage in sandbox
Hi All,
We have setup the db connection using configuration file. The configuration file contains db connection information including the encrypted password.
Below are my doubts:
1. If we are going to import the ETL project in zip file directly into the sandbox can we run the graphs directly or we need to check how the password which is encrypted in configuration file will be decoded.
2. Can we directly modify the configuration file for db connection like db connection,user name and password. Suppose I want the graphs to run in some other database which is not specified in configuartion fiel .Can I directly update that?
3.Is it possible to change the encrypted password in the configuration file in the sandbox. Is it that we need to create the project in Integrator Designer, change the password using the Integrator Designer, and then copy the encrypted password into the configuration file in sandbox, or the Endeca provides a functionality to allow user to directly change the password in the sandbox on the Integrator server.
Can someone please let me know their comments on above.
Thanks in Advance.
Regards,
Amritcan someone please help me on this issue
Maybe you are looking for
-
Service contract ITEM extractor
Hello, I found the following extractors: 0CRM_SRV_CONTRACT_H: CRM Service - Contract Header Data 0CRM_SALES_CONTR_I: Sales Contract Item The first one gives the SERVICE contract header data, whereas the second one gives the SALES contract item data.
-
Xfa.host.SetFocus question.
I have a code on Exit event of the field that checks if 5 digit US ZIP code, 5 digit US ZIP code + 4, and 6 digit alphanumeric Canadian Postal Code. If user enters valid 5 digits code, then I set focus to specific field-FField1. Code is simple and it
-
I cannot turn off my iPod! Have reset several times..
Hello everyone! I need some help! My iPod will not turn off and I have reset it several times, can someone help me please? I don't know what to do next!
-
Where can i see the forum for J2EE oracle scheduler
Hi All, I am looking for J2EE oracle job scheduler related discussions. But in this forum i see jobs related to Oracle DBMS. Can any one help me out. Thanks, Sanjaykar
-
Mac.sparsebundle" could not be accessed (error -1).
I recently installed my time capsule to back up 2 imacs and 2 macbook pros it was running fine until i restarted my imac and then i get a message.(Mac.sparsebundle" could not be accessed (error -1).) and I would have to reset my time capsule and then