AIR-AP1131AG-I-K9 support AES 256 bit ?

Similar Messages

• Help enabling AES 256-bit cipher suites

  I can't seem to create an SSLServerSocket with the 2 AES 256-bit cipher suites that are supposed to be available in JDK1.4.2. As you can see in the following code, the SSLServerSocket, ss, is enabled with the 2 AES_256 cipher suites. But, when ss.getEnabledCipherSuites() is invoked, those 2 suites aren't listed. What's up?
  Also, what is this SSLv2Hello that I can't seem to get rid of?
      String[] PROTOCOLS = {"SSLv3", "TLSv1"};
      String[] CIPHER_SUITES = {"TLS_DHE_RSA_WITH_AES_256_CBC_SHA",
                                "TLS_DHE_RSA_WITH_AES_128_CBC_SHA",
                                "SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA",
                                "TLS_RSA_WITH_AES_256_CBC_SHA",
                                "TLS_RSA_WITH_AES_128_CBC_SHA",
                                "SSL_RSA_WITH_3DES_EDE_CBC_SHA"};// create an SSLServerSocket ss
          SSLContext context = SSLContext.getInstance("TLS", "SunJSSE");
          context.init(myKeyManagers, myTrustManagers, SecureRandom.getInstance("SHA1PRNG", "SUN"));
          SSLServerSocketFactory ssFactory = context.getServerSocketFactory();
          SSLServerSocket ss = ssFactory.createServerSocket();
          ss.setEnabledProtocols(PROTOCOLS);
          ss.setEnabledCipherSuites(CIPHER_SUITES);// output a bunch of useful debugging information
          System.out.println(System.getProperty("java.version") + "\n");
          Provider[] providers = Security.getProviders();
          for(int i=0; i < providers.length; ++i)
              System.out.println(providers[i] + "\n" + providers.getInfo() + "\n********************");
  String[] enabledProtocols = ss.getEnabledProtocols();
  for(int i=0; i < enabledProtocols.length; ++i)
  System.out.println(enabledProtocols[i]);
  String[] enabledCipherSuites = ss.getEnabledCipherSuites();
  for(int i=0; i < enabledCipherSuites.length; ++i)
  System.out.println(enabledCipherSuites[i]);
  OUTPUT
  1.4.2
  SUN version 1.42
  SUN (DSA key/parameter generation; DSA signing; SHA-1, MD5 digests; SecureRandom; X.509 certificates; JKS keystore; PKIX CertPathValidator; PKIX CertPathBuilder; LDAP, Collection CertStores)
  SunJSSE version 1.42
  Sun JSSE provider(implements RSA Signatures, PKCS12, SunX509 key/trust factories, SSLv3, TLSv1)
  SunRsaSign version 1.42
  SUN's provider for RSA signatures
  SunJCE version 1.42
  SunJCE Provider (implements DES, Triple DES, AES, Blowfish, PBE, Diffie-Hellman, HMAC-MD5, HMAC-SHA1)
  SunJGSS version 1.0
  Sun (Kerberos v5)
  SSLv2Hello
  SSLv3
  TLSv1
  TLS_DHE_RSA_WITH_AES_128_CBC_SHA
  SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA
  TLS_RSA_WITH_AES_128_CBC_SHA

  Now I get an Exception when I run the same program.
  OUTPUT
  1.4.2
  SUN version 1.42
  SUN (DSA key/parameter generation; DSA signing; SHA-1, MD5 digests; SecureRandom; X.509 certificates; JKS keystore; PKIX CertPathValidator; PKIX CertPathBuilder; LDAP, Collection CertStores)
  SunJSSE version 1.42
  Sun JSSE provider(implements RSA Signatures, PKCS12, SunX509 key/trust factories, SSLv3, TLSv1)
  SunRsaSign version 1.42
  SUN's provider for RSA signatures
  SunJCE version 1.42
  SunJCE Provider (implements DES, Triple DES, AES, Blowfish, PBE, Diffie-Hellman, HMAC-MD5, HMAC-SHA1)
  SunJGSS version 1.0
  Sun (Kerberos v5)
  java.lang.IllegalArgumentException: Cannot support TLS_DHE_RSA_WITH_AES_256_CBC_SHA with currently installed providers
          at com.sun.net.ssl.internal.ssl.CipherSuiteList.<init>(DashoA6275)
          at com.sun.net.ssl.internal.ssl.SSLServerSocketImpl.setEnabledCipherSuites(DashoA6275)
          at test.util.ConcreteSSLServerSocketFactory.initSocket(ConcreteSSLServerSocketFactory.java:111)
          at test.util.ConcreteSSLServerSocketFactory.createServerSocket(ConcreteSSLServerSocketFactory.java:100)
          at test.Test.main(Test.java:111)
  Exception in thread "main"

• Windows 8.1 Pro Bitlocker AES 256-bit cypher question

  Hi, all
  Have an odd situation I cannot make any sense of. I have a desktop PC running Windows 8.1 Pro. I launched gpedit.msc and changed Bitlocker’s cypher strength from the default AES 128-bit to AES 256-bit.
  I then connected a brand new Western Digital 4TB external drive (model WDBFJK0040HBK-04) to the PC via USB 3.0, and Bitlocker-encrypted the drive. Opened a command prompt window as administrator, ran “manage-bde –status” for the drive in question,
  which indicated the drive was encrypted with the 128 bit cypher strength, instead of 256 bits, as I had selected. Have unencrypted, rebooted and re-encrypted the drive time and again, always with the same results.
  When connecting the same external 4TB drive to a Windows Server 2012 R2 Essentials in which I had made the exact same changes via gpedit.msc,
  I can encrypt it with the 256-bit cypher strength, with no problems.
  No TPM is used in either scenario, just a passphrase.
  Anyone has any idea why my 256-bit setting is being ignored in the Windows 8.1 Pro machine?
  Thanks
  Arsene
  ArseneL

  Well, running rsop.msc in my Server 2012 R2 machine does show my 256-bit bitlocker setting took, however, running rsop.msc in my Win 8.1 Pro machine shows it did not, which explains the problem I am having.
  Now all I have to do is find out why my request is not taking, even though I am logged in as an admin.
  Thanks!!
  ArseneL

• Generating AES 256 bit key using seed

  Hi
  As part of encryption requirements for encrypting the body of the SOAP Message while calling an external Web Service, it is requried to encrypt using a shared symmetric key.
  First step is to create a password digest
  Base64(sha1(nonce + createdTimestamp + password)) - This step is working completely fine and produces a 160 bit Hash
  The next step is to generate an AES 256 bit key using the above hash as the Seed. This should generate a 256 bit encrytpion key which can then be used to encrypt the message body.
  Would appreciate if anyone who knows how to generate AES 256 bit key using a hash seed in Java (v1.4.2) can provide some guidance.
  P:S. I am using WSS4J API to use WS-Security

  I have to generate 256-bit AES key with a 128-bit IV using the above password digest and the IV used for in the creation of the AES key prefixes the cipher text.
  The external WebService is .net webservice.
  Edited by: GUPTAG on Nov 25, 2008 3:05 AM

• CF9 Encrypt with AES 256-bit, example anyone?

  Hi there. I'm looking for a working example of  the Encrypt method using the AES 256 bit key.  I think that I have the Unlimited Strength Jurisdiction Policy Files enabled.  And I'm still getting the CFError,
  The key specified is not a valid key for this encryption: Illegal key size. 
  Now i hit the wall, can't get it.  What wrong am i doing?  How can I verify that the policy files are installed and accessible to my cf file?  Any help is greatly appreciated.
  <cfset thePlainText  = "Is this working for me?" />
  Generate Secret Key (128):  <cfset AES128 = "#generatesecretkey('AES',128)#" /> <cfdump var="#AES128#"><BR>
  Generate Secret Key (192):  <cfset AES192 = "#generatesecretkey('AES',192)#" /> <cfdump var="#AES192#"><BR>
  Generate Secret Key (256):  <cfset AES256 = "#generatesecretkey('AES',256)#" /> <cfdump var="#AES256#"><BR><BR>
  <cfset theKey    = AES256 />
  <cfset theAlgorithm  = "AES/CBC/PKCS5Padding" />
  <cfset theEncoding  = "base64" />
  <cfset theIV    = BinaryDecode("6d795465737449566f7253616c7431323538704c6173745f", "hex") />
  <cfset encryptedString = encrypt(thePlainText, theKey, theAlgorithm, theEncoding, theIV) />
  <!--- Display results --->
  <cfset keyLengthInBits  = arrayLen(BinaryDecode(theKey, "base64")) * 8 />
  <cfset ivLengthInBits  = arrayLen(theIV) * 8 />
  <cfdump var="#variables#" label="AES/CBC/PKCS5Padding Results" />
  <cfabort>

  Verison 10 is different from 9 because they run on different servlet containers. CF 10 uses Tomcat, CF 9 uses JRun, so things are in different places.
  \\ColdFusion10\jre\lib\security seems like the correct locaiton for the policy files to me. I actually gave you the wrong locations in my original post (sorry about that).  According to the installation instructions they belong in <java-home>\lib\security, which is looks like you've found.
  So something else is wrong. Here are some things to look at, in no particular order:
  1. Are you using a JVM other than the Java 1.6 that comes with CF10?
  2. Did you restart Tomcat after coping the files in?
  3. Note that I keep saying FILES, did you copy BOTH of th .jar files from the JCE folder you unzipped into the security directory.  It should have prompted you to overwrite existing files.
  4. Did you try unzipping the files and copying them in again, on the chance that they did not overwrite the originals?
  Sorry, I don't have CF10 installed to give this a try. But I have no reason to believe that it would not work in 10. It's all just JCA/JCE on the underlying JAVA, and I have heard no reports from anyone else that it doesn't work.
  Jason

• Cisco CUBE supports AES-256 Encryption?

  Hi guys,
  Same as the title , 
  does the cisco CUBE SBC functionality support AES-256 encryption for SRTP and TLS?
  Thanks

  Standard is AES/128 this is by IEEE-802.11-2007 and this is what the WLC supports and AS most WLAN equipment.
  "Satisfaction does not come from knowing the solution, it comes from knowing why." - Rosalind Franklin

• About Hardware encryption AES 256 bit crucial mx100

  My question works it automatically or works the hardware encryption windows only ?
  because not sure is it safe enough and also about speed.
  sorry for my terrible English. You can answer in German and English thanks.
  Meine Frage ist ... ob die Hardware Verschlüsselung automatisch vom Controller crucial mx100 gesteuert wird oder funktioniert es nur unter Windows ?
  es muss ich filevault benutzen um die Daten zu schützen ?

  Hardware encryption is a feature of SSD's. It is transparent to the user and you don't have to do anything to enable it. The data on the SSD is encrypted with a random key. When you erase the device, the key is destroyed. You can't use hardware encryption to protect your data from theft. For that, use FileVault.

• Aes-256 or aes-128 bit

  Hello
  I'm trying to keep the CPU down as much as possible on my ASA-5540. We're running 8.2.5 on it. We have a bout 80 active IPSec tunnels so far, all which are using AES-256 bit for phase1/2, 75 of the tunnels are mostly ezy vpn connections. Currently the CPU during peak usage is averaging around 22%.  We're planning on having over 1000 IPsec connections, mostly will be remote vpn access with about 170 of them ezy vpn and 250 l2l tunnels.
  Is there any noticable CPU performance gain by using AES-128 bit instead of AES-256 on the phase2?
  Thanks,
  John

  Just wondering if someone out there has noticed any performance gains by using AES-128 instead of AES-256. I'm trying standardize on a policy going forward.
  Thanks!

• AES-256 Security Provider ??

  Hi,
  Our company is using a tool called AdvenetNet WebNMS to create a network management system.
  However, there is one particular section in the developer guide that refers to working with "providers" to support privacy in SNMPv3. Our software group would like to use AES-256 for the privacy.
  The Advenetnet site says you can use "Cryptix or SunJCE" as a provider. I tried to look up Cryptix, but, didn't find much documentation on it. I downloaded the source, and didn't really see anything referring to AES-256, however, i saw many different types.
  Can anyone give any ideas on what exactly i would need to do ? First of all, will Cryptix help me at all? (Is it a provider that supports AES-256) ? If not, is it difficult to create my own AES-256 provider (following the tutorial on Sun's website) ?
  If anyone can clear up my confusion on providers, etc.... that would be great!
  I'm pretty new to Java, and i found this link on Sun's web:
  http://java.sun.com/j2se/1.4.2/docs/guide/security/HowToImplAProvider.html
  Link to Adventnet description:
  http://www.adventnet.com/products/webnms/help/developer_guide/management_protservices/mgmnt_protocols/snmp/proto_security_pack_snmpv3.html

  This is where i'm getting confused. We are currently using JRE 1.5 for development. So, you're saying, with this version, AES 256 is already included.Yes.
  >
  According to the Adventnet documentation (in the link in my initial post), it has a blurb regarding JCE installation, etc by modifying the java.security file. Is this file already setup for me since i'm using java 1.5 ? If this is the case, do i technically need to do anything to get the AES - 256 (from a java side of things) to work? No need to modify the java.security file - the SunJCE provider is included by default.
  >
  There is little to no documentation on getting the SNMPv3 (from AdvenetNet) to use AES-256. They just refer to 'using a provider' because they don't support AES-256. I guess i'm also confused on how to get the AdventNet product to actually select to use AES-256 . I'll have to contact them regarding that.I know only a little about SNMPv3 and even less about AdvenetNet. I do wonder why you think you need AES 256. What is so secret about your data that you need twice as many bits as the industry norm. Even people playing really safe use only a 192 bit AES.

• Does the new AIR SDK support iOS 64-bit for Flex Developers?

  I saw that the new AIR SDK(December 18, 2014) has supported iOS 64-bit, but it was only supported in the new compiler. See this:
  Please note that support for creating universal IPA binaries will only be available in the new compiler. The legacy compiler is not (and will not be)
  compatible with iOS 64-bit. Because of this, it will be removed with version 16 of the AIR SDK. To ensure that Adobe as well as third party tools
  are able to work with this AIR SDK, the -useLegacyAOT option will continue to exist, but will be internally mapped to the new compiler.
  AFAIK, the Flex uses the old compiler and AIR SDK for Flex Developers doesn't include ActionScript 2.0 Compiler. As a Flex developer, what shall I do?

  Hi,
  I guess, you might be packaging IPA on windows machine.  Please try latest beta at http://labs.adobe.com/downloads/air.html which has iOS64 support on Windows machine as well.
  Thanks
  Govinda Gupta

• CSS 11503 SSL termination and 256 bit support

  Does anyone know if the CSS11503 can support 256 bit SSL termination?

  switch/Admin(config-parammap-ssl)# cipher ?
  RSA_EXPORT1024_WITH_DES_CBC_SHA Accept RSA_EXPORT1024_WITH_DES_CBC_SHA cipher
  RSA_EXPORT1024_WITH_RC4_56_MD5 Accept RSA_EXPORT1024_WITH_RC4_56_MD5 cipher
  RSA_EXPORT1024_WITH_RC4_56_SHA Accept RSA_EXPORT1024_WITH_RC4_56_SHA cipher
  RSA_EXPORT_WITH_DES40_CBC_SHA Accept RSA_EXPORT_WITH_DES40_CBC_SHA cipher
  RSA_EXPORT_WITH_RC4_40_MD5 Accept RSA_EXPORT_WITH_RC4_40_MD5 cipher
  RSA_WITH_3DES_EDE_CBC_SHA Accept RSA_WITH_3DES_EDE_CBC_SHA cipher
  RSA_WITH_AES_128_CBC_SHA Accept RSA_WITH_AES_128_CBC_SHA cipher
  RSA_WITH_AES_256_CBC_SHA Accept RSA_WITH_AES_256_CBC_SHA cipher
  RSA_WITH_DES_CBC_SHA Accept RSA_WITH_DES_CBC_SHA cipher
  RSA_WITH_RC4_128_MD5 Accept RSA_WITH_RC4_128_MD5 cipher
  RSA_WITH_RC4_128_SHA Accept RSA_WITH_RC4_128_SHA cipher
  The following 256 bits cipher is already supported :
  RSA_WITH_AES_256_CBC_SHA
  Gilles.

• Need 256 Bit AES Full Disk Encryption for a Mac.  The other discussions regarding this issue are very old.  Does anyone have any current advice regarding encryption software?

  Does anyone have any advice regarding 256 bit full disk encryption software for Macs?  The other discussions on the topic are years old, so I would like some current input.  Thanks for your help in advance.

  Depending on your Mac, you might not want to upgrade to OS X 10.7 or 10.8 as it will not run the PowerPC based software your currently using costing a bundle to replace it all, also they will slow down your machine if it's not a more recent issue. You don't want to upgrade OS X without AppleCare defending your possibly bricked logicboard that's for sure.
  Filevault encrypts the boot drive, however in doing so makes it near impossible to fix if you have a software issue and need to recover files directly or by using specialty software. Also it robs the machine of performance even more than the Lions do. So you will really need a SSD to work best with 10.7/10.8 and Filevault, then it has to be freshly installed. Filevault needs 50% free space on the boot drive, then it's going to write to the slower 50% half of the hard drive where performance is terrible compared to the first 50%.
  Also Filevault is cracked under certain conditions, and if someone gets their hands on the machine (like the law) and knows what they are doing.
  If you take your Filevaulted machine to Apple to fix, they are going to require the password to fix the machine obviously.
  Software based encryption is vulnerable, you might want to instead place your sensitive data on external self-encrypting hardware that doesn't rely upon software or computer hacks/bypasses (ike freezing the RAM) to get to it.
  http://www.datalocker.com/products/datalocker-dl3.html
  Iron Keys for portable USB self encryption, both work with any computer, so your not locked into one platform.
  With the senstive data off the computer and on a external device, there is the option of removing, hiding and securing the device. If used with a computer that's never connected to the Internet, it's safe from snoopers, except from a survelliance van parked outside your door.

• Encrypt/decrypt AES 256, vorsalt error

  Hiyas.
  So I'm trying to get encrypt/decrypt to work for AES 256, with both 32byte key and 32byte IVorSalt. (Yup-new java security files v6 installed)
  'IF' I 32byte key but dont use a IV at all, I get a nice looking AES 256 result. (I can tell it's AES 256 by looking the length of the encrypted string)
  'IF' I use a 32byte key and 16bit salt, I get a AES 128 result (I know- as per docs theyre both s'posed to the same size, but the docs are wrong).
  But when i switch to using both a 32byte key AND a 32byte salt I get the error below.
  An error occurred while trying to encrypt or decrypt your input string: Bad parameters: invalid IvParameterSpec: com.rsa.jsafe.crypto.JSAFE_IVException: Invalid IV length. Should be 16.
  Has anyone 'EVER' gotten encrypt to work for them using AES 256 32byte key and 32byte salt? Is this a bug in CF? Or Java? Or I am doing something wrong?
  <!--- ////////////////////////////////////////////////////////////////////////// Here's the Code ///////////////////////////////////////////////////////////////////////// --->
  <cfset theAlgorithm  = "Rijndael/CBC/PKCS5Padding" />
  <cfset gKey = "hzj+1o52d9N04JRsj3vTu09Q8jcX+fNmeyQZSDlZA5w="><!--- these 2 are the same --->
  <!---<cfset gKey = ToBase64(BinaryDecode("8738fed68e7677d374e0946c8f7bd3bb4f50f23717f9f3667b2419483959039c", "Hex"))>--->
  <cfset theIV    = BinaryDecode("7fe8585328e9ac7b7fe8585328e9ac7b7fe8585328e9ac7b7fe8585328e9ac7b","hex")>
  <!---<cfset theIV128    = BinaryDecode("7fe8585328e9ac7b7fe8585328e9ac7b","hex")>--->
  <cffunction    name="DoEncrypt" access="public" returntype="string" hint="Fires when the application is first created.">
      <cfargument    name="szToEncrypt" type="string" required="true"/>
      <cfset secretkey = gKey>               
      <cfset szReturn=encrypt(szToEncrypt, secretkey, theAlgorithm, "Base64", theIV)>
      <cfreturn szReturn>
  </cffunction>   
  <cffunction    name="DoDecrypt" access="public" returntype="string" hint="Fires when the application is first created.">
      <cfargument    name="szToDecrypt" type="string" required="true"/>
      <cfset secretkey = gKey>   
      <cfset szReturn=decrypt(szToDecrypt, secretkey, theAlgorithm, "Base64",theIV)>       
      <cfreturn szReturn>
  </cffunction>
  <cfset szStart = form["toencrypt"]>
  <cfset szStart = "Test me!">
  <cfset szEnc = DoEncrypt(szStart)>
  <cfset szDec = DoDecrypt(szEnc)>
  <cfoutput>#szEnc# #szDec#</cfoutput>

  Hi edevmachine,
  This Bouncy Castle Encryption CFC supports Rijndael w/ 256-bit block size. (big thanks to Jason here and all who helped w/ that, btw!)
  Example:
  <cfscript>
    BouncyCastleCFC = new path.to.BouncyCastle();
    string = "ColdFusion Rocks!"; 
    key = binaryEncode(binaryDecode(generateSecretKey("Rijndael", 256), "base64"), "hex");//the CFC takes hex'd key
    ivSalt = binaryEncode(binaryDecode(generateSecretKey("Rijndael", 256), "base64"), "hex");//the CFC takes hex'd ivSalt
    encrypted = BouncyCastleCFC.doEncrypt(string, key, ivSalt);
    writeOutput(BouncyCastleCFC.doDecrypt(encrypted, key, ivSalt));
  </cfscript>
  Related links for anyone interested in adding 256-bit block size Rijndael support into ColdFusion:
  - An explanation of how to install the Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files into ColdFusion
  - An explanation of how to install the Bouncy Castle Crypto package into ColdFusion (near bottom, under the "Installing additional security providers" heading)
  - An explanation of how to connect the Bouncy Castle classes together
  - Bouncy Castle's doc for the Rijndael Engine
  And here is the full CFC as posted in the StackOverflow discussion:
  <cfcomponent displayname="Bounce Castle Encryption Component" hint="This provides bouncy castle encryption services" output="false">
  <cffunction name="createRijndaelBlockCipher" access="private">
      <cfargument name="key" type="string" required="true" >
      <cfargument name="ivSalt" type="string" required="true" >
      <cfargument name="bEncrypt" type="boolean" required="false" default="1">
      <cfargument name="blocksize" type="numeric" required="false" default=256>
      <cfscript>
      // Create a block cipher for Rijndael
      var cryptEngine = createObject("java", "org.bouncycastle.crypto.engines.RijndaelEngine").init(arguments.blocksize);
      // Create a Block Cipher in CBC mode
      var blockCipher = createObject("java", "org.bouncycastle.crypto.modes.CBCBlockCipher").init(cryptEngine);
      // Create Padding - Zero Byte Padding is apparently PHP compatible.
      var zbPadding = CreateObject('java', 'org.bouncycastle.crypto.paddings.ZeroBytePadding').init();
      // Create a JCE Cipher from the Block Cipher
      var cipher = createObject("java", "org.bouncycastle.crypto.paddings.PaddedBufferedBlockCipher").init(blockCipher,zbPadding);
      // Create the key params for the cipher    
      var binkey = binarydecode(arguments.key,"hex");
      var keyParams = createObject("java", "org.bouncycastle.crypto.params.KeyParameter").init(BinKey);
      var binIVSalt = Binarydecode(ivSalt,"hex");
      var ivParams = createObject("java", "org.bouncycastle.crypto.params.ParametersWithIV").init(keyParams, binIVSalt);
      cipher.init(javaCast("boolean",arguments.bEncrypt),ivParams);
      return cipher;
      </cfscript>
  </cffunction>
  <cffunction name="doEncrypt" access="public" returntype="string">
      <cfargument name="message" type="string" required="true">
      <cfargument name="key" type="string" required="true">
      <cfargument name="ivSalt" type="string" required="true">
      <cfscript>
      var cipher = createRijndaelBlockCipher(key=arguments.key,ivSalt=arguments.ivSalt);
      var byteMessage = arguments.message.getBytes();
      var outArray = getByteArray(cipher.getOutputSize(arrayLen(byteMessage)));
      var bufferLength = cipher.processBytes(byteMessage, 0, arrayLen(byteMessage), outArray, 0);
      var cipherText = cipher.doFinal(outArray,bufferLength);
      return toBase64(outArray);
      </cfscript>
  </cffunction>
  <cffunction name="doDecrypt" access="public" returntype="string">
      <cfargument name="message" type="string" required="true">
      <cfargument name="key" type="string" required="true">
      <cfargument name="ivSalt" type="string" required="true">
      <cfscript>
      var cipher = createRijndaelBlockCipher(key=arguments.key,ivSalt=arguments.ivSalt,bEncrypt=false);
      var byteMessage = toBinary(arguments.message);
      var outArray = getByteArray(cipher.getOutputSize(arrayLen(byteMessage)));
      var bufferLength = cipher.processBytes(byteMessage, 0, arrayLen(byteMessage), outArray, 0);
      var originalText = cipher.doFinal(outArray,bufferLength);
      return createObject("java", "java.lang.String").init(outArray);
      </cfscript>
  </cffunction>
  <cfscript>
  function getByteArray(someLength)
      byteClass = createObject("java", "java.lang.Byte").TYPE;
      return createObject("java","java.lang.reflect.Array").newInstance(byteClass, someLength);
  </cfscript>
  </cfcomponent>
  Thanks!,
  -Aaron

• AIR-AP1131AG-A-K9 Reload Reason: FAILED CRYPTO INIT.

  Hi All,
  I have a standalone AP of model AIR-AP1131AG-A-K9 and have changed the mode to LAP by using mannual archive command. However after changing the mode to LAP it gives below log and keep on booting.
  Reload requested by LWAPP CLIENT. Reload Reason: FAILED CRYPTO INIT.
  > I did found from below link that the reason is as mentioned in point number 9, however solution didnt worked.
  http://www.cisco.com/en/US/products/ps6366/products_tech_note09186a00808f8599.shtml
  > I did downloaded CiscoAironet-AP-to-LWAPP-Upgrade-Tool-v34.exe to upgrade but after executing this file nothing happens.
  Kindly help me in understanding whats going wrong with my AP? 
  Here is the logs.
  *Mar  1 00:00:06.644: %LINK-3-UPDOWN: Interface FastEthernet0, changed state to up
  *Mar  1 00:00:07.644: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0, changed state to up
  ap>
  *Mar  1 00:00:18.603: %CDP_PD-4-POWER_OK: Full power - NEGOTIATED inline power source
  *Mar  1 00:00:24.691: %LWAPP-5-CHANGED: LWAPP changed state to DISCOVERY
  *Mar  1 00:00:24.711: LWAPP_CLIENT_ERROR_DEBUG: lwapp_crypto_init_ssc_keys_and_certs no certs in the SSC Private File
  *Mar  1 00:00:24.711: LWAPP_CLIENT_ERROR_DEBUG:
  *Mar  1 00:00:24.711: lwapp_crypto_init: PKI_StartSession failed
  *Mar  1 00:00:24.729: %SYS-5-RELOAD: Reload requested by LWAPP CLIENT. Reload Reason: FAILED CRYPTO INIT.
  *Mar  1 00:00:24.729: %LWAPP-5-CHANGED: LWAPP changed state to DOWNXmodem file system is available.

  One of the errors is saying that it can't find any SSC in the private file.
  This yells me the AP doesn't have a certificate. Why you'll want ti do is reload an IOS image on the AP and then use the conversion tool to load the capwap image. By using the conversion tool, it wil execute some commands that create a SSC, a self signed certificate. Then you load the SSC on the WLC and the AP should be able to boot up and join.
  http://www.cisco.com/en/US/docs/wireless/access_point/conversion/lwapp/upgrade/guide/lwapnote.html#wp160918
  Sent from Cisco Technical Support iPhone App

• Bridging AIR-AP1131AG with TP-Link

  Hi Guys,
  Today I want to build a wireless bridge using AIR-AP1131AG (running WLC) and TP-LINK wireless router.
  The result is failed. May I know AIR-AP1131AG is support bridging the wireless connection with other vendor's access point or not?
  In the TP-Link I already match its SSID, Channel and put the mac-address of the AIR-AP1131AG.
  In the WLC I already see too TP-LINK mac-address is already become a client.
  So what's the problem guys?
  Thanks Guys

  Well bridging isn't supported when using a wlc, only workgroup bridge. So what your trying to accomplish will not work. You would have to convert the 1131 to autonomous, but you would need another Cisco device configured as a bridge on the other end. Or else you can leave the 1131 on the wlc and get a device that functions as a workgroup bridge or Ethernet converter. I have used the Buffalo Ethernet converters and the work just fine. You can use most of the the Cisco APs starting with the 1131 as WGBs also.
  Sent from Cisco Technical Support iPhone App