Decrypting an XML file

This is my first time trying to encrycpt and decrypt
anything, but have seem some tutorials for C# .NET online.. I'm
wondering if there is any way to read encrypted data from .NET by
Flash and decrypt it....
Basically what I have is a .NET desktop application that
creates content to be showin in a Flash AS3 shell. The data is
written out as XML (which I want to encrypt) and then read in by
Flash (which I'd like it to read it, dycrpt it and use the
decrypted XML file for the content).
I'm looking ALL over the net for things on this, and since I
know NOTHING about encryption, I'm at a loss.. the only thing I've
found for Flash that has comment "key words" in it is the crypto
class found here:
http://crypto.hurlant.com/
only problem is there isn't any documentation, or an FLA file
that I can look at to see how to use it..
Can anyone point me in the right direction for this?
thanks.

Not sure,you are looking for inbuild product to produce the OAG XML format, or trying to build custom one.
If options is Inbuild Product, Oracle Exchange is yeh another product has such kind of capability. Refer this
http://download-west.oracle.com/docs/cd/A97329_03/web.902/a88894/adx16orx.htm#1007387
FOr second , check out these two document in metalink
150083.1 XML Utilities
123491.1 How To Insert XML Documents Into The Database And Validate Them Using PL/SQL ?
Hope this will be help

Similar Messages

  • Problem in decryption of xml file

    Hi Friends,
    I have encrypted an xml file using RSA-1024 (using a public key) . It is encrypted successfully.
    Now to decrypt the resultant file, I'm using the same algo (using a private key), but it results a blank/empty file instead of original xml file.
    Pls help me to decrypt the file.
    Thanks.
    Edited by: PSS_Delhi on Apr 29, 2008 2:25 AM

    PSS_Delhi wrote:
    Hi Friends,
    I have encrypted an xml file using RSA-1024 (using a public key) . It is encrypted successfully.
    Now to decrypt the resultant file, I'm using the same algo (using a private key), but it results a blank/empty file instead of original xml file.
    Pls help me to decrypt the file.Sorry but how can we help you without a view of your encryption code?

  • Best method for encrypting/decrypting large XML files ( 100MB)

    I am in need of encrypting XML for large part files that can get upwards of 100Mb+.
    I found some articles and code, but the only example I was successful in getting to work used XMLCipher, which takes a Document, parses it, and then encrypts it.
    Obviously, 100Mb files do not cooperate well with DOM, so I want to find a better method for encryption/decryption of these files.
    I found some articles using a CipherInputStream and CipherOutputStreams, but am not clear if this is the way to go and if this will avoid memory errors.
    import java.io.*;
    import java.security.spec.AlgorithmParameterSpec;
    import javax.crypto.*;
    import javax.crypto.spec.IvParameterSpec;
    public class DesEncrypter {
        Cipher ecipher;
        Cipher dcipher;
        public DesEncrypter(SecretKey key) {
            // Create an 8-byte initialization vector
            byte[] iv = new byte[]{
                (byte)0x8E, 0x12, 0x39, (byte)0x9C,
                0x07, 0x72, 0x6F, 0x5A
            AlgorithmParameterSpec paramSpec = new IvParameterSpec(iv);
            try {
                ecipher = Cipher.getInstance("DES/CBC/PKCS5Padding");
                dcipher = Cipher.getInstance("DES/CBC/PKCS5Padding");
                // CBC requires an initialization vector
                ecipher.init(Cipher.ENCRYPT_MODE, key, paramSpec);
                dcipher.init(Cipher.DECRYPT_MODE, key, paramSpec);
            } catch (java.security.InvalidAlgorithmParameterException e) {
            } catch (javax.crypto.NoSuchPaddingException e) {
            } catch (java.security.NoSuchAlgorithmException e) {
            } catch (java.security.InvalidKeyException e) {
        // Buffer used to transport the bytes from one stream to another
        byte[] buf = new byte[1024];
        public void encrypt(InputStream in, OutputStream out) {
            try {
                // Bytes written to out will be encrypted
                out = new CipherOutputStream(out, ecipher);
                // Read in the cleartext bytes and write to out to encrypt
                int numRead = 0;
                while ((numRead = in.read(buf)) >= 0) {
                    out.write(buf, 0, numRead);
                out.close();
            } catch (java.io.IOException e) {
        public void decrypt(InputStream in, OutputStream out) {
            try {
                // Bytes read from in will be decrypted
                in = new CipherInputStream(in, dcipher);
                // Read in the decrypted bytes and write the cleartext to out
                int numRead = 0;
                while ((numRead = in.read(buf)) >= 0) {
                    out.write(buf, 0, numRead);
                out.close();
            } catch (java.io.IOException e) {
    }This looks like it might fit, but there is one more twist, I am using a persistence manager and xml encoding to accomplish that, so I am not sure how (where) to implement this method without affecting persistence.
    Any guidance on what would work best in this situation would be appreciated.
    Regards,
    vbplayr2000

    I can give some general guidelines that might help, having done much similar work:
    You have 2 different issues, at least from my reading of your problem:
    1) How to deal with large XML docs that most parsers will not handle without memory issues
    2) Where to hide or "black box" the encrypt/decrypt routines
    #1: Check into XPP3/XMLPull. Yes, it's different that the other XML parsers you are used to using, and more work is involved, but it is blazing fast and can be used to parse a stream as it is being read. You can populate beans and process as needed since there is really not much "inversion of control" involved compared to parsers that go on to finish the entire document or load it all into memory.
    #2: Extend Serializable and write your own readObject/writeObject methods. Place the encrypt/decrypt in there as appropriate. That will "hide" the implementation and should be what any persistence manager can deal with.
    Regards,
    antarti

  • Error while encrypting the xml file using asymmetric cipher...pls help

    i am encryption the xml file using asymmetric cyper....
    in one class , i am generating private key and public key using "RSA" algorithm..using 1024 byte initialization...
    it is generating properly...
    and after that in second class i am encrypting the xml file using "DESede" algorithm and i am using public key of above class..
    but i am getting exceptione :
    java.security.InvalidKeyException: Invalid key length: 162 bytes
    at com.sun.crypto.provider.DESedeCipher.engineGetKeySize(DashoA6275)
    at javax.crypto.Cipher.init(DashoA6275)
    at XmlEncryption.getEncryptedData(XmlEncryption.java:147)
    at XmlEncryption.encryptCompleteXmlFile(XmlEncryption.java:123)
    at demoXmlEncApp.simulateBookSellersEnd(demoXmlEncApp.java:72)
    at demoXmlEncApp.main(demoXmlEncApp.java:29)
    so, what is that ?
    i want to use RSA algo for key generatiion and DESede for cipher initialization .
    is there any site for where source code of xml file encryption using asymmetric cipher is available?
    pls, help me.....

    Sachin,
    What sabre150 is trying to explain to you, is that encrypting data (such as an XML file) is a 2-step process. In the first step, you generate a symmetric key (such as DES, 3DES, AES) and encrypt your file with this key (and the appropriate mode and padding).
    In order to ensure that your encrypted data cannot be decrypted by unauthorized individuals, you now need to protect the symmetric key. Encrypting your symmetric key with another symmetric key does not solve the problem, since you have a chain of symmetric keys that need to be encrypted into infinity.
    Cryptographers solve this problem by encrypting the symmetric key with an asymmetric key, such as as RSA. To perform this second step, you generate an RSA key-pair, encrypt the symmetric key you generated in step 1 with the Public key of the RSA key-pair, and give the recipient of the encrypted XML file, access to the Private key of the RSA key-pair as well as the encrypted symmetric key.
    The recipient, then uses the RSA Private key to decrypt the symmetric key first, and then uses the "plaintext" symmetric key to decrypt the XML file.
    What sabre150 was also attempting to explain to you, is the traditional way of transporting an encrypted "blob" that consists of data + symmetric key. With a modern key-management system, combining the two would be unnecessary.

  • Bouncy Castle Encryption for Large XML Files?

    Hi,
    I am trying to encrypt files > 8 KB using the KeyBasedLargeFileProcessor Utility class of Bouncy Castle.
    It's encrypting the file. But, unable to decrypt the same encrypted file. Hence it's encrypting incorrectly.
    While trying to decrypt the encrypted file, it says "It was encrypted with a key (4E616D65) that does not exist"
    Please suggest what change needs to be made in the 'encryptFile' method where it says -
    "OutputStream cOut = cPk.open(out, new byte[1 << 16]);"
    I tried changing the value, but it doesn't work. The maximum file size that we may encrypt is around 3 MB.
    The files that are being encrypted / decrypted are XML files.
    Any inputs are highly appreciated.
    Thanks,
    Tan

    While trying to decrypt the encrypted file, it says "It was encrypted with a key (4E616D65) that does not exist" So use the same key you encrypted with.
    Please suggest what change needs to be made in the 'encryptFile' method where it says -
    "OutputStream cOut = cPk.open(out, new byte[1 << 16]);" Do you have some evidence that that's where the problem is?

  • Encrypt & Decrypt XML files

    Hi All,
    I am new to the cryptography. I have one application which will transfer XML files from the machines which uses Windows/Java platform to the machines which uses Linux/C and also vice versa.
    I want to encrypt the files before transfer and decrypt the files after transfer on both the sides. Is there a common technology for handling this? Any info? Thanks in adv.
    -Bh_t_76

    So, I thought of getting ideas from the people who
    have already done similar work. I think the forums
    are meant for that. The topic is too broad. The forums are normally for specific problems and your request requires at least one book as an answer.
    If you know nothing about encryption then you need to find and read books on the subject. Not just Java books, but general encryption books. There are plenty out there of various standards.
    One of the books in my library is http://www.schneier.com/book-applied.html but you may want to start with something a little less weighty. Visit http://www.crypteon.co.uk/cryptography-books.htm to get some ideas.
    Once you have a basic understanding of modern cryptography then study the JCE tutorial and come back with specific questions.

  • Decrypt and unzip a File + read a XML file received into the ZIP

    Hello,
    I need your help to develop some a complex Biztalk application.
    Here're my needs :
    Our Busness partner send us a zip file cripted with a standard PGP(Pretty Goof Privacy).
    The zip containts an XML file that i have to deal it, and some attachments file(PDF).
    So i need to know what's the best approach for the developpement of my application.
    I want to decrypt the ZIP and then Unzip the file and them read the XML file received in the zip.
    Knowimg that we already have the pipeline compenent to dectypt the file with the strandar PGP and an other pipeline compenent to unzip the File.
    Thank you

    Hi ,
    Try this code to unzip the file and send the xml message .If u face issue let me know
    namespace BizTalk.Pipeline.Component.DisUnzip
    using System;
    using System.IO;
    using System.Text;
    using System.Drawing;
    using System.Resources;
    using System.Reflection;
    using System.Diagnostics;
    using System.Collections;
    using System.ComponentModel;
    using Microsoft.BizTalk.Message.Interop;
    using Microsoft.BizTalk.Component.Interop;
    using Microsoft.BizTalk.Component;
    using Microsoft.BizTalk.Messaging;
    using Ionic.Zip;
    using System.IO.Compression;
    [ComponentCategory(CategoryTypes.CATID_PipelineComponent)]
    [System.Runtime.InteropServices.Guid("8bef7aa9-5da5-4d62-ac5b-03af2fb9d280")]
    [ComponentCategory(CategoryTypes.CATID_DisassemblingParser)]
    public class DisUnzip : Microsoft.BizTalk.Component.Interop.IDisassemblerComponent, IBaseComponent, IPersistPropertyBag, IComponentUI
    private System.Resources.ResourceManager resourceManager = new System.Resources.ResourceManager("BizTalk.Pipeline.Component.DisUnzip.DisUnzip", Assembly.GetExecutingAssembly());
    #region IBaseComponent members
    /// <summary>
    /// Name of the component
    /// </summary>
    [Browsable(false)]
    public string Name
    get
    return resourceManager.GetString("COMPONENTNAME", System.Globalization.CultureInfo.InvariantCulture);
    /// <summary>
    /// Version of the component
    /// </summary>
    [Browsable(false)]
    public string Version
    get
    return resourceManager.GetString("COMPONENTVERSION", System.Globalization.CultureInfo.InvariantCulture);
    /// <summary>
    /// Description of the component
    /// </summary>
    [Browsable(false)]
    public string Description
    get
    return resourceManager.GetString("COMPONENTDESCRIPTION", System.Globalization.CultureInfo.InvariantCulture);
    #endregion
    #region IPersistPropertyBag members
    /// <summary>
    /// Gets class ID of component for usage from unmanaged code.
    /// </summary>
    /// <param name="classid">
    /// Class ID of the component
    /// </param>
    public void GetClassID(out System.Guid classid)
    classid = new System.Guid("8bef7aa9-5da5-4d62-ac5b-03af2fb9d280");
    /// <summary>
    /// not implemented
    /// </summary>
    public void InitNew()
    /// <summary>
    /// Loads configuration properties for the component
    /// </summary>
    /// <param name="pb">Configuration property bag</param>
    /// <param name="errlog">Error status</param>
    public virtual void Load(Microsoft.BizTalk.Component.Interop.IPropertyBag pb, int errlog)
    /// <summary>
    /// Saves the current component configuration into the property bag
    /// </summary>
    /// <param name="pb">Configuration property bag</param>
    /// <param name="fClearDirty">not used</param>
    /// <param name="fSaveAllProperties">not used</param>
    public virtual void Save(Microsoft.BizTalk.Component.Interop.IPropertyBag pb, bool fClearDirty, bool fSaveAllProperties)
    #region utility functionality
    /// <summary>
    /// Reads property value from property bag
    /// </summary>
    /// <param name="pb">Property bag</param>
    /// <param name="propName">Name of property</param>
    /// <returns>Value of the property</returns>
    private object ReadPropertyBag(Microsoft.BizTalk.Component.Interop.IPropertyBag pb, string propName)
    object val = null;
    try
    pb.Read(propName, out val, 0);
    catch (System.ArgumentException )
    return val;
    catch (System.Exception e)
    throw new System.ApplicationException(e.Message);
    return val;
    /// <summary>
    /// Writes property values into a property bag.
    /// </summary>
    /// <param name="pb">Property bag.</param>
    /// <param name="propName">Name of property.</param>
    /// <param name="val">Value of property.</param>
    private void WritePropertyBag(Microsoft.BizTalk.Component.Interop.IPropertyBag pb, string propName, object val)
    try
    pb.Write(propName, ref val);
    catch (System.Exception e)
    throw new System.ApplicationException(e.Message);
    #endregion
    #endregion
    #region IComponentUI members
    /// <summary>
    /// Component icon to use in BizTalk Editor
    /// </summary>
    [Browsable(false)]
    public IntPtr Icon
    get
    return ((System.Drawing.Bitmap)(this.resourceManager.GetObject("COMPONENTICON", System.Globalization.CultureInfo.InvariantCulture))).GetHicon();
    /// <summary>
    /// The Validate method is called by the BizTalk Editor during the build
    /// of a BizTalk project.
    /// </summary>
    /// <param name="obj">An Object containing the configuration properties.</param>
    /// <returns>The IEnumerator enables the caller to enumerate through a collection of strings containing error messages. These error messages appear as compiler error messages. To report successful property validation, the method should return an empty enumerator.</returns>
    public System.Collections.IEnumerator Validate(object obj)
    // example implementation:
    // ArrayList errorList = new ArrayList();
    // errorList.Add("This is a compiler error");
    // return errorList.GetEnumerator();
    return null;
    #endregion
    /// <summary>
    /// this variable will contain any message generated by the Disassemble method
    /// </summary>
    private System.Collections.Queue _msgs = new System.Collections.Queue();
    #region IDisassemblerComponent members
    /// <summary>
    /// called by the messaging engine until returned null, after disassemble has been called
    /// </summary>
    /// <param name="pc">the pipeline context</param>
    /// <returns>an IBaseMessage instance representing the message created</returns>
    public Microsoft.BizTalk.Message.Interop.IBaseMessage
    GetNext(Microsoft.BizTalk.Component.Interop.IPipelineContext pc)
    // get the next message from the Queue and return it
    Microsoft.BizTalk.Message.Interop.IBaseMessage msg = null;
    if ((_msgs.Count > 0))
    msg = ((Microsoft.BizTalk.Message.Interop.IBaseMessage)(_msgs.Dequeue()));
    return msg;
    /// <summary>
    /// called by the messaging engine when a new message arrives
    /// </summary>
    /// <param name="pc">the pipeline context</param>
    /// <param name="inmsg">the actual message</param>
    public void Disassemble(Microsoft.BizTalk.Component.Interop.IPipelineContext pc, Microsoft.BizTalk.Message.Interop.IBaseMessage inmsg)
    IBaseMessage Temp = inmsg;
    using (ZipFile zip = ZipFile.Read(inmsg.BodyPart.GetOriginalDataStream()))
    foreach (ZipEntry e in zip)
    var ms = new MemoryStream();
    IBaseMessage outMsg;
    outMsg = pc.GetMessageFactory().CreateMessage();
    outMsg.AddPart("Body", pc.GetMessageFactory().CreateMessagePart(), true);
    outMsg.Context=inmsg.Context;
    e.Extract(ms);
    string XMLMessage = Encoding.UTF8.GetString(ms.ToArray());
    MemoryStream mstemp = new System.IO.MemoryStream(
    System.Text.Encoding.UTF8.GetBytes(XMLMessage));
    outMsg.GetPart("Body").Data = mstemp;
    _msgs.Enqueue(outMsg);
    #endregion
    Thanks
    Abhishek

  • SQL Server Agent Failed to decrypt protected XML node

    I'm getting the below error when trying to run sql server agent to run an SSIS package. I've updated folder security to allow sql server agent access, but cannot get the package to execute within SQL Management Studio. The package runs find in SSIS. 
    11.0.2100.60 for 64-bit  Copyright (C) Microsoft Corporation. All rights reserved.    Started:  12:12:00 PM  Error: 2014-11-30 12:12:02.65     Code: 0xC0016016     Source: LoadStgProspects      Description:
    Failed to decrypt protected XML node "DTS:Password" with error 0x8009000B "Key not valid for use in specified state.". You may not be authorized to access this information. This error occurs when there is a cryptographic error. Verify that
    the correct key is available.  End Error  Error: 2014-11-30 12:12:03.88     Code: 0xC0016016     Source: LoadStgProspects      Description: Failed to decrypt protected XML node "DTS:Password" with error
    0x8009000B "Key not valid for use in specified state.". You may not be authorized to access this information. This error occurs when there is a cryptographic error. Verify that the correct key is available.  End Error  Error: 2014-11-30
    12:12:04.74     Code: 0xC0209303     Source: LoadStgProspects Connection manager "Excel Connection Manager"     Description: The requested OLE DB provider Microsoft.Jet.OLEDB.4.0 is not registered. If the 64-bit driver
    is not installed<c/> run the package in 32-bit mode. Error code: 0x00000000.  An OLE DB record is available.  Source: "Microsoft OLE DB Service Components"  Hresult: 0x80040154  Description: "Class not registered".
     End Error  Error: 2014-11-30 12:12:04.74     Code: 0xC020801C     Source: Load prospect files Prospect xls [231]     Description: SSIS Error Code DTS_E_CANNOTACQUIRECONNECTIONFROMCONNECTIONMANAGER.  The AcquireConnection
    method call to the connection manager "Excel Connection Manager" failed with error code 0xC0209303.  There may be error messages posted before this with more information on why the AcquireConnection method call failed.  End Error  Error:
    2014-11-30 12:12:04.74     Code: 0xC0047017     Source: Load prospect files SSIS.Pipeline     Description: Prospect xls failed validation and returned error code 0xC020801C.  End Error  Error: 2014-11-30 12:12:04.74
        Code: 0xC004700C     Source: Load prospect files SSIS.Pipeline     Description: One or more component failed validation.  End Error  Error: 2014-11-30 12:12:04.74     Code: 0xC0024107     Source:
    Load prospect files      Description: There were errors during task validation.  End Error  Error: 2014-11-30 12:12:04.74     Code: 0xC00220DE     Source: LoadStgProspects      Description: Error
    0xC0012050 while loading package file "C:\Users\Jim\Documents\Visual Studio 2010\Projects\SSISTraining\SSISTraining\LoadStgProspects.dtsx". Package failed validation from the ExecutePackage task. The package cannot run.  .  End Error  DTExec:
    The package execution returned DTSER_FAILURE (1).  Started:  12:12:00 PM  Finished: 12:12:04 PM  Elapsed:  4.337 seconds.  The package execution failed.  The step failed.,00:00:04,0,0,,,,0

    Hi selfdestruct80,
    According to your description, you created SSIS package and it works fine. But you got the error message when the SSIS package was called from a SQL Server Agent job.
    According to my knowledge, the package may not run in the following scenarios:
    The current user cannot decrypt secrets from the package.
    A SQL Server connection that uses integrated security fails because the current user does not have the required permissions.
    File access fails because the current user does not have the required permissions to write to the file share that the connection manager accesses.
    A registry-based SSIS package configuration uses the HKEY_CURRENT_USER registry keys. The HKEY_CURRENT_USER registry keys are user-specific.
    A task or a connection manager requires that the current user account has correct permissions.
    According to the error message, the SSIS Package ProtectionLevel property to EncryptSensitiveWithPassword as ArthurZ mentioned. To solve the problem, you need to go to Command Line tab, manually specify the paassword in SQL Agent Job with the command like below:
    /FILE "\"C:\Users\xxxx\Documents\SQL Server Management Studio\SSIS\Package.dtsx\"" /DECRYPT somepassword /CHECKPOINTING OFF /REPORTING E
    If you have any more questions, please feel free to ask.
    Thanks,
    Wendy Fu
    Wendy Fu
    TechNet Community Support

  • Error  while import XML file from Production to Dev., But has GREEN status

    Hi,
    I tried to export/import bex queries through XML transportation. Transportation is being done from Production system to Development. In transport connection I selected required query and then I exported to Development. export of file is done successfully.
    Now in development system I imported that XML file. It is imported. Giving GREEN symbol and also with GREEN check. But in Log view I found ERRORS. in errors it is mentioned "SAP object 46N3K1OCT22PSBN46O95MQLTJ () cannot be imported". along with long message text "Install the specified objects from Business Content. Only import the metadata afterwards.".
    What should I do now as of next step... import of file is stuck..
    How can I search object 46N3K1OCT22PSBN46O95MQLTJ (), if I have to install from BC.
    I am also unable to find the query in Development Bex analyser.
    Thanks for help....
    [email protected]

    Hi Babloo,
    According to the error message, the package may have failed are as follows:
    The user account that is used to run the package under SQL Server Agent in PRODUCTION server differs from the original package author.
    The user account does not have the required permissions to make connections or to access resources outside the SSIS package.
    The package may not run in the following scenarios:
    The current user cannot decrypt secrets from the package. This scenario can occur if the current account or the execution account differs from the original package author, and the package's ProtectionLevel property setting does not let the current user
    decrypt secrets in the package. In this scenario, we can change the SSIS Package ProtectionLevel property to EncryptSensitiveWithPassword, then modify the SQL Server Agent job step command line to include this password.
    File access fails because the current user does not have the required permissions to write to the file share that the connection manager accesses. In this scenario, we can create a SQL Server Agent proxy account. This proxy account must use a credential
    that lets SQL Server Agent run the job as the account that created the package or as an account that has the required permissions.
    References:
    SSIS package does not run when called from a SQL Server Agent job step
    Run an SSIS Package Under a Different Account
    Thanks,
    Katherine Xiong
    Katherine Xiong
    TechNet Community Support

  • Encrypt/decrypt in XML

    Hi all,
    I've got a test program I'm running that does the following:
    Take servername, username, pwd from command line, and encrypt them.
    Write an encrypted XML document (see below).
    Read the encrypted document, and write a decrypted version of the same.
    The encrypted XML document looks like this:
    <?xml version="1.0"?>
    <ENCRYPTED_ATTRIBUTES
         KEY_STRING="�u�����@a:b��,"
         DB_SERVER="|="
         DB_LOGIN=""
         DB_PASSWORD="(+;"
    />The KEY_STRING value is the wrapped SecretKey. Each of the encrypted strings in the XML document are just basic alphanumeric Strings encrypted using DES/EBC/PKCS5Padding.
    I'm using javax.xml.parsers.DocumentBuilder to parse the XML file, and I'm getting the following error:
    java.io.UTFDataFormatException: invalid byte 1 of 1-byte UTF-8 sequence (0x88) The XML parser doesn't appreciate some of those characters (obvious).
    Is there a way to limit the character set used in encrypting a value? Should I try a different algorithm?
    I'm quite new to crypto, so any help is appreciated. Oh yeah: here is the code:
    import org.w3c.dom.Document;
    import javax.crypto.*;
    import javax.crypto.spec.IvParameterSpec;
    import javax.xml.parsers.DocumentBuilder;
    import javax.xml.parsers.DocumentBuilderFactory;
    import java.io.*;
    import java.security.spec.AlgorithmParameterSpec;
    * Class Description:
    * Date: May 27, 2003
    * Time: 1:54:16 PM
    *  $Id: $
    *  $Log: $
    public class JCE_Test {
        public static void doUsage() {
            System.out.println("JCE_Test Usage:\n");
            System.out.println("\tjava JCE_Test <server> <user> <pass>\n");
            System.out.println();
        public static void main(String[] args) {
            if( args.length != 3 ) {
                doUsage();
                System.exit(1);
            String sDatabase, sLogin, sPwd;
            sDatabase = args[0];
            sLogin = args[1];
            sPwd = args[2];
            byte[] bStringData;
            try {
                KeyGenerator keygen = KeyGenerator.getInstance("DES");
                SecretKey theKey = keygen.generateKey();
                Cipher theCipher = Cipher.getInstance("DES/ECB/PKCS5Padding");
                theCipher.init(Cipher.ENCRYPT_MODE, theKey);
                FileOutputStream fos;
                String tmpdir = System.getProperty("java.io.tmpdir");
                fos = new FileOutputStream(tmpdir + "JCE_Test.xml");
                PrintWriter pw = new PrintWriter(fos);
                pw.println("<?xml version=\"1.0\"?>");
                pw.println("<ENCRYPTED_ATTRIBUTES");
                theCipher.init(Cipher.WRAP_MODE, theKey);
                String sKey = new String(theCipher.wrap(theKey));
                pw.println("\tKEY_STRING=\""+sKey+"\"");
                byte[] iv = new byte[]{
                (byte)0x8E, 0x12, 0x39, (byte)0x9C,
                0x07, 0x72, 0x6F, 0x5A
                AlgorithmParameterSpec paramSpec = new IvParameterSpec(iv);
                theCipher.init(Cipher.ENCRYPT_MODE, theKey, paramSpec);
                pw.print("\tDB_SERVER=\"");
                bStringData = sDatabase.getBytes();
                System.out.println(new String(theCipher.doFinal(bStringData), "UTF-8"));
                pw.write(new String(theCipher.doFinal(bStringData), "UTF-8"));
                pw.println("\"");
                pw.print("\tDB_LOGIN=\"");
                bStringData = sLogin.getBytes();
                System.out.println(new String(theCipher.doFinal(bStringData), "UTF-8"));
                pw.write(new String(theCipher.doFinal(bStringData), "UTF-8"));
                pw.println("\"");
                pw.print("\tDB_PASSWORD=\"");
                bStringData = sPwd.getBytes();
                System.out.println(new String(theCipher.doFinal(bStringData), "UTF-8"));
                pw.write(new String(theCipher.doFinal(bStringData), "UTF-8"));
                pw.println("\"");
                pw.println("/>");
                pw.close();
                Document iniFile;
                DocumentBuilderFactory factory = DocumentBuilderFactory.newInstance();
                DocumentBuilder builder = factory.newDocumentBuilder();
                File config;
                config = null;
                iniFile = null;
                try {
                    config = new File(tmpdir + "JCE_Test.xml");
                } catch(Exception a) {
                    System.out.println("Error getting file.\n" + a.toString());
                    System.exit(1);
                try {
                    iniFile = builder.parse(config);
                } catch(Exception b) {
                    System.out.println("Error parsing XML file.\n" + b.toString());
                    System.exit(1);
                org.w3c.dom.Element rootElement;
                org.w3c.dom.NamedNodeMap Attributes;
                rootElement = null;
                Attributes = null;
                try {
                    rootElement = iniFile.getDocumentElement();
                    Attributes = rootElement.getAttributes();
                } catch(Exception c) {
                    System.out.println("Error getting elements.\n" + c.toString());
                    System.exit(1);
                theCipher.init(Cipher.DECRYPT_MODE, theKey, paramSpec);
                try {
                    for( int i=0; i < Attributes.getLength(); i++ ) {
                        String sNode = Attributes.item(i).getNodeName();
                        String sValue = Attributes.item(i).getNodeValue();
                        fos = new FileOutputStream(tmpdir + "JCE_Test_Decrypt.txt");
                        pw = new PrintWriter(fos);
                        pw.println("<?xml version=\"1.0\"?>");
                        pw.println("<DECRYPTED_ATTRIBUTES");
                        if( sNode.startsWith("KEY") == false ) {
                            System.out.println("Printing decrypted " + sNode);
                            pw.println("\t"+sNode+"=\""+ theCipher.doFinal(sValue.getBytes()) + "\"");
                } catch(Exception e1) {
                    System.out.println("Error getting info from XML file.\n");
                    System.out.println(e1.toString());
                pw.println("/>");
                pw.close();
                System.exit(0);
            } catch(Exception e) {
                System.out.println("Error doing the cipher thang...");
                System.out.println(e.toString());
                System.exit(1);

    Unfortunately if your code/jar file is accessable to others then those others
    will have no problem defeating whatever you do except for the user supplied
    password at startup example. Let me give you an example of what I am talking
    about.
    Lets say you have a class that is final and package private with methods
    such as getUsername() getPassword() etc... Now this class can do all sorts
    of tricks to hide and obscure the stuff. Pretty much as complicated as you
    want but in the end I can defeat it by doing this assuming I have access to
    your jar. For this example lets assume the package name of your class is
    com.xyz.crypto.
    package com.xyz.crypto;
    public class Breakit {
    public static void main(String[] args)
    YourSoCalledCryptoClass break = new YourSoCalledCryptoClass();
    System.out.println("Username: " + break.getUsername());
    System.out.println("Password: " + break.getPassword());
    Now that you see how easy it is for an attacker you have to realize that
    the only way to stop this is by preventing me access to the code at all.
    And or to have that code require something that I don't have (aka a
    password). Note that the password option requires that the only place the
    password is stored is in your head. If you put it on disk I may be able
    to obtain it through hacking your machine, or if I am an employee and have
    access either because I am the SysAdmin or whatever...
    I know this is hard to swallow. There has got to be a wy right? Wrong.
    I have been hacking for a long time and I can assure you the only secure
    way to encrypt data is in the end to have something protected by a password
    or key that is not accessible by me. A weak password is an example of
    something that is accessible to me via dictionary attacks and guessing if
    I know anything about you as examples.
    Sorry!!! Keep in mind that crypto can take years to brute force break. But
    if I can go another route to break it in a couple of hours or days such as
    the above then it makes the whole thing kinda pointless right???
    The number one thing crypto anaylists use to break ciphers is exploitation
    of the weaknesses of the system and incorrect usage by users!

  • Unable to open the XML files in Nakisa

    Hi Gurus,
    We are unable to open certain XML files in Nakisa. They show up as encrypted in the notepad or fail to open using the XML Marker. The files in question are
    AppResources.xml
    LoginConfiguration_SAP_Standard
    LoginConfiguration_Anonymous
    Purpose: We want to enable the SSO with the portal . We have checked the radio button but nakisa does not recognize the SSO ticket from the portal (Any folder in Nakisa where we need to place the Portal ticket?)
    Also we want Nakisa to show the org chart for the logged in user. Luke had mentioned that some changes need to be made in the AppResources.xml (hope i correctly remember this) and we were looking to make these changes (rather try out.. any pointers please..?)
    Thanks and Regards,
    Arun E V

    Hi Arun,
    These files are encrypted. If your organisation is a partner with Nakisa you can obtain the decrypter from them.
    Portal SSO works without any configuration directly in the XML files. If you are getting an error stating that the Portal ticket cannot be interpreted then your configuration is not correct. In your URL iView you need to ensure the fully qualified domain name (FQDN) is used for the application URL. In the Administrator Console you need to ensure you enter the system details (Host, Sys Nr and Client) for the backend system which holds your SSO ticket for that Portal. You need to use FQDN here too.
    There is additional security configuration that can be done in the XML files but SSO will still work with just the Administrator Console configuration.
    I hope that helps!
    Luke

  • Failed to decrypt protected XML node "DTS:Password" with error 0x8009000B "Key not valid for use in specified state

    we have developed packages to do the followings
    Extract data from DB2 Source and put it in MS Sql Server 2008 database (Lets Say DatabaseA).From MS Sql Server 2008 (DatabaseA)
    we will process the data and place it in another database MS Sql Server 2008 (DatabaseB)
    We have created packages in BIDS..We created datasource connection in Datasource folder in BIDS..Which has DB2 Connection and both Ms Sql Server connection (Windows authentication-Let
    say its pointing to the server -ServerA which has DatabaseA and DatabaseB).The datasource connections will be used in packages during development.
    For deployment we have created Package Configuration which will have both DB2 Connection and MS SqlServer connection in the config
    We deployed the packages in different MS SqlServer by changing the connectionstring in the config for DB2 and MS SqlServer...
    While runing the package we are getting the following error message
    Code: 0xC0016016     Source:       Description: Failed to decrypt protected XML node "DTS:Password" with error 0x8009000B "Key not valid for
    use in specified state.". You may not be authorized to access this information. This error occurs when there is a cryptographic error. Verify that the correct key is available.
    ilikemicrosoft

    Hi Surendiran,
    This is because the package has been created by somebody else and the package is being deployed under sombody else's account. e.g. If you are the creator then the package is encryption set according to your account and the package setup in SQL server is
    under a different user account.
    This happens because the package protection level is set to EncryptSensitiveWithUserKey which encrypts
    sensitive information using creator's account name.
    As a solution:
    Either you have to set up the package in SQL server under your account (which some infrastructures do not allow).
    OR
    Set the package property Protection Level to "DontSaveSensitive" and add a configuration file
    to the package and set the initial values for all the variables and all the connection manager in that configuration file (which might be tedious of-course).
    OR
    The third options (which I like do) is to open the package file and delete the password encryption entries from the package. Do note that this is not supported by designer and every time you make changes to the connection managers these encryption entries come
    back.
    Hope this helps. 
    Please mark the post as answered if it answers your question

  • Error after importing a Resource .xml file

    Hellos,
    We are moving from development to test.
    I wanted to load the Scripted JDBC Resource we have developed. We exported the Resource from idm/debug, removed the id='xxx' elements and then imported the .xml file via Configure/Import file.
    Now, I get the error:
    ErrorError
    java.lang.IllegalStateException: Error attempting to decrypt: Error initializing Encryptor: Missing required Encryption Key: F9388B0C42691A37:7A11431D:1166721AE86:-7FFC
    when trying to access the resource in the test environment...
    It is a database resource so it has an user/password pair, maybe the Password is causing me grief.
    What is this error meaning and how do I resolve it?

    greenfan88 wrote:
    It is a database resource so it has an user/password pair, maybe the Password is causing me grief.
    What is this error meaning and how do I resolve it?That's the point. Password is encrypted with a particular key. Remove password and reenter it on the resourceform.
    You could also export the ServerKey from dev, but that seems to be not a good solution (at last, not for me).
    regards, M.

  • Is it "OK" to have a single .xml file that's identified by a specific app (Sound Studio)?

    Since I'm have trouble in getting "Amazon's Cloud" to see my music files in iTunes, I'm wondering if the peculiarity I'm noticing with the .xml file in my iTunes folder is causing a problem.  I have only one such file and alongside it is the green icon for my Sound Studio recording/editing app/program.  When I trash the .xml file, it's replaced by the same green icon upon reopening iTunes, even though Sound Studio remains closed.
    I'm wondering if Sound Studio might be prioritizing all other uses of iTunes.  When I click on the .xml file, moreover, I'm told that Sound Studio cannot open files in the "Tab-delimited Text" format?

    No, your answer is miles off. Our process needs to access the OVD LDAP in the normal way (its used for other things). The solution has to be within the borders outlined within my question. I want to add a "filter" java class  somewhere (either in OBIEE, Weblogic or on the LDAP server) that converts my servlets encrypted passwords into plain text BEFORE the LDAP directory is read so that my OBIEE users can logon to OBIEE via my servlet.
    As an alternative is there some way I can convert my  Java servlet into a JAAS thingy that OBIEE will accept as a SSO source? Is that a possibility?
    .....What about this......
    1) I unpack the analytics.ear file
    2) I add a servlet (jsp) in the root location that decrypts the NQPassword into plain text.
    3) This servlet  then FORWARDs (not REDIRECTs) to  saw.dll  passing the NQUser and NQPassword in plain text (I think forward is OK as it all stays on the server, the plain text password is not passed back to the client).
    Would this work as a solution to my problem?
    Message was edited by: 1f78784c-6eb6-41de-8328-2cc49edccda9

  • Failed to decrypt protected XML node "DTS:Password" with error 0x8009000B

    Hi,
    I have developed several SSIS packages with the last Beta of VS2005 / SQL Server CTP. After the public release I tried to uninstall the CTP-Versions to install the msdn finals but this time I got lost and was not able to satisfy the requirements of the final setup of VS2005. So I decided to install the whole pc again and after some hours I had a clean machine (XP with latest SQL Server 2005 Standard and VS2005 Professional).   Now I have tried to open my SSIS-Project but getting the following error:   Error loading ImpNetqNewsRss.dtsx: Failed to decrypt protected XML node "DTS:Password" with error 0x8009000B "Schlüssel ist im angegebenen Status nicht gültig.". You may not be authorized to access this information. This error occurs when there is a cryptographic error. Verify that the correct key is available.
    After some “googleing” I found this thread: http://forums.microsoft.com/msdn/showpost.aspx?postid=22739&siteid=1   If I’m right the solution should be to use a Package Password, but I can’t figure out where I have to go enter/change a password. I even can’t remember I that ever used a password on my old installation for a dtsx-package??   Any help is welcome…   Regards, Dirk

      Let's Say your package name is MyPackage
      In Visual Studio  Go to Control Flow Tab.
      Righ Click on an empty area inside the window not clicking  "Data Flow Component" .  pop up menu click the the properties to get to the properties window of MyPackage package.
    Under the Security Area -> You will see 
            ProtectionLevel              -- Change that to EncryptSensitiveWithPassword
            PackagePassword          -- enter password->  temp
    This should do the trick however to be sure:
    Below you will connection managers:
    Database Connections (if more than one preform on all) 
      Double Click your connection to get the property pages. Click "ALL" under the Connection Link on Left Side. Scroll Down to Security Area.
      Provide the followings:
       Password  (for the sql userid being used)
       Persist Security Info  = True
    Save the Package and connect to SQL Integration Srvices in SQL Manager  (To Server e.g; DBServer (Integration Services) 
      Stored Packages -> MSDB -->  Right Click --> choose Import Package
      in the property dialog box 
                  Package Location :   File System 
                  Package Path  -- Choose the location of your dtsx file.  (MyPackage.dtsx)
      Leave everything default.
      Click OK.
      Dialog box will appear asking for the Package Password 
      Provide the password-> temp
      You have successfully imported the package called MyPackage.
      In order to create a job.   
      In the job Step->
           Type:  SQL Server Integration Services Package
           In the General Tab:
                     Package Source :  SSIS Package Store
                     Server : DBServer  (Where we stored our package above)
        Click the button for the package:  Choose your package  (MyPackage)
       Click OK :
        It will ask the package password again :  temp
                    Package has successfully been loaded to Job Step.  Now you can schedule and do a test run on the job.
      Thanks for the patience of reading for those who are expert.
      - Azhar

Maybe you are looking for

  • Cannot view raw images in iphoto 11

    Hi there, I have just upgraded to a new imac running Mountain Lion and iphoto 6. Now I can't view the latest raw images I have taken (on my canon eos 550D) - When I scroll through the images they appear for a second or so, then they disappear and are

  • Mixed up

    I already posted this message, but i realized it wasn't explained very well, it was confusing. So forgive me to post it again, but better explained: I have objects from a class i made myself, Product. This class has an ArrayList called list. Here is

  • Java applet writes to file on client, no signing necessary

    Hi, I wonder if this is a feature or bug: I download and execute in my browser an unsigned applet/jar myCharts.jar from server. The applet references classes from package org.jfree.chart, which are not packed in myCharts.jar downloaded from server, b

  • Font Install Issue

    Hi, When im installing a font in Windows 7, Illustrator CC cant open, crash. When im unnistalling all external font. Illustrator open correctly. I need work wit this fonts!! Please, help me! PD: Sorry my bad inglish.

  • How to make column editable in Normal ALV report

    Hi experts,                    I Have one push button In ALV tool bar like Fields to be change..when i click this..i need to get one pop up with all fields which is having in Filedcatalog..so i need to doule click on any field which i want to be midi