Encrypt & Decrypt XML files

Hi All,
I am new to the cryptography. I have one application which will transfer XML files from the machines which uses Windows/Java platform to the machines which uses Linux/C and also vice versa.
I want to encrypt the files before transfer and decrypt the files after transfer on both the sides. Is there a common technology for handling this? Any info? Thanks in adv.
-Bh_t_76

So, I thought of getting ideas from the people who
have already done similar work. I think the forums
are meant for that. The topic is too broad. The forums are normally for specific problems and your request requires at least one book as an answer.
If you know nothing about encryption then you need to find and read books on the subject. Not just Java books, but general encryption books. There are plenty out there of various standards.
One of the books in my library is http://www.schneier.com/book-applied.html but you may want to start with something a little less weighty. Visit http://www.crypteon.co.uk/cryptography-books.htm to get some ideas.
Once you have a basic understanding of modern cryptography then study the JCE tutorial and come back with specific questions.

Similar Messages

Error while encrypting the xml file using asymmetric cipher...pls help

i am encryption the xml file using asymmetric cyper....
in one class , i am generating private key and public key using "RSA" algorithm..using 1024 byte initialization...
it is generating properly...
and after that in second class i am encrypting the xml file using "DESede" algorithm and i am using public key of above class..
but i am getting exceptione :
java.security.InvalidKeyException: Invalid key length: 162 bytes
at com.sun.crypto.provider.DESedeCipher.engineGetKeySize(DashoA6275)
at javax.crypto.Cipher.init(DashoA6275)
at XmlEncryption.getEncryptedData(XmlEncryption.java:147)
at XmlEncryption.encryptCompleteXmlFile(XmlEncryption.java:123)
at demoXmlEncApp.simulateBookSellersEnd(demoXmlEncApp.java:72)
at demoXmlEncApp.main(demoXmlEncApp.java:29)
so, what is that ?
i want to use RSA algo for key generatiion and DESede for cipher initialization .
is there any site for where source code of xml file encryption using asymmetric cipher is available?
pls, help me.....

Sachin,
What sabre150 is trying to explain to you, is that encrypting data (such as an XML file) is a 2-step process. In the first step, you generate a symmetric key (such as DES, 3DES, AES) and encrypt your file with this key (and the appropriate mode and padding).
In order to ensure that your encrypted data cannot be decrypted by unauthorized individuals, you now need to protect the symmetric key. Encrypting your symmetric key with another symmetric key does not solve the problem, since you have a chain of symmetric keys that need to be encrypted into infinity.
Cryptographers solve this problem by encrypting the symmetric key with an asymmetric key, such as as RSA. To perform this second step, you generate an RSA key-pair, encrypt the symmetric key you generated in step 1 with the Public key of the RSA key-pair, and give the recipient of the encrypted XML file, access to the Private key of the RSA key-pair as well as the encrypted symmetric key.
The recipient, then uses the RSA Private key to decrypt the symmetric key first, and then uses the "plaintext" symmetric key to decrypt the XML file.
What sabre150 was also attempting to explain to you, is the traditional way of transporting an encrypted "blob" that consists of data + symmetric key. With a modern key-management system, combining the two would be unnecessary.

Hi Freinds......How to Encrypt/Decrypt Text file in j2me

Hello friendz.,,
I m having problem with textfile exncryption decryption in j2me..
Can abybode tell me how to encrypt/decrypt Text file using J2ME API's.......
PLZ help me .......
Thanx in advance
regards,
Parag

http://www.mobilefish.com/developer/bouncycastle/bouncycastle.html
http://www-128.ibm.com/developerworks/library/j-midpds.html

How to encrypt/decrypt xml data into, and then out of IDS?

Hi,
How would we encrypt NPPI information being passed from an unencrypted xml through IDS, and then decrypt it on exit prior to Gendata.
The IDS SDK gave a reference to IDSEncryptionRule(), but insufficient examples of implementation.
It could be something like a single tag element, or even the entire xml, it's just not clear how to make it happen using native IDS methods.
Any thoughts or help to implement this security measure would be most welcome!
Thanks so much!
Edited by: lodit on Apr 10, 2013 2:56 PM

Hi there,
You would need to write a custom IDS rule that implements this function. You can refer to the IDS SDK book for info on writing a custom rule. IDSEncryptionRule does operations based on the request state received. Normally when an IDS rule is executed, the rules in the request type definition are executed with the RUN_FORWARD request state. Then they are executed with the RUN_REVERSE request state. An example of why this model is used would be the ATCReceiveFile. On RUN_FOWARD, it writes the contents of file segments in a message to a temporary file. Subsequent rules execute. Then on the RUN_REVERSE, the ATCReceiveFile does clean up routines to remove the temporary file.
So, armed with that knowledge, you can use the IDSEncryptionrule to perform on RUN_FORWARD (decrypt message variables for subsequent processing by Documaker) and then on RUN_REVERSE (encrypt message variables to send back to the client).
It should be apparent at this point that you need to use an encryption/decryption mechanism with the IDS client otherwise you won't be able to prepare the message to send or read the response. On the client side there are functions - consult the examples included in the IDS SDK (DSI_DSK in the installer package).
--Andy

Encrypt/Decrypt a file

I would like to encrypt/decrypt a binary file (not text based) in FLEX 3.4 (AIR). I went through the forum, but I did not found any samples on how to do this. Any idea or help is appreciated.
Thanks in advanced.

Take a look at Crypto or ASCrypt3
http://code.google.com/p/as3crypto/
http://ascrypt3.riaforge.org/index.cfm

Encrypt/Decrypt pdf files in adobe air applications

Hi Friends
I want to encrypt and decrypt pdf files in adobe air application. I tried it many ways but am not getting it right method.
Please help me this situation.

AFAIK, Adobe Acrobat has features to add security to pdf file, but as for decrypt pdf files, you need to give the password. For example, Adobe Acrobat 9 standard. Decrypting pdf seems not the issue of acrobat. You can find proper version of Acrobat to encrypt your file, whereas decrypt pdf document, you need to turn to a pdf password removing program to achieve that.

Encrypt/decrypt same file with two different passwords

Hi everyone:
I'm quite new to Java and cryptography in general and have a theoretical question. Is the following scenario possible and how would it be implemented:
Two users with two passwords (say, a regular user and a superuser) encrypt, decrypt, read from and write to the same file. The secret key for encryption and decryption should be based on their passwords (generated from their passwords), i.e. not stored anywhere on the system.
I've been racking my brains but can't think of a way. Am I missing an obvious solution?
Can it be done?
Thanks,
Michael

I don't think you can avoid having more than just a password hash stored on the system. Using a combination of my approach and Jeff's approach I can implement this as long as you allow a password protected key store to be stored on each system. A given user's key store would contain his RSA private key and associated public key together with the admin user's RSA certificate (thought the admin user's public key could be stored in the program since it does not have to be kept private). The admin user's key store would contain only his RSA private and public keys.
Assume that the data file is to be create by a standard non-admin user. His code performs the following actions -
1) Generates a random symmetric algorithm key. Say a 128 bit AES key.
2) He write a digest of this to the output file.
3) He writes the random key encrypted with his public key to the file.
4) He writes his public key (or certificate) to the file.
5) He writes the random key encrypted with the admin users public key to the file.
6) He encrypts the data using the random key writes the result to the file.
This user can then update the file by
1) reading from the file the digest of the random key.
2) reading the random key encrypted with his public key.
3) Decrypting this encrypted random key using his private key extracted from his keystore.
4) Check the digest of this key to make sure he has the correct random key.
5) skipping his certificate and the random key encrypted using the admin user's public key.
5) Decrypting the data using the random key.
6) Update the data.
7) Re-encrypt the file as described in the first part using a new random key.
The admin user can
1) read from the file the digest of the random key.
2) skip the random key encrypted using the user's public key.
3) reading the user's public key from the file (for use later if the file needs to be updated).
4) read the random key encrypted using the admin's public key.
5) decrypting the random key using the admin's private key obtained from his key store.
6) check the digest of the random key to make sure it is correct.
7) decrypt the the data.
The admin can edit the data since he can re-encrypt the data in a similar manner to the way it was created in the first place.

Encrypting an XML file data

Hi All
I am new to Java security. I am stuck where i need to write the handler for the webservice.
I need to encrypt/sign the XML data using the some certificate.
I am having the certificate (pfx) and JKS file with me which i got from the web service producer.
Could some one let me know how can i encrypt this XML with above certificate.
Please let me know if you need some more information.
Thanks
Navneet

Navneet_Nigam wrote:
In the means while could you please answer my one question what is the differecne between sign the xml and encrypting the xml.Sign - to indicate that the XML has not be tampered with.
Encrypt - to hide the content from prying eyes.
I want XMl to be signed and encryptedOK.
If you are serious about doing this work then you should learn a good bit more about cryptography. A good starting point is
"Beginning Cryptography with Java" written by David Hook and published by Wrox.

Encrypt-decrypt xml payload (PI 7.0 vs 7.1)

Hi Experts.
I'm working in a web service that receive an encrypted xml payload via SOAP. The problem is that the xml that I'm receiving is partially encryptad.
I'm using a PI 7.0 communication channel type SOAP to decrypt the info, but it isn't supported because PI 7.0 SOAP Comm Channel only can decrypt the hole message, not only a part of that!!!!!!
My question is if PI 7.1 SOAP Comm Chanel can decrypt only a part of xml messages instead of a hole message like PI 7.0 is doing??
Thanks in advance.

Hi again.
Thanks a lot Baskar for your answer but I thinks that the envelope isn't my problem.
I'm receiving a payload that has only one encrypted node. One example could be:
<Transmisiones>
        <TransmisionDatos>
            <DatosGenericos>
                <Emisor>
                    <NifEmisor>Qnif_Example</NifEmisor>
                    <NombreEmisor>AEAT</NombreEmisor>
                </Emisor>
                <Solicitante>
                    <IdentificadorSolicitante>ID_example</IdentificadorSolicitante>
                    <NombreSolicitante>Junta Castilla-La Mancha</NombreSolicitante>
                    <Finalidad>PROC</Finalidad>
                    <Consentimiento>Si</Consentimiento>
                </Solicitante>
                <Titular>
                    <TipoDocumentacion>NIF</TipoDocumentacion>
                    <Documentacion>documentacion_Example</Documentacion>
                </Titular>
                <Transmision>
                    <CodigoCertificado>AEAT103I</CodigoCertificado>
                    <IdSolicitud>test</IdSolicitud>
                    <IdTransmision>test</IdTransmision>
                    <FechaGeneracion/>
                </Transmision>
            </DatosGenericos>
            <ns2:DatosEspecificos >
                    <xenc:EncryptionMethod Algorithm = "http://www.w3.org/2001/04/xmlenc#aes128-cbc" xmlns:xenc = "http://www.w3.org/2001/04/xmlenc#"/>
                    <ds:KeyInfo xmlns:ds = "http://www.w3.org/2000/09/xmldsig#">
                        <wsse:SecurityTokenReference xmlns:wsse = "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
                            <wsse:Reference URI = "test"/>
                        </wsse:SecurityTokenReference>
                    </ds:KeyInfo>
                    <xenc:CipherData xmlns:xenc = "http://www.w3.org/2001/04/xmlenc#">
                        <xenc:CipherValue xmlns:xenc = "http://www.w3.org/2001/04/xmlenc#">
                            7eNid3oVoNLlUcAAjUTZItHkDoPRpe5oSPc1tB/SZyVpi49VhF9Yrv0A0uvNmazIsrtbaahRAvB+
                            Go8KyHNRxsy410lbhFpzb9gqgqNTEKvGFGgDgyc0kpokhVgPfHHOmcmdHxBAGwf5vzUuPEcNw0J+
                            z9kVMRKZK31HndrOXSoiXLtHHkUqTwo4Q2rNlC3gZQKmAawDlFJPiAmUxa4ejeZWWxrnLadC5BD+
                            x=+
                        </xenc:CipherValue>
So, the xml only has one encrypted node: CIPHER VALUE.
In PI 7.0 the SOAP comm channel cannot decypher that kind of payload because that only has a part of payload encrypted instead of a whole encrypted payload.
My question is if using PI 7.1 this problems will be solved in SOAP comm channel. Or I need to upgrade to PI 7.3??
thanks a lot

Problem in decryption of xml file

Hi Friends,
I have encrypted an xml file using RSA-1024 (using a public key) . It is encrypted successfully.
Now to decrypt the resultant file, I'm using the same algo (using a private key), but it results a blank/empty file instead of original xml file.
Pls help me to decrypt the file.
Thanks.
Edited by: PSS_Delhi on Apr 29, 2008 2:25 AM

PSS_Delhi wrote:
Hi Friends,
I have encrypted an xml file using RSA-1024 (using a public key) . It is encrypted successfully.
Now to decrypt the resultant file, I'm using the same algo (using a private key), but it results a blank/empty file instead of original xml file.
Pls help me to decrypt the file.Sorry but how can we help you without a view of your encryption code?

XML encrypt/decrypt

Hi All,
I'm a newbie, and want to know if the output XML file (UUT test report) from TestStand can be encrypted without using any third party software?
Actually I want to know if TestStand itself supports encryption/decryption of XML?
And if TestStand doesn't supports, is there any work around for this requirement?
I am not allergic to Kudos, in fact I love Kudos.
Make your LabVIEW experience more CONVENIENT.

Hello,
Encryption in XML file is required to encrypt the various configuration parameter values so that a user cannot view / edited it external outside the to the test application. By making use of Private / Public keys data would be encrypted.This key will be exchanged between TestStand & XML to decrypt & display it to user.
See additional details on XML encryption on : http://www.w3.org/TR/xmlenc-core/
We can encrypt the step result using LabVIEW encryption example --> http://zone.ni.com/devzone/cda/epd/p/id/3473
My question now is --> How to include the customize XML report header to include the encryption standard?
I saw many articles to make use of "ModifyReportHeader". Can someone furnish me with a working example of modifying the header through TestStand? I tried ... but in Vain..

Decrypting an XML file

This is my first time trying to encrycpt and decrypt
anything, but have seem some tutorials for C# .NET online.. I'm
wondering if there is any way to read encrypted data from .NET by
Flash and decrypt it....
Basically what I have is a .NET desktop application that
creates content to be showin in a Flash AS3 shell. The data is
written out as XML (which I want to encrypt) and then read in by
Flash (which I'd like it to read it, dycrpt it and use the
decrypted XML file for the content).
I'm looking ALL over the net for things on this, and since I
know NOTHING about encryption, I'm at a loss.. the only thing I've
found for Flash that has comment "key words" in it is the crypto
class found here:
http://crypto.hurlant.com/
only problem is there isn't any documentation, or an FLA file
that I can look at to see how to use it..
Can anyone point me in the right direction for this?
thanks.

Not sure,you are looking for inbuild product to produce the OAG XML format, or trying to build custom one.
If options is Inbuild Product, Oracle Exchange is yeh another product has such kind of capability. Refer this
http://download-west.oracle.com/docs/cd/A97329_03/web.902/a88894/adx16orx.htm#1007387
FOr second , check out these two document in metalink
150083.1 XML Utilities
123491.1 How To Insert XML Documents Into The Database And Validate Them Using PL/SQL ?
Hope this will be help

I need an encrypt a xml settings file.

Hey all,
I'm new to this post, so bare with me.
I have a XML file that has some setting of the program,
and also user name and password to a database.
hence i would like to encrypt this file, so no one can read the user name and password.
so my question is what should i use?
and do
any help will be greatly appreciated.
thanks

so user name and password to a database.
>
hence i would like to encrypt this file, so no one
can read the user name and password.
so my question is what should i use?
and do
You need to re-think your design. One cannot securely encrypt the XML file because your program must be able to decrypt it so it must contain the key needed for the decryption. The key can therefor be extracted by any half competent hacker.

How do I protect my FLV files? or How to encrypt and decrypt FLV files using AIR?

Hi,
I am working on an AIR application, which is developed on eLearning concept. The application mainly deals with flv files. The application contains a video player component, which will stream flv files from an Apache Server and played in my application. Here my concern is I would like to protect my flv files some how against users who may stream them from Apache Server and use them without my application.
I thought of with an idea to do it. But I don't know whether it will work or not. So I am requesting for your suggestions and better ways to do this with a sample.
Here is my thought:
I would like to place the encrypted FLV files at Apache Server side [ Need to know how to encrpt the FLV files using Flex]
As my AIR application send a request for a FLV file, the Apache server should send the decryption key and a stream of FLV file.
AIR application should take the decryption key, stream of flv file and it should capable enough to decrypt the FLV file and play it in my application. [ But I don't know how to encrypt/decrypt FLV files through flex]
I can do encryption of FLV files using Mac Address of Apache Server system and using Java. But I don't know how can I decrypt the same FLV file ( Encrypted using Mac Address and java ) at AIR application side.
So I would be greatfull If any body help me in encrypting and decrypting of FLV file with a sample using Flex 3.0.
Thanks
Sudheer Puppala

russellfromblackburn south wrote:
Is it because the portable drive is NTFS format and the Mac wont recognise this? If so what do I do?
Yes, this is exactly what is causing the problem. Macs cannot write to NTFS formatted drives, only read. You must move the documents to the internal HDD/SSD of the Mac to be able to edit them.
Or, since you say you don't want to move the documents to the internal storage, you'll need to format the external HDD as FAT32.

Decrypt video file(flv)??

Hello
I write program to encrypt / decrypt video file , for encryption I can write a code that give for example "film.flv" and store it every where that I want. but Ihave another code that decrypt that file and store it,but I want that have code
to decrypt for example encryption file and then execute it (with Process.Start("D:\\Mishael\\Documents\\Ikido.docx");).
how can write decrypt the encryption file without store and execute it.
all my code is :
class Class1
public const string stKey = "_?73^?dVT3st5har3";
public const string stSlatKey = "!25@LT&KT3st5har3EY";
public const int intIterations = 1024;
public byte[] slat;
public byte[] bytes;
public byte[] decslat;
public byte[] decbytes;
public byte[] GetBytes(string str)
bytes = new byte[str.Length * sizeof(char)];
Buffer.BlockCopy(str.ToCharArray(), 0, bytes, 0, bytes.Length);
return bytes;
//encryption video file and store it
public void EncryptFile(string stSrcFilename, string stDestFilename)
RijndaelManaged aes = new RijndaelManaged();
aes.BlockSize = aes.LegalBlockSizes[0].MaxSize;
aes.KeySize = aes.LegalKeySizes[0].MaxSize;
slat = GetBytes(stSlatKey);
Rfc2898DeriveBytes key = new Rfc2898DeriveBytes(stKey, slat, intIterations);
aes.Key = key.GetBytes(aes.KeySize / 8);
aes.IV = key.GetBytes(aes.BlockSize / 8);
aes.Mode = CipherMode.CBC;
ICryptoTransform transform = aes.CreateEncryptor(aes.Key, aes.IV);
using(FileStream dest = new FileStream(stDestFilename,FileMode.CreateNew,FileAccess.Write,FileShare.None))
using(CryptoStream cryptostream = new CryptoStream(dest,transform,CryptoStreamMode.Write))
using(FileStream source = new FileStream(stSrcFilename,FileMode.Open,FileAccess.Read,FileShare.Read))
//source.Copyto(cryptostream);
byte[] buf = new byte[4096];
int size = 0;
while ((size = source.Read(buf, 0, 4096)) > 0)
cryptostream.Write(buf, 0, size);
//I want to decrypt video(that encrypted without store and execute it)
public void decryptfilm(string srcFilename)
RijndaelManaged aes = new RijndaelManaged();
aes.BlockSize = aes.LegalBlockSizes[0].MaxSize;
aes.KeySize = aes.LegalKeySizes[0].MaxSize;
decslat = GetBytes(stSlatKey);
Rfc2898DeriveBytes key = new Rfc2898DeriveBytes(stKey, decslat, intIterations);
aes.Key = key.GetBytes(aes.KeySize / 8);
aes.IV = key.GetBytes(aes.BlockSize / 8);
aes.Mode = CipherMode.CBC;
ICryptoTransform transform = aes.CreateDecryptor(aes.Key, aes.IV);
using (FileStream dest = new FileStream(srcFilename,FileMode.Open, FileAccess.Read, FileShare.Read))
using (CryptoStream cryptostream = new CryptoStream(dest,transform,CryptoStreamMode.Read))
//StreamReader stread = new StreamReader(cryptostream);
//stread.ReadToEnd
//try
// using (FileStream source = new FileStream(srcFilename, FileMode.Open, FileAccess.Read, FileShare.Read))
// Process.Start(srcFilename);
//catch (CryptographicException exception)
// throw new ApplicationException("Decryption failed", exception);
}//decrypt video(that encrypted) and store it
public void DecryptFile(string srcFilename, string destFilename)
RijndaelManaged aes = new RijndaelManaged();
aes.BlockSize = aes.LegalBlockSizes[0].MaxSize;
aes.KeySize = aes.LegalKeySizes[0].MaxSize;
decslat = GetBytes(stSlatKey);
Rfc2898DeriveBytes key = new Rfc2898DeriveBytes(stKey, decslat, intIterations);
aes.Key = key.GetBytes(aes.KeySize / 8);
aes.IV = key.GetBytes(aes.BlockSize / 8);
aes.Mode = CipherMode.CBC;
ICryptoTransform transform = aes.CreateDecryptor(aes.Key, aes.IV);
using (FileStream dest = new FileStream(destFilename, FileMode.CreateNew, FileAccess.Write, FileShare.None))
using (CryptoStream cryptostream = new CryptoStream(dest, transform, CryptoStreamMode.Write))
try
using (FileStream source = new FileStream(srcFilename, FileMode.Open, FileAccess.Read, FileShare.Read))
byte[] buf = new byte[4096];
int size = 0;
while ((size = source.Read(buf, 0, 4096)) > 0)
cryptostream.Write(buf, 0, size);
catch (CryptographicException exception)
throw new ApplicationException("Decryption failed", exception);

how can write decrypt the encryption file without store and execute it.
Please don't post C code in the VB forum - it is very confusing. You can convert that code and update you post using a utility such as this:
http://converter.telerik.com/
If you decrypt your file without either storing it or executing it, then what will you do with the decrypted file? If you mean that you want to decrypt it and then execute it without storing it then that will depend on how you are executing it.
You can use a memory stream, but not with a viewer that you start as an external process.
https://msdn.microsoft.com/en-us/library/system.io.memorystream(v=vs.110).aspx

Encrypt & Decrypt XML files

Similar Messages

Maybe you are looking for