Encrypting data J2ME

Similar Messages

• EFS, password change denies access to encrypted data

  Hi,
  Has anyone had the issue with admin changing users password in Console One
  resulting in users not being able to access their encrypted data.
  Laptop users are using EFS to encrypt their data.
  These users have WinXPPro SP2 and we are running ZfD 6.5SP2.
  I have found IR 1 for ZfD 6.5 SP2 which includes TID3003874 "Personal IE
  certificates and EFS stop working after password change" however this does
  not fix the issue.
  Could someone explain in more detail what this fix does as I may have
  misunderstood what this fix is.
  Regards,
  Eric.

  I know this is an old thread, but I thought it would be best to those who
  found it realized that the best method for addressing this issue may be
  found here:
  http://www.novell.com/support/viewCo...rnalId=3724689
  However the MS article could still be useful for some.
  Craig Wilson - MCNE, MCSE, CCNA
  Novell Support Forums Volunteer Sysop
  Novell does not officially monitor these forums.
  Suggestions/Opinions/Statements made by me are solely my own.
  These thoughts may not be shared by either Novell or any rational human.
  "ghoskins" <[email protected]> wrote in message
  news:[email protected]..
  >
  > I'm having the same problem. I ran acrosss this Microsoft KB and it
  > seems to fix the issue. I'm not certain this is the best security
  > practices, but it does work.
  >
  > 'User cannot gain access to certificate functionality after password
  > change or when using a roaming profile'
  > (http://support.microsoft.com/default...b;en-us;331333)
  >
  >
  > --
  > ghoskins
  > ------------------------------------------------------------------------
  > ghoskins's Profile: http://forums.novell.com/member.php?userid=12306
  > View this thread: http://forums.novell.com/showthread.php?t=215857
  >

• What happens to encrypted data when the server is destroyed?

  Backups to tape are encrypted with a certificate. 
  But what happens if the backup server is destroyed? Do I lose all the backup data on those tapes?
  Can I backup the certificate or is it specific to that specific DPM server?
  In the case of a catastrophic datacenter failure, where everything is lost except the tapes and the certificate, what is the process for recovering the encrypted data?

  You can absolutely backup the certificates used for DPM encryption and you should store those somewhere safe (for example, burn to CD and put in a fireproof safe offsite somewhere secure in an encrypted file).
  This section of TechNet describes the process: http://technet.microsoft.com/en-us/library/jj628058.aspx
  If you had to recreate a DPM server to read the tapes then you'd need to the certificates in the correct certificate store on the DPM server, in addition you'd need to ensure you had the certificates for the certificate chain, if there is one, in the correct
  locations in the cert store.
  Once a cert expires, do not delete it from the DPM until all the tapes that have used that cert are no longer in use or have been overwritten.
  The data would need to be imported through the recovery section in DPM but you'd be able to read and recover the data if the certs were present. No cert = no recovery.

• Encrypting Data on part of a file system.

  A few months ago, using hints I found on the internet, I was able to use diskutil command line utililty to create an encrypted partition of the same sort as when turning FileVault on in Security Preferences.  File Vault doe not appear to offer a way to choose some pargt of the disk storage such as an entire drive of a folder on a drive.  I was able to do it and it worked.  When I mount the disk partition to the system (usualy by plugging it in and turning it on), I'm asked for the security pass phrase or key to decrypt it.  Once mounted with the key supplied, I can access it as any other mounted disk with the type of access restrictions that might be present on any disk.Since I want the data to be truly privatem U decline to put the key into the a known place such as the keychain.  I don't want just anyone who has a log on to this iMac to b e able to read this data.  I want them to need to enter a private key to mount the data. 
  My only problem with this is the hoops I needed to go through to do this.  It is complicated and invovlves setting up special partitions for the purpose.
  Searching Finder help for encrypting data it offered a solution for data on a removable drive.  The stepsare very simple and easy to do:
     a) Mount the files to be encrypted if they are not  online.  They also need to be in a folder or even an entire partition.
      b) Open Disk Utility (GUI version)
      c)Choose File > New > Disk Image From Folder (or New-> Disk Image ffrom a Device).
      d) Select the folder or disk you want to encrypt.
      e) A save dialog will pop up.  Select the name of the archive you wish to create and select a location.  I choose a removable disk partition which has enouh space.  Select Compressed if you wish.  Then Select Encryption and choose the key size for encryption from the drop dwon.  When you click Save, Disk Utility begins creating a disk image that is (possibly) compressed and probably encrypted.  Once done, the files in the folder or partiion are hiddent behind the encryption.  To get to them, you much open the DMG file and supply the password to unlock the encryption.  You can save the key in the keychain if you are not worreid about who can get in.  If you wish to restrict access to fewer people, keep the key secret and provide a recovery mechanism that is suitable for you need.
     f)  One the archive is created, the disk partition containing it may b4 mounted on the system (if it is not there already) and by opening the dmg file you will be asked for the key.  The system will validate that the key works and the encryption and comprewssion are working.  The archive will be mounted as a virual disk.  It can be accessed by any useer of that computer unless the file permissions get in the way.  Mounting it only when the computer is being used by authorized people allow you to mount and dismount the archive for use during a limited time.
  I have a couple of questions here.  Is there an easier way to do this?  Is this encryption as strong as that used in FileVault? 

  No. I don't know why it would not be, except it is easier for a person to leave the disk mounted where anyone can then see it. With FileVault forcing a password on wake from sleep, it will likely be encrypted if anyone found it.
  I'm not sure why you went to the trouble you did before, except the instructions might have been to create an encrypted partition as opposed to creating the disk image. Disk images have been around for at least a decade.
  If you plan on backing up the image with Time Machine, use a sparse bundle disk image as it will write the data to small files, called stripes. Only the stripes that change get backed up instead of the entire image.

• ** How to encrypt data when saving it in DB directly?

  Hi All,
  I want a method to encrypt data in the database when saving it directly
  that is when any one enabled to see the data he will see it encrypted!

  Hi..
  What is the oracle database version???
  As you want the users to see the encypted data, the best option is use DBMS_CRYPTO to encrypt the data.
  [http://download.oracle.com/docs/cd/B19306_01/appdev.102/b14258/d_crypto.htm]
  [http://www.oracle-base.com/articles/10g/DatabaseSecurityEnhancements10g.php]
  HTH
  Anand
  Edited by: Anand... on Oct 19, 2009 2:11 PM

• How to handle HTTP-POST encrypted data for ECC Using proxy or RFC

  I have a scenario HTTP-POST ->PI->ECC.sender is HTTP Post  send encrypted data i need to handle the data and stored in to SAP ECC  with out decrypt using PI .what should i take for receiver  can i use inbound proxy or RFC  and how can handle the encrypted data  for decrypt.
  Regards
  Ravi

  1. my sender is HTTP POST . what should i configure in sender communication channel in SAP PI .like SOAP or HTTP .What are the parameters i need to pass .
  >>>
  If you are on PI 7.3 and above, configure the HTTP AAE adapter - Configuring the Java HTTP Adapter on the Sender Channel - Advanced Adapter Engine - SAP Library
  2.while using inbound proxy for encrypted data  i need  store the data in to table , the same proxy can i call  another outbound  service for decrypt  same data.
  >>>>
  Yes you can always a proxy within a proxy.

• Insert an encrypt data in a Table

  Hi all,
  i have encrypted a data with HmacMD5, all its fine. but when i've tried to insert encrypt data in my table, hash code may return symbols like �?��Z��x��. then when i do a select data has been corrupted. how can i encrypted in stardand symbols( like mysql passwords). here is my code:
              KeyGenerator kg = KeyGenerator.getInstance("HmacMD5");
              SecretKey sk = kg.generateKey();
              // Get instance of Mac object implementing HMAC-MD5, and
              // initialize it with the above secret key
              Mac mac = Mac.getInstance("HmacMD5");
              mac.init(sk);
              byte[] result = mac.doFinal(dirMAC.getBytes());
              String macenc=new String(result);
              String x = "jdbc:mysql://localhost/"+
                      "mydatabase?user="+user+"&password="+
                      pass;
              Class.forName("com.mysql.jdbc.Driver").newInstance();
              conn = DriverManager.getConnection(x);
              conn.createStatement().executeUpdate("insert into user " +
                      "(User,Password) values('system','"+myPass+"')");
              java.sql.ResultSet rs=conn.createStatement().executeQuery("select password "+
                       "from " +"user where user ='system' ");
              rs.next();
              if((rs.getString(1).equals(macenc))) {
                  System.out.println(rs.getString(1)+" YES "+macenc);
              } else {
                  System.out.println(rs.getString(1)+" NO "+macenc);
              }Output NO. and sometimes when hash has (') character Query not found.
  thanks.

  Thie is most probably the offending line
  String macenc=new String(result);
  It is never a good idea to try to convert arbitrary bytes into a String using this approach. Not all byte sequences have valid char representation. If you must have a String representation use Base64 or Hex encoding of your Hmac. Google for Jakarta Commons Codec to get a library to assist you with this.

• Encrypting data in CSV files

  I am creating a script that reads username and passwords from a CSV file. The passwords will change (and possibly the usernames as well) so instead of re-recording the script to use the new username/password, I wanted an external file to update.
  This works good but the passwords are in CLEAR TEXT in the CSV file.
  Is there a way to encrypt the password (or username and password) in the CSV file?
  If so, is there an external application that can encrypt this without the need for the ATS Desktop application?

  KZack
  Right now you can not encrypt data in a CSV file, however this is a feature well talked about and i'm sure it will be available soon.
  Regards
  Alex

• Export and Import encrypted data

  Hi,
  I have a database table with encryped data (encrypted using DBMS_OBFUSCATION_TOOLKIT.DES3Encrypt). I am having an issue when I export this table and import it into a new schema. The encrypted data seems to have changed after import. I am unable to decrypt it from the new schema.
  Below is the character set details from export/import.
  "Export done in WE8MSWIN1252 character set and AL16UTF16 NCHAR character set. Server uses WE8ISO8859P1 character set (possible charset conversion)."
  "Import done in WE8MSWIN1252 character set and AL16UTF16 NCHAR character set."
  Has anybody had this issue before? Does it have anything to do with the character set? If so, how do I fix it?
  Thank you!

  Hello,
  since this question is about using the export utility, you might better ask this in {forum:id=61} or {forum:id=732}.
  Regards
  Marcus

• Need pl/sql code to Encrypted data to decryption formate

  Hi All,
  I have Encrypted data 64 bit formate like
  encrypt
  780D0287
  FA57C55510D258C73DE93059E3DC49EC
  need output as a Decryption data..kindly give me output

  This is your duplicate post...
  Re: Need pl/sql code to decryption
  *009*

• Send encryption data through network

  I'm doing encryption data exchanging project. I can describe my scenario anyone can give me good suggestion.
  I use RSA Key pair. Client side encrypt the data using private key and server decrypt those data using particular public key. I store my keys in keystore. For one attempt I use public and private keys belong to one alias. My problem is when doing decryption in server side I got error message (BadPaddingException: Data must start with zero). But if I do encryption and decryption in same class using same keys without any client/server connection it works properly.
  So, if anyone can give me any advice or suggestion, I'm very appreciat

  ivanovpv wrote:
  I think problem is somewhere in data transmission. During transmission either server or client adds extra padding information.No. For symmetric block based encrypted the clear text has to be padded to make it a full block. This is normally done as part of the encryption process using PKCS5 padding. Padding is also reqired for RSA encryption so as to make sure the cleartext ^ public_exponent is greater than the modulus. This is normally done using PKCS1 padding.
  If the encrypted data is corrupt then one normally gets a exception such as BadPaddingException when decrypting using a symmetric algorithm or an exception indicating that the padded data should start with a zero in the case of RSA encryption.
  It is almost certain that the OP has corrupted his encrypted data or his key, possibly by converting to a String without using Hex or Base64 encoding. Without seeing his code we will probably never know.
  >
  I would suggest just get your public key (i hope it's just a long/String probably wrapped within some class) then explicitly convert it into character array (best is to use UTF-8 encoding) - then transmit through network. On other side decode from UTF-8 character array into long/String - probably you'd need to instantiate public key object from your long/String and enjoy!String should never be used as a container for binary data and keys are binary data. Just converting them to a String specifying utf-8 will almost certainly corrupt them. If one must have a String version of any binary data whether it be a key or cipher text one should reversibly encode it using something like Base64 or Hex.

• Will this encrypt data securely?

  Hey I'm using bouncy castle AES password based encryption. I was just wondering if anyone would take a quick look at my code below to see if it will encrypt a string securely, or if I've missed anything out?
  Thanks in advance
  import java.io.File;
  import java.security.Security;
  import java.util.Vector;
  import javax.crypto.Cipher;
  import javax.crypto.spec.IvParameterSpec;
  import javax.crypto.spec.SecretKeySpec;
  import javax.swing.JOptionPane;
  import org.bouncycastle.crypto.generators.PKCS5S2ParametersGenerator;
  import org.bouncycastle.crypto.params.KeyParameter;
  import org.bouncycastle.crypto.params.ParametersWithIV;
  import org.bouncycastle.util.encoders.Base64;
  public class encryptor {
       private final byte[] salt = { (byte) 0xc7, (byte) 0x73, (byte) 0x21, (byte) 0x8c,
                 (byte) 0x7e, (byte) 0xc8, (byte) 0xee, (byte) 0x99,
                 (byte) 0xc7, (byte) 0x73, (byte) 0x21, (byte) 0x8c,
                 (byte) 0x7e, (byte) 0xc8, (byte) 0xee, (byte) 0x99 };
       public static void main(String[] args)
            new encryptor();
       public encryptor()
            char[] password = "aRandomPassword".toCharArray();
            SecretKeySpec key = generateKey(password, salt);
            encrypt(salt, key, "A secret message");
       public SecretKeySpec generateKey(char[] charPassword, byte[] salt)
            byte[] bytePassword;
            PKCS5S2ParametersGenerator generator = new PKCS5S2ParametersGenerator();
            Security.addProvider(new org.bouncycastle.jce.provider.BouncyCastleProvider());
            int count = 16;
            try
                 bytePassword = new String(charPassword).getBytes("ASCII");
                 generator.init(bytePassword, salt, count);
                 ParametersWithIV params = (ParametersWithIV) generator.generateDerivedParameters(128, 128);
                 KeyParameter keyParam = (KeyParameter) params.getParameters();
                 return new SecretKeySpec(keyParam.getKey(), "AES");
            catch(Exception e)
                 System.out.println(e);
                 System.exit(1);
            //This will never occur
            return null;
       public void encrypt(byte[] salt, SecretKeySpec key, String text)
            IvParameterSpec iv = new IvParameterSpec(salt);
            Cipher cipher;
            byte[] temp;
            try
                 cipher = Cipher.getInstance("AES/CBC/PKCS5Padding", "BC");
                 cipher.init(Cipher.ENCRYPT_MODE, key, iv);
                 temp = cipher.doFinal(text.getBytes("ASCII"));
                 System.out.println(new String(Base64.encode(temp), "ASCII"));
            catch(Exception e)
                 System.out.println(e);
  }

  I'm no expert in cryptology but you are using the salt byte array in two places, as salt and as the initialization vector. This strikes me as a big "no-no"; I suspect it could weaken your cipher. Even if I had no evidence of such weakening, I'd avoid that if at all possible.
  You should generate separate salt and initialization vectors; in fact, you should generate them randomly each time you encrypt something. Naturally, you'll have to carry them along with the encrypted data so that you can pass them back in to the decryption process, but that's a small part to pay for not opening yourself up to dictionary attacks.
  Also, you might want to apply the salt more than just 16 times; try something much larger, such as 1024.

• Send encrypted data from oracle 11g to Ms SQL Server 12

  Hi every body,
  we want to send encrypted data from oracle 11g to Ms SQL Server 12:
  - data are encrypted to oracle
  - data should be sent encrypted to Ms SQL server
  - data will be decrypted in Ms SQL server by sensitive users.
  How can we do this senario, any one has contact simlare senario?
  can we use asymetric encription to do this senario?
  Please Help!!
  Thanks in advance.

  Hi,
    What you want to do about copying data from Oracle to SQL*Server using insert will work with the 12c gateway.  There was a problem trying to do this using the 11.2 gateway but it should be fixed with the 12c gateway.
  If 'insert' doesn't work then you can use the SQLPLUS 'copy' command, for example -
  SQL> COPY FROM SCOTT/TIGER@ORACLEDB -
  INSERT SCOTT.EMP@MSQL -
  USING SELECT * FROM EMP
  There is further information in this note available on My Oracle Support -
  Copying Data Between an Oracle Database and Non-Oracle Foreign Data Stores or Databases Using Gateways (Doc ID 171790.1)
  However, if the data is encrypted already in the Oracle database then it will be sent in the encrypted format. The gateway cannot decrypt the data before it is sent to SQL*Server.
  There is no specific documentation about the gateways and TDE.  TDE encrypts the data as it is in the Oracle database but I doubt that SQL*Server will be able to de-encrypt the Oracle data if it is passed in encrypted format and as far as I know it is not designed to be used for non-Oracle databases.
  The Gateway encrypts data as it is sent across the network for security but doesn't encrypt the data at source in the same way as TDE does.
  Regards,
  Mike

• Dbms_crypto encrypt date number datatype

  I am using oracle 11g. I am very new to dbms_crypto. I went through documentation but have following doubts:
  Is it mandatory to convert varchar2(32) to RAW to use dbms_crypto.encrypt?
  If I change varchar2(32) to RAW, Can I make it RAW(32) or does it needs to be bigger?
  Does the RAW size must be in multiple of 16?
  How can I encrypt data of datatype date and number using dbms_crypto?
  Thanks a lot for your time to clarify my quries?

  spur230 wrote:
  Is it mandatory to convert varchar2(32) to RAW to use dbms_crypto.encrypt?It's not mandatory, but it's certainly a good idea. If you store encrypted data in a VARCHAR2 column, that means that it is subject to character set conversion if it's moved from one database to another or sent from a database to a client machine. But if character set conversion happens, your encrypted data is corrupted.
  If I change varchar2(32) to RAW, Can I make it RAW(32) or does it needs to be bigger?
  Does the RAW size must be in multiple of 16?It would be helpful to specify exactly what algorithm and parameters you intend to use because it may vary. If, for example, we encrypt using AES-256 with Cipher Block Chaining and PKCS#5 compliant padding (which happens to be the example in the DBMS_CRYPTO manual), the output RAW will always be a multiple of 16 and as large or larger than the input RAW.
  A VARCHAR2(32) will either allocate 32 characters of storage or 32 bytes of storage depending on your NLS_LENGTH_SEMANTICS parameter. If you're using the default, it will allocate 32 bytes. But 32 bytes in the database character set may require more than 32 bytes of storage once you convert it to a UTF-8 encoded RAW (which, technically, also isn't required but is a good practice) and, thus, the encrypted string might require more than 32 bytes of storage. Your database character set and the actual data you store/ want to be able to store will influence how likely it is that you'll need a larger RAW than your VARCHAR2.
  How can I encrypt data of datatype date and number using dbms_crypto?dbms_crypto only operates on RAW data. Just like you convert strings to RAW before encrypting them, you'd need to convert your dates and numbers to RAW. For numbers, you should be able to use UTL_RAW.CAST_FROM_NUMBER. I don't know of a method of casting dates to a RAW other than converting them to a known string representation and then encrypting that (and, of course, doing the reverse when you decrypt the string and convert it back to a date using that same format).
  Justin

• Encrypt data send from a non-SAP system to ECC.

  Hi,
  We are tryign to encrypt the credit card details send from web (non-sap system) via a xml file to ECC.
  From Basis side, I have exported the public key from the ECC for the web server to encrypt the CC details while sending via xml.
  The external web consultants encrypted the cc detail with the public key and send it via xml but that was not able to decrypt at the ECC side.
  The developers were using the FM 'CCARD_DEVELOPE'at ECC to decrypt the data in the xml file. It was saying SSF error: No data transfered.
  Meanwhile SAP CryptoLib is installed and credit card encryption/decryption is working fine for CC details entered via GUI interface.
  Is there anything I am missing out here to encrypt CC details send from a Non-SAP system to ECC.? Do we need to load the SAP cryptolib in the non-SAP system to ecrypt this data at the senders end. Or is there a alternate solution for this ?
  We are in ECC6.0/RHEL/Oracle10204.
  Appreciate your help.
  Thanks

  Hi Nelis,
  Thanks for your reply.
  This note does not get any information regarding encrypting data from a non-SAP system to SAp system.
  I am looking setup/information for encrypting data from a non-SAP system to SAP system.
  Thanks