Implementation of PGP or GPG

Hello World!
I am looking to create one application in the java which has to encrypt the complete report through the client provided encryption key.
I am searching into the forums and mostly found the "www.bouncycastle.org" and "www.cryptix.org" links. But I am not able to get the exact required data.If someone has implemented through these links can guide me which exact API I need to use? which class of the API will encypt?
Or do we have anyother Java API for the encryption?
Please guide.

Let me give you more detail about what I want. I am provided by the client with the public key.
Now WHat I do is generate the report which contain only the text data.Now I have one text file which I want to encrypt by using the public key. Currently I am encrypting by using the PGP desktop 9.8.
Now as I already descibed want encrypt the text file throug public key through some java API.
Recommended Bouncy Castle site is good and informative but confusion is I am not able to find out their API in the javadoc format.
sabre150 can you provide me the javadoc link containing the API detail and also if you already know the direct class which I need to use ADD key and to encrypt etc.
Hopefully this information is enough to provide consice answer.
Thanks

Similar Messages

  • Encrypt and Decrypt files using PGP and GPG

    Dear members, We have a customer that need to process files received through sFTP, FTPs and FTP over SSL encrypted with PGP and GPG methods.
    We Know that those encryption Method are not supported out of the box in Oracle SOA Suite and WCC but We need to Know if some of you have some workaround about that, maybe using a valve in FTP adapter, B2B or any other method in WCC.
    Thanks in advance

    >
    Meiying Yang wrote:
    > I have scenarions FTP-->ABAP proxy and ABAP proxy --> FTP. I need to put and get encrypted files to and from FTP server. Does anybody know how I can decrypt file when I get it from FTP server and encrypt file before I send to FTP server? Thanks.
    Hi,
    Have a look at these blogs.It would be helpful.
    1. SAP XI/PI Encode Outgoing Payload using Adapter Module
    /people/farooq.farooqui3/blog/2008/09/24/sap-xipi-encode-outgoing-payload-using-adapter-module
    2. Decode Base64 Incoming Encoded information in SAP XI/PI using Java Mapping
    /people/farooq.farooqui3/blog/2008/05/22/decode-base64-incoming-encoded-information-in-sap-xipi-using-java-mapping
    Regards,
    Chandra

  • MAJOR disappointment - PGP and GPG won't work

    I've been using GPG (Open source version of PGP) to sign important e-mails for some time now. After upgrading to Snow Leopard, GPG quit working, so I did some research. It seems Apple has made so many changes in Mail that neither PGP nor GPG can be used to sign or encrypt e-mail any longer, and the GPG group indicated that Apple won't disclose enough details about the changes for them to update their software. PGP (a commercial company) has said, "Wait for the next version" but provided no time line when this will be available.
    This is a major disappointment for me and for other security/privacy conscious Mac users. What is wrong with Apple all of a sudden?
    Walt

    leeb00 wrote:
    My understanding is that if Apple documented its mail plugin API's then developers of GPGMail and the like could update their plugins. As it stands they must use trial and error to create updates, and the plugins break with each mail update.
    FYI, the GPGMail author is saying he won't be updating this plugin, for lack of time (40 hrs estimated) and he's looking for help.
    This is a real disappointment indeed. I really need this functionality, and I don't want to go back to Thunderbird/Enigmail to get it.
    You can either switch to using S/MIME which is built-in or wait for the soon to be available upgrade for MacPGP (i.e. not the free one).

  • SLS Mail Server with PGP/GPG

    I am trying to figure out how I can setup PGP or GPG encryption for Mail on SLS 10.6.2. My goal is to serve my Blackberry PGP/GPG encrypted email. Does anyone have any advice?

    This is normally done end-point to end-point (MUA at either end), not at the server itself.
    Postfix is the MTA in OS X Server, and Dovecot the MDA in 10.6 Server (previously it was Cyrus).
    See http://groups.google.com/group/list.postfix.users/browse_thread/thread/bc18d0324 aa942b2
    Setup your Blackberry to access your server via IMAP, for example:
    http://discussions.apple.com/thread.jspa?messageID=10711862
    But the interaction of SLS and your Blackberry is probably not going to function as you appear to imagine.
    You may wish to look into something like funambol
    http://www.funambol.com/

  • About gpg package signing "No Keyserver Known" error (Solution)

    Hello everyone,
    I'll be using a linux kernel download as an example (This assumes you have the download and the
    signature file.
    For people who want to verify downloads with gpg, people probably are going to do:
    $ gpg --verify linux-3.1.5.tar.sign
    Output:
    gpg: Signature made Fri 09 Dec 2011 12:16:46 PM EST using RSA key ID 6092693E
    gpg: Can't check signature: public key not found
    If anyone is having a problem like this after typing:
    $ gpg --recv-keys 6092693E
    Output:
    gpg: no keyserver known (use option --keyserver)
    gpg: keyserver receive failed: Syntax error in URI
    Try:
    $ gpg --keyserver subkeys.pgp.net --recv-keys 6092693E
    Output:
    gpg: requesting key 6092693E from hkp server subkeys.pgp.net
    gpg: key 6092693E: "Greg Kroah-Hartman (Linux kernel stable release signing key) <[email protected]>" not changed
    gpg: Total number processed: 1
    gpg:              unchanged: 1
    Then try:
    $ gpg --verify linux-3.1.5.tar.sign
    Output:
    gpg: requesting key 6092693E from hkp server subkeys.pgp.net
    gpg: key 6092693E: public key "Greg Kroah-Hartman
         (Linux kernel stable release signing key) <[email protected]>" imported
    gpg: 3 marginal(s) needed, 1 complete(s) needed, PGP trust model
    gpg: depth: 0  valid:   3  signed:   1  trust: 0-, 0q, 0n, 0m, 0f, 3u
    gpg: depth: 1  valid:   1  signed:   0  trust: 0-, 0q, 0n, 0m, 1f, 0u
    gpg: Total number processed: 1
    gpg:               imported: 1  (RSA: 1)
    Note that subkeys.pgp.net may not work, so if this solution doesn't work, replace subkeys.pgp.net with whatever that works.
    Source: http://www.kernel.org/signature.html

    edit:nvm
    Last edited by jwele (2012-07-17 21:17:48)

  • Doing a commandline callout from OSB

    How should one do a command-line call out from an OSB proxy service, would one just do a java callout and pass it on from there? The documentation seems to recommend against it because it will require threads, but I'm not sure how else one would accomplish something like this.
    What I need to do is pass a file to gpg and then use the returned file for further processing.

    Ok, you might be right. I guess there must be other implementations for PGP in Java.If there are we have been unable to find them, and they very well might suffer from the same drawbacks as bouncycastle.
    I would say there isn't anything useful on command-line, but our preferences are probably very different. Involving command-line logic has its disadvantages like difficult deployment, potential painful migration (platform dependency), security related problems ... But if you don't mind, go for it.Those problems are true no matter what for any project of at least interesting complexity. and command-line invocations are great solution for all of them. The interface tends to be very simple, just the command name and some parameters which makes it much easier to build replacements if it is truly needed, and deployment is usually eased by having some kind of installer. The only potential problem is one of scalability.
    Which still leaves me with how to do it properly, since invoking the command line from Java seems to necessitate threads, which the OSB recommends against for Java callouts. Does that warning still hold if all the spawned threads must complete before the function returns?

  • Issues with Tor connection

    Hi,
    First here is my network information.
    I'm in university, where there is a direct connection to the internet. But the firewall blocks all outgoing ports except 80 and 443. In addition they seem to be preventing CONNECT calls over HTTP to tunnel other protocols.
    I'm trying to use Tor. In my Torrc i set the following options
    ## CONFIGURED FOR ARCHLINUX
    ## Last updated 22 July 2005 for Tor 0.1.0.13.
    ## (May or may not work for older or newer versions of Tor.)
    ## See the man page, or http://tor.eff.org/tor-manual.html, for more
    ## options you can use in this file.
    # On Unix, Tor will look for this file in someplace like "~/.tor/torrc" or
    # "/etc/torrc"
    # On Windows, Tor will look for the configuration file in someplace like
    # "Application Data\tor\torrc" or "Application Data\<username>\tor\torrc"
    # With the default Mac OS X installer, Tor will look in ~/.tor/torrc or
    # /Library/Tor/torrc
    # Set the Tor Circuit Build time to find faster tor servers, increments of seconds
    CircuitBuildTimeout 2
    # connections while Tor is not in use.
    KeepalivePeriod 60
    # Force Tor to consider whether to build a new circuit every NUM seconds.
    NewCircuitPeriod 15
    # Set How many entry guards we should we keep at a time
    NumEntryGuards 8
    ## Replace this with "SocksPort 0" if you plan to run Tor only as a
    ## server, and not make any local application connections yourself.
    SocksPort 9050 # what port to open for local application connections
    SocksBindAddress 127.0.0.1 # accept connections only from localhost
    #SocksBindAddress 192.168.0.1:9100 # listen on a chosen IP/port too
    ## Entry policies to allow/deny SOCKS requests based on IP address.
    ## First entry that matches wins. If no SocksPolicy is set, we accept
    ## all (and only) requests from SocksBindAddress.
    #SocksPolicy accept 192.168.0.1/16
    #SocksPolicy reject *
    ## Allow no-name routers (ones that the dirserver operators don't
    ## know anything about) in only these positions in your circuits.
    ## Other choices (not advised) are entry,exit,introduction.
    AllowUnverifiedNodes middle,rendezvous
    ## Logs go to stdout at level "notice" unless redirected by something
    ## else, like one of the below lines. You can have as many log lines as
    ## you want.
    ## Send all messages of level 'notice' or higher to /var/log/tor/notices.log
    #Log notice file /var/log/tor/notices.log
    ## Send only debug and info messages to /var/log/tor/debug.log
    #Log debug-info file /var/log/tor/debug.log
    ## Send ONLY debug messages to /var/log/tor/debug.log
    #Log debug-debug file /var/log/tor/debug.log
    ## To use the system log instead of Tor's logfiles, uncomment these lines:
    Log notice syslog
    ## To send all messages to stderr:
    #Log debug stderr
    ## Uncomment this to start the process in the background... or use
    ## --runasdaemon 1 on the command line.
    RunAsDaemon 1
    User tor
    Group tor
    ## Tor only trusts directories signed with one of these keys, and
    ## uses the given addresses to connect to the trusted directory
    ## servers. If no DirServer lines are specified, Tor uses the built-in
    ## defaults (moria1, moria2, tor26), so you can leave this alone unless
    ## you need to change it.
    #DirServer 18.244.0.188:9031 FFCB 46DB 1339 DA84 674C 70D7 CB58 6434 C437 0441
    #DirServer 18.244.0.114:80 719B E45D E224 B607 C537 07D0 E214 3E2D 423E 74CF
    #DirServer 86.59.21.38:80 847B 1F85 0344 D787 6491 A548 92F9 0493 4E4E B85D
    ## The directory for keeping all the keys/etc. By default, we store
    ## things in $HOME/.tor on Unix, and in Application Data\tor on Windows.
    DataDirectory /var/lib/tor
    ## The port on which Tor will listen for local connections from Tor controller
    ## applications, as documented in control-spec.txt. NB: this feature is
    ## currently experimental.
    #ControlPort 9051
    ############### This section is just for location-hidden services ###
    ## Look in .../hidden_service/hostname for the address to tell people.
    ## HiddenServicePort x y:z says to redirect a port x request from the
    ## client to y:z.
    #HiddenServiceDir /var/lib/tor/hidden_service/
    #HiddenServicePort 80 127.0.0.1:80
    #HiddenServiceDir /var/lib/tor/other_hidden_service/
    #HiddenServicePort 80 127.0.0.1:80
    #HiddenServicePort 22 127.0.0.1:22
    #HiddenServiceNodes moria1,moria2
    #HiddenServiceExcludeNodes bad,otherbad
    ################ This section is just for servers #####################
    ## NOTE: If you enable these, you should consider mailing your identity
    ## key fingerprint to the tor-ops, so we can add you to the list of
    ## servers that clients will trust. See
    ## http://tor.eff.org/doc/tor-doc.html#server for details.
    ## Required: A unique handle for this server
    #Nickname ididnteditheconfig
    ## The IP or fqdn for this server. Leave commented out and Tor will guess.
    #Address noname.example.com
    ## Contact info that will be published in the directory, so we can
    ## contact you if you need to upgrade or if something goes wrong.
    ## This is optional but recommended.
    #ContactInfo Random Person <nobody AT example dot com>
    ## You might also include your PGP or GPG fingerprint if you have one:
    #ContactInfo 1234D/FFFFFFFF Random Person <nobody AT example dot com>
    ## Required: what port to advertise for tor connections
    #ORPort 9001
    ## If you want to listen on a port other than the one advertised
    ## in ORPort (e.g. to advertise 443 but bind to 9090), uncomment
    ## the line below. You'll need to do ipchains or other port forwarding
    ## yourself to make this work.
    #ORBindAddress 0.0.0.0:9090
    ## Uncomment this to mirror the directory for others (please do)
    #DirPort 9030 # what port to advertise for directory connections
    ## If you want to listen on a port other than the one advertised
    ## in DirPort (e.g. to advertise 80 but bind 9091), uncomment the line
    ## below. You'll need to do ipchains or other port forwarding yourself
    ## to make this work.
    #DirBindAddress 0.0.0.0:9091
    ## A comma-separated list of exit policies. They're considered first
    ## to last, and the first match wins. If you want to *replace*
    ## the default exit policy, end this with either a reject *:* or an
    ## accept *:*. Otherwise, you're *augmenting* (prepending to) the
    ## default exit policy. Leave commented to just use the default, which is
    ## available in the man page or at http://tor.eff.org/documentation.html
    ## Look at http://tor.eff.org/faq-abuse.html#TypicalAbuses
    ## for issues you might encounter if you use the default exit policy.
    ## If certain IPs and ports are blocked externally, e.g. by your firewall,
    ## you should update your exit policy to reflect this -- otherwise Tor
    ## users will be told that those destinations are down.
    #ExitPolicy accept *:6660-6667,reject *:* # allow irc ports but no more
    #ExitPolicy accept *:119 # accept nntp as well as default exit policy
    #ExitPolicy reject *:* # middleman only -- no exits allowed
    ReachableDirAddresses *:80
    ReachableORAddresses *:443
    But Tor is unable to connect. Here is the log
    Tor[5442]: No current certificate known for authority moria1; launching request.
    Tor[5442]: No current certificate known for authority tor26; launching request.
    Tor[5442]: No current certificate known for authority dizum; launching request.
    Tor[5442]: No current certificate known for authority ides; launching request.
    Tor[5442]: No current certificate known for authority gabelmoo; launching request.
    Tor[5442]: No current certificate known for authority dannenberg; launching request.
    Tor[5442]: Your application (using socks4 to port 80) is giving Tor only an IP address. Applications t
    hat do DNS resolves themselves may leak information. Consider using Socks4A (e.g. via privoxy or socat) instead. For more inf
    ormation, please see http://wiki.noreply.org/noreply/TheOnionRouter/TorFAQ#SOCKSAndDNS.
    Tor[5442]: Application request when we're believed to be offline. Optimistically trying directory fetc
    hes again.
    I can't find any documentation about this issue.
    Thanks.

    ## Tor only trusts directories signed with one of these keys, and
    ## uses the given addresses to connect to the trusted directory 
    ## servers. If no DirServer lines are specified, Tor uses the built-in
    ## defaults (moria1, moria2, tor26), so you can leave this alone unless
    ## you need to change it.                                             
    #DirServer 18.244.0.188:9031 FFCB 46DB 1339 DA84 674C 70D7 CB58 6434 C437 0441
    #DirServer 18.244.0.114:80 719B E45D E224 B607 C537 07D0 E214 3E2D 423E 74CF 
    #DirServer 86.59.21.38:80 847B 1F85 0344 D787 6491 A548 92F9 0493 4E4E B85D 
    Try uncomment this...
    Maybe tor need this address
    Sorry for my very bad english, i am from Brazil, add me in GTalk if you need more support.
    [email protected]
    Good luck!

  • How do I reliably back up all of my data on a Macbook Air?

    I Have a 2009 MacBook AIr running OS 10.6.7
    I have begun to recieve some erros about the harddrive and when I went to verify the disc - the disc utility reported errors and that I needed to repair my drive.
    The institution where I work has imposed the installation of PGP (pretty good protection) software (recently purchased by Symantec) on all Mac laptops.  I have heard of the PGP software causing disc errors to a point where none of the data is recoverable.
    Two questions:
    1.  How can I un-install the PGP software - this way I can repair the drive and also upgrade to OS-10.7 (PGP does not support Lion at this time).
    2.  Perhaps more importantly - how do I make a complete backup (bootable clone would be ideal) of the Macbook air - so that I do not lose any of the data on the computer?  I am afraid to turn it off as I am not sure if it will even turn back on again).
    Thanks in advance for your expertise and your willingness to help out a fellow Mac user.
    Have a great week.

    Answering your second question, first.
    Download Carbon copy Cloner from Bombich.
    Prepare an external drive using disk Utility with a GUID partition large enough to hold the entire contents of your startup drive. Format with Disk Utility as Mac OS Extended, Journaled. Check in Disk Utility. to make sure the partition uses a GUID Partition Table.
    Launch Carbon Copy Cloner
    Choose the volume that you want to clone from the Source menu
    Choose the properly formatted volume (Mac OS Extended, Journaled, GUID Partition) from the Destination menu
    Select "Temporarily archive modified and deleted items" ("Maintain a backup) from the preconfigured settings menu
    Click the Clone button
    Test the cloned image by booting to it by starting the computer, whilst holding down the "option" key, then select the volume you just cloned to. The computer should boot to that drive. After you are at a desktop, I think it is a good idea to change the wall paper to something unusual and striking, so you know that this is the clone. Play around with the cloned boot to make sure everything works. Dismount (eject) the internal HDD, so you know everything you are doing is independent of the internal drive.
    There are numerous iterations and implementations of PGP. Is this a simple stand alone app that can be removed by moving the application in the application folder to the trash? Or is it a background systemwide  encryption/decryption scheme for the entire disk?

  • [Solved] tor /hidden_service not being created

    I am trying to set up a tor hidden service, but tor does not seem to want to create the "hidden_service" folder at /var/lib/tor/ or any other place.
    I have tried checking the permissions of /var/lib/tor and even set them to 777 just to see if it worked, and it didn't, /var/lib/tor is owned by tor according to ls -al, but the group is root (shouldn't matter if i set permissions to 777?)
    I have tried manually creating hidden_service/ and setting it to be owned by tor (with 777), and it did not work
    This thread on ubuntu forums has the same problem, and a post at the bottom says that the web server needs access hidden_service/ (which i think is false, why would the web server need to know about the keys?)
    I uncommented the notices line in torrc and it does not generate any logs in /var/log/tor/notices.log
    ## CONFIGURED FOR ARCHLINUX
    ## Last updated 22 July 2005 for Tor 0.1.0.13.
    ## (May or may not work for older or newer versions of Tor.)
    ## See the man page, or http://tor.eff.org/tor-manual.html, for more
    ## options you can use in this file.
    # On Unix, Tor will look for this file in someplace like "~/.tor/torrc" or
    # "/etc/torrc"
    # On Windows, Tor will look for the configuration file in someplace like
    # "Application Data\tor\torrc" or "Application Data\<username>\tor\torrc"
    # With the default Mac OS X installer, Tor will look in ~/.tor/torrc or
    # /Library/Tor/torrc
    ## Replace this with "SocksPort 0" if you plan to run Tor only as a
    ## server, and not make any local application connections yourself.
    SocksPort 9050 # what port to open for local application connections
    SocksBindAddress 127.0.0.1 # accept connections only from localhost
    #SocksBindAddress 192.168.0.1:9100 # listen on a chosen IP/port too
    ## Entry policies to allow/deny SOCKS requests based on IP address.
    ## First entry that matches wins. If no SocksPolicy is set, we accept
    ## all (and only) requests from SocksBindAddress.
    #SocksPolicy accept 192.168.0.1/16
    #SocksPolicy reject *
    ## Allow no-name routers (ones that the dirserver operators don't
    ## know anything about) in only these positions in your circuits.
    ## Other choices (not advised) are entry,exit,introduction.
    AllowUnverifiedNodes middle,rendezvous
    ## Logs go to stdout at level "notice" unless redirected by something
    ## else, like one of the below lines. You can have as many log lines as
    ## you want.
    ## Send all messages of level 'notice' or higher to /var/log/tor/notices.log
    Log notice file /var/log/tor/notices.log
    ## Send only debug and info messages to /var/log/tor/debug.log
    #Log debug-info file /var/log/tor/debug.log
    ## Send ONLY debug messages to /var/log/tor/debug.log
    #Log debug-debug file /var/log/tor/debug.log
    ## To use the system log instead of Tor's logfiles, uncomment these lines:
    Log notice syslog
    ## To send all messages to stderr:
    #Log debug stderr
    ## Uncomment this to start the process in the background... or use
    ## --runasdaemon 1 on the command line.
    RunAsDaemon 1
    User tor
    Group tor
    ## Tor only trusts directories signed with one of these keys, and
    ## uses the given addresses to connect to the trusted directory
    ## servers. If no DirServer lines are specified, Tor uses the built-in
    ## defaults (moria1, moria2, tor26), so you can leave this alone unless
    ## you need to change it.
    #DirServer 18.244.0.188:9031 FFCB 46DB 1339 DA84 674C 70D7 CB58 6434 C437 0441
    #DirServer 18.244.0.114:80 719B E45D E224 B607 C537 07D0 E214 3E2D 423E 74CF
    #DirServer 86.59.21.38:80 847B 1F85 0344 D787 6491 A548 92F9 0493 4E4E B85D
    ## The directory for keeping all the keys/etc. By default, we store
    ## things in $HOME/.tor on Unix, and in Application Data\tor on Windows.
    DataDirectory /var/lib/tor
    ## The port on which Tor will listen for local connections from Tor controller
    ## applications, as documented in control-spec.txt. NB: this feature is
    ## currently experimental.
    #ControlPort 9051
    ############### This section is just for location-hidden services ###
    ## Look in .../hidden_service/hostname for the address to tell people.
    ## HiddenServicePort x y:z says to redirect a port x request from the
    ## client to y:z.
    HiddenServiceDir /var/lib/tor/hidden_service/
    HiddenServicePort 80 127.0.0.1:80
    #HiddenServiceDir /var/lib/tor/other_hidden_service/
    #HiddenServicePort 80 127.0.0.1:80
    #HiddenServicePort 22 127.0.0.1:22
    #HiddenServiceNodes moria1,moria2
    #HiddenServiceExcludeNodes bad,otherbad
    ################ This section is just for servers #####################
    ## NOTE: If you enable these, you should consider mailing your identity
    ## key fingerprint to the tor-ops, so we can add you to the list of
    ## servers that clients will trust. See
    ## http://tor.eff.org/doc/tor-doc.html#server for details.
    ## Required: A unique handle for this server
    #Nickname ididnteditheconfig
    ## The IP or fqdn for this server. Leave commented out and Tor will guess.
    #Address noname.example.com
    ## Contact info that will be published in the directory, so we can
    ## contact you if you need to upgrade or if something goes wrong.
    ## This is optional but recommended.
    #ContactInfo Random Person <nobody AT example dot com>
    ## You might also include your PGP or GPG fingerprint if you have one:
    #ContactInfo 1234D/FFFFFFFF Random Person <nobody AT example dot com>
    ## Required: what port to advertise for tor connections
    #ORPort 9001
    ## If you want to listen on a port other than the one advertised
    ## in ORPort (e.g. to advertise 443 but bind to 9090), uncomment
    ## the line below. You'll need to do ipchains or other port forwarding
    ## yourself to make this work.
    #ORBindAddress 0.0.0.0:9090
    ## Uncomment this to mirror the directory for others (please do)
    #DirPort 9030 # what port to advertise for directory connections
    ## If you want to listen on a port other than the one advertised
    ## in DirPort (e.g. to advertise 80 but bind 9091), uncomment the line
    ## below. You'll need to do ipchains or other port forwarding yourself
    ## to make this work.
    #DirBindAddress 0.0.0.0:9091
    ## A comma-separated list of exit policies. They're considered first
    ## to last, and the first match wins. If you want to *replace*
    ## the default exit policy, end this with either a reject *:* or an
    ## accept *:*. Otherwise, you're *augmenting* (prepending to) the
    ## default exit policy. Leave commented to just use the default, which is
    ## available in the man page or at http://tor.eff.org/documentation.html
    ## Look at http://tor.eff.org/faq-abuse.html#TypicalAbuses
    ## for issues you might encounter if you use the default exit policy.
    ## If certain IPs and ports are blocked externally, e.g. by your firewall,
    ## you should update your exit policy to reflect this -- otherwise Tor
    ## users will be told that those destinations are down.
    #ExitPolicy accept *:6660-6667,reject *:* # allow irc ports but no more
    #ExitPolicy accept *:119 # accept nntp as well as default exit policy
    #ExitPolicy reject *:* # middleman only -- no exits allowed
    Last edited by supernub (2013-03-15 08:22:01)

    I think it might be that my disk is 100% full, ill update this post in a bit once i finish reinstalling on a larger disk. (virtual)
    update:
    yep,
    hidden_service/
    hidden_service/hostname
    hidden_service/private_key
    are all being generated properly to the best of my knowledge.
    Last edited by supernub (2013-03-15 08:21:34)

  • PGP implementation in Java

    Please suggest me PGP encryption implementation details.

    Hi,
    If your question is about PGP implementation in B2B, it indeed is in our roadmap. For more details, please contact the PM - Krishnaprem Bhatia.
    Thanks,
    Madhu

  • Bad PGP/GPG signatures for all Win32 Mozilla firefox partial.mar files

    I checked the .asc signature for the Mozilla 12.0 update firefox-11.0-12.0.partial.mar and came up with:
    Signature made Fri, Apr 20, 2012 21:24:01 EDT using DSA key ID C52175E2
    BAD signature from "Mozilla Software Releases <[email protected]>"
    The MD5, SHA1 and SHA512 checksums come back OK.

    An interesting interpretation of the facts...
    <b><i>Cygwin</i></b>, an OpenSource project of Red Hat Inc., (available at http://cygwin.com) is:
    • a collection of tools which provide a Linux look and feel environment for Windows.
    • a DLL (cygwin1.dll) which acts as a Linux API layer providing substantial Linux API functionality.
    Now, using these tools, specifically the ''rsync'' tool (which uses the rsync TCP/IP protocol), I downloaded the update MAR file from the OFFICIAL site using the Rsync address:
    rsync://releases-rsync.mozilla.org::mozilla-releases/firefox/releases/12.0/update/win32/en-US/firefox*.mar*
    (This is equivalent to: http://releases.mozilla.org/pub/mozilla.org/firefox/releases/12.0/update/win32/en-US/)
    This retrieved:
    firefox-11.0-12.0.partial.mar<br>
    firefox-11.0-12.0.partial.mar.asc<br>
    firefox-12.0.complete.mar<br>
    firefox-12.0.complete.mar.asc<br>
    The '''''.asc''''' extension is short for ASCII (alternatively, this could be, by convention, '''''.sig''''',) and contains the digital signature generated using the "Mozilla Software Releases" PGP'/GPG key, DSA key ID C52175E2. '''''PGP'''''/'''''GPG''''' are authentication tools that use the <b><i>RSA encryption algorithm</i></b> to generate digital signatures that guarantee the veracity of a file or message. The signature for firefox-11.0-12.0.partial.mar does NOT verify. The output of GPG is:
    + gpg --verify firefox-11.0-12.0.partial.mar.asc firefox-11.0-12.0.partial.mar<br>
    ...<br>
    gpg: Signature made Fri, Apr 20, 2012 21:24:01 EDT using DSA key ID C52175E2<br>
    gpg: BAD signature from "Mozilla Software Releases "<br>
    Official MD5, SHA1 and SHA512 checksums are also available for this file and its signature. They DO verify properly. For example:
    + md5sum -c .md5sum (.md5sum is extracted from MD5SUMS)<br>
    ...<br>
    update/win32/en-US/firefox-12.0.complete.mar: OK<br>
    update/win32/en-US/firefox-12.0.complete.mar.asc: OK<br>
    update/win32/en-US/firefox-11.0-12.0.partial.mar: OK<br>
    update/win32/en-US/firefox-11.0-12.0.partial.mar.asc: OK<br>
    Would someone, please, check why a bad PGP/GPG signature for this file is being distributed? All the Mozilla12.0 partial.mar signatures I've checked (en-{GB,US,ZA}, zh-{CN,TW}) are bad.

  • Any gpg/pgp java api available

    Is there any java api available for GPG/PGP encryption without using the command line ?

    Thanks for the immediate response , Actually I need
    an api which doesn't use the command line.As I said - www.bouncycastle.org

  • In the past i installed a package to implement pgp. since then i can't forward in-line pictures. I now can't find any way to uninstall the pgp thingy.

    I haven't encrypted an email in over two years now and don't really need it. I'm not sure that is the reason for my inability to forward in-line pictures. In addition I'm very limited in the formatting options available when I compose an email. Anybody have a clue?
    Thanks.

    PGP turns off HTML composition.
    Tools menu (alt+T) > Account settings > Compositions and Addressing and turn on HTML composition. (it is the first option on the pane)

  • How to implement secure Licencing for Java Apps?

    Hi
    I'm already thinking some months about this topic. I serached the web, some books and magazines, i asked quite a lot of people - but in the end, there seems to be no really satisfying answer.
    My main question is: what can i do to protect the software i wrote? The problem is, where ever i start, i end with open questions.....
    I may start delivering a custom licence key with my software that contains information i.e. about who may run it and for how long. To check integrity i sign the licences key (with a digest) and ckeck the integrity in the application. Like this, i could make sure, that the software runs only with a valid licence.
    But two new problem araise - if the licence key is given to the web, everyone will be able to run the software. Second, i have to implement a methode to check the digest, so i have to deliver the key with the software and like this, the key could just be used to generate new licence files. Third, i hav to protect my code, since anyone could recompile it, he could check the algorithms i use to check the digest and even worse, he just could disable the codeblock that checks the licence.
    So i use an obfuscator to scramble my code, and to get the most out of this technique, i use a controlflow obfuscator. This adds some security, but still the code can be decompiled but wouldn't be too easy to understand. For making it even a little bit harder to read, i will "distribute" the licence digest check over some different classes.
    But still the first two problems remain. So i think about encrypting the licence file. To make that secure, i would use a public/private key encryption since if i use a secret key encryption i would have to deliver the key with the software and anyone could use it to generate new encrypted licene files. The problem with the public/private key is, that i should deliver a public key with the software that is only capable of decrypting, but not of encrypting. Like this, i can implement a decryption methode in the software that can decrypt the licence file and read all requiered licence data but the user is not able to generate a new licence file because he has the read-only key. Obvisouly there is no such private/public key technique that allows one key to be decrypt only and the other to be encrypt and decrypt (or at least encrypt only). Algorithms like PGP have a public key that allows encryption only and a private key that allows decryption only.
    I could go on presenting some more ideas i found to "protect" software/licence but the all come to the same point where they leave a lot of other open questions.
    I wonder what you all out there do to protect your software, what kind of technique you use for licencing implementation. I would be very glad to read what problem you face reagarding this topics and maybe how you solved it or what your conclusion was.
    Greetings
    josh

    >
    yes, absolutely. That's the point. Try to make it hard
    to get the software some other way. So it's easer to
    get the software by buying it.
    Nope.
    - There are those who steal it just to steal it. They don't use it.
    - There are those who steal it because the price is too extreme. If your income for the year is measured as only several thousand dollars you are not going to be able to buy a package that costs a thousand dollars or more.
    - There are those who steal it because the preceived benifit is less than the cost. For instance, at least in the past, MS software cost at least three times as much in some european companies compared to the exchange rate.
    - Finally there are those who steal simply because they don't want to pay for it.
    As far as I am concerned the last category is the only relevant one. And that is far smaller than any software theft estimates that the software industry regularly claims.
    >
    >>
    Here is an example of someone who thinks that their
    work is good enough and valuable enough to stand on
    its own...http://www.fileviewer.com/.
    And I liked it enough that at one company I hadthem
    purchase a site license. And I like it enough thatI
    still remember the company five years after thelast
    time I needed the product.that's fine and it would be very nice if everybody
    would be like you. But that's not the case and you
    even may not be sure if not someone in that company
    took a copy of the software and the licence and now is
    using it for free are even gave it in the "public
    domain". Woulnd't that be sad if the company would
    have to close down someday because just a few people
    are paying for it. Even if it is such a smart
    product?There was a clothing chain that closed down because they claimed that, even after installing anti-theft devices, they were still losing too much money from shop lifters.
    If that is the case why do all of the other companies still exist?
    If your product is good then people will buy it. The successes for that are abundant. The only success stories for copy protection schemes are for the copies that sell those schemes.
    >
    i wonder if you close your door when you leava your
    appartment. I mean, what's wrong with protecting a
    code? It's just the same as protecting the money you
    earn, the furnish in your appartment, ...
    Sorry, when I buy a product then I expect to be able to use it.
    With your analogy I would have to use a code that you provided everytime I wanted to get into and out of my apartment.
    So for any comments, ideas, ... on how to addsome
    more protection i'm very thankfull.You search for "obfuscator".yes, as i wrote in the first posting, i know about
    obfuscator, i'm using it, but it's just very poor
    protection. That's why I'm looking for a smart concept
    to gain a little bit more protection.And if you search for that term in these forums, and read the lengthy posts, you might find some ideas. Which is why I suggested it. (And you might understand why the alternatives are not used.)

  • How to configure PGP Encryption  in B2B Console including jar addition ?

    Hi Guys,
    I have the following questions with respective PGP Encryption.Can any one clarify on this?
    I have PGP Encryption jave code which does not implement CallOut Interface and which encrypt's a file
    1. is it mandatory that PGP Java code having a class to implement CallOut Interface ? if yes which methods i need to implement  and necessary parameters required ?
    2. In what way i can add jar to the server ? Please explain the format of call out jar path for windows and linux?
    3. how can i check whether the pgp jar is loaded or not ?
    4. Can any one explain the steps to configure PGP Encryption in B2B Console?
    Edited by: 972723 on Jan 22, 2013 2:49 AM

    How to configure Call out in B2B ?

Maybe you are looking for

  • Free Goods offer

    Dear Gurus: We have a situation here, we have a promotion that when a customer will buy product A - 10 pcs will get product B free- 2pcs. The strategy group in the material master is set such as way that Sales Orders are __NOT__promised at the time o

  • Pb de police sur Flash depuis mise à jour Windows

    Bonjour ! Comme tout à chacun, j'ai des polices installées, Jusqu'à la dernière mise à jour Windows, pas de problèmes pour les utiliser dans CS6. Depuis la mise à jour windows d'il y a quelques jours, certaines polices sont invisibles. Flash les list

  • Popup doesn't work after opening an interactive form

    Hi, I would need your help in letting me know if there is any additional setting required for correct execution. I tried executing the sample "WDR_TEST_ADOBE"  web dynpro component. On execution, on the right hand context area, you will see a button

  • [svn] 1714: 1.3.1

    Revision: 1714 Author: [email protected] Date: 2008-05-14 12:08:36 -0700 (Wed, 14 May 2008) Log Message: 1.3.1 - Fix: the preview and package buttons don't close the air component after preview if the package path is empty. - Fix: spaces in the packa

  • Error when creating cache list

    Hi, We have installed SAP PI 7.1 on AIX 5.3. When we check Data cache Overview (RWB-- Administration) we are getting an error "Error when creating cache list" Also While trying to  Test Cache Connectivity Test under RWB--->Component Monitoring, we ar