Is it enough only use RSA encryption?

Similar Messages

• Can I encrypt a string with RSA encryption using DBMS_CRYPTO?

  We have an web application that does a redirect thru a database package to a 3rd party site. They would like us to encrypt the querystring that is passed using RSA encryption. The example that they've given us (below) uses the RSA cryptographic service available in .NET. Is it possible to do this using DBMS_CRYPTO or some other method in Oracle?
  Below are the steps outlined to use the key to generate the encrypted URL
  2.1 Initialize Service
  The RSA cryptographic service must be initialized with the provided public key. Below is sample code that can be used to initialize the service using the public key
  C#
  private void InitializeRSA( string keyFileName )
  CspParameters cspParams = new CspParameters( );
  cspParams.Flags = CspProviderFlags.UseMachineKeyStore;
  m_sp = new RSACryptoServiceProvider( cspParams );
  //Load the public key from the supplied XML file
  StreamReader reader = new StreamReader( keyFileName );
  string data = reader.ReadToEnd( );
  //Initializes the public key
  m_sp.FromXmlString( data );
  2.2 Encryption method
  Create a method that will encrypt a string using the cryptographic service that was initialized in step 2.1. The encryption method should convert the encryption method to Base64 to avoid special characters from being passed in the URL. Below is sample code that uses the method created in step 2.1 that can be used to encrypt a string.
  C#
  private string RSAEncrypt( string plainText )
  ASCIIEncoding enc = new ASCIIEncoding( );
  int numOfChars = enc.GetByteCount( plainText );
  byte[ ] tempArray = enc.GetBytes( plainText );
  byte[ ] result = m_sp.Encrypt( tempArray, false );
  //Use Base64 encoding since the encrypted string will be used in an URL
  return Convert.ToBase64String( result );
  2.3 Generate URL
  The query string must contain the necessary data elements configured for you school in Step 1. This will always include the Client Number and the Student ID of the student clicking on the link.
  1.     Build the query string with Client Number and Student ID
  C#
  string queryString = “schoolId=1234&studentId=1234”;
  The StudentCenter website will validate that the query string was generated within 3 minutes of the request being received on our server. A time stamp in UTC universal time (to prevent time zone inconsistencies) will need to be attached to the query string.
  2.     Get the current UTC timestamp, and add the timestamp to the query string
  C#
  string dateTime = DateTime.UtcNow.ToString(“yyyy-MM-dd HH:mm:ss”);
  queryString += “&currentDT=” + dateTime;
  Now that the query string has all of the necessary parameters, use the RSAEncrypt (Step 2.2) method created early to encrypt the string. The encrypted string must also be url encoded to escape any special characters.
  3.     Encrypt and Url Encode the query string
  C#
  string rsa = RSAEncrypt(querystring);
  string eqs = Server.UrlEncode(rsa);
  The encrypted query string is now appended to the Url (https://studentcenter.uhcsr.com), and is now ready for navigation.
  4.     Build the URL
  C#
  string url = “https://studentcenter.uhcsr.com/custom.aspx?eqs=” + eqs

  The documentation lists all the encyrption types:
  http://download.oracle.com/docs/cd/B19306_01/appdev.102/b14258/d_crypto.htm#ARPLS664

• Using RSA to encrypt query string data

  If I want to use RSA to encrypt query string data, what is the industry standards for such a thing? I understand how the RSA works. Based upon that alone, I would just need to get the public key. However, I understand that it is safer to use a PKI to obtain that public key?
  Can someone tell me what is "best practice" for such a thing?

  If the third-party-site supports https:, you do NOT have to encrypt anything yourself. That's what https is for - the communication between the user-agent and the server is encrypted as part of the protocol, and all the complicated parts of insuring a secure channel are handled for you.
  If the secure site does not support htpps, then you can't use it. Which begs the question of why you are trying to do secure communication via HTTP POST with an insecure site.
  To clarify, so we're sure we're talking about the same scenario - there's your server (A), which generates pages for a user-agent (B), which pages point to a third-party site (C). Are you trying to protect your data from eavesdroppers? Or are you trying to hide it from B?
  In the first case, you have two options.
  1) If both A and C supports https, then all you need to do is build pages with https: URLs pointing at C, and you're done. B hits A using https: URLs, it gets pages back that point to C using https URLs, lots of crypto-magic happens under the covers without you haveing to worry about it, and your data is protected.
  2) If A and/or C do NOT support https, then you have to figure out how to encrypt communications between A and C. This is a private channel - we won't be able to help you much, because we don't know what C is expecting. Whatever C's protocol is, and whatever its key is, is what you'll need to implement in A, in order to talk to C.
  (If you're actually trying to hide data from B, while sticking it into a page that B has to render - ew. Just...ew. It's wrong on enough levels that I don't think I can adequately describe them all.)
  You asked about best-practices - 1) is it. 2) is not. Don't do that. No offense, but specially given your level of understanding of How Crypto Works, whatever you come up with is really really REALLY likely to be horribly flawed in a way that you won't see.
  Crypto is both easier and harder than you think it is. Your best bet is to use the standards that the community has hammered out - your data is much, much safer that way.
  Grant

• Is there a way to connect an old Sunflower iMac (OSX 10.4.11) to a new Time Capsule?  It used to work with old Airport Extreme with updates thru Snow Leopard but now seems to only allow WEP encryption instead of WPA.

  Is there a way to connect an old Sunflower iMac (OSX 10.4.11) to a new Time Capsule?  It used to work with old Airport Extreme network, run from a intel iMac with updates thru Mavericks but now seems to only allow WEP encryption instead of WPA and can't connect to Time Capsule.  Airport Extreme Base was controllable from either computer up through Snow Leopard (I didn't do any of the Lion upgrades).  Then when I upgraded to Mavericks I lost the ability to use Airport Utility with this hardware on the Sunflower but could still connect wirelessly to network without any problems.  But now with the Time Capsule upgrade the Sunflower is blocked from network by a dialogue that requests ony WEP password, not WPA pwd used by Time Capsule.  Neither can I use the old airport extreme base to extend the time capsule network since I can't input the correct password/encryption approach to join it.  Is there a work around?  Would a newer but old Airport Express be able to extend network to Sunflower?  Or maybe a third party wireless (such as Netgear, Dlink, etc) that has browser type control rather than special utility?
  Another question--before I used MAC addresses to control who could access network.  Now on Time Capsule I don't see anything about this--so is it true now that the only access control is via WPA2 pwd now (which appears to be the encryption pwd and not the time capsule pwd)?

  Is there a way to connect an old Sunflower iMac (OSX 10.4.11) to a new Time Capsule?
  I can’t claim to completely grasp the issue(s) you’re describing, but the underlying problem is presumably your iMac’s obsolete AirPort card. Whatever the case, an obvious (if not particularly helpful) answer to your stated question would be to connect your iMac with an ethernet cable, using powerline adapters as an alternative if you don’t want to have wire running all over the place.
  My still fully functional clamshell iBook, with an original AirPort card, connects wirelessly to my 4th Generation TC network by means of a cheap 802.11b/g/n USB Wi-Fi adapter. This might be an option for you too.
  Another question--before I used MAC addresses to control who could access network.  Now on Time Capsule I don't see anything about this
  When you edit your TC's settings the access controls appear under the Network tab, don't they?

• I just bought an unlocked Iphone 4s and I wanna know if I need to take an Iphone plan or a 30$ plan could be enough and also if I only use it on wi-fi do I need to have datas in my plan?

  I just bought an unlocked Iphone 4s and I wanna know if I need to take an Iphone plan or a 30$ plan could be enough and also if I only use it on wi-fi do I need to have datas in my plan?

  The iPhone is designed to always have an internet connection as long as there is an available wi-fi network you have access to, or cellular reception. MMS requires a data connection with your cell phone carrier, which can't be exchanged over wi-fi. If your carrier supports visual voicemail with the iPhone, visual voicemail messages are downloaded to the iPhone via the carrier's cellular data or internet network only, not via wi-fi. If you ever need to make use of the Find My iPhone feature, it will be worthless without a data connection with your carrier's cellular network.
  If you don't plan on having a data plan or you can't afford it, your money was wasted purchasing an iPhone. This likely makes no difference since most carriers require a data plan with the iPhone.

• Help with RSA Encryption using SATSA

  Hello,
  I am a new to writing code on J2ME . I am trying to encrypt data using
  RSA public key on J2ME using SATSA.
  I generated the public key using openssl in the PEM format and stored the
  key (mypublickey) as a Base64 decoded byte array in my code.
  Next, I did the following:
  X509EncodedKeySpec test - new X509EncodedKeySpec(mypublickey);
  KeyFactory kf = KeyFactory.getInstance("RSA");
  PublicKey key = kf.generatePublic(test);
  I used this key to encrypt as follows:
  cipher c = Cipher.getInstance("RSA");
  c.init(Cipher.ENCRYPT_MODE, key);
  c.doFinal(data,0,data.length,ciphertext,0);
  where byte[] data = "1234567890".getBytes();
  I get no errors during this process.
  Now, when I try to decrypt the string, I get a padding error as follows:
  javax.crypto.BadPaddingException: Data must start with zero
  The decode is done on a server.
  I tried getting an instance of the cipher with RSA/ECB/NoPadding and this time the decrypt gives junk.
  Question 2: The SATSA example online at http://java.sun.com/j2me/docs/satsa-dg/AppD.html
  has a public key embedded as a byte array. They haven't explained how
  this key is generated. Does someone know?
  Question 3: Suppose, I can get the modulus and exponent of the public key is there any way I can convert it to X509EncodedKeySpec so that I can
  use the APIs in SATSA?
  Thanks in advance for your help. I have been trying to solve this for a lot of time and any help will be greatly appreciated.

  Just wanted to add my code:
  public class test2 {
       public static void main(String[] args) throws NoSuchAlgorithmException, InvalidKeySpecException, NoSuchPaddingException, InvalidKeyException, IllegalBlockSizeException, BadPaddingException, ShortBufferException {
            // TODO Auto-generated method stub
            byte [] data = "012345678901234567890123456789ab".getBytes();
            Base64 base64 = new Base64();
  /*public key generated by
            byte [] mypublickey = base64.decode("publickey in PEM format");
            byte [] ciphertext = new byte[128];
            X509EncodedKeySpec test = new X509EncodedKeySpec(mypublickey);
            byte [] myprivatekey = base64.decode("privatekey in pkcs8format");
  KeyFactory rsakeyfac = KeyFactory.getInstance("RSA");
            PublicKey pubkey = rsakeyfac.generatePublic(test);
            Cipher c1 = Cipher.getInstance("RSA");
            c1.init(Cipher.ENCRYPT_MODE, pubkey);
            c1.doFinal(data, 0,data.length, ciphertext);
            PKCS8EncodedKeySpec pks2 = new PKCS8EncodedKeySpec(myprivatekey);
            RSAPrivateCrtKey privkey = (RSAPrivateCrtKey)rsakeyfac.generatePrivate(pks2);
            Cipher c2 = Cipher.getInstance("RSA");
            c2.init(Cipher.DECRYPT_MODE, privkey);
            byte [] decrypteddata = c2.doFinal(ciphertext);
            System.out.println("Decrypted String is:"+new String(decrypteddata).trim());
  Error that I get is:
  Exception in thread "main" javax.crypto.BadPaddingException: Data must start with zero
       at sun.security.rsa.RSAPadding.unpadV15(Unknown Source)
       at sun.security.rsa.RSAPadding.unpad(Unknown Source)
       at com.sun.crypto.provider.RSACipher.a(DashoA13*..)
       at com.sun.crypto.provider.RSACipher.engineDoFinal(DashoA13*..)
       at javax.crypto.Cipher.doFinal(DashoA13*..)

• I have a G4 with OSX 10.2 and my printer died.  New printers only seem to work with 10.4.11 and newer - can I upgrade my G4 enough to use a new printer?

  I have a G4 with OSX 10.2 and my printer died.  New printers only seem to work with 10.4.11 and newer - can I upgrade my G4 enough to use a new printer?

  Aha!
  Well in outer Mongolia ASAP means something totally different and involves weaving tent fabric from camel hair so that has taken me a bit of time....  However if you have the patience of a saint and the compassion of Mother Theresas' more helpful sister then....
  So it would appear I have the following supersonics:
  OSX 10.2.1
  60 Gb HD
  G4 dual processor 1GHz
  Now the critical issue here is that I get the computer up to speed enough to be compatible with a modern photo printer - which I think needs to be 10.4.11 or even 10.5
  Any assistance would be most gratefully and humbly recieved.

• Cannot decrypt RSA encrypted text : due to : input too large for RSA cipher

  Hi,
  I am in a fix trying to decrypt this RSA encrypted String ... plzz help
  I have the encrypted text as a String.
  This is what I do to decrypt it using the Private key
  - Determine the block size of the Cipher object
  - Get the array of bytes from the String
  - Find out how many block sized partitions I have in the array
  - Encrypt the exact block sized partitions using update() method
  - Ok, now its easy to find out how many bytes remain (using % operator)
  - If the remaining bytes is 0 then simply call the 'doFinal()'
  i.e. the one which returns an array of bytes and takes no args
  - If the remaining bytes is not zero then call the
  'doFinal(byte [] input, int offset, in inputLen)' method for the
  bytes which actually remained
  However, this doesnt work. This is making me go really crazy.
  Can anyone point out whats wrong ? Plzz
  Here is the (childish) code
  Cipher rsaDecipher = null;
  //The initialization stuff for rsaDecipher
  //The rsaDecipher Cipher is using 256 bit keys
  //I havent specified anything regarding padding
  //And, I am using BouncyCastle
  String encryptedString;
  // read in the string from the network
  // this string is encrypted using an RSA public key generated earlier
  // I have to decrypt this string using the corresponding Private key
  byte [] input = encryptedString.getBytes();
  int blockSize = rsaDecipher.getBlockSize();
  int outputSize = rsaDecipher.getOutputSize(blockSize);
  byte [] output = new byte[outputSize];
  int numBlockSizedPartitions = input.length / blockSize;
  int numRemainingBytes = input.length % blockSize;
  boolean hasRemainingBytes = false;
  if (numRemainingBytes > 0)
    hasRemainingBytes = true;
  int offset = 0;
  int inputLen = blockSize;
  StringBuffer buf = new StringBuffer();
  for (int i = 0; i < numBlockSizedPartitions; i++) {
    output = rsaDecipher.update(input, offset, blockSize);
    offset += blockSize;
    buf.append(new String(output));
  if (hasRemainingBytes) {
    //This is excatly where I get the "input too large for RSA cipher"
    //Which is suffixed with ArrayIndexOutofBounds
    output = rsaDecipher.doFinal(input,offset,numRemainingBytes);
  } else {
    output = rsaDecipher.doFinal();
  buf.append(new String(output));
  //After having reached till here, will it be wrong if I assumed that I
  //have the properly decrypted string ???

  Hi,
  I am in a fix trying to decrypt this RSA encrypted
  String ... plzz helpYou're already broken at this point.
  Repeat after me: ciphertext CANNOT be safely represented as a String. Strings have internal structure - if you hand ciphertext to the new String(byte[]) constructor, it will eat your ciphertext and leave you with garbage. Said garbage will fail to decrypt in a variety of puzzling fashions.
  If you want to transmit ciphertext as a String, you need to use something like Base64 to encode the raw bytes. Then, on the receiving side, you must Base64-DEcode back into bytes, and then decrypt the resulting byte[].
  Second - using RSA as a general-purpose cipher is a bad idea. Don't do that. It's slow (on the order of 100x slower than the slowest symmetric cipher). It has a HUGE block size (governed by the keysize). And it's subject to attack if used as a stream-cipher (IIRC - I can no longer find the reference for that, so take it with a grain of salt...) Standard practice is to use RSA only to encrypt a generated key for some symmetric algorithm (like, say, AES), and use that key as a session-key.
  At any rate - the code you posted is broken before you get to this line:byte [] input = encryptedString.getBytes();Go back to the encrypting and and make it stop treating your ciphertext as a String.
  Grant

• HT1918 How do I remove credit card information from my account and only use iTunes cards?

  I put my credit card information in to purchase an audiobook because I didn't have enough redeemed iTunes $...and now I'm not able to remove my credit card. I've since redeemed more iTunes cards, and iTunes won't let me use the credit on my account, it still keeps going to my credit card. HELP!

  Hi Alexis ...
  I need to change my last name and address on account.
  Help here >  How to change the name you use for your Apple ID
  I would like to remove credit card info from account and only use iTunes prepaid cards.
  Help here >  Create an iTunes App Store account without a credit card

• How do I access my encrypted User Account files from my Back Up hard drive?  Time Machine  was used to create the back up disk; File Vault was used to encrypt the files.

  How do I access my encrypted User Account files from my Back Up hard drive?  Time Machine  was used to create the back up disk; File Vault was used to encrypt the files.

  Thanks.  I will try going through TM.  Since my Simpletech is on the way out, I'll be plugging in a new external hard drive (other than the back-up drive) and trying to restore the library to the new drive.  Any advice or warning if this is NOT the right thing to do?
  Meanwhile, that is a great tip to do an alternate back-up using a different means.  It's been tough to figure out how to "preserve access" to digital images and files for posterity, knowing the hardware will always fail/obsolesce sooner or later, and that "clouds" are only as good as their consistent and reliable accessibility.  Upping the odds with redundancy will help dull the edge of my "access anxiety", though logically, it can never relieve it.  Will look into
  Carbon Copy Cloner.

• Windows XP Mode (Virtual PC) only uses half a CPU core/thread.

  Not only does windows xp mode not support multiple cores, to me it looks like it only uses half a core/thread.
  I noticed this because I just setup windows xp mode (virtual pc) on my computer.  I updated it, joined it to our domain and then installed our legacy ERP software.  This ERP software was designed and programmed to run on windows 98 or 2000, I can't
  remember right now, but its hardware requirements are very low.  This software runs very slows in the virtual pc, with the processor being the problem.  
  Matching the processor spike on the virtual pc using both performance monitor and task manager I compared it to task manager running on the host (my windows 7 machine).  The spikes in cpu matched one of the threads on my i7 processor (I use threads
  because an i7 has 8 threads but only 4 cores).  To my surprise when the CPU reached near 100% on the virtual PC the same spike on the host was only about 50% of the cpu thread.
  The host has a i7 950, 3.07GHz processor.  So this means that the virtual pc can only use up to 1.5GHz.  I have not run into the problem reported in other posts on this forum where the CPU is always at 50% or 100% on the virtual PC because when
  their is no activity the CPU drops to 10% or less and stays there.
  I will now have to use vmplayer, problem is having enough xp licenses for all users.
  Was anyone else aware of this?

  You can't use a half a thread.  Windows VPC uses one core at 3.07GHz, there's no halving the speed of the CPU. 
  The only way WVPC would use a lower clock speed is if there is power management throttling the CPU speed down.  Do you have a power management setting throttling your CPU?  Are you sure the problem is the CPU and not disk or network related? 
  Task manager on the host is not a very accurate way to determine CPU usage of the VM.
  If you have the correct version of Windows 7 (Pro or higher) there are no issues with XP Mode licenses, you get one license included with Windows 7.  There's no restriction requiring you to use XP Mode with Windows VPC, it will work under 3rd party
  virtualization solutions.

• Using RSA RADIUS Server and WLC 7.4 to dynamically asssign users to VLAN

  Hello,
  What we are trying to do:
  John logs on to wifi using RSA fob for password. RSA sends back auth request with attibutes to WLC 7.4 that magically knows how to interpret the attributes and puts John on vlan 10. Mary logs on with her fob and gets put on VLAN 20.
  We dont have ISE. We dont have ACS. We have RSA Authentication Manager 7.0
  We have looked high and low for documentation for this kind of setup and we find stuff that is close to a match but not quite.
  Here is what we are seeing
  1. dynamic vlan assignment is not working -- radius server is set with the attributes
  2. RSA authentication works
  3. John and Mary are always put into the VLAN where the MGMT interface is
  4. I can see that attributes are making it back to the WLC by sniffing
  We are stuck at this point. Any help would be much appreciated,
  P.

  Here is a little more background:
  We have created a dynamic interface in VLAN 157
  Wireless LAN has been assigned to MGMT interface which is on VLAN 35
  This is a VWLC ver 7.4.100
  AP is attached to VWLC (only FlexConnect mode is supported)
  RADIUS Server has been configured
  Users are getting assigned to VLAN 35
  Also I have attached some screenshots and two packet captures so you can see what the RSA is sending back with your own eyes
  I dont see any atttributes in the capture when RSA sends to the VWLC
  I see attributes in the capture when RSA send to my local RADIUS Client (My PC)
  And to answer your question we have sending a VLAN ID (157)

• Don't want new tiff files saved in my catologue if I'm only using the image for a composite.

  When editing in Photoshop CS4 from LR3, the new tif will not appear in the catalogue unless I save it in PS. In LR4 it saves a new tiff in my catalogue regardless if I save the edited image in PS or not. I have a cloud library I use often and do not want new files saved in my LR catologue if I'm only using the opened image for compositing. Can anyone help me figure out how to change the workflow to be like LR3?

  -Agfaclack- wrote:
  i think adobe should support new cameras for older CS versions too.
  in the end PS is expensive enough to justifie a better support.
  How far back would you go? One version? Three? Where should the line be drawn? Adobe draws the line at the currently shipping version...it's now CS5 and shortly it will be CS6.
  Even if Adobe were to do this, you do realize that trying to put new plug-ins into older software is really tough. For example on the Mac, Photoshop CS5 requires that the plug-in be written in Apple's Cocoa API. Camera Raw 5 required a major update to be able to run in Cocoa...retrofitting Camera Raw 5 to run in a PPC platform (supported by CS3/CS4 but not supported by CS5) would be difficult–a lot of work for zero return. As a result of the engineering challenges of backwards compatibility Adobe has the policy of only updating currently shipping software to current customers. Truth be told, if you don't have the most recent version, you are not a current customer...you are a former customer. Having Adobe spend R&D engineering backwards compatibility to support former customers would take resources away from supporting current customers. As a current customer, I wouldn't like that.
  But it's all a moot point because I don't see any evidence that Adobe is going to change this policy for backwards compatibility. In fact, going forward, Adobe is already announced the change to Photoshop upgrade rules allowing only the most recent version to be upgraded to the new version. Because of the reaction that only CS5/5.5 could upgrade to CS6, Adobe blinked and now has given a grace period till the end of 2012 for CS3 & CS4 users to upgrade to CS6.
  Again many people don't like this, but as a pro user of Photoshop, I always upgrade anyway so it has no impact on me. Yes, it will bite some people and I can have sympathy, but again, you always have the free DNG Converter to use in the case you need new camera support. And hey, the new cameras come with software to process their raw files, right?

• Exception while using RSA BSAFE CryptoJ in Weblogic 7.0 (SP2)

  I need to verify the digital signature in the application (Web Tier - Servlet)
  and i have got the RSA - BSafe license and tried using the RSA API and this works
  fine in the stand alone environment. (weblogic.jar is not part of the classpath).
  I have tried the same program in the Weblogic environment the BSAFE jar's are
  kept in the classpath prior to weblogic.jar and while starting the server i am
  getting the following exception and server continues to start. (Security configuration
  doesn't changed)
  =============================================
  <18/02/2004 16:59:46> <Alert> <WebLogicServer> <000297> <Inconsistent security
  configuration, java.lang.NoSuchMethodError>
  java.lang.NoSuchMethodError
  at com.rsa.jsafe.JA_AlgID.berDecode(JA_AlgID.java:94)
  at com.rsa.jsafe.JA_AlgID.berDecodeAlgID(JA_AlgID.java:29)
  at com.rsa.certj.cert.X509Certificate.setSignatureAlgorithm(X509Certificate.java:893)
  at com.rsa.certj.cert.X509Certificate.setInnerDER(X509Certificate.java:764)
  at com.rsa.certj.cert.X509Certificate.setCertBER(X509Certificate.java:428)
  at com.rsa.certj.cert.X509Certificate.<init>(X509Certificate.java:328)
  at com.rsa.certj.cert.X509Certificate.<init>(X509Certificate.java:306)
  at utils.ValidateCertChain.convertChain(ValidateCertChain.java:258)
  at utils.ValidateCertChain.validateServerCertChain(ValidateCertChain.java:304)
  at weblogic.security.service.SSLManager.getServerCertificate(SSLManager.java:316)
  at weblogic.t3.srvr.SSLListenThread.<init>(SSLListenThread.java:154)
  at weblogic.t3.srvr.SSLListenThread.<init>(SSLListenThread.java:122)
  at weblogic.t3.srvr.T3Srvr.initializeListenThreads(T3Srvr.java:1548)
  at weblogic.t3.srvr.T3Srvr.resume(T3Srvr.java:891)
  at weblogic.t3.srvr.T3Srvr.run(T3Srvr.java:300)
  at weblogic.Server.main(Server.java:32)
  <18/02/2004 16:59:46> <Emergency> <Security> <090034> <Not listening for SSL,
  java.io.IOException: Inconsistent security configuration, null.>
  <18/02/2004 16:59:47> <Notice> <WebLogicServer> <000355> <Thread "ListenThread.Default"
  listening on port 7001, ip address 127.0.0.1>
  <18/02/2004 16:59:47> <Notice> <Management> <141030> <Starting discovery of Managed
  Server... This feature is on by default, you may turn this off by passing -Dweblogic.management.discover=false>
  <18/02/2004 16:59:47> <Notice> <WebLogicServer> <000331> <Started WebLogic Admin
  Server "IMTServer" for domain "IMTDomain" running in Development Mode>
  <18/02/2004 16:59:47> <Notice> <WebLogicServer> <000365> <Server state changed
  to RUNNING>
  <18/02/2004 16:59:47> <Notice> <WebLogicServer> <000360> <Server started in RUNNING
  mode>
  ==========================================
  If the weblogic.jar set first in the classpath and BSAFE jar's kept in the last
  the Signature verification fails and iam getting the following exception
  ========================================================
       at com.rsa.jsafe.crypto.ar.f(Unknown Source)
       at com.rsa.jsafe.crypto.c7.a(Unknown Source)
       at com.rsa.jsafe.crypto.b1.a(Unknown Source)
       at com.rsa.jsafe.crypto.av.f(Unknown Source)
       at com.rsa.jsafe.crypto.at.e(Unknown Source)
       at com.rsa.jsafe.provider.JS_Signature.engineVerify(Unknown Source)
       at java.security.Signature$Delegate.engineVerify(Unknown Source)
       at java.security.Signature.verify(Unknown Source)
  ==========================================================
  I believe that there seems to be different versions of BSAFE products. Could you
  please suggests that in what way i can overcome this issue. Is it possible to
  use the BSAFE jar only for the specific application (web application) without
  disturbing weblogic envrionment.
  Reponses are highly appreciated.

  Weblogic is using RSA Crypto-J 3.3.1 The easiest solution is probably to modify
  the signature verification code to use 3.3.1 api-s. The alternative solution would
  require writing your own classloader for the application that would load BSAFE
  classes from your jar.
  Pavel.
  "Gops" <[email protected]> wrote:
  >
  I need to verify the digital signature in the application (Web Tier -
  Servlet)
  and i have got the RSA - BSafe license and tried using the RSA API and
  this works
  fine in the stand alone environment. (weblogic.jar is not part of the
  classpath).
  I have tried the same program in the Weblogic environment the BSAFE
  jar's are
  kept in the classpath prior to weblogic.jar and while starting the server
  i am
  getting the following exception and server continues to start. (Security
  configuration
  doesn't changed)
  =============================================
  <18/02/2004 16:59:46> <Alert> <WebLogicServer> <000297> <Inconsistent
  security
  configuration, java.lang.NoSuchMethodError>
  java.lang.NoSuchMethodError
  at com.rsa.jsafe.JA_AlgID.berDecode(JA_AlgID.java:94)
  at com.rsa.jsafe.JA_AlgID.berDecodeAlgID(JA_AlgID.java:29)
  at com.rsa.certj.cert.X509Certificate.setSignatureAlgorithm(X509Certificate.java:893)
  at com.rsa.certj.cert.X509Certificate.setInnerDER(X509Certificate.java:764)
  at com.rsa.certj.cert.X509Certificate.setCertBER(X509Certificate.java:428)
  at com.rsa.certj.cert.X509Certificate.<init>(X509Certificate.java:328)
  at com.rsa.certj.cert.X509Certificate.<init>(X509Certificate.java:306)
  at utils.ValidateCertChain.convertChain(ValidateCertChain.java:258)
  at utils.ValidateCertChain.validateServerCertChain(ValidateCertChain.java:304)
  at weblogic.security.service.SSLManager.getServerCertificate(SSLManager.java:316)
  at weblogic.t3.srvr.SSLListenThread.<init>(SSLListenThread.java:154)
  at weblogic.t3.srvr.SSLListenThread.<init>(SSLListenThread.java:122)
  at weblogic.t3.srvr.T3Srvr.initializeListenThreads(T3Srvr.java:1548)
  at weblogic.t3.srvr.T3Srvr.resume(T3Srvr.java:891)
  at weblogic.t3.srvr.T3Srvr.run(T3Srvr.java:300)
  at weblogic.Server.main(Server.java:32)
  <18/02/2004 16:59:46> <Emergency> <Security> <090034> <Not listening
  for SSL,
  java.io.IOException: Inconsistent security configuration, null.>
  <18/02/2004 16:59:47> <Notice> <WebLogicServer> <000355> <Thread "ListenThread.Default"
  listening on port 7001, ip address 127.0.0.1>
  <18/02/2004 16:59:47> <Notice> <Management> <141030> <Starting discovery
  of Managed
  Server... This feature is on by default, you may turn this off by passing
  -Dweblogic.management.discover=false>
  <18/02/2004 16:59:47> <Notice> <WebLogicServer> <000331> <Started WebLogic
  Admin
  Server "IMTServer" for domain "IMTDomain" running in Development Mode>
  <18/02/2004 16:59:47> <Notice> <WebLogicServer> <000365> <Server state
  changed
  to RUNNING>
  <18/02/2004 16:59:47> <Notice> <WebLogicServer> <000360> <Server started
  in RUNNING
  mode>
  ==========================================
  If the weblogic.jar set first in the classpath and BSAFE jar's kept in
  the last
  the Signature verification fails and iam getting the following exception
  ========================================================
       at com.rsa.jsafe.crypto.ar.f(Unknown Source)
       at com.rsa.jsafe.crypto.c7.a(Unknown Source)
       at com.rsa.jsafe.crypto.b1.a(Unknown Source)
       at com.rsa.jsafe.crypto.av.f(Unknown Source)
       at com.rsa.jsafe.crypto.at.e(Unknown Source)
       at com.rsa.jsafe.provider.JS_Signature.engineVerify(Unknown Source)
       at java.security.Signature$Delegate.engineVerify(Unknown Source)
       at java.security.Signature.verify(Unknown Source)
  ==========================================================
  I believe that there seems to be different versions of BSAFE products.
  Could you
  please suggests that in what way i can overcome this issue. Is it possible
  to
  use the BSAFE jar only for the specific application (web application)
  without
  disturbing weblogic envrionment.
  Reponses are highly appreciated.

• Why am I suddenly getting the dreaded "ID =  5000" error with Illustrator 5.5? I'm only using CC for Muse.

  I only use Adobe Creative Cloud for Muse... no other option. I have CS 5.5 and am suddenly getting the "you do not have enough access privileges" error and can't save any illustrations. What the hell is going on with Adobe?

  shambles,
  You could try to reinstall using the full three step way (otherwise strange things may linger):
  Uninstall (ticking the box to delete the preferences), run the Cleaner Tool, and reinstall.
  http://www.adobe.com/support/contact/cscleanertool.html