Light Weight JCE Provider with RSA implementation

Similar Messages

• Looking for a light weight tiled window manager.

  Hello everyone,
  I am looking for a light weight window manager with tile support.  I am a programmer by hobby and I like to be able to maximize my screen real estate.
  I love hot key and terminal use it just speeds up the process.  I don't however want it to have a huge scripting learning curve.  Currently I am in the process of learning Android development so having to learn a new scripting language on top of it won't make matters better.
  Currently I am comfortable with bash, and python.  I can also do some work in perl but not super fluent with it yet.
  It would also help if it has dual monitor support.  My main monitor is a 23" LCD max res 1920x1080 and my second monitor is a 17" LCD max res 1440x900 until I get around to picking up another 23".

  Runiq wrote:
  Search first, post later:
  http://wiki.archlinux.org/index.php/Lig … plications
  another good wiki page is the tiler comparison, the chart shows vitals, like what they are configured in
  http://wiki.archlinux.org/index.php/Com … w_Managers
  Last edited by hume's doona (2010-10-08 12:17:51)

• Lightweight RSA implementation (lighter than BouncyCastle)?

  I wonder if by chance there is a more lightweight implementation of RSA for MIDP than the one provided by BouncyCastle? I managed to use the BouncyCastle classes, but RSA+AES encryption together make up for more than 16KB of the jar-File. The bulk of it seems to stem from the BigInteger class. Perhaps by implementing only the operations that are relevant to RSA it would be possible to arrive at a shorter solution?
  If anybody knows of a smaller implementation, it would be great to hear about it!
  Many thanks in advance!

  I've done this helping another ThoughtWorker migrate from Cryptix to BC. It's not an easy task, especially seeing that Cryptix did some really "non-standard" stuff early on.
  It does work (or at least I believe it does work, as I haven't been asked for assistance recently ;-) ), and you should be able to just convert the keys by using the bits you need.
  The other thing that's worth being careful about is that the Cryptix code allowed data encrypted with the RSA keys to be of any mode, including some really busted padding called "ZerosAndOnes". (Don't ask, it's too stupid for words).
  Make sure your encrypted data can be successfully decrypted, and what the various modes are, because if you convert all your code, then you might have difficulties later on trying to decrypt it.
  The first thing I did was to create some code that was a compatibility mode and used the light-weight API's to deal with the transformations. After all the Cryptix code has been removed, it will be a trivial matter to implement the bits that are really needed using the JCE code (if desired).
  Why use the lw-api ? Well, I needed to create a new padding, and doing that with the JCE (and then resigning it) was going to be a real pain. And, all the JCE code uses the LW code underneath anyway, so I knew there wasn't going to be a compatibility problem.
  So, after all that waffle, it should work, but just watch out for how people used the Cryptix RSA keys for encrypting the data. Cryptix didn't check if people were doing dumb things, and that may be the case.
  Cheers,
  -- jon

• RSA Implementation for SunJCE Provider

  Hello there!
  I just would like to inquire if there are plans/news for the sun developers to include the RSA Algorithm as part of the cryptographic services available in the pre-installed SunJCE Provider? If so, when?
  Thanks.
  Regards,
  Ronron

  Which RSA algorithm are you looking for? BTW Sun has 4
  JCE providers: SUN, SunJCE, SunRsaSign, SunJSSE.I am referring to the SunJCE Provider, which is
  already included in the latest Java 2 SDK, v 1.4
  release. Those 4 providers are from JDK 1.4
  I am looking for the RSA Algorithm for
  encryption/decryption of data. Because I believe that
  it would be very helpful when the SunJCE would include
  the implementation of that algorithm since the
  provider had been pre-installed in the latest Java 2
  SDK.
  Do you have any idea?I believe they still don't want to have any issues with US export restrictions, especially with that little case when someone need to use RSA encryption. So, they let you to use any 3rd part JCE provider. And there is such a good one for free. Look at the BouncyCastle.

• AccessControlException with third party JCE provider

  Hi,
  I have a third party cryptographic provider that I must use.
  I can't tell if the provider is failing to load or if actual operations are denied. All I do know is that everytime it tries to actually do anything it fails with (the class that subclasses Provider is called IAIK):
  Caused by: java.security.AccessControlException: access denied (java.security.SecurityPermission putProviderProperty.IAIK)
  at java.security.AccessControlContext.checkPermission(AccessControlContext.java:270)
  at java.security.AccessController.checkPermission(AccessController.java:401)
  at java.lang.SecurityManager.checkPermission(SecurityManager.java:542)
  at java.lang.SecurityManager.checkSecurityAccess(SecurityManager.java:1698)
  at java.security.Provider.check(Provider.java:341)
  at java.security.Provider.put(Provider.java:303)
  at iaik.security.provider.IAIK.a(Unknown Source)
  at iaik.security.provider.IAIK.<init>(Unknown Source)
  It seems to me that the provider is trying to programmatically load and register itself. Obviously I have to grant permission to do this, but I don't know how, because I don't know exactly what its trying to do.
  I did find something in the JDK docs mentioning doing something like this to the server.policy:
  grant codeBase "file:C:/Sun/AppServer7/domains/domain1/server1/lib/*" {
       permission java.security.SecurityPermission "putProviderProperty.IAIK"
  But this not only doesn't work, I also need to understand it.
  I've tried using it as a standard extension and it still doesn't work.
  Would appreciate any pointers here
  Thanks
  Sam

  Hi ,
  I am using SUN ONE application server and I have a third party cryptographic provider that I must use(BouncyCastleProvide). I've modified server.policy, java.policy files but nothing helped.
  // These permissions apply to the RD application
  grant codeBase "file:C:/Sun/AppServer7/domains/domain1/server1/lib/*" {
  permission java.security.AllPermission;
  Please help.
  Thanks
  INFO: CORE3282: stdout: [02/Mar/2005 14:22:08:866] error: |AESEncryption|prepareMap|1|oSecretKey_file: /WEB-INF/config
  /secret_asn1.key
  INFO: CORE3282: stdout: [02/Mar/2005 14:22:08:866] error: |AESEncryption|prepareMap|1|oGenrateKeys: no
  INFO: CORE3282: stdout: [02/Mar/2005 14:22:08:897] error: |AESEncryption|AESEncryption::Constructor|1|java.security.Ac
  cessControlException: access denied (java.security.SecurityPermission putProviderProperty.BC)
  INFO: CORE3282: stdout: at java.security.AccessControlContext.checkPermission(AccessControlContext.java:270)
  INFO: CORE3282: stdout: at java.security.AccessController.checkPermission(AccessController.java:401)
  INFO: CORE3282: stdout: at java.lang.SecurityManager.checkPermission(SecurityManager.java:542)
  INFO: CORE3282: stdout: at java.lang.SecurityManager.checkSecurityAccess(SecurityManager.java:1698)
  INFO: CORE3282: stdout: at java.security.Provider.check(Provider.java:384)
  INFO: CORE3282: stdout: at java.security.Provider.put(Provider.java:339)
  INFO: CORE3282: stdout: at org.bouncycastle.jce.provider.BouncyCastleProvider.<init>(BouncyCastleProvider.java:52)
  INFO: CORE3282: stdout: at com.sp.fwk.golden.encryption.AESEncryption.<init>(AESEncryption.java:48)
  INFO: CORE3282: stdout: at com.sp.fwk.golden.encryption.AESEncryption.getInstance(AESEncryption.java:71)
  INFO: CORE3282: stdout: at com.sp.fwk.golden.presentation.FwkServlet.init(FwkServlet.java:72)
  INFO: CORE3282: stdout: at javax.servlet.GenericServlet.init(GenericServlet.java:258)
  INFO: CORE3282: stdout: at org.apache.catalina.core.StandardWrapper.loadServlet(StandardWrapper.java:921)
  INFO: CORE3282: stdout: at org.apache.catalina.core.StandardWrapper.allocate(StandardWrapper.java:658)
  INFO: CORE3282: stdout: at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:229)
  INFO: CORE3282: stdout: at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:505)
  INFO: CORE3282: stdout: at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:212)
  INFO: CORE3282: stdout: at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:505)
  INFO: CORE3282: stdout: at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:203)
  INFO: CORE3282: stdout: at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:505)
  INFO: CORE3282: stdout: at com.iplanet.ias.web.connector.nsapi.NSAPIProcessor.process(NSAPIProcessor.java:157)
  INFO: CORE3282: stdout: at com.iplanet.ias.web.WebContainer.service(WebContainer.java:598)

• [svn:fx-trunk] 5115: Adding SpriteVisualElement, a light-weight, Sprited-based implementation of IVisualElement.

  Revision: 5115
  Author: [email protected]
  Date: 2009-02-27 13:27:41 -0800 (Fri, 27 Feb 2009)
  Log Message:
  Adding SpriteVisualElement, a light-weight, Sprited-based implementation of IVisualElement. This will be used for some FXG compiler optimizations.
  Added setter for includeInLayout into IVisualElement so that DataGroup's virtualization code can use this, rather than cast it to a UIComponent. I also removed an unused method in DataGroup: _removeChild. We needed this before to remove children on a previously parented DataGroup, but now that we do the cleanup pro-actively, this is no longer needed.
  Also a few ASDoc cleanups in IVisualElement, ILayoutElement, and FxDataContainer.
  QE Notes: -
  Doc Notes: -
  Bugs: -
  Reviewer: Chet, Evtim
  tests: checkintests, mustella list, datagroup, fxdatacontainer, buttonbar. Some mustella were failing, but I think it's just a mac thing.
  Modified Paths:
  flex/sdk/trunk/frameworks/projects/flex4/src/Flex4Classes.as
  flex/sdk/trunk/frameworks/projects/flex4/src/mx/components/DataGroup.as
  flex/sdk/trunk/frameworks/projects/flex4/src/mx/components/FxDataContainer.as
  flex/sdk/trunk/frameworks/projects/framework/src/mx/core/ILayoutElement.as
  flex/sdk/trunk/frameworks/projects/framework/src/mx/core/IVisualElement.as
  Added Paths:
  flex/sdk/trunk/frameworks/projects/flex4/src/mx/core/SpriteVisualElement.as

• No luck with RSA and existing cert

  I want to encrypt data in my software, data which will be sent to me by the user, in such a way that only I can decrypt it. This seems to call for asymmetric encryption (only the public key would be embedded in the software), so I am trying to use RSA.
  Specifically I am trying to encrypt and decrypt data using the key pairs found in a cert that we bought from a cert authority. The cert says that key is a "Sun RSA public key, 1024 bits". In the following test, I encrypt using the cert's public key and decrypt using the same, for want of a method to return the private key but the results are the same if I initialize the cipher for decryption with the cert itself (which presumably contains the private key).
          Key key = cert.getPublicKey();
          Cipher cipher = Cipher.getInstance("RSA");
          cipher.init(Cipher.ENCRYPT_MODE, key);
          byte[] enc = cipher.doFinal(test.getBytes());
          cipher.init(Cipher.DECRYPT_MODE, key);
          byte[] dec = cipher.doFinal(enc);but at the decyrption stage I get the following error:
  Exception in thread "main" javax.crypto.BadPaddingException: Data must start with zero.which I don't know what to make of. It seems to me that I am following the (rather scant) instructions to the letter. If I specify "RSA/ECB/NoPadding" as the transformation I don't get the above error but the roundtrip fails to recreate the original string.
  Furthermore, as I said before, I wanted to use public key encryption because I must include the encryption key in the software and I do not want it to be sufficient to decrypt the cipher. I was hoping that with RSA you'd encrypt using the public key but that you'd need either the secret key or the whole cert to decrypt. However the Javadocs do not say so explicitely and I am left unsure as to how this works exactly. Can anyone shed some light?

  I agree, the documentation is inadequate. Have you also looked at the JCE reference (http://java.sun.com/j2se/1.5.0/docs/guide/security/jce/JCERefGuide.html)? This expands a lot on the javadocs for the classes. It might also help to learn more about cryptography; one book that others recommend is "Practical Cryptography" by Ferguson and Schneier.
  I think the one key misunderstanding you have is what is in a certificate. A certificate contains only the public key, some information about the identity of the owner of the private key, and a digital signature over this public key and identifying information. The private key is not in the certificate! Nor should it be. If it were, it would no longer be private and the security of the system would fall apart.
  The location of the private key depends entirely on the application that created the key pair. java's keytool, for example, stores the private key in a password protected file.
  The error you are seeing makes sense once you understand that , for an RSA cipher, the type of key, public or private, as well as the mode Cipher.ENCRYPT_MODE or Cipher.DECRYPT_MODE, determine the interpretation of the subsequent update or doFinal method calls.
  Thus in your example, your first call to cipher.doFinal gives the RSA encryption of the data, which is what you wanted. Your second, however, attempts to decrypt this encrypted data with the public key, which makes no sense in this context. It checks to see if the result is has the proper padding, which it does not. If you tell it to assume no padding, you won't get an exception but the result still won't make any sense. You need to init the cipher with the private key for the second part.

• Use JCE Provider for JSSE

  As far as I know, it is not possible to use a jce provider for the cryptographic operations of the jsse reference implementation. The sun implementation uses the algorithms implemented in the jsse provider.
  There was a statement from sun, that this may change with the integration of jsse in the jdk 1.4, but with the current beta this is not the case.
  Does anybody know a jsse implementation which supports the use of a third party jce provider? Actually we want to use our own smart card based jce provider to provide a jsse compatible java ssl implementation.

  You might want to check out a product called iSaSiLk from iaik http://jcewww.iaik.at.
  I have used this product in the past. Seemed to be quite openly designed.
  iSaSiLk supports the use of third party JCE provider.
  However, they do not claim the product to be compiant with the JSSE standard.

• Installing Light Weight Designer for ODI 10.1.3.4 on Linux

  Experts
  We have installed ODI 10.1.3.4 on Linux and we want the ODI Light Weight Designer setup part of it. We have deployed the application in a OC4J instance and updated the repository.xml , web.xml and snps_login_work.xml with the right JDBC datasource & work repostiroy details
  On launching http://<hostname>:7777/oracledilwd and trying to login with SUPERVISOR/SUNOPSIS we see below warning and we are unable to login further
  java:comp/env/jdbc/ORACLE_MASTER not found in Oracle Data Integrator LightWeight Designer
  Further in the opmn logs below error is seen:
  javax.naming.NameNotFoundException: java:comp/env/jdbc/ORACLE_MASTER not found in Oracle Data Integrator LightWeight Designer
  Please let help us here !
  Shankar

  Try to modify the data source definitio to remove the leading java:comp/env - this may resolve the issue.
  I kniow, that makes it non-standard JNDI, but sometimes, that's what has been implemented.

• Light weight custom portal server install to run webcenter blogs

  Hi,
  We are running PS6 UCM, we just leverage blog service provided by webcenter for blog functionality to be implemented.
  Is there lighter version of webcenter custom portal server, that we could you just to run blog service and associated (document service) components.
  Any pointers in this direction would be helpful.
  Thanks,
  Seshan K.

  "Light weight custom portal". In terms of hard drive space or CPU and Memory?.
  I don't know which license do you have for WebCenter (Portal, Content etc...).
  In case of having a WebCenter Portal license (for document services components) Install WebCenter (extended for WCPortal Framework Applications) and just enable the Services or components that you are going to use (like CustomPortal and UCM servers only).
  Regards.

• RSA implementation basics ...

  Hi,
  Iam totally new to the Java Card programming. I want to find out how is RSA implemented. Now if I need to get some information from card (eg. serial number) and check the same. How do I implement the same using the Host and Smart Card.
  Any light on the same would be appreciated. Also, if anyone has example of implementation of RSA between Host and Smart card would be appreciated (in Delphi and Java) ...
  Thanks

  Hi,
  I have written a code based on a sample. The program has a client which accepts a string at frontend and sends the information to be encrypted at card, then writes the encrypted information to the card. To decrypt the same, there is an option at the frontend to read the string from card, so the program, gets the string from the card (in encrypted form), then sends the string to card decrypt the same. Iam getting an Techincal error (error 38) while decrypting. Can you please help? I need a solution immediately. I been trying to work on the same for last few days.
  I have pasted the code below for reference. Appreciate if some one could respond quickly.
  package rsa_encrypt_decrypt;
  import javacard.framework.*;
  import javacard.security.*;
  import javacardx.crypto.Cipher;
  Host Call:
  iopCard.SendCardAPDU(0x00,0xAA,0x02,P2,iArray,iArray.length);
  Card Applet:
  public class RSAEncryptDecrypt extends javacard.framework.Applet
       // This applet is designed to respond to the following
       // class of instructions.
       final static byte GETSET_CLA = (byte) 0x85;
       final static byte CRYPT_CLA = (byte) 0x00;
       // Instruction set for SimpleString
       final static byte SET = (byte)0x10;
       final static byte GET = (byte)0x20;
       final static byte SELECT = (byte) 0xA4;
  // This buffer contains the string data on the card
       byte TheBuffer[];     
       //globals
       RSAPrivateCrtKey rsa_PrivateCrtKey;
       RSAPublicKey rsa_PublicKey;
       KeyPair rsa_KeyPair;
       Cipher cipherRSA;
       final short dataOffset = (short) ISO7816.OFFSET_CDATA;
       //constructor
       private HandsonRSAEncryptDecrypt(byte bArray[], short bOffset, byte bLength)
       TheBuffer = new byte[100];
       //generate own rsa_keypair
  rsa_KeyPair = new KeyPair( KeyPair.ALG_RSA_CRT, KeyBuilder.LENGTH_RSA_1024 );
  rsa_KeyPair.genKeyPair();
            rsa_PublicKey = (RSAPublicKey) rsa_KeyPair.getPublic();
            rsa_PrivateCrtKey = (RSAPrivateCrtKey) rsa_KeyPair.getPrivate();
            cipherRSA = Cipher.getInstance(Cipher.ALG_RSA_PKCS1, false);
            register(bArray, (short) (bOffset + 1), bArray[bOffset]);
       //install
       public static void install(byte bArray[], short bOffset, byte bLength)
            new HandsonRSAEncryptDecrypt(bArray, bOffset, bLength);
       public void process(APDU apdu)
            if (selectingApplet())
                 return;
            byte[] buf = apdu.getBuffer();
            byte cla = buf[ISO7816.OFFSET_CLA];
            byte ins = buf[ISO7816.OFFSET_INS];
            if ((buf[ISO7816.OFFSET_CLA] != 0) && (buf[ISO7816.OFFSET_CLA] != GETSET_CLA)) ISOException.throwIt (ISO7816.SW_CLA_NOT_SUPPORTED);
            if ((buf[ISO7816.OFFSET_INS] != (byte) (0xAA)) && (buf[ISO7816.OFFSET_INS] != (byte) (0x10)) && (buf[ISO7816.OFFSET_INS] != (byte) (0x20))) ISOException.throwIt (ISO7816.SW_INS_NOT_SUPPORTED);
            switch (cla)
                 case GETSET_CLA:
                      switch (ins)
                           case SET:
                                SetString(apdu);
                                break;
                           case GET:
                                GetString(apdu);
                                break;
                 case CRYPT_CLA:
                      switch (buf[ISO7816.OFFSET_P1])
                           case (byte) 0x01:
                                encryptRSA(apdu);
                                return;
                           case (byte) 0x02:
                                decryptRSA(apdu);
                                return;
       private void encryptRSA(APDU apdu)
            byte a[] = apdu.getBuffer();
            short byteRead = (short) (apdu.setIncomingAndReceive());
            cipherRSA.init(rsa_PrivateCrtKey, Cipher.MODE_ENCRYPT);
            short cyphertext = cipherRSA.doFinal(a, (short) dataOffset, byteRead, a, (short) dataOffset);
            // Send results
            apdu.setOutgoing();
            apdu.setOutgoingLength((short) cyphertext);
            apdu.sendBytesLong(a, (short) dataOffset, (short) cyphertext);
            //SetString(apdu);
       private void decryptRSA(APDU apdu)
            byte a[] = apdu.getBuffer();
            short byteRead = (short) (apdu.setIncomingAndReceive());
            cipherRSA.init(rsa_PublicKey, Cipher.MODE_DECRYPT);
            cipherRSA.doFinal(a, (short) dataOffset, byteRead, a, (short) dataOffset);
            // Send results
            apdu.setOutgoing();
            apdu.setOutgoingLength((short) 24);
            apdu.sendBytesLong(a, (short) dataOffset, (short) 24);
       // SetString stores the string on the card.
       private void SetString(APDU apdu) {
            byte buffer[] = apdu.getBuffer();
            byte size = (byte)(apdu.setIncomingAndReceive());
            byte index;
            // Store the length of the string and the string itself
            TheBuffer[0] = size;
            for (index = 0; index < size; index++)
                 TheBuffer[(byte)(index + 1)] = buffer[(byte)(ISO7816.OFFSET_CDATA + index)];
            return;
       //     1. Client sends a GetString APDU with a length of 0
       //     2. Card responds with a Status Word of 0x62YY, where YY is the length
       //          of the string (in hex).
       //     3. The client sends its GetString APDU again, but this time with the
       //          correct length.
       private void GetString(APDU apdu) {
            byte buffer[] = apdu.getBuffer();
            byte numBytes = buffer[ISO7816.OFFSET_LC];
            if (numBytes == (byte)0) {
                 ISOException.throwIt((short)(0x6200 + TheBuffer[0]));
            apdu.setOutgoing();
            apdu.setOutgoingLength(numBytes);
            byte index;
            for (index = 0; index <= numBytes; index++)
                 buffer[index] = TheBuffer[(byte)(index + 1)];
            apdu.sendBytes((short)0,(short)numBytes);
            return;
  }

• "Cannot find any provider supporting RSA/ECB/PKCS1Padding" in jdk5

  i use SSLSocket, HttpsURLConnection in program , run well in jdk1.4 but
  get wrong in jdk1.5.0_06, saying "Cannot find any provider supporting RSA/ECB/PKCS1Padding".
  i also try to use the "Unlimited Strength Jurisdiction Policy Files 5.0", but still not work.
  anyone knows why?
  thanks.

  I need more info to tell you exactly. But here are some thngs that might not be working.
  1st let me say I am assuming you are trying RSA encryption?
  1) You have an external JCE provider which provides RSA support installed on your machine using the security properties file. An applet would use a different properties file if you are using either RAW applet or the plugin. You need to add the provider explictly. Aka Security.addProvider(new org.cryptix.jce.Criptix());
  2) The external provider's jar file is not being downloaded with your applet code. Note that the Sun Java plugin does not use the same jre/lib/ext directory as does the JDK.
  3) Some sort of security violation in the SecurityManager of the applet engine if you are not using the Sun Java Plugin.
  Those are just guesses. but it might help if you were to inform us as to what RSA function youa re trying to do. AKA Signature or Cipher.
  Signatures would be a bit more complicated as at least JDK 141 and above have the SunRsaSigner built in. Again if you are using RAW applets (netscape/IE engine) then that would be the problem. (aka no provider installed).

• Problem with WM_ENHANCMENT implementation

  Hi all,
  I deeply need to use  throughout transaction LT04 (Create Transfer Order from TR) the BADI
  WM_ENHANCMENT wich would allow me to export and record some essential data along with the saving and creation of the order,
  I don't expressly use the existing user exit EXIT_SAPLL03T_001 as it doesn't work within that transaction.
  Problem is I can't find a proper way to implement WM_ENHANCMENT Badi,
  Sure thing it doesn't provide the classic implementation mode in SE18 (Implement.->Create) stopping message is:
  "BAdI definition WM_ENHANCMENT is only provided for SAP internal use",
  Beside: no way to Implementation by using enhancement spot, and/or copying interfaces, classes so on, may be I'm not taking properly the required steps, (I'm still not used to build Badi's implamentation by new way),
  Please; Does anybody would provide me the true goods step by step moves to implement this perculiar Badi from SE18 or SE19, (I repeat the classic Badi impl. can't be done),
  Many thanks in advance,
  Sergio,

  Hi Chauxu, actually I didnu2019t try to use that BADI yet, as we ran for a temporary different solution, at present we schedule a custom program wich goes alone for all new created orders and fill in
  additional data we need, anyway I think I'll give some afford to modify that badi when lu2019ll gett some moment,
  Goodbye,
  Sergio,

• Variable Defaults in Light Weight Designer

  I have two Text variables(say NAME and COMPANY) in my project. Both of them are defaulted and are being used in my package. I created a scenario for the package by giving "Selectve Use" and selecting only the NAME variable as parameter to the scenario.
  I executed the scenario from two places. One using the Operator and other from the Light Weight Designer (HTML UI for ODI) .
  On execution from the Operator, the default value for both the variables are retained. But when I execute from the Light Weight Designer the NAME variable retains its default value but the COMPANY variable becomes null.
  I want the COMPANY Variable also to be defaulted to what i entered.
  I know that "Use All" variables while Scenario creation will solve the purpose, But i dont want the COMPANY Variable to be exposed to the User.
  Can anyone help me on this issue.

  Hi Vijay,
  Makes sense now...:)
  Well sometimes even though you say some default values ODI wont bother that...Here is the hack for that...
  Just make that variable to SET variable and Assign "Oracle" for that, make Action as not persistent,datatype as Alphanumeric and proceed with your procedure..
  Make sure that in your procedure give that variable in single quotes..means,
  update employee set company = '#COMPANY' where <condition>
  Does it makes sense?
  Thanks,
  GS

• Flex security - RSA implementation?

  Hi all,
  i am developing a client server app, the client is a flex app that communicate with a php server with amf protocol.
  I need some security so i think some possible solution:
  1. using https, but with any "web debugging proxy" anyone can decrypt ssl, so this is not a solution
  2. using an rsa implementation, so if someone read the traffic it wont be a problem, but if someone
       deassemble flex client, can access to the client private key and then the security will go away
  Is there some stuff to securize the communication?
  Thank you

  Hi,
  For security purposes, you would store the private key in the card and perform all private key operations there. One approach could be to store a certificate and the corresponding private key in a java card applet and then retrieve the certificate from the card. You could then send a random number (nonce) to the card and ask it to sign the number. The host application can then verify the signature with the public key in the certificate. The host could also verify the certificate against a certificate authority or a known trust chain.
  The hard part is that you will need to implement this in the applet yourself. You can define a set of APDU's that you could send to the card for specific responses. For instance one command to get the certificate and another to sign some arbitrary data. You would also want a way of injecting the keys (this is the simple less secure approach though).
  With certificates you can use the cryptographic properties to verify that you trust the card and if you do not receive a trusted certificate the program can terminate. Also if the signature is not verified then you could exit as well as the card has not proven ownership of the private key.
  Cheers,
  Shane