Looking code encrypted data to Decryption data

Similar Messages

• Need pl/sql code to Encrypted data to decryption formate

  Hi All,
  I have Encrypted data 64 bit formate like
  encrypt
  780D0287
  FA57C55510D258C73DE93059E3DC49EC
  need output as a Decryption data..kindly give me output

  This is your duplicate post...
  Re: Need pl/sql code to decryption
  *009*

• Will this encrypt data securely?

  Hey I'm using bouncy castle AES password based encryption. I was just wondering if anyone would take a quick look at my code below to see if it will encrypt a string securely, or if I've missed anything out?
  Thanks in advance
  import java.io.File;
  import java.security.Security;
  import java.util.Vector;
  import javax.crypto.Cipher;
  import javax.crypto.spec.IvParameterSpec;
  import javax.crypto.spec.SecretKeySpec;
  import javax.swing.JOptionPane;
  import org.bouncycastle.crypto.generators.PKCS5S2ParametersGenerator;
  import org.bouncycastle.crypto.params.KeyParameter;
  import org.bouncycastle.crypto.params.ParametersWithIV;
  import org.bouncycastle.util.encoders.Base64;
  public class encryptor {
       private final byte[] salt = { (byte) 0xc7, (byte) 0x73, (byte) 0x21, (byte) 0x8c,
                 (byte) 0x7e, (byte) 0xc8, (byte) 0xee, (byte) 0x99,
                 (byte) 0xc7, (byte) 0x73, (byte) 0x21, (byte) 0x8c,
                 (byte) 0x7e, (byte) 0xc8, (byte) 0xee, (byte) 0x99 };
       public static void main(String[] args)
            new encryptor();
       public encryptor()
            char[] password = "aRandomPassword".toCharArray();
            SecretKeySpec key = generateKey(password, salt);
            encrypt(salt, key, "A secret message");
       public SecretKeySpec generateKey(char[] charPassword, byte[] salt)
            byte[] bytePassword;
            PKCS5S2ParametersGenerator generator = new PKCS5S2ParametersGenerator();
            Security.addProvider(new org.bouncycastle.jce.provider.BouncyCastleProvider());
            int count = 16;
            try
                 bytePassword = new String(charPassword).getBytes("ASCII");
                 generator.init(bytePassword, salt, count);
                 ParametersWithIV params = (ParametersWithIV) generator.generateDerivedParameters(128, 128);
                 KeyParameter keyParam = (KeyParameter) params.getParameters();
                 return new SecretKeySpec(keyParam.getKey(), "AES");
            catch(Exception e)
                 System.out.println(e);
                 System.exit(1);
            //This will never occur
            return null;
       public void encrypt(byte[] salt, SecretKeySpec key, String text)
            IvParameterSpec iv = new IvParameterSpec(salt);
            Cipher cipher;
            byte[] temp;
            try
                 cipher = Cipher.getInstance("AES/CBC/PKCS5Padding", "BC");
                 cipher.init(Cipher.ENCRYPT_MODE, key, iv);
                 temp = cipher.doFinal(text.getBytes("ASCII"));
                 System.out.println(new String(Base64.encode(temp), "ASCII"));
            catch(Exception e)
                 System.out.println(e);
  }

  I'm no expert in cryptology but you are using the salt byte array in two places, as salt and as the initialization vector. This strikes me as a big "no-no"; I suspect it could weaken your cipher. Even if I had no evidence of such weakening, I'd avoid that if at all possible.
  You should generate separate salt and initialization vectors; in fact, you should generate them randomly each time you encrypt something. Naturally, you'll have to carry them along with the encrypted data so that you can pass them back in to the decryption process, but that's a small part to pay for not opening yourself up to dictionary attacks.
  Also, you might want to apply the salt more than just 16 times; try something much larger, such as 1024.

• How to make encrypted data more secure?

  Hi All,
  We are using Oracle 9i database. We have a task to encrypt some of data before storing into database. We have developed a function to encrypt the data using Dbms_Obfuscation toolkit. But, the user who has access to that function source code can easily decrypt the data. Now we need to have the solution so that we can securely save/store Encryption Key, which can be accessed by Application User only.
  One alternative we are thinking is creating a table in SYS user and storing the value there. We can grant SELECT privileges to Application User Only.
  We are looking for other alternatives if we have any. Do you have any idea?
  Thanks in Advance.
  Thanks and Best Regards,
  Dharmesh Patel
  Database Server:
  Oracle9i Enterprise Edition Release 9.2.0.1.0 - 64bit Production
  With the Partitioning, OLAP and Oracle Data Mining options
  JServer Release 9.2.0.1.0 - Production
  ******************************************************/

  I had a look at this conundrum a while back, when we wanted to store credit card details in a database. Basically, there are two choices:
  (1) Don't store the key in the database and make the users type it in whenever they want to see encrypted data; or
  (2) Store the key in the database and accept the risk that it might be abused by privileged users (i.e. DBAs).
  As many users have difficulty remembering their password when it's MOM123 I think it's unlikely they will be able to cope with a properly secure PKI string.
  You can mitigate the risks inherent in option 2 by having very strong auditing of the function's execution, but I'm sure knowledgeable, black-hatted DBAs will be able to find workarounds.
  But, if you can't trust your DBAs you're probably stuffed anyway.
  Cheers, APC

• Send encryption data through network

  I'm doing encryption data exchanging project. I can describe my scenario anyone can give me good suggestion.
  I use RSA Key pair. Client side encrypt the data using private key and server decrypt those data using particular public key. I store my keys in keystore. For one attempt I use public and private keys belong to one alias. My problem is when doing decryption in server side I got error message (BadPaddingException: Data must start with zero). But if I do encryption and decryption in same class using same keys without any client/server connection it works properly.
  So, if anyone can give me any advice or suggestion, I'm very appreciat

  ivanovpv wrote:
  I think problem is somewhere in data transmission. During transmission either server or client adds extra padding information.No. For symmetric block based encrypted the clear text has to be padded to make it a full block. This is normally done as part of the encryption process using PKCS5 padding. Padding is also reqired for RSA encryption so as to make sure the cleartext ^ public_exponent is greater than the modulus. This is normally done using PKCS1 padding.
  If the encrypted data is corrupt then one normally gets a exception such as BadPaddingException when decrypting using a symmetric algorithm or an exception indicating that the padded data should start with a zero in the case of RSA encryption.
  It is almost certain that the OP has corrupted his encrypted data or his key, possibly by converting to a String without using Hex or Base64 encoding. Without seeing his code we will probably never know.
  >
  I would suggest just get your public key (i hope it's just a long/String probably wrapped within some class) then explicitly convert it into character array (best is to use UTF-8 encoding) - then transmit through network. On other side decode from UTF-8 character array into long/String - probably you'd need to instantiate public key object from your long/String and enjoy!String should never be used as a container for binary data and keys are binary data. Just converting them to a String specifying utf-8 will almost certainly corrupt them. If one must have a String version of any binary data whether it be a key or cipher text one should reversibly encode it using something like Base64 or Hex.

• Encrypt data send from a non-SAP system to ECC.

  Hi,
  We are tryign to encrypt the credit card details send from web (non-sap system) via a xml file to ECC.
  From Basis side, I have exported the public key from the ECC for the web server to encrypt the CC details while sending via xml.
  The external web consultants encrypted the cc detail with the public key and send it via xml but that was not able to decrypt at the ECC side.
  The developers were using the FM 'CCARD_DEVELOPE'at ECC to decrypt the data in the xml file. It was saying SSF error: No data transfered.
  Meanwhile SAP CryptoLib is installed and credit card encryption/decryption is working fine for CC details entered via GUI interface.
  Is there anything I am missing out here to encrypt CC details send from a Non-SAP system to ECC.? Do we need to load the SAP cryptolib in the non-SAP system to ecrypt this data at the senders end. Or is there a alternate solution for this ?
  We are in ECC6.0/RHEL/Oracle10204.
  Appreciate your help.
  Thanks

  Hi Nelis,
  Thanks for your reply.
  This note does not get any information regarding encrypting data from a non-SAP system to SAp system.
  I am looking setup/information for encrypting data from a non-SAP system to SAP system.
  Thanks

• Encrypting Data on part of a file system.

  A few months ago, using hints I found on the internet, I was able to use diskutil command line utililty to create an encrypted partition of the same sort as when turning FileVault on in Security Preferences.  File Vault doe not appear to offer a way to choose some pargt of the disk storage such as an entire drive of a folder on a drive.  I was able to do it and it worked.  When I mount the disk partition to the system (usualy by plugging it in and turning it on), I'm asked for the security pass phrase or key to decrypt it.  Once mounted with the key supplied, I can access it as any other mounted disk with the type of access restrictions that might be present on any disk.Since I want the data to be truly privatem U decline to put the key into the a known place such as the keychain.  I don't want just anyone who has a log on to this iMac to b e able to read this data.  I want them to need to enter a private key to mount the data. 
  My only problem with this is the hoops I needed to go through to do this.  It is complicated and invovlves setting up special partitions for the purpose.
  Searching Finder help for encrypting data it offered a solution for data on a removable drive.  The stepsare very simple and easy to do:
     a) Mount the files to be encrypted if they are not  online.  They also need to be in a folder or even an entire partition.
      b) Open Disk Utility (GUI version)
      c)Choose File > New > Disk Image From Folder (or New-> Disk Image ffrom a Device).
      d) Select the folder or disk you want to encrypt.
      e) A save dialog will pop up.  Select the name of the archive you wish to create and select a location.  I choose a removable disk partition which has enouh space.  Select Compressed if you wish.  Then Select Encryption and choose the key size for encryption from the drop dwon.  When you click Save, Disk Utility begins creating a disk image that is (possibly) compressed and probably encrypted.  Once done, the files in the folder or partiion are hiddent behind the encryption.  To get to them, you much open the DMG file and supply the password to unlock the encryption.  You can save the key in the keychain if you are not worreid about who can get in.  If you wish to restrict access to fewer people, keep the key secret and provide a recovery mechanism that is suitable for you need.
     f)  One the archive is created, the disk partition containing it may b4 mounted on the system (if it is not there already) and by opening the dmg file you will be asked for the key.  The system will validate that the key works and the encryption and comprewssion are working.  The archive will be mounted as a virual disk.  It can be accessed by any useer of that computer unless the file permissions get in the way.  Mounting it only when the computer is being used by authorized people allow you to mount and dismount the archive for use during a limited time.
  I have a couple of questions here.  Is there an easier way to do this?  Is this encryption as strong as that used in FileVault? 

  No. I don't know why it would not be, except it is easier for a person to leave the disk mounted where anyone can then see it. With FileVault forcing a password on wake from sleep, it will likely be encrypted if anyone found it.
  I'm not sure why you went to the trouble you did before, except the instructions might have been to create an encrypted partition as opposed to creating the disk image. Disk images have been around for at least a decade.
  If you plan on backing up the image with Time Machine, use a sparse bundle disk image as it will write the data to small files, called stripes. Only the stripes that change get backed up instead of the entire image.

• How to handle HTTP-POST encrypted data for ECC Using proxy or RFC

  I have a scenario HTTP-POST ->PI->ECC.sender is HTTP Post  send encrypted data i need to handle the data and stored in to SAP ECC  with out decrypt using PI .what should i take for receiver  can i use inbound proxy or RFC  and how can handle the encrypted data  for decrypt.
  Regards
  Ravi

  1. my sender is HTTP POST . what should i configure in sender communication channel in SAP PI .like SOAP or HTTP .What are the parameters i need to pass .
  >>>
  If you are on PI 7.3 and above, configure the HTTP AAE adapter - Configuring the Java HTTP Adapter on the Sender Channel - Advanced Adapter Engine - SAP Library
  2.while using inbound proxy for encrypted data  i need  store the data in to table , the same proxy can i call  another outbound  service for decrypt  same data.
  >>>>
  Yes you can always a proxy within a proxy.

• Insert an encrypt data in a Table

  Hi all,
  i have encrypted a data with HmacMD5, all its fine. but when i've tried to insert encrypt data in my table, hash code may return symbols like �?��Z��x��. then when i do a select data has been corrupted. how can i encrypted in stardand symbols( like mysql passwords). here is my code:
              KeyGenerator kg = KeyGenerator.getInstance("HmacMD5");
              SecretKey sk = kg.generateKey();
              // Get instance of Mac object implementing HMAC-MD5, and
              // initialize it with the above secret key
              Mac mac = Mac.getInstance("HmacMD5");
              mac.init(sk);
              byte[] result = mac.doFinal(dirMAC.getBytes());
              String macenc=new String(result);
              String x = "jdbc:mysql://localhost/"+
                      "mydatabase?user="+user+"&password="+
                      pass;
              Class.forName("com.mysql.jdbc.Driver").newInstance();
              conn = DriverManager.getConnection(x);
              conn.createStatement().executeUpdate("insert into user " +
                      "(User,Password) values('system','"+myPass+"')");
              java.sql.ResultSet rs=conn.createStatement().executeQuery("select password "+
                       "from " +"user where user ='system' ");
              rs.next();
              if((rs.getString(1).equals(macenc))) {
                  System.out.println(rs.getString(1)+" YES "+macenc);
              } else {
                  System.out.println(rs.getString(1)+" NO "+macenc);
              }Output NO. and sometimes when hash has (') character Query not found.
  thanks.

  Thie is most probably the offending line
  String macenc=new String(result);
  It is never a good idea to try to convert arbitrary bytes into a String using this approach. Not all byte sequences have valid char representation. If you must have a String representation use Base64 or Hex encoding of your Hmac. Google for Jakarta Commons Codec to get a library to assist you with this.

• Export and Import encrypted data

  Hi,
  I have a database table with encryped data (encrypted using DBMS_OBFUSCATION_TOOLKIT.DES3Encrypt). I am having an issue when I export this table and import it into a new schema. The encrypted data seems to have changed after import. I am unable to decrypt it from the new schema.
  Below is the character set details from export/import.
  "Export done in WE8MSWIN1252 character set and AL16UTF16 NCHAR character set. Server uses WE8ISO8859P1 character set (possible charset conversion)."
  "Import done in WE8MSWIN1252 character set and AL16UTF16 NCHAR character set."
  Has anybody had this issue before? Does it have anything to do with the character set? If so, how do I fix it?
  Thank you!

  Hello,
  since this question is about using the export utility, you might better ask this in {forum:id=61} or {forum:id=732}.
  Regards
  Marcus

• Encrypting data J2ME

  Hi
  I am developing a number of applications using J2ME. They run on mobile phones and need to be able to send data to a server. I need to encrypt this data as it contains personal information about the user. I cant use HTTPS because some of the applications use MIDP 1.0 and only support HTTP.
  So I want to encrypt the data myself and I was wondering if you could help me with my approach and answer some questions...
  I think the best way is to use RSA public/private keys in combination with a symmetric encrypting algorithm. So the mobile will have the public key part and the server will have the private key. The data will be encrypted using a symmetric algorithm. The key used in the encryption will then be encrypted using the public key. Both the encrypted key and the encrypted data will then be sent to the server. The server uses its private key to decrypt the key and then use the key to decrypt the data.
  How does that sound? I will be using Bouncy Castle crypto. What is the best way to generate a public/private key pair? I then need to somehow include the public key with the application. Should I randomly generate the symmetric key myself?
  Also what algorithm would you suggest for encrypting the data. Remember that it is on a resource constrained mobile device.
  If you have any other comments I would like to hear them. Thanks for your time.

  Thanks for the pointer. The thing is we changed our minds. We discovered strong encryption was not needed since our scheme is like the DVD encryption. The data is unencrypted by the application used by the person that does not have to know the data.
  We went with Rot13. jeje
  Thanks anyway.

• Send encrypted data from oracle 11g to Ms SQL Server 12

  Hi every body,
  we want to send encrypted data from oracle 11g to Ms SQL Server 12:
  - data are encrypted to oracle
  - data should be sent encrypted to Ms SQL server
  - data will be decrypted in Ms SQL server by sensitive users.
  How can we do this senario, any one has contact simlare senario?
  can we use asymetric encription to do this senario?
  Please Help!!
  Thanks in advance.

  Hi,
    What you want to do about copying data from Oracle to SQL*Server using insert will work with the 12c gateway.  There was a problem trying to do this using the 11.2 gateway but it should be fixed with the 12c gateway.
  If 'insert' doesn't work then you can use the SQLPLUS 'copy' command, for example -
  SQL> COPY FROM SCOTT/TIGER@ORACLEDB -
  INSERT SCOTT.EMP@MSQL -
  USING SELECT * FROM EMP
  There is further information in this note available on My Oracle Support -
  Copying Data Between an Oracle Database and Non-Oracle Foreign Data Stores or Databases Using Gateways (Doc ID 171790.1)
  However, if the data is encrypted already in the Oracle database then it will be sent in the encrypted format. The gateway cannot decrypt the data before it is sent to SQL*Server.
  There is no specific documentation about the gateways and TDE.  TDE encrypts the data as it is in the Oracle database but I doubt that SQL*Server will be able to de-encrypt the Oracle data if it is passed in encrypted format and as far as I know it is not designed to be used for non-Oracle databases.
  The Gateway encrypts data as it is sent across the network for security but doesn't encrypt the data at source in the same way as TDE does.
  Regards,
  Mike

• Dbms_crypto encrypt date number datatype

  I am using oracle 11g. I am very new to dbms_crypto. I went through documentation but have following doubts:
  Is it mandatory to convert varchar2(32) to RAW to use dbms_crypto.encrypt?
  If I change varchar2(32) to RAW, Can I make it RAW(32) or does it needs to be bigger?
  Does the RAW size must be in multiple of 16?
  How can I encrypt data of datatype date and number using dbms_crypto?
  Thanks a lot for your time to clarify my quries?

  spur230 wrote:
  Is it mandatory to convert varchar2(32) to RAW to use dbms_crypto.encrypt?It's not mandatory, but it's certainly a good idea. If you store encrypted data in a VARCHAR2 column, that means that it is subject to character set conversion if it's moved from one database to another or sent from a database to a client machine. But if character set conversion happens, your encrypted data is corrupted.
  If I change varchar2(32) to RAW, Can I make it RAW(32) or does it needs to be bigger?
  Does the RAW size must be in multiple of 16?It would be helpful to specify exactly what algorithm and parameters you intend to use because it may vary. If, for example, we encrypt using AES-256 with Cipher Block Chaining and PKCS#5 compliant padding (which happens to be the example in the DBMS_CRYPTO manual), the output RAW will always be a multiple of 16 and as large or larger than the input RAW.
  A VARCHAR2(32) will either allocate 32 characters of storage or 32 bytes of storage depending on your NLS_LENGTH_SEMANTICS parameter. If you're using the default, it will allocate 32 bytes. But 32 bytes in the database character set may require more than 32 bytes of storage once you convert it to a UTF-8 encoded RAW (which, technically, also isn't required but is a good practice) and, thus, the encrypted string might require more than 32 bytes of storage. Your database character set and the actual data you store/ want to be able to store will influence how likely it is that you'll need a larger RAW than your VARCHAR2.
  How can I encrypt data of datatype date and number using dbms_crypto?dbms_crypto only operates on RAW data. Just like you convert strings to RAW before encrypting them, you'd need to convert your dates and numbers to RAW. For numbers, you should be able to use UTL_RAW.CAST_FROM_NUMBER. I don't know of a method of casting dates to a RAW other than converting them to a known string representation and then encrypting that (and, of course, doing the reverse when you decrypt the string and convert it back to a date using that same format).
  Justin

• B2B - SFTP - Encrypt data using PGP

  Hello,
  I am hearing / reading mixed comments on using PGP encryption / decryption using the SFTP Transport in Oracle B2B.
  The requirement is the data needs to be encrypted during the transport between the trading partners. The SFTP server houses the PGP encrypted data, B2B should be able to listen, pick and decrypt and process the files.
  Is this possible in Oracle SOA Suite 11g? If yes, could you please point me to any documentation that explains configuring B2B to decrypt a PGP encrypted file.
  Thanks in advance,
  Venkatesh

  I think most comments you read about this would have said that B2B SFTP cannot handle PGP encryption. This is true. B2B out-of-box does not support PGP encryption/decription. Most people suggest using Java callout.
  ~Ismail.

• Encrypting data in database

  Is there any tools in an Oracle database or by Oracle to encrypt data in the database in 8.05 database or earlier? In versions above 8.05 - 8i and above, is the PL/SQL Encryption Toolkit free with the database or is it an add on package.
  Thanks

  I've never heard of any tools that encrypt the data prior to v8.0.5. In these cases you might be better server encrypting and decrypting the data outside of the database.
  The DBMS_OBFUSCATION_TOOLKIT has been added in Oracle 8.1.6. This package provides you with DES encryption only. Does not perform any kind of key management. Read the white paper "Database Encryption in Oracle8i" from OTN. Provides a very good assessment of the use of encryption in databases.
  HTH,
  Aaron Newman
  Database Security Consultant
  404-231-0679