XML encrypt/decrypt

Hi All,
I'm a newbie, and want to know if the output XML file (UUT test report) from TestStand can be encrypted without using any third party software?
Actually I want to know if TestStand itself supports encryption/decryption of XML?
And if TestStand doesn't supports, is there any work around for this requirement?
I am not allergic to Kudos, in fact I love Kudos.
Make your LabVIEW experience more CONVENIENT.

Hello,
Encryption in XML file is required to encrypt the various configuration parameter values so that a user cannot view / edited it external outside the to the test application. By making use of Private / Public keys data would be encrypted.This key will be exchanged between TestStand & XML to decrypt & display it to user.
See additional details on XML encryption on : http://www.w3.org/TR/xmlenc-core/
We can encrypt the step result using LabVIEW encryption example --> http://zone.ni.com/devzone/cda/epd/p/id/3473
My question now is --> How to include the customize XML report header to include the encryption standard?
I saw many articles to make use of "ModifyReportHeader". Can someone furnish me with a working example of modifying the header through TestStand? I tried ... but in Vain..

Similar Messages

How to encrypt/decrypt xml data into, and then out of IDS?

Hi,
How would we encrypt NPPI information being passed from an unencrypted xml through IDS, and then decrypt it on exit prior to Gendata.
The IDS SDK gave a reference to IDSEncryptionRule(), but insufficient examples of implementation.
It could be something like a single tag element, or even the entire xml, it's just not clear how to make it happen using native IDS methods.
Any thoughts or help to implement this security measure would be most welcome!
Thanks so much!
Edited by: lodit on Apr 10, 2013 2:56 PM

Hi there,
You would need to write a custom IDS rule that implements this function. You can refer to the IDS SDK book for info on writing a custom rule. IDSEncryptionRule does operations based on the request state received. Normally when an IDS rule is executed, the rules in the request type definition are executed with the RUN_FORWARD request state. Then they are executed with the RUN_REVERSE request state. An example of why this model is used would be the ATCReceiveFile. On RUN_FOWARD, it writes the contents of file segments in a message to a temporary file. Subsequent rules execute. Then on the RUN_REVERSE, the ATCReceiveFile does clean up routines to remove the temporary file.
So, armed with that knowledge, you can use the IDSEncryptionrule to perform on RUN_FORWARD (decrypt message variables for subsequent processing by Documaker) and then on RUN_REVERSE (encrypt message variables to send back to the client).
It should be apparent at this point that you need to use an encryption/decryption mechanism with the IDS client otherwise you won't be able to prepare the message to send or read the response. On the client side there are functions - consult the examples included in the IDS SDK (DSI_DSK in the installer package).
--Andy

Best method for encrypting/decrypting large XML files ( 100MB)

I am in need of encrypting XML for large part files that can get upwards of 100Mb+.
I found some articles and code, but the only example I was successful in getting to work used XMLCipher, which takes a Document, parses it, and then encrypts it.
Obviously, 100Mb files do not cooperate well with DOM, so I want to find a better method for encryption/decryption of these files.
I found some articles using a CipherInputStream and CipherOutputStreams, but am not clear if this is the way to go and if this will avoid memory errors.
import java.io.*;
import java.security.spec.AlgorithmParameterSpec;
import javax.crypto.*;
import javax.crypto.spec.IvParameterSpec;
public class DesEncrypter {
    Cipher ecipher;
    Cipher dcipher;
    public DesEncrypter(SecretKey key) {
        // Create an 8-byte initialization vector
        byte[] iv = new byte[]{
            (byte)0x8E, 0x12, 0x39, (byte)0x9C,
            0x07, 0x72, 0x6F, 0x5A
        AlgorithmParameterSpec paramSpec = new IvParameterSpec(iv);
        try {
            ecipher = Cipher.getInstance("DES/CBC/PKCS5Padding");
            dcipher = Cipher.getInstance("DES/CBC/PKCS5Padding");
            // CBC requires an initialization vector
            ecipher.init(Cipher.ENCRYPT_MODE, key, paramSpec);
            dcipher.init(Cipher.DECRYPT_MODE, key, paramSpec);
        } catch (java.security.InvalidAlgorithmParameterException e) {
        } catch (javax.crypto.NoSuchPaddingException e) {
        } catch (java.security.NoSuchAlgorithmException e) {
        } catch (java.security.InvalidKeyException e) {
    // Buffer used to transport the bytes from one stream to another
    byte[] buf = new byte[1024];
    public void encrypt(InputStream in, OutputStream out) {
        try {
            // Bytes written to out will be encrypted
            out = new CipherOutputStream(out, ecipher);
            // Read in the cleartext bytes and write to out to encrypt
            int numRead = 0;
            while ((numRead = in.read(buf)) >= 0) {
                out.write(buf, 0, numRead);
            out.close();
        } catch (java.io.IOException e) {
    public void decrypt(InputStream in, OutputStream out) {
        try {
            // Bytes read from in will be decrypted
            in = new CipherInputStream(in, dcipher);
            // Read in the decrypted bytes and write the cleartext to out
            int numRead = 0;
            while ((numRead = in.read(buf)) >= 0) {
                out.write(buf, 0, numRead);
            out.close();
        } catch (java.io.IOException e) {
}This looks like it might fit, but there is one more twist, I am using a persistence manager and xml encoding to accomplish that, so I am not sure how (where) to implement this method without affecting persistence.
Any guidance on what would work best in this situation would be appreciated.
Regards,
vbplayr2000

I can give some general guidelines that might help, having done much similar work:
You have 2 different issues, at least from my reading of your problem:
1) How to deal with large XML docs that most parsers will not handle without memory issues
2) Where to hide or "black box" the encrypt/decrypt routines
#1: Check into XPP3/XMLPull. Yes, it's different that the other XML parsers you are used to using, and more work is involved, but it is blazing fast and can be used to parse a stream as it is being read. You can populate beans and process as needed since there is really not much "inversion of control" involved compared to parsers that go on to finish the entire document or load it all into memory.
#2: Extend Serializable and write your own readObject/writeObject methods. Place the encrypt/decrypt in there as appropriate. That will "hide" the implementation and should be what any persistence manager can deal with.
Regards,
antarti

How to encrypt/decrypt the password

Hi
In our website(JSP,servlet) is running over the Sun One Application server.In website, Contact us information is call by a servlet.when we submit the information and it will connect to the DB. I need to use encrypt/decrypt the password. DB connection information is store in server.xml.
So how to proceed to encrypt/decrypt the password?
please advice/suggestion for the same.
thanks
lalit
Edited by: Lalit107 on Aug 6, 2009 4:49 AM

I don't understand what you are saying. Is your password sumitted from the JSP?

Encryption/Decryption failure for pdf and MSWord files

Hi,
Is there anybody to help me to find out what is wrong with my class (listing below)? I am sucessfuly using this class to encrypt and decrypt txt, html files but for unknown reasons I am unable to use it for e.g. pdf files. The encrypion somehow works but any atempt to decrypt is a failure.
/* This class accepts an input file, encrypts/decrypts it using DES algorithm and
writes the encrypted/decrypted output to an output file. DES is used in Cipher
Block Chaining mode with PKCS5Padding padding scheme. Note that DES is a symmetric
block cipher that uses 64-bit keys for encryption. A password of length no less
than 8 is to be passed to the encryptFile/ decryptFile methods. This password is
used to generate the encryption key. All exception handling is to be done by
calling methods. These exceptions are thrown by encryptFile/ decryptFile methods.
The input buffer is 64 bytes, 8 times the key size.
import java.io.*;
import javax.crypto.*;
import javax.crypto.spec.*;
import java.security.*;
import java.security.spec.*;
public class Crypto
public Crypto(FileInputStream inStream_, FileOutputStream outStream_)
fInputStream_ = inStream_;
fOutputStream_ = outStream_;
public void encryptFile(String password_) throws InvalidKeySpecException, InvalidKeyException,
InvalidAlgorithmParameterException, IllegalStateException, IOException, Exception
DataOutputStream dataOutStream_ = new DataOutputStream(fOutputStream_);
// key generation
SecretKey encryptKey_ = createEncryptionKey(password_);
// Cipher initialization
Cipher cipher_= Cipher.getInstance(cipherType);
cipher_.init(Cipher.ENCRYPT_MODE, encryptKey_);
// write initialization vector to output
byte[] initializationVector_ = cipher_.getIV();
dataOutStream_.writeInt(initializationVector_.length);
dataOutStream_.write(initializationVector_);
// start reading from input and writing encrypted data to output
while (true) {
inputLength_ = fInputStream_.read(input_);
if (inputLength_ ==-1) break;
byte[] output_ = cipher_.update(input_, inputOffset_, inputLength_);
if (output_ != null)
dataOutStream_.write(output_);
// finalize encryption and wrap up
byte[] output_ = cipher_.doFinal();
if (output_ != null)
dataOutStream_.write(output_);
fInputStream_.close();
dataOutStream_.flush();
dataOutStream_.close();
public void decryptFile(String password_) throws IllegalStateException, IOException, Exception
DataInputStream dataInStream_ = new DataInputStream(fInputStream_);
// key generation
SecretKey encryptKey_ = createEncryptionKey(password_);
// read initialization vector from input
int ivSize_ = dataInStream_.readInt();
byte[] initializationVector_ = new byte[ivSize_];
dataInStream_.readFully(initializationVector_);
IvParameterSpec ivParamSpec_= new IvParameterSpec(initializationVector_);
// Cipher initialization
Cipher cipher_= Cipher.getInstance("DES/CBC/PKCS5Padding");
cipher_.init(Cipher.DECRYPT_MODE, encryptKey_, ivParamSpec_);
// start reading from input and writing decrypted data to output
while (true) {
inputLength_ = fInputStream_.read(input_);
if (inputLength_ ==-1) break;
byte[] output_ = cipher_.update(input_, inputOffset_, inputLength_);
if (output_ != null)
fOutputStream_.write(output_);
// finalize decryption and wrap up
byte[] output_ = cipher_.doFinal();
if (output_ != null)
fOutputStream_.write(output_);
fInputStream_.close();
fOutputStream_.flush();
fOutputStream_.close();
// the following method creates the encryption key using the supplied password
private SecretKey createEncryptionKey(String passwd_) throws InvalidKeySpecException,
InvalidKeyException, NoSuchAlgorithmException
byte[] encryptionKeyData_ = passwd_.getBytes();
DESKeySpec encryptionKeySpec_ = new DESKeySpec(encryptionKeyData_);
SecretKeyFactory keyFactory_ = SecretKeyFactory.getInstance(algorithm_);
SecretKey encryptionKey_ = keyFactory_.generateSecret(encryptionKeySpec_);
return encryptionKey_;
private FileInputStream fInputStream_;
private FileOutputStream fOutputStream_;
private final String algorithm_= "DES";
private final String cipherType= "DES/CBC/PKCS5Padding";
private byte[] input_ = new byte[64]; // The input buffer size is 64
private int inputLength_;
private final int inputOffset_= 0;
}

Please can u give me refined code for me///
at [email protected]
Hi,
I found at least one thing wrong. In the decrypt
method you are reading from 'fInputStream_' rather
than 'dataInStream'.
Worked for me on MSWord after changing this!
Roger
// start reading from input and writing decrypted
ted data to output
while (true) {
inputLength_ = fInputStream_.read(input_);
if (inputLength_ ==-1) break;
byte[] output_ = cipher_.update(input_,
input_, inputOffset_, inputLength_);
if (output_ != null)
fOutputStream_.write(output_);

How to resolve bug RC4 encrypt-decrypt on iPAD with AIR15 only

Hi everybody,
I have some trouble with AIR15 only, In the past, I created a small game on iPad It could send or receive messge from server. I used lib as3crypto.swc encrypt or decrypt message (RC4). But when I upgrade to AIR15 encrypt-decrypt cannot work ( Another thing about this crash is that it only happens with a release (adhoc or appstore) build but NOT with a debug build). I check so many time but i don't know what is problem here.
Please help me, thanks so much any advice.
P/S: My game have many swf files (code and resource). I must combine multiple SWF files into one.
Class RC4.as
import com.hurlant.crypto.prng.ARC4;
import com.hurlant.util.Base64;
import com.hurlant.util.Hex;
import flash.utils.ByteArray;
public class RC4
private static const key:String = "keytest";
private static var byteKeys:ByteArray = Hex.toArray(Hex.fromString(key));
private static var rc4:ARC4 = new ARC4();
public static function encrypt(clearText:String):String
var byteText:ByteArray = Hex.toArray(Hex.fromString(clearText));
rc4.init(byteKeys);
rc4.encrypt(byteText);
return Base64.encodeByteArray(byteText);
public static function decrypt(encryptedText:String):String
var byteText:ByteArray = Base64.decodeToByteArray(encryptedText);
rc4.init(byteKeys);
rc4.decrypt(byteText);
return Hex.toString(Hex.fromArray(byteText));

Sorry, exact message is "this movie could not be played".
There are hundreds of posts about this message but no one states a clear solution to the problem.
Your help will be much appreciated.
Thank you.

Help ! Need PCI Encryption/Decryption Controller Driver for New HP 355 G2 (AMD) w/Win 7 Pro 64 Bit

Just rebuilt new HP 355 G2 to Win 7 64 bit. The ONLY driver I can not locate or get to work is the PCI Encryption/Decryption Controller. I installed all latest drivers for this model/OS from both HP and AMD sites still no luck. AMD autodetect utility and Catalyst software installed all other drivers successfully except this one and when completes says all drivers, including chipset, are installed successfully and current.
I am at a complete loss where to get this driver from a OEM site, can you help ?
Device ID's:
PCI\VEN_1022&DEV_1537&SUBSYS_15371022&REV_00
PCI\VEN_1022&DEV_1537&SUBSYS_15371022
PCI\VEN_1022&DEV_1537&CC_108000
PCI\VEN_1022&DEV_1537&CC_1080
Thanks !!!
This question was solved.
View Solution.

Hi:
You need to run this driver and then manually install it.
http://h20565.www2.hp.com/hpsc/swd/public/detail?swItemId=vc_133833_1
To manually install the driver go to the device manager and click on the PCI Encryption/Decryption Controller needing the driver.
Click on the driver tab. Click on Update Driver.
Select the Browse my computer for driver software option, and browse to the driver folder that was created when you ran the file.
That folder will be located in C:\SWSetup\sp66974.
Make sure the Include Subfolders box is checked, and the driver should install.
Then reboot.

Help for a newbie on encryption/decryption

I want to start with a text file.
Read in a line of ascii characters, encrypt it using some algorithm and output it as a new set of ascii characters.
What algorithm should I use?

thanks a lot. I got the encryption/decryption working pretty easily.
However, I ran into problem when I got to storing keys:
I stored it fine with this code
          try {
               KeyGenerator keyGen = KeyGenerator.getInstance("DES");
               desKey = keyGen.generateKey();
               cipher = Cipher.getInstance("DES");
               KeyStore keyStore = KeyStore.getInstance("JKS");
               String password = "lemein";
               char passwd[] = password.toCharArray();
               keyStore.load(null, passwd); //initialize keyStore
               Certificate[] chain = new Certificate[1];
               String alias = "test";
               keyStore.setKeyEntry(alias, desKey, passwd, null);
               String fileName = "data/gkey.txt";
               FileOutputStream f = new FileOutputStream(fileName);
               keyStore.store(f, passwd); // <----------exception happens here
          } catch (Exception e)
          {     e.printStackTrace();
I got problem when I retrieve it with this code
          KeyGenerator kg = null;
          Key key = null;
          cipher = null;
          Security.addProvider(new com.sun.crypto.provider.SunJCE());
          byte[] result = null;
          try {
               KeyStore keyStore = KeyStore.getInstance("JKS");
               keyStore.load(new FileInputStream("data/gkey.txt"), "lemein".toCharArray());
               key = keyStore.getKey("test", "lemein".toCharArray());
               cipher = Cipher.getInstance("DES");
               byte[] data = "Hello World!".getBytes();
               System.out.println("Original data : " + new String(data));
               cipher.init(Cipher.ENCRYPT_MODE, key);
               result = cipher.doFinal(data);
               System.out.println("Encrypted data: " + new String(result));
          } catch (Exception e) {
               e.printStackTrace();
I get the error:
java.security.UnrecoverableKeyException: DerInputStream.getLength(): lengthTag=75, too big.
     at sun.security.provider.KeyProtector.recover(Unknown Source)
     at sun.security.provider.JavaKeyStore.engineGetKey(Unknown Source)
     at java.security.KeyStore.getKey(Unknown Source)
Any idea what the problem is?
Thanks

Encrypt/decrypt using update

Hi,
can someone give me an encrypt/decrypt pair of code samples that use the cipher.update() call.
i am trying it like that but apparently it doesn't work
byte[] temp = new byte[message.length/2];
byte[] temp2 = new byte[message.length/2];
System.arraycopy(message, 0, temp, 0, temp.length);
System.arraycopy(message, temp.length, temp2, 0, temp.length);
ciphertext = new byte[message.length];
System.arraycopy(symmetricCipher.update(temp), 0, ciphertext, 0, temp.length);
System.arraycopy(symmetricCipher.doFinal(temp2), 0, ciphertext, temp.length, temp.length);

ode]
>
I don't see how using the inputstream i would avoid
the memory error, when passing anything over
10,000,000. Unless you mean I split the input, and
write small chunks into disk as I encrypt them?Your basic problem is that you have the data as one large array. I don't know how and why you created this large array; I would not to create it unless there was no other way.
Since it does not make sense to create one large encrypted byte array and given that you have a byte array then you can use either
1) Create a ByteArrayInputStream and wrap it in a CipherinputStream. This would allow you to encrypt the array in a sequential manner a few KBytes at a time.
or
2) Encrypt the array a few KBytes at a time using a simple update(array, start, length) that returns the encrypted bytes.
But first, I would try to avoid creating the large 'cleartext' array.

Encrypt/decrypt AES 256, vorsalt error

Hiyas.
So I'm trying to get encrypt/decrypt to work for AES 256, with both 32byte key and 32byte IVorSalt. (Yup-new java security files v6 installed)
'IF' I 32byte key but dont use a IV at all, I get a nice looking AES 256 result. (I can tell it's AES 256 by looking the length of the encrypted string)
'IF' I use a 32byte key and 16bit salt, I get a AES 128 result (I know- as per docs theyre both s'posed to the same size, but the docs are wrong).
But when i switch to using both a 32byte key AND a 32byte salt I get the error below.
An error occurred while trying to encrypt or decrypt your input string: Bad parameters: invalid IvParameterSpec: com.rsa.jsafe.crypto.JSAFE_IVException: Invalid IV length. Should be 16.
Has anyone 'EVER' gotten encrypt to work for them using AES 256 32byte key and 32byte salt? Is this a bug in CF? Or Java? Or I am doing something wrong?

<cfset theAlgorithm = "Rijndael/CBC/PKCS5Padding" />
<cfset gKey = "hzj+1o52d9N04JRsj3vTu09Q8jcX+fNmeyQZSDlZA5w=">

<cfset theIV    = BinaryDecode("7fe8585328e9ac7b7fe8585328e9ac7b7fe8585328e9ac7b7fe8585328e9ac7b","hex")>

<cffunction    name="DoEncrypt" access="public" returntype="string" hint="Fires when the application is first created.">
    <cfargument    name="szToEncrypt" type="string" required="true"/>
    <cfset secretkey = gKey>
    <cfset szReturn=encrypt(szToEncrypt, secretkey, theAlgorithm, "Base64", theIV)>
    <cfreturn szReturn>
</cffunction>
<cffunction    name="DoDecrypt" access="public" returntype="string" hint="Fires when the application is first created.">
    <cfargument    name="szToDecrypt" type="string" required="true"/>
    <cfset secretkey = gKey>
    <cfset szReturn=decrypt(szToDecrypt, secretkey, theAlgorithm, "Base64",theIV)>
    <cfreturn szReturn>
</cffunction>
<cfset szStart = form["toencrypt"]>
<cfset szStart = "Test me!">
<cfset szEnc = DoEncrypt(szStart)>
<cfset szDec = DoDecrypt(szEnc)>
<cfoutput>#szEnc# #szDec#</cfoutput>

Hi edevmachine,
This Bouncy Castle Encryption CFC supports Rijndael w/ 256-bit block size. (big thanks to Jason here and all who helped w/ that, btw!)
Example:
<cfscript>
BouncyCastleCFC = new path.to.BouncyCastle();
string = "ColdFusion Rocks!";
key = binaryEncode(binaryDecode(generateSecretKey("Rijndael", 256), "base64"), "hex");//the CFC takes hex'd key
ivSalt = binaryEncode(binaryDecode(generateSecretKey("Rijndael", 256), "base64"), "hex");//the CFC takes hex'd ivSalt
encrypted = BouncyCastleCFC.doEncrypt(string, key, ivSalt);
writeOutput(BouncyCastleCFC.doDecrypt(encrypted, key, ivSalt));
</cfscript>
Related links for anyone interested in adding 256-bit block size Rijndael support into ColdFusion:
- An explanation of how to install the Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files into ColdFusion
- An explanation of how to install the Bouncy Castle Crypto package into ColdFusion (near bottom, under the "Installing additional security providers" heading)
- An explanation of how to connect the Bouncy Castle classes together
- Bouncy Castle's doc for the Rijndael Engine
And here is the full CFC as posted in the StackOverflow discussion:
<cfcomponent displayname="Bounce Castle Encryption Component" hint="This provides bouncy castle encryption services" output="false">
<cffunction name="createRijndaelBlockCipher" access="private">
    <cfargument name="key" type="string" required="true" >
    <cfargument name="ivSalt" type="string" required="true" >
    <cfargument name="bEncrypt" type="boolean" required="false" default="1">
    <cfargument name="blocksize" type="numeric" required="false" default=256>
    <cfscript>
    // Create a block cipher for Rijndael
    var cryptEngine = createObject("java", "org.bouncycastle.crypto.engines.RijndaelEngine").init(arguments.blocksize);
    // Create a Block Cipher in CBC mode
    var blockCipher = createObject("java", "org.bouncycastle.crypto.modes.CBCBlockCipher").init(cryptEngine);
    // Create Padding - Zero Byte Padding is apparently PHP compatible.
    var zbPadding = CreateObject('java', 'org.bouncycastle.crypto.paddings.ZeroBytePadding').init();
    // Create a JCE Cipher from the Block Cipher
    var cipher = createObject("java", "org.bouncycastle.crypto.paddings.PaddedBufferedBlockCipher").init(blockCipher,zbPadding);
    // Create the key params for the cipher
    var binkey = binarydecode(arguments.key,"hex");
    var keyParams = createObject("java", "org.bouncycastle.crypto.params.KeyParameter").init(BinKey);
    var binIVSalt = Binarydecode(ivSalt,"hex");
    var ivParams = createObject("java", "org.bouncycastle.crypto.params.ParametersWithIV").init(keyParams, binIVSalt);
    cipher.init(javaCast("boolean",arguments.bEncrypt),ivParams);
    return cipher;
    </cfscript>
</cffunction>
<cffunction name="doEncrypt" access="public" returntype="string">
    <cfargument name="message" type="string" required="true">
    <cfargument name="key" type="string" required="true">
    <cfargument name="ivSalt" type="string" required="true">
    <cfscript>
    var cipher = createRijndaelBlockCipher(key=arguments.key,ivSalt=arguments.ivSalt);
    var byteMessage = arguments.message.getBytes();
    var outArray = getByteArray(cipher.getOutputSize(arrayLen(byteMessage)));
    var bufferLength = cipher.processBytes(byteMessage, 0, arrayLen(byteMessage), outArray, 0);
    var cipherText = cipher.doFinal(outArray,bufferLength);
    return toBase64(outArray);
    </cfscript>
</cffunction>
<cffunction name="doDecrypt" access="public" returntype="string">
    <cfargument name="message" type="string" required="true">
    <cfargument name="key" type="string" required="true">
    <cfargument name="ivSalt" type="string" required="true">
    <cfscript>
    var cipher = createRijndaelBlockCipher(key=arguments.key,ivSalt=arguments.ivSalt,bEncrypt=false);
    var byteMessage = toBinary(arguments.message);
    var outArray = getByteArray(cipher.getOutputSize(arrayLen(byteMessage)));
    var bufferLength = cipher.processBytes(byteMessage, 0, arrayLen(byteMessage), outArray, 0);
    var originalText = cipher.doFinal(outArray,bufferLength);
    return createObject("java", "java.lang.String").init(outArray);
    </cfscript>
</cffunction>
<cfscript>
function getByteArray(someLength)
    byteClass = createObject("java", "java.lang.Byte").TYPE;
    return createObject("java","java.lang.reflect.Array").newInstance(byteClass, someLength);
</cfscript>
</cfcomponent>
Thanks!,
-Aaron

Encrypt / Decrypt password

Hi
I'm new in Java and I need to create a function to encrypt / decrypt passwords using the Blowfish algorithm. I know how to create a key, but I don't know how to recover it to decrypt the password.
Another question, Is it possible to use public/private keys in this case???.
Can you give some links or examples please???
Regards
J.C.

This is typically done either one of two ways:
1) PBE based encryption. This uses a password or pass phrase to derive
a key to use with a symmetric algorithm.
2) Asymmetric using something like RSA. Typically RSA is used to wrap
the actual symmetric key used to do the encryption but for very short
plaintext it can be used directly on the plaintext. Passwords are a
good example of short plaintext.
Obviously symmetric encryption is a great deal faster than asymmetric
encryption. So if your plaintext was large you would want to use
symmetric. Also Asymmetric encryption is length dependant. AKA if your
public key's modulus is 1024 bits then you could encrypt any plaintext
that was 121 bytes or shorter.
PBE takes a salt (a random byte array) and an iteration count and
hashes a passphrase with the salt iteration number of times to generate
a key that can be reproduced over and over again and used with a
symmetric algorithm. The issue here is that your salt/ic either need
to be hard coded and reused or the values for any single encryption
need to be saved along with the ciphertext. Using the same ic/salt for
a large number of plaintext to ciphertext operations can lead to a
weakening of the pass phrase (aka the key) and aids a cryptoanalyst in
breaking the code. Although it is still difficult it becomes easier
with each successive encryption.
Its upto you which route you take but you should note that private keys
used in asymmetric encryption use PBE to keep them private anyway so in
a sense if you use asymmetric encryption you are really using both
asymmetric encryption and PBE...

Encrypt/decrypt

Hello!
I have been trying to use this syntax for encrypting/decrypting BUT I get different values all the time even if I use the same String. I would be really glad if anyone could help me to tell me why. What I want to use this encrypt/decrypt/ is to make some info unreadable in my database but I want to be able to decrypt the info.
-----------------------------syntax----------------------------------------------------------------------
SecretKey key=null;
try{
key = KeyGenerator.getInstance("DES").generateKey();
}catch(Exception e){}
DesEncrypter d= new DesEncrypter(key);
-----------------------------My cryptClass--------------------------------------------------------
public class DesEncrypter {
Cipher ecipher;
Cipher dcipher;
DesEncrypter(SecretKey key) {
try {
ecipher = Cipher.getInstance("DES");
dcipher = Cipher.getInstance("DES");
ecipher.init(Cipher.ENCRYPT_MODE, key);
dcipher.init(Cipher.DECRYPT_MODE, key);
} catch (javax.crypto.NoSuchPaddingException e) {
} catch (java.security.NoSuchAlgorithmException e) {
} catch (java.security.InvalidKeyException e) {
public String encrypt(String str) {
try {
// Encode the string into bytes using utf-8
byte[] utf8 = str.getBytes("UTF8");
// Encrypt
byte[] enc = ecipher.doFinal(utf8);
// Encode bytes to base64 to get a string
return new sun.misc.BASE64Encoder().encode(enc);
} catch (javax.crypto.BadPaddingException e) {
} catch (IllegalBlockSizeException e) {
} catch (UnsupportedEncodingException e) {
} catch (java.io.IOException e) {
return null;
public String decrypt(String str) {
try {
// Decode base64 to get bytes
byte[] dec = new sun.misc.BASE64Decoder().decodeBuffer(str);
// Decrypt
byte[] utf8 = dcipher.doFinal(dec);
// Decode using utf-8
return new String(utf8, "UTF8");
} catch (javax.crypto.BadPaddingException e) {
} catch (IllegalBlockSizeException e) {
} catch (UnsupportedEncodingException e) {
} catch (java.io.IOException e) {
return null;
thanks in advance!

I don't understand caffeiene's answer but maybe it will help you. It seems to me that you need to encrypt and decrypt the same way across application sessions, etc. Therefore you will need to store your key outside of the application in a file on the server. So you'll have to use a key generator that will let you save the key to a file. That's about all the detail I can give you since I've never worked directly with cryptography. Obviously you'll need to make sure the server is behind a good firewall, or whatever other security measures you deem appropriate to protect the key. It seems unsecure, but you have to persist the key, because otherwise if the app server crashes then the data in the db will be inaccessible.

Encrypt/Decrypt data, multiple public keys using Bouncy castle api?

Hi all.
I need to implement encrypt/decrypt functionality of some data with many public keys using bouncy castle api and EnvelopedData class in java 1.4 SE.
Could someone give me examples how to do it. I searched whole the internet and i could not find simple example.

Hi thanks very much.
I had a quick look at the examples. I will see if they could help me.
Here is more specific what i want:
Encrypt data with multiple public keys that are kept in .pkcs12 file.
And decrypt the data using coresponding private key after that.
I must use bouncy castle api for java 1.4 se.
Best regards
Edited by: menchev on Nov 13, 2008 8:26 AM

Encrypt/decrypt streams with same password

Hi all!
I'would like to know if I can encrypt/decrypt streams using key's which are hardwired in my application. By a hardwired key I understand a key which is generated using the same seed; practically I don't keep the key, but the minimum info to regenerate it.
Is this possible and if yes, how? Where can I find some more info about regenerating a key?
Stefan.
PS: I'm a newbie in field of cryptography, so...

You can use password-based encryption. See an example
of such a thing in:
http://javaalmanac.com/egs/javax.crypto/PassKey.html
Erm, what sort of encryption isn't password-based ?

Encrypt/Decrypt BLOB

Hello experts
Can anyone help write a stored procedure that can encrypt/decrypt binary data.
I want to pass in an ID and a key and have the procedure decrypt the data and return unencrypted binary data (serve straight to browser). Then a procedure to do the opposite, take some binary data, encrypt and store - then give me back the ID?
I'm not sure about key management yet - your advice is appreciated
Thanks for any help
Matt

Here's the retrieve code:
create or replace package image_get
as
procedure gif( p_id in demo.id%type );
end;
create or replace package body image_get
as
procedure gif( p_id in demo.id%type )
is
l_lob blob;
l_amt number default 30;
l_off number default 1;
l_raw raw(4096);
begin
select theBlob into l_lob
from demo
where id = p_id;
-- make sure to change this for your type!
owa_util.mime_header( 'image/gif' );
begin
loop
dbms_lob.read( l_lob, l_amt, l_off, l_raw );
-- it is vital to use htp.PRN to avoid
-- spurious line feeds getting added to your
-- document
htp.prn( utl_raw.cast_to_varchar2( l_raw ) );
l_off := l_off+l_amt;
l_amt := 4096;
end loop;
exception
when no_data_found then
NULL;
end;
end;
end;

XML encrypt/decrypt

Similar Messages

Maybe you are looking for