Similar Questions

• CF9 encrypted with AES 256 bit, example anyone?

  Hello. I am looking for an example of the Encrypt method using the AES 256 key.  I think I have the unlimited jurisdiction policy files force active.  And I always get the CFError

  The specified key is not a valid key for encryption: illegal key size.

  Now I've hit the wall, can not get.  What harm am I doing?  How can I check that policy files are installed and accessible to my CF file?  Any help is greatly appreciated.

  < cfset thePlainText = "is this work for me?" / >

  Generate the secret key (128): < cfset AES128 = "#generatesecretkey('AES',128) #" / > < cfdump var = "#AES128 #" > < BR >
  Generate the secret key (192): < cfset AES192 = "#generatesecretkey('AES',192) #" / > < cfdump var = "#AES192 #" > < BR >
  Generate the secret key (256): < cfset AES256 = "#generatesecretkey('AES',256) #" / > < cfdump var = "#AES256 #" > < BR > < BR >

  < cfset = AES256 sequence / >
  < cfset theAlgorithm = "AES/CBC/PKCS5Padding" / >
  < cfset theEncoding = "base64" / >
  < cfset theIV = BinaryDecode ("6d795465737449566f7253616c7431323538704c6173745f", "hex") / >

  < cfset encryptedString = encrypt (thePlainText, sequence, theAlgorithm, theEncoding, theIV) / >

  <!--> view results
  < cfset keyLengthInBits = arrayLen (BinaryDecode (sequence, 'base64')) * 8 / >
  < cfset ivLengthInBits = arrayLen (theIV) * 8 / >
  < cfdump var = "" #variables # "label ="Results AES/CBC/PKCS5Padding"/ >"

  
  < cfabort >

  You probably don't have unlimited jurisdiction policy files to the right place.

  It is very common for admins to think that new policy files go into the directory/lib to usual. But they real go into the directory/jre/security/lib to (unless you're on a Mac, then they go to JAVA_HOME/security/lib).

  You also need to restart once you get in place policy files.

  I tested your script on my local machine, which does not have the policy of unlimited strength and it worked fine.

  Jason

• Error using APDU buffer for update methods (encrypt/decrypt/sign)

  Hi all
  
  I get an Exception system and the error code is 3 which is ILLEGAL_TRANSIENT. I pass data between two cmdlets using the APDU buffer. The 1st applet is the applet currently selected, which transmits the data to the applet 2nd to perform cryptographic operations. Encrypt/decrypt and sign all work well using init() & doFinal() when the data is small enough to be transformed into a go. The problem is when I try to use update() for larger data, I get the error ILLEGAL_TRANSIENT (I get this for a signing operation, but guess I'll get the same thing to encrypt/decrypt as well)
  
  The JCRE (section 6.1.5 of the 2.2.1 version) specification explains this error as an attempt to access a transitional type CLEAR_ON_DESELECT object when the current context is not the context of the currently selected applet. The APDU buffer comes from the applet 1, which is the applet currently selected, so I think that's why I see this error. However, it does not make sense to me that I am able to do all calls except the update using the APDU buffer - clearly the update call tries to use the buffer passed to somehow illegal - but that shouldn't be my problem, I thought I'd...
  
  Any help/comments would be appreciated.
  
  Swati

  In addition, when you create the instance of the encryption algorithm you set externalAccess true? This is necessary to access the applet properly through ITSELF.

  The doc of the API:

  externalAccess true indicates that the instance will be shared between applet multiple instances and that the instance of the encryption algorithm is also available (via a shared interface) when the owner of the instance of the encryption algorithm is not the currently selected applet. If true the implementation doesn't have to allocate internal data CLEAR_ON_DESELECT transitional space.

  See you soon,.
  Shane

• Related issue of encryption-decryption Leap blackBerry!

  Hello

  In Blackberry Bond can encrypt us our data twice?

  Means that if I hello.txt in the sd card before use "Setting--> security" and privacy--> encryption--> Media Card Encryption Can quantify us this txt file using some application designed by Blackberry developer means app in Blackberry World or some other developer SNAP etc.?

  I thought of the computer which is very common that twice or three times of encryption-decryption with different algorithms, maybe I'm wrong, because there is no special data used by me except songs movies & cats!

  But as a software developer, I'm curious about encryption!

  Use AES-256 encryption & according to EETimes Blackberry claim huge time to break the encryption that made by AES - 256!

  But today I read new Dutch police 'reading' Blackberry emails

  If good authority can crack the encryption, then the bad guys also do!

  His Blackberry user feeling very precarious specailly passing other manufacturers of mobile because the only reason that is 'Blackberry is security'!

  What is this opinion experts forums or views?

  The response of BlackBerry indicates that this was 'communications' are involved. Depends on communication and used security measures.

  BlackBerry has published white papers on BBM. Those that can be found. I don't know later. E-mail will depend on the employee by the two sender security measures a receiver. Communication on the other has will depend on employee safety by the app. And finally it depends on the operational safety of the users.

  My feeling is that he is a third-party application.

  In any case, Yes, if you have an application that encrypts it's own data on the device or crypt individual files, I see no reason that could not be used in conjunction with encryption devices. I don't know that it adds anything. My there are advantages and disadvantages of encryption of file by file versus encryption of the system, but that's another question.

• ASDM AES-256 not supported?

  Last night we went to upgrade our firewall so that only TLS1.x and AES-256/SHA-1 can be used for VPN connections in the box. After doing so, ASDM has stopped working, AnyConnect still works without problem.

  Java has reported an error in the SSL handshake. I went to reactivate the mechanisms of encryption one by one and determined that AES-128/SHA1 is the encryption algorithm above, sure I can connect via ASDM. I tried updating to the latest version of ASDM and 7.5 (2) doesn't connect on something higher to AES - 128. We use a certificate self-signed inside the interface, so I enabled ASDM on the outside where we have a third valid cert and tried connecting via https:///Admin to make sure it wasn't a certificate problem and no dice.

  It's a bit strange to me that ASDM only supports AES-256. I wonder if anyone has any ideas as to why I can't connect to AES-256 and/or workaround. It would also be allowed to use AES - 128 for the ASDM internally and AES - 256 connections for VPN connections; but I don't see any way to activate the SSL encryption on use by application methods, it seems that I can only configure them in the world and am therefore stuck with allow VPN connections to use AES - 128, if they wish (I made connections will negotiate to AES - 256 before attempting to AES - 128, but I would like to disable completely AES-128).

  Specs below, thank you in advance for your help.

  Plug

  ASA Version: 9.2 (2) 4

  ASDM Version: 7.4 (2), I also tried 7.5 (2)

  I thought about it and found an article that confirms my suspicions.

  ASDM is just a Java applet. As such, it uses the security it offered by your local installation of Java libraries.

  I found confirmation in this note of TAC: http://www.cisco.com/c/en/us/support/docs/security/adaptive-security-dev...

  I tried the instructions and (.. .wait for IT...) -It works!

  I went to the download page of Oracle for my Java version 8 here: http://www.oracle.com/technetwork/java/javase/downloads/jce8-download-21...

  I then these decompressed files and put them in the subdirectory appropriate according to the readme file. It was a little difficult to figure out exactly which of the several Java ASDM directories used - I have done this, right click on the process in the Task Manager, then go to the location of the file.

  (Note: when you upgrade the Oracle, so it can write a new directory - you will have to periodically repeat this step.)

  Given that, I put the two new files, changed my SSL encryption algorithm customized to exclude the AES-128 and then revived ASDM. I started Wireshark with a capture filter for my address ASA and watched the negotiating TLS 1.2 negotiate the AES-256 encryption.

  In the sense of "it didn't happen if there is no pictures", extra points for the screenshot of the real package decode (open in a new tab to zoom in):

  asdm_aes - 256.png

  

• create the example simple encrypt/decrypt string - but without success

  Being a newbie crypt I'm trying to build an example of simple string encryption/decryption, but somehow the decrypted result differs too much :-)
  Can someone tell me the error in my reasoning? Thank you!
  
  import java.security.InvalidKeyException;
  import java.security.NoSuchAlgorithmException;
  import java.security.NoSuchProviderException;
  Import javax.crypto.BadPaddingException;
  Import javax.crypto.Cipher;
  Import javax.crypto.IllegalBlockSizeException;
  Import javax.crypto.NoSuchPaddingException;
  Import javax.crypto.spec.SecretKeySpec;
  public class dum_8_decrypt64 {}
  
  Public Shared Sub main (String [] args) throws NoSuchAlgorithmException, NoSuchProviderException, NoSuchPaddingException, InvalidKeyException, IllegalBlockSizeException, BadPaddingException {}
  
  Dim input As String = "Hello, world!";
  String key = "nv93h50sk1zh508v";
  SecretKeySpec key;
  Encryption cipher = null;
  Encryption by dcipher = null;
  The string result, dresult;
  
  key = SecretKeySpec (passkey.getBytes (new), "AES");
  
  encryption = Cipher.getInstance ("AES/ECB/PKCS5Padding", "Sunjce())");
  Cipher.init (Cipher.ENCRYPT_MODE, Key);
  
  result = new String (cipher.doFinal (input.getBytes ()));
  
  System.out.println ("encrypted-> string" + result + "<-");
  
  dcipher = Cipher.getInstance ("AES/ECB/PKCS5Padding", "Sunjce())");
  dcipher.init (Cipher.DECRYPT_MODE, Key);
  dresult = new String (cipher.doFinal (result.getBytes ()));
  
  
  System.out.println ("decrypted-> string" dresult + "<-");
  
  }
  }
  
  Output:
  
  Encrypted-> string.
  p ÿƒG¬µ? (.« <----------
  
  
  The decrypted-> string Qbkuu $Ñ 5oaw'?) ; Yeutdp3wvk < -.

  Encrypted data is binary.

  String is not a container for binary data.

• Acrobat (Reader) 8 not able to open AES-256 protection PDF rights management?

  Is this really true?

  Have not found a sheet explaining the requirements of Client-side, when

  PDF documencs with LCRM AES-256 encryption.

  In my lab, apparently, as if Reader-9 may open the thin documents, while Reader-8 fails to decrypt.

  Dilettanto

  Acrobat/Reader 9 was the first version to incorporate AES-256 code, so if you want to stay compatible with Reader 7 or 8 you must continue to use AES - 128. I think that's documented in help for the section that describes how the publishing strategy works.

  Jonathan

• Laptop HP 15-af008ax: could not find the drivers appropriate for ACPI\SMB0001\3 &amp; 2411E6FE &amp; 1 and PCI controller of encryption /Decryption

  After installing the drivers from the HP site I can not find drivers for ACPI\SMB0001\3 & 241E6FE & 1. Device Manager displays "UNKNOWN DEVICE" and said that no drivers were found for her. It is with th encryption /Decryption PCI controller.
  Please suggest me what to do. I'm confused ;-(

  Hello:

  You need this driver for the first...

  http://www.Synaptics.com/en/drivers.php

  To the PCI-E/D controller, you must manually install the driver as follows...

  Download and run this file.  Conclusion of any windows error.

  http://h20566.www2.HP.com/hpsc/SWD/public/detail?swItemId=vc_133833_1

  Go to Device Manager and click on the controller E/D PCI needing drivers.

  Click the driver tab.  Click on set to update driver.

  Select her browse my computer for driver software option and navigate to the folder of the driver that was created when you ran the file.

  This file will be located in C:\SWSetup\sp66974.

  Make sure that the include subfolders is selected and the driver should install.

  Then restart.

• 2821 software - AES 256

  Hello

  I'm trying to determine if this router is the AES 256 encryption.

  CISCO2821-HSEC/K9 2821 Bundle w/AIM-VPN/SSL-2, Adv. IP Serv, SSL 10 S28NAISK9 - 12409T Cisco 2800 ADVANCED IP SERVICES 1

  AIM-VPN/SSL-2 a / 3DES / AES / SSL VPN encryption/Compression 1

  Since the Locator functionality of software that I can't determine the level of AES only making AES, can anyone help.

  John,

  AES is part of the Ipsec standard, IOS Ipsec support K9 image should have AES that automatically supports encryption of bit 128,192,256 algorithm.

  To veryfy on router simply do:

  Router (config) #crypto isakmp policy 1

  Router (config-isakmp) #encryption aes?

  Here is a link, it is you want to play as a reference.

  http://www.Cisco.com/en/us/Partner/Tech/tk583/TK372/technologies_tech_note09186a0080094203.shtml#intro

  Rgds

  -Jorge

• Encrypt/decrypt

  Hello
  in Oracle 10 g / 11g, is there a way to encrypt/decrypt the password?

  DBMS_CRYPTO is used for encryption and encryption.

  http://download.Oracle.com/docs/CD/E11882_01/AppDev.112/e25788/d_crypto.htm#i1005082

  Example of documentation:

  set serveroutput on
  DECLARE
     input_string       VARCHAR2 (200) :=  'Secret Message';
     output_string      VARCHAR2 (200);
     encrypted_raw      RAW (2000);             -- stores encrypted binary text
     decrypted_raw      RAW (2000);             -- stores decrypted binary text
     num_key_bytes      NUMBER := 256/8;        -- key length 256 bits (32 bytes)
     key_bytes_raw      RAW (32);               -- stores 256-bit encryption key
     encryption_type    PLS_INTEGER :=          -- total encryption type
                              DBMS_CRYPTO.ENCRYPT_AES256
                            + DBMS_CRYPTO.CHAIN_CBC
                            + DBMS_CRYPTO.PAD_PKCS5;
  BEGIN
     DBMS_OUTPUT.PUT_LINE ( 'Original string: ' || input_string);
     key_bytes_raw := DBMS_CRYPTO.RANDOMBYTES (num_key_bytes);
     encrypted_raw := DBMS_CRYPTO.ENCRYPT
        (
           src => UTL_I18N.STRING_TO_RAW (input_string,  'AL32UTF8'),
           typ => encryption_type,
           key => key_bytes_raw
        );
      -- The encrypted value "encrypted_raw" can be used here
      DBMS_OUTPUT.PUT_LINE ( 'Encrypted string: ' || encrypted_raw);
  
     decrypted_raw := DBMS_CRYPTO.DECRYPT
        (
           src => encrypted_raw,
           typ => encryption_type,
           key => key_bytes_raw
        );
     output_string := UTL_I18N.RAW_TO_CHAR (decrypted_raw, 'AL32UTF8');
  
     DBMS_OUTPUT.PUT_LINE ('Decrypted string: ' || output_string);
  END;
  /
  
  anonymous block completed
  
  Original string: Secret Message
  Encrypted string: D1C69EB14E5D335AC73D4F63E77C6D9D
  Decrypted string: Secret Message
  

• Encrypt/decrypt a file even with two different passwords

  Hello world:
  
  I am quite new to Java and cryptography in general and have a theoretical question. The following scenario is possible and how it would be:
  Two users with two passwords (say a regular user and a superuser) encrypt, decrypt, read and write to the same file. Secret key for encryption and decryption must be based on their passwords (generated from their passwords), and not not stored anywhere on the system.
  
  I've been racking me my brains, but can't think of a way. Am I missing an obvious solution?
  
  Can it be done?
  
  Thank you
  Michael

  I don't think that you can avoid having more than a hash of password stored on the system. Using a combination of my approach and Jeff I can implement this as long as you leave a password protected key store must be stored on each system. Key store a given user would contain its RSA private key and the public key associated with certificate RSA for the admin user (thought the admin user's public key could be stored in the program since it does not have to be kept secret). The admin user key store will contain only its RSA private and public keys.

  Suppose that the data file must be create a nonadministrator user standard. The code performs the following actions-

  (1) to generate a key random symmetric algorithm. Tell a 128-bit AES key.
  (2) write a condensed version of the present in the output file.
  (3) he wrote the random key encrypted with her public key to the file.
  (4) he wrote his public key (or certificate) in the file.
  (5) that he wrote the random key that is encrypted with the public key of user admin to the file.
  (6) he encrypts data using keys written random the result in the file.

  This user can then update the file of

  (1) read the file the fingerprint of the random key.
  (2) reading of the random key encrypted with her public key.
  (3) decrypt this random key encrypted using its key private, extracted from its keystore.
  (4) check the fingerprint of this key to make sure it has the correct random key.
  (5) jump his certificate and random key encrypted with the public key for the admin user.
  (5) related to the decryption of data using the random key.
  (6) update of the data.
  (7) re - encrypt file, as described in the first part with a random key.

  The admin user can

  (1) read in the footprint of the random key file.
  (2) skip the random key that is encrypted with the public key of the user.
  (3) reading of the public key of the user of the file (for later use, if the file needs to be updated).
  (4) read the random key encrypted with the public key of the admin.
  (5) to decrypt the key random using the private key of the admin, obtained from its key store.
  (6) verify the fingerprint of the random key to ensure that it is correct.
  (7) to decrypt the data.

  The administrator can modify the data since it can re - encrypt data in a similar way to the way it was created in the first place.

• HP M9S72EA: PCI ENCRYPTION / DECRYPTION CONTROLLER

  Hello

  I need PCI of encryption / DECRYPTION CONTROLLER driver and controller PCI communications driver

  ID devices

  PCI\VEN_8086 & DEV_2298 & SUBSYS_80C5103C & REV_21
  PCI\VEN_8086 & DEV_2298 & SUBSYS_80C5103C
  PCI\VEN_8086 & DEV_2298 & CC_108000
  PCI\VEN_8086 & DEV_2298 & CC_1080

  My laptop is HP M9S72EA.  OS is Windows 7 64 bit.

  Thank you for your help.

  Hello:

  You need these drivers for devices...

  E/D PCI controller:

  This package provides the driver Intel Trusted execution engine Interface (CITY) for the laptop models running a supported operating system. The Interface of the Intel Trusted execution engine allows the Secure Boot and provides services required for the security features of platform such as Intel Platform Trust Technology (Intel PPT).

  FTP://ftp.HP.com/pub/SoftPaq/sp71001-71500/sp71264.exe

  Simple controller PCI of Comms:

  This package provides the driver Intel Management Engine Interface (MEI) for the notebook models and operating systems. The Intel Management Engine Interface allows communication between the host operating system and the Intel Management Engine firmware.

  FTP://ftp.HP.com/pub/SoftPaq/sp71001-71500/sp71258.exe

• HP Notebook 13 Stream c020na: controller for encryption/decryption PCI driver

  Hello

  My computer is down to a problem with the encryption/decryption PCI driver controller.

  Someone know where I can find the driver to download?

  Thank you

  L

  Hello:

  I think that this driver will install all of these devices...

  This package contains the driver which allows Intel platform dynamic and thermal firmware setting. Intel platform dynamic and thermal environment information system temperature and power use for the thermal protection of the system to work properly. This package is provided for the laptop models running a supported operating system.

  File name: sp69113.exe

• HP Pavilion 11 x 360: pilot missing PCI encryption/decryption controller

  Hello

  In my Manager under the other devices, it shows the encryption/decryption PCI controller missing the driver. I tried to find out using windows update and it cannot find a driver. Can you do me correcting t driver for this?

  Thank you

  Steve

  Hi, Steve:

  Download and install the driver Intel Trusted Execution support page for your laptop.

• HP pavilion p250ur: can not find the driver PCI encryption/decryption controller

  Hello! I can not find PCI encryption/decryption controller driver. Windows 8.1

  Hello:

  Give this one a try...

  http://h20566.www2.HP.com/hpsc/SWD/public/detail?sp4ts.Oid=5449369&swItemId=ob_128754_1&swEnvOid=4158