We need to encrypt a string in the same way that Genexus (17U10 and csharp if it's important) encrypts the parameters of a panel using the site key.
To better understand, the first is the url with unencrypted parameters, the second is the same url with parameters encrypted via site key
http://localhost/TestVersione17U10.NETFrameworkEnvironment/webpanel3.aspx?par1=hello
http://localhost/TestVersione17U10.NETFrameworkEnvironment/webpanel3.aspx?ROndRLvw5t80mViNc0wdKO7XYc-OgWL61k9lDimrqI0
Reading in the wiki, I believe that genexus uses the key stored in the application.key file and uses the twofish algorithm.
7E2E22D26FF2989E2444852A85E57867
This is the key I have in the file, I tried in every way to get the second string starting from the first, but without success.
The native Encrypt64 method gave no results, the generated string is different.
I also noticed that the same parameters are encrypted differently when I call another panel, so I believe it somehow uses the panel name as well.
( webpanel2.aspx?mY8XtkZ-3eBJKsDIFk-zX3DP2PuQC2LHIkqwFtE1CZw )
What am I doing wrong? Is the key wrong? Do you use any other way to encrypt other than Encrypt64?
I’m not sure what you really want to implement. I mean, do you want storage this link? Do you need it in order to call from a “non GX application”?
Anyway, as you said, object name is included in the algorithm to URL encryption.
This algorithm is not available as a “function” to be used by GX developers directly. However, there are two ways to do something like that in Genexus:
To use “link” function. https://wiki.genexus.com/commwiki/servlet/wiki?8444,Link%20Function
To use non standard functions. Suppose you have “webpanel3.aspx par1=hello,par2=world” then the code could be something like:
&GXKey = GetSiteKey()
&GXEncryptionTmp = "webpanel3.aspx"+UrlEncode("hello”) + "," + UrlEncode("world")
&EncryptedParms= "?" + UriEncrypt64( &GXEncryptionTmp + CheckSum(&GXEncryptionTmp, 6), &GXKey))
Note: You must enable “non standard functions” (https://wiki.genexus.com/commwiki/servlet/wiki?8013,Standard%20Functions%20property%20at%20Object%20level)
If you need to call from a non GX application, there are to options:
To use a GX generated program as “proxy”. This object receive not encrypted parms and returns the encrypted URL or directly encrypt the parameters and call the corresponding object
To explore object generated in order to mimic that code in your solution/code. This includes exploring GXClassses (i.e. https://github.com/genexuslabs/DotNetClasses)
Related
I'm currently trying to add scripting functionality to my C++ application by using v8. The goal is to process some data in buffers with JS and then return the result. I think I can generate an ArrayBuffer by using New with an appropriate BackingStore. The result would be a Local. I would now like to run scripts via v8::Script::Compile and v8::Script::Run. What would be the name of the ArrayBuffer - or how can I assign it a name so that it's accessible in the script? Do I need to make it a Globalif I need to run multiple scripts on the same ArrayBuffer?
If you want scripts to be able to access, say, my_array_buffer, then you'll have to install the ArrayBuffer as a property on the global object. See https://v8.dev/docs/embed for an introduction to embedding V8, and the additional examples linked from there. In short, it'll boil down to something like:
global_object->Set(context,
v8::String::NewFromUtf8(isolate, "my_array_buffer"),
array_buffer);
You don't need to store the ArrayBuffer in a Global for this to work.
I have driver, that construct and return some data on IRP_MJ_READ request.
I use some symbolic link to open and read device, associated with driver.
The symbolic link is something like \\DosDevice\\Name1.
I want to use same device to get another data from same driver.
How can driver determine, which type of data it would return?
I think, if this is some way to use another symbolic link (for example: \\DosDevice\\Name2) to the same device for split requests for first type of data and requests for second type?
Else if this another way, to pass some identifying information together with thre IRP_MJ_READ?
no, you can not determinate which symbolic links used and are it used at all for open file on your device. and you not need try do this at all. this is wrong way.
when user open file on your device it specify some file name. and you can and must use this name - based on it - return different content on IRP_MJ_READ.
say your device named as \Device\MyDevice. user can open file, for example, with next names : "\Device\MyDevice", "\Device\MyDevice\" "\Device\MyDevice\Name1", "\Device\MyDevice\Name2". as result you, in your IRP_MJ_CREATE will be view next FileObject names : "", "\","\Name1","\Name2" and you, base on file name, can associate different context with file object and then use this context in IRP_MJ_READ and another points. also user can pass additional information on create by using Extended Attributes (EA) and AllocationSize
and as general note - for what use symbolic links to device at all ? why not open it direct by name ? and use IRP_MJ_READ exist sense only if you can handle this request asynchronous or pass IRP to lower driver. in case, if you always synchronous complete request - much more better use FastIoRead handler
also instead on handle read request based on file name, you can use parameters: are you using ByteOffset now ? if not you can use it for distinguish. if you use ByteOffset now, are Key parameter in use ? almost sure that no. in this case you can for Key==0 return some data, for Key==1, some another data, and so on. for use Key you need use NtReadFile instead of ReadFile in user mode.
also you can use IOCTL instead read file for return data, etc. without more knowledge about your driver and it communication with user mode hard say which is better. but formal answer - you can and need use FileName for distinguish which data need return on read
Let me start by saying....yes I have read tons of posts on here in the last two days. No, I don't know anything about encryption, so don't bother...with the you shouldn't playing with fire comments..
I have a asp.net MVC3 application and want to encrypt the photos that users upload using a key for each user. I want to save this key and use it for any further uploads by the same user and for the decryption. (Although, I suppose I could store a key for each photo instead, not really relevant to this problem but...)
I started with the code from here:
http://www.codeproject.com/Articles/33344/Photo-Video-Viewer-with-Encryption-Capability
It works fine. It encrypts the photos and decrypts them to a new file and all is well. The "on the fly version" also works and returns a MemoryStream that I can use for my WebImage. However, as you can see the example is encrypting and decrypting in one pass and the key is a global variable (I don't know what it was, I just used the autogenerated key when I tested.
So, I need someone to tell me how to store the generated key (and IV I guess??? Told you I know nothing about enc...) in the database for each user and then pull that (those) value(s) back out to use for on the fly decryption. I am not going to bother to post all my code yet, as it is almost identical to what is on the above site.
I read another post on here and it said to use:
string x = Convert.ToBase64String(RMCrypto.Key);
Then when I wanted to decrypt I used:
RMCrypto.Key = Convert.FromBase64String(x);
I stored both the key and IV in this manner in my SQL DB, but when I pull the values and try to decrypt I get an error that the data is not the expected length.
Maybe I'm totally off base or maybe it's three lines of code... Please let me know if more information is needed.
Thanks!
You can store them as binary columns values. That being said the protection of encrypted data is only as safe as the key protecting it. In other words storing the key with the data your protecting is sorta fox guarding the hen house kind of thing. But if your not worried about it for things like PCI compliance then it's probably not too bad a deal.
How you might convert it to binary
private void UpdateDb(byte[] key, byte[] iv)
{
using (SqlConnection db = new SqlConnection(connectionString))
using (SqlCommand cmd = new SqlCommand("insert into (key, iv) values (#key, #iv)", db))
{
db.Open();
cmd.Parameters.AddWithValue("#key", key);
cmd.Parameters.AddWithValue("#iv", iv);
cmd.ExecuteNonQuery();
}
}
To make it a little harder you could generate a new key and IV for each record (image) your protecting and then store that so that if someone we're to get one key at least they wouldn't have all your data wide open. Good luck!
You should store the actual byte arrays (yes; both key and IV) in the database.
You don't need strings at all.
I am trying to select a unique identifiers for accounts from Active Directory. I found that "objectguid" attribute do identify a user uniquely, but my problem is that I don't know how to convert the retrieved value into a readable format. And then be able to select a user back using this value.
I am using spring ldap libraries, right now the "objectguid" return a char[] (15 element)
So, Does any one knows any thing that can help?
(Note, I can't use SAM Name attribute)
Thanks,
See here. It appears there are two string formats: XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX, which you can get via new BigInteger(0, (byte[])attr.get()).toString(16), and XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX, which is the same thing plus punctuation.
I just created a GUI using guide in MATLAB for a small project I'm working on. I have amongst other things two text fields for from and to dates. Now I'd like to get rid of them and use a Java date select tool. Of course this is not possible using guide so I need to add them manually.
I've managed to get them to show up by putting this code into my Opening_Fcn,
uicomponent(handles, 'style','com.jidesoft.combobox.DateChooserPanel','tag','til2');
using UICOMPONENT.
But even though it shows up I can't access the date select's attributes, for example
get(handles.til2)
returns
??? Reference to non-existent field 'til2'.
How can I fix this?
Unless you edit the saved GUI figure, the basic handles structure will not include your new component by default.
One way to access you component is to store the handle via guidata, by adding the following to your opening function:
handles.til2 = uicomponent(handles, 'style','com.jidesoft.combobox.DateChooserPanel','tag','til2');
guidata(hObject,handles)
Functions that need to access the handle need the line
handles = guidata(hObject)
to return the full handles structure that includes the filed til2