using Amazon S3 encryption client i have encrypted my data locally using this code as reference(https://github.com/awsdocs/aws-doc-sdk-examples/blob/dafa928e7b893ff63301c78a862e79bd168830c2/ruby/example_code/s3/s3_add_csaes_encrypt_item.rb) and put it to s3. I am able to retrieve it from s3 to local and decrypt the data. But when I use snowflake and decrypt it using Master Key...i am getting some encoded string.
string to encrypt - 'hello'
Master key generated using openssl - ����f�d/�U��oH�H�_�|`y-���I�♫
Master Key in Base-64 format - '9Yn7sWaQZC+YVYODb0ijSBubgF+zfGB5Le+3welJ2A4='
Data Key stored in metadata of s3(encrypted by Master Key and base-64 encoded) - uqkB9xGodxCD+Y/SA9Fq2XkhSmW+uiXFNbVg5fXTX/gVADS3vxTNfeZ/kosT+KN6jf7WL04TIzg9QhXZ
encoded string - Èàáµ~w$T}O—b‡˜]#ú/
after decrypting in snowflake - '0xC80xE00xE10xB50x02~w$T}O0x97b0x870x98]#0xFA/'
error thrown in snowflake - Invalid UTF8 detected in string
Followed all the steps according to documentation.
any help is much appreciated
Related
I'm building a Ruby program to connect to Azure cosmos db, using the azure-storage-table gem (rubygems, github).
The microsoft instructions here are pretty simple and clean, but they don't quite explain how I use the connection string properly:
https://learn.microsoft.com/en-us/azure/cosmos-db/table/how-to-use-ruby
Add an Azure Cosmos DB connection
To connect to Azure Cosmos DB, copy your primary connection string from the Azure portal, and create a Client object using your copied connection string. You can pass the Client object when you create a TableService object:
common_client = Azure::Storage::Common::Client.create(storage_account_name:'myaccount', storage_access_key:'mykey', storage_table_host:'mycosmosdb_endpoint')
table_client = Azure::Storage::Table::TableService.new(client: common_client)
My connection string looks like the following: screenshot of my cosmos connection strings
The PRIMARY READ-ONLY CONNECTION STRING is:
AccountEndpoint=https://{azureCosmosDBAccount}.documents.azure.com:443/;AccountKey={myAccountKey}
So I'm confused about how to translate this connection string into the format prescribed by microsoft in the example above.
common_client = Azure::Storage::Common::Client.create(storage_account_name:'myaccount', storage_access_key:'mykey', storage_table_host:'mycosmosdb_endpoint')
My connection string doesn't have a 'myaccount' value, what is this, where does this come from?
This instruction doesn't make sense to me, as I'm trying to connect to cosmos db, not an Azure Storage Account.
Or, alternatively, can I pass the connection string into the Client.create object under a different parameter name?
From the comment left by #David above, the answer is this:
myaccount is the unique name you gave to your Cosmos DB Table API account (the first part in that connection string you shared - {azureCosmosDBAccount} - the name between the braces.
the storage key is either the primary or secondary, either read/write or read-only
Unsure what the storage_table_host is for
I'm stuck trying to decrypt a Kinesis stream from an Aurora DB, and I'm following this page.
I need to decrypt the activity event using the data key (already decrypted via the kms SDK).
Unfortunately, it seems that there is no encryption SDK for Go:
https://docs.aws.amazon.com/encryption-sdk/latest/developer-guide/programming-languages.html
Do you know any workaround to decrypt this in Go?
Any help is appreciated, thanks!
So I am interacting between OpenSSL and the BCrypt functions on windows. I am writing an app in QT and can only use BCrypt for client side and OpenSSL on the server side. I have successfully done a DH key exchange the only issue I am having is how would I manage to derive a AES 128 key from a shared secret. The code I am using for the AES 128 encryption is https://github.com/Microsoft/Windows-classic-samples/blob/master/Samples/Security/CipherEncryptionDecryption/cpp/CipherEncryptionDecryption.cpp where I pass the spassword as sha1 of the shared secret.
the code on the PHP server side that I am using is:
echo bin2hex(openssl_pbkdf2(sha1($shared_secret), $salt, $keylen, $iterations, 'sha256'));
The iterations, salt, and everything matches on the client & server side. However the results do not match. What is the reason for this?
You seem to be mixing sha1 and sha256:
...sha1($shared_secret)...'sha256'...
I'm trying to connect to a remote server using a SFTP connection with visual studio code. I'm using the sftp
extension. The error I'm getting says that my private key is in the wrong format.
The configuration file looks like this.
My private key is in an openSSH format. How do I get it to connect?
This turned out to be a problem with the Mac private key format. Generating a key in PEM format gets rid of the error.
https://github.com/liximomo/vscode-sftp/issues/391
I want to open key3.db in SQLite browser which store the key for encryption of saved password in firfox, but I see this error: "File is encrypted or not a SQLite3 database or encryption key does not match"
I think key3.db is encrypted. Can anybody tell me what is the Encryption key of this database?
It is not encrypted, it is stored using firefox's .db format (shows up as a Berkeley db according to "file"). Thunderbird pass decryptor will decrypt this value.
Additional reference