I get a public key via form and store it in a temp file. How can I use gpg2 utility to read key from file and add it to keyring?
I got it working but not sure if this is the correct way. gpg2 --import' + ' ' + tempFile). Tempfile have public key.
Related
I have encrypted email Address like
$this->load->library('encrypt');
$encoded = $this->encrypt->encode('user_email_address');
In codeigniter Model.
And after that when I tried to decode, it does not show the correct data.
$this->encrypt->decode('user_email_address');
It shows like
Jts¹+…Ru\¼A·¾Àp¤c’áµSîÆKÆ—l¿Ýƒ>ü«%c‚µ~SÔNÏŠÖä3; ñÑ
Please help me to solve this issue
Thanks in advance.
You can't use directly email to decode
Use it as
$this->load->library('encrypt');
$encodedEmail = $this->encrypt->encode('user_email_address');
$myEmail = $this->encrypt->decode($encodedEmail);
set encryption_key based on the algorithm used for encryption.
eg. for AES-128, encryption key must be 128 bits or 16 bytes (characters) long.
Or you can create key in your function itself before calling encode() function like:
$key = $this->encryption->create_key(16);
for more details : refer https://www.codeigniter.com/user_guide/libraries/encryption.html
I'm looking into different solutions regarding storing passwords in Database. After reading a lot I think i will end up with PBKDF2.
Although I'm a little bit confused regarding if I should input salt to my PBKDF2 function and store the salt in a column and the PBKDF2'd password in another column.
I'm also using CodeIgniter and found a library for PBKDF2 (https://github.com/HashemQolami/CodeIgniter-PBKDF2-Library) Which claims I don't need to store the salt separately.
Register user by using $pbkdf2['hash'] as user's password which has
been recommended; no need to store user's salt separately.
https://github.com/HashemQolami/CodeIgniter-PBKDF2-Library#step-2
So if I'm assuming correct all I need is to provide a password into the function and the function take care of the rest?
I'm the creator of CodeIgniter PBKDF2 Library. Just found this topic on SO, and I decide to clarify how this library works.
Here is the sample code from the doc:
# Load pbkdf2 library into your controller
$this->load->library('pbkdf2');
# Get password, which has been sent via POST method
$password = $this->input->post('password');
# Encrypt the given password using a random generated salt
$pbkdf2 = $this->pbkdf2->encrypt($password);
The encrypt() method, returns an array which has 3 keys: salt, password, hash.
The value of hash is the concatenation of salt and password.
This feature lets the user to choose how to use this library, whether to work with salt and password or hash (salt + password).
The syntax of encrypt() method:
encrypt( string $password [, mixed $good_hash = NULL [, bool $object_output = FALSE]] )
The function uses the given $good_hash as the salt to generate the encrypted password. And it uses a random generated salt if the $good_hash parameter is not given.
So, If you have stored the salt separately, you could pass it to the function as the second parameter to encrypt the given password:
$pbkdf2 = $this->pbkdf2->encrypt($password, $salt);
On the other hand, If you have stored the concatenation of salt and password into database, you could pass that to the function as the second parameter, too:
$pbkdf2 = $this->pbkdf2->encrypt($password, $hash);
The function will break the given $hash automatically to fetch the salt.
So, you could store the concatenation of salt and password in a column (64 characters by default) and then encrypt the new given password by using old stored one.
Putting all together
In the following, I'll show you how to work with this library to register/login the user, without storing the salt and the password separately.
Registering the user:
$this->load->library('pbkdf2');
$password = $this->input->post('password');
$pbkdf2 = $this->pbkdf2->encrypt($password);
# Store $pbkdf2['hash'] into User table as the user's password
Logging in the user:
$this->load->library('pbkdf2');
$username = $this->input->post('username', TRUE);
$password = $this->input->post('password');
# Fetch the stored user's password from the database
$user_password = $this->user_model->get_password_by($username);
# Check whether the User exists
if ($user_password)
{
# Encrypt the new given password by using the old one:
$pbkdf2 = $this->pbkdf2->encrypt($password, $user_password);
# Check whether the new generated password matches the old one
if ($pbkdf2['hash'] === $user_password) {
# Log in the user ...
} else {
# Show an error...
}
} else {
# Show an error...
}
I have to encrypt a particular field value and store in DB. I have used RSA Encryption for Ruby. I was able to encrypt and save it, but then while decrypting it back, i am facing problem. What i have done is as follows,
key_pair = RSA::KeyPair.generate(512)
Stored key_pair in separate column.
ciphertext = key_pair.encrypt("Hello, world!")
Stored ciphertext in another column in same table.
While decrypting, i fetched the key_pair value from database and applied decrypting function
plaintext = key_pair.decrypt(ciphertext)
This step throws error
NoMethodError: undefined method `decrypt' for <String:0xa431b88>
because "key_pair" is not an instance of "RSA::KeyPair".
When i try to decrypt the stored value, i fetch key_pair value from database and then apply decrypt method on it. So the key_pair value has String class. I need a way to solve. Please guide me.
Before decrypt, try:
# get persisted value from DB; then
key_pair = RSA::KeyPair.new(your private key, your public key)
# and then decrypt
plaintext = key_pair.decrypt(ciphertext)
Using scutil on a Mac, I know how to create a dict and put it inside the data store.
However, my system shows a key whose value is just an array:
$ scutil
> show Kerberos-Default-Realms
<array> {
0 : ATHENA.MIT.EDU
}
How can I manually create an entry like that? I need to do this in my automatic test.
I may have found the answer (revised):
$ scutil
> help
Available commands:
help : list available commands
f.read file : process commands from file
quit : quit
d.init : initialize (empty) dictionary
d.show : show dictionary contents
d.add key [*#?] val [v2 ...] : add information to dictionary
(*=array, #=number, ?=boolean)
d.remove key : remove key from dictionary
list [pattern] : list keys in data store
add key ["temporary"] : add key in data store w/current dict
get key : get dict from data store w/key
set key : set key in data store w/current dict
show key ["pattern"] : show values in data store w/key
remove key : remove key from data store
notify key : notify key in data store
n.list ["pattern"] : list notification keys
n.add key ["pattern"] : add notification key
n.remove key ["pattern"] : remove notification key
n.changes : list changed keys
n.watch : watch for changes
n.cancel : cancel notification requests
To recreate the example in the question above:
> d.init
> d.add Kerberos-Default-Realms * ATHENA.MIT.EDU
> d.show
<dictionary> {
Kerberos-Default-Realms : <array> {
0 : ATHENA.MIT.EDU
}
}
... and crap, that doesn't do exactly what you need, now does it? I mean, sure you have an array with the right values, but that array is in a dictionary.
You were looking for something more to the tune of:
> d.show
<array> {
0 : ATHENA.MIT.EDU
}
So that means we need something more like:
> a.init
a.init: unknown, type "help" for command info
Figures... wait! What if I:
> get Kerberos-Default-Realms
> d.show
<array> {
0 : ATHENA.MIT.EDU
}
Sweet, now my "current dictionary" IS an array, so I should be able to work something out from here:
> d.add Kerberos-Default-Realms ATHENA.MIT.EDU ZEUS.MIT.EDU
d.add: data (fetched from configuration server) is not a dictionary.
Nope... That was my last hope... I know an NSArray is a valid NSObject, I just don't think scutil was built to support adding or modifying an NSMutableArray.
Obviously there is some way to get it into the dynamic store (because Kerberos-Default-Realms IS an array), but scutil looks like a dead end to me... Only one thing left to do:
> quit
When using the MongoDB shell, how do I use a guid datatype (which I have used as the _id in my collection).
The following format doesn't work:
>db.person.find({"_id","E3E45566-AFE4-A564-7876-AEFF6745FF"});
Thanks.
You can use easily:
.find({ "_id" : CSUUID("E3E45566-AFE4-A564-7876-AEFF6745FF")})
You have to compare the _id value against an instance of BinData (not against a string). Unfortunately the BinData constructor takes a Base64 string instead of a hex string.
Your GUID value is missing two hex digits at the end, so for the purposes of this example I will assume they are "00". The following values are equivalent:
hex: "E3E45566-AFE4-A564-7876-AEFF6745FF00" (ignoring dashes)
base64: "ZlXk4+SvZKV4dq7/Z0X/AA=="
So your query should be:
>db.person.find({_id : new BinData(3, "ZlXk4+SvZKV4dq7/Z0X/AA==")})
I am assuming that the binary subtype was correctly set to 3. If not, what driver was used to create the data?
You could use the following js function in front of your query like so:
function LUUID(uuid) {
var hex = uuid.replace(/[{}-]/g, ""); // removes extra characters
return new UUID(hex); //creates new UUID
}
db.person.find({"_id" : LUUID("E3E45566-AFE4-A564-7876-AEFF6745FF"});
You could save the function in .js file and load it or open it before you make your query and if you copy the value from your results you should rename the function with:
LUUID for Legacy UUID
JUUID for Java encoding
NUUID for .net encoding
CSUUID for c# encoding
PYUUID for python encoding
I know it's an old issue, but without any additional needs you can use this one:
find({_id:UUID('af64ab4f-1098-458a-a0a3-f0f6c93530b7')})
You can fix this issue by using split() and join() workaround:
for instance if I use "E3E45566-AFE4-A564-7876-AEFF6745FF" hex value with - inside UUID() function, it does not return BinData in mongo so please try removing all the - before passing to UUID function.
db.person.find({"_id":UUID("E3E45566-AFE4-A564-7876-AEFF6745FF".split("-").join(''))});
Or by defining a variable to do it in multiple line:
var uuid = UUID("E3E45566-AFE4-A564-7876-AEFF6745FF".split("-").join(''))
db.person.find({"_id":uuid});
or by creating a simple function:
function BUUID(uuid){
var str = uuid.split("-").join('');
return new UUID(str);
}
db.person.find({"_id": BUUID("E3E45566-AFE4-A564-7876-AEFF6745FF")}).pretty();