How to encrypt a file using adobe air... and if i have encrypted it, how to decrypt it again ..
thanks
you can use as3crypto. get it from http://code.google.com/p/as3crypto/
Related
I'm new to code signing and I'm trying to create as secure a process for signing our code as possible. I created a .pfx file by exporting my certificate from IE and created a password for it. I'm able to sign code using the pfx file with the following command:
signtool.exe sign /f mypfx.pfx /p mypass myexetosign.exe
This works fine, so I copied signtool.exe, the pfx file, and a different executable to sign to a USB flash drive. I took the USB flash drive to a second computer and tried the same command again, but this time I get SignTool Error: The specified PFX password is not correct. I'm certain the password is correct. Is there an extra step I'm missing to move this to another machine? My ultimate goal is to do the code signing in an offline static environment.
What I've encountered is that during the export, the encryption of the pfx is SHA256 or 3DES-SHA1.
If importing on a different machine, make sure the same SDK is used, so the same encryption can be used to decrypt.
The error explains this, if you try to decrypt with the wrong encryption, garbage comes out, which could be the result of a wrong password as well
Related stackoverflow question:
Why I get "The specified PFX password is not correct" when trying to sign application with signtool?
So currently I'm trying to convert the .spc file that was provided from GoDaddy and convert it to a .p12 file so I can sign my Adobe AIR build. Can anyone help me out as to what the process is to complete this? Or maybe I'm going to wrong route on this?
I'm trying to understand how a .pem file is laid out. How is the passphrase authenticated? How does the .pem file check against itself the passphrase you try to open it with?
Multiple different kinds of data are stored in files with the extension .pem. So your question is imprecise. But suppose it is a password-protected private key file. Why do you believe the password is stored anywhere in it? In fact it is not stored in the file. The passphrase is used to generate a symmetric key, which is used to decrypt the file and check the decrypted file for consistency.
I use Windows XP SP3. I resell digital signature certificates. I get the clients data, key them into a portal and download the dsc onto my machine. I use Internet Options and export the certificate to a pfx file with a password and send it off to the client. Since, this is being done over and over again, during export to pfx, inadvertently the wrong certificate is selected. Once the pfx file is generated, is there any way of knowing the common name in the pfx file without having to reinstall the certificate. I have looked into openssl, but not sure if it can be achieved by a batch file as a password has to be physically entered. Ideally, after exporting say 10 pfx files, I would like to run a batch file which would display only the common names. Once I confirm that the names are correct (I have exported correctly), I can delete the certificates from the store.
You should write your own application, that will perform batch processing of PFX files.
The pseudo code using CryptoAPI are as follows.,
Read the pfx files from disk one by one using PFXImportCertStore. You will get the certificate store context.
Acquire the certificate context PCCERT_CONTEXT phPfxCertCtx = CertEnumCertificatesInStore
Get the subject name. phPfxCertCtx->pCertInfo->Subject
You can have a predefined list of subjects to compare the subject names that are read now.
Close the context and certificate store, CertCloseStore with CERT_CLOSE_STORE_FORCE_FLAG.
I am using dozens of different web services, and I keep a password file in a remote Linux machine. The file contains my usernames, passwords and answers for security question.
This server happens to be offline to often, and I'm looking for a way to keep the password file on my own computer, or on a service like DropBox. Obviously, I want to keep the file encrypted, but handy - I want to be able to print its contents using one shell (or cygwin) command, perhaps using a passphrase.
Any good ideas how to do it?
You can use GPG's symmetric option to encrypt files with pass-phrases.
gpg --symmetric filename
That will result in an encrypted file named filename.gpg. To redirect the output to STDOUT instead of a .gpg file:
gpg --symmetric -o - filename
You can later decrypt the file with:
gpg --decrypt filename.gpg
I use PasswordSafe encrypted files in exactly this configuration. GUIs are available for Windows/Mac/Unix/Java. cliPSafe gives it a command line interface.
THe original code was written by Bruce Schneier, well known in the security world, but I've never used cliPSafe.
As already noted GPG solves the problem. Using the gpg command directly for encrypting text files may be a bit cumbersome though, especially as you would often decrypt the file to a seperate file, add some text (passwords in this case) and the reencrypt it (which will possibly expose your unencrypted data).
Vim has a very good plugin called gnupg for trasparently handling encrypted files using GPG. Using this plugin the unencrypted data will never be written to disc and you can just treat it as any other file (except for the passphrase question popping up of course).