I have a session cookie which is encrypted in Lumen Framework.
https://lumen.laravel.com/docs/8.x/encryption
I am trying to decrypt cookie in Node Js using crypto-js but I get an error message Error: Malformed UTF-8 data at Object.stringify
I have been stuck on this for a day not sure what I am doing wrong !!
Any Help would be appreciated.
Related
Encryption is happening successfully in soap ui it is reaching server and server is replying with proper response without any issue. However while upon receiving in soap the encrypted response is not getting decrypted and in error log I'm getting the following error.
ERROR:org.apache.ws.security.WSSecurityException: General security
error (No certificates were found for decryption (KeyId))
org.apache.ws.security.WSSecurityException: General security error (No
certificates were found for decryption (KeyId))
at org.apache.ws.security.processor.EncryptedKeyProcessor.getCertificatesFromEncryptedKey(EncryptedKeyProcessor.java:313)
In incoming configuration , I configured the jks file which consists my keypair and server public key.
( the same jks file is working fine when using in java client code , So I assume this is a problem in soap ui configuration. )
Any help would be appreciated
I am trying to connect with the youtube API using yt_oauth function but getting error as follows :
Error in readRDS(token) : error reading from connection.
I have checked my application several times. First I got the API Key and then the Client ID and Client Secret. I am using the Client ID and Client Secret for app_id and app_secret below. I have enabled all the 3 youtube APIs(Data,Analytics,Reporting)So where can I be going wrong? Any help appreciated.
Below is the code I am using
library("tuber")
app_id <- "XYZ"
app_secret<-"abc"
yt_oauth(app_id,app_secret)
Seems that you called yt_oauth previously with some invalid parameter. A file called .httr-oauth may exists at your current path (in my case it was on My Documents folder). One can remove that file or alternatively do this:
yt_oauth(app_id, app_secret, token = '')
It will force tuber to refresh the token state.
I have the following issue when trying to connect to the documentDB web API with R and PostMan.
In the DocumentDB documentation the way to ask something to the web API is to compose an Authorization header with base64 hash.
In R I'm trying to compute the signature and test the header directly with postman.
But I get every time a http 401.
Here is my R code:
toHash <- enc2utf8("get\ncolls\ndbs/toto/colls/testtoto\nsun, 08 may 2016 06:43:05 gmt\n\n")
hash <- hmac(key, toHash, "sha256")
base64(hash)
the "key" is the primary key got from the portal.
And then, following the Azure documentation, my header is:
type=master&ver=1.0&sig=< thebase64(hash) >
I'm pasting that into PostMan with the headers x-ms-version, date and x-ms-date.
But it'is not working..
I'm stuck now, does anyone have an idea? Am I using a wrong R function? A wrong key, is there a way to get more information about the mismatch?
The web api response is :
{
"code": "Unauthorized",
"message": "The input authorization token can't serve the request. Please check that the expected payload is built as per the protocol, and check the key being used. Server used the following payload to sign: 'get\ncolls\ndbs/toto/colls/testtoto\nsun, 08 may 2016 06:43:05 gmt\n\n'\r\nActivityId: fadbfc0b-e298-418a-b56c-8114699fff91"
}
I found what was wrong by myself.
The token given in the Azure portal is base64 encoded. So It is mandatory to decode it:
RCurl::base64Decode(key, mode="raw")
in order to use it with the digest::hmac function. It is also mandatory to specify raw = TRUE within this hmac function.
I am working on making a basic password keeper in Golang and want to be able to store the passwords encrypted using RSA. My encryption function and decryption functions both work and will encrypt and decrypt correctly. However after storing the password in a file and then reading the password back from the file the decryption function fails. I have checked to make sure that the reading in of the RSA key is correct and that is not my problem as reading in the RSA key works correctly.
Here is how I am writing my encrypted password to the file
ioutil.WriteFile(filename, encPassword, 0644)
and here is how I am reading back the password
encrypted, err = ioutil.ReadFile(encryptedFileName)
When I run my program I am currently receiving this error code
failed in decrypt_oaep: crypto/rsa: decryption error
exit status 1
My belief is that Read or Write file is adding something to the contents of the file because if I try and decrypt the password before the encrypted password is written or read from a file it will work fine. Any help would be appreciated.
If you need more code I can post more of it later.
Edit: here is a link to codeshare with my entire code: https://codeshare.io/PtMxk
In line 167 you are calling your encrypt function with label = []byte(product).
In line 120 you are calling your decrypt function with a label variable that has been defined but not initialized (i.e. you are sending an empty byte array)
decrypted = decrypt_oaep(private_key, encrypted, label)
Because of that, your decryption won't work. From the docs:
The label parameter must match the value given when encrypting
- https://golang.org/pkg/crypto/rsa/#DecryptOAEP
Solution:
In the decryption call (line 120) send []byte(product) as the label parameter.
Hi I have configured the node.js app and in most part it is working fine.
But at the last step after logging in I am getting this error : Invalid token: Unable to verify the ID Token: Invalid verify algorithm sha256
I can see the gtoken being set.
But I am running out of ideas about where from the algorithm is getting set. I havn't configured it anywhere , so how am I passing an invalid algorithm ?
Any suggestions ?
Have you converted the downloaded .p12 key into .pem file, and pass the .pem file when building the GitkitClient?