Use case: When online, user launches the Ionic app that prompts for username/password. Credentials are checked against the server and user is allowed to log in. Also, the encrypted password is stored locally (ipad).
When offline, instead of checking against the server, validate the credentials against the encrypted password stored locally.
What's working
Able to use crypto-js library in Ionic to encrypt the password.
var encryptedMessage = CryptoJS.AES.encrypt(password, secretkey);
What's not working
Now, I am trying the use the angular-local-storage library to save it in local storage.
localStorageService.set('pwdkey', encryptedMessage );
It gives me the below error
TypeError: Converting circular structure to JSON
at Object.stringify (native)
at toJson (http://localhost:8100/lib/ionic/js/ionic.bundle.js:14637:15)
at Object.addToLocalStorage (http://localhost:8100/lib/angular-local-storage/dist/angular-local-storage.js:158:19)
at encryptAndStore (http://localhost:8100/js/controllers.js:550:27)
The same code works fine if I pass an unecrypted string instead of the encrypted password. So, it has something to do with the encrypted data.
How can I store encrypted data in local storage?
The problem was solved by using the .toString() method
CryptoJS.AES.encrypt(password, secretkey).toString()
This way I was able to save the String and then get it back and decrypt it.
Related
I am using a group context to configure the db connection. The password of the db has a password type. When deploying the job, the password is automatically encrypted in the default.properties under the contexts folder.
What if i want to change the password without using the studio (on a client environment)? what can i use to encrypt the new password?
I was able to do it by creating a separate encryption job with a tjava component and the following code:
System.out.println(routines.system.PasswordEncryptUtil.encryptPassword(context.Password));
where context.Password is an input context variable of type String. When running the job, the user is prompted to enter a password and then the encrypted Talend password will be printed. It will have the following format: enc:routine.encryption.key.v1:[encryptedPassword] The routine encryption key can be modified if needed by following this link: https://help.talend.com/r/en-US/8.0/installation-guide-data-integration-windows/rotating-encryption-keys-in-talend-studio
There's actually a few ways for this:
myJob.sh --context_param myPassword=pass123
this unfortunately can be seen by anyone via ps / task manager.
You can also edit the contexts/contextName.properties file and change the context parameters there. This way the context can only be seen if you have access to the file.
Theoretically both should be able to accept the cleartext/encrypted password.
Implicit context load feature can also be used to load contexts: https://help.talend.com/r/en-US/8.0/data-integration-job-examples/creating-job-and-defining-context-variables
I opened our firebase functions code today, typed firebase serve as I usually do, but when I called an http function that touches our real-time database, I was greeted with this message:
#firebase/database: FIREBASE WARNING: {"code":"app/invalid-credential","message":"Credential implementation provided to initializeApp() via the \"credential\" property failed to fetch a valid Google OAuth2 access token with the following error: \"Error fetching access token: invalid_grant (Bad Request)\". There are two likely causes: (1) your server time is not properly synced or (2) your certificate key file has been revoked. To solve (1), re-sync the time on your server. To solve (2), make sure the key ID for your key file is still present at https://console.firebase.google.com/iam-admin/serviceaccounts/project. If not, generate a new key file at https://console.firebase.google.com/project/_/settings/serviceaccounts/adminsdk."}
Nothing changed from when I was able to run this last (a couple weeks ago?) and my system time is set to automatic for time and timezone. I ran firebase logout and firebase login and I'm using the parameterless admin.initializeApp();. Has something changed I need to take into account?
I used the information found # https://firebase.google.com/docs/functions/local-emulator to generate and set up a key file # https://console.cloud.google.com/iam-admin/serviceaccounts/details/##################?authuser=0&project=my-project-name by clicking 'create key' at the bottom.
Once the key file was downloaded, I set it with this command line in my projects directory
set GOOGLE_APPLICATION_CREDENTIALS=path\to\key.json
With that done, I was able to run my functions as I expected locally.
I love you all.
Using flyway to manage our snowflake objects, but would like NOT to use user/password based authentication and instead use user+ Auth-key based authentication mechanism supported by Snowflake.
flyway.url=jdbc:snowflake://<myaccount>.snowflakecomputing.com/?private_key_file=<abs_path_to>/.ssh/rsa_key_fdb_user.pem&db=mydb&warehouse=etl_dev_wh&role=etl_dev_role&user=etl_dev_user
However, with the flyway.url set to above pointing to my location of private_key_file, it simply prompts me for a "Database password:" from the command line -
./flywaydb/flyway -configFiles=<absolute_basepath>/conf/flyway-dw.conf info
I was hoping that the user's Auth would get done based on the private key provided.
Please edit your config file and enter a dummy password as flyway.password:
flyway.password=wrongpassword
It should stop asking password and connect to Snowflake with the private key, in case you configured your user with rsa_public_key:
https://docs.snowflake.net/manuals/user-guide/jdbc-configure.html#privatekey-property-in-connection-properties
I am writing a Windows VCL desktop using c++ builder. The app uses Firedac and a SQLite database.
I want to protect this SQLite database:
Only my vcl app can connect to it and use it
Other programs and people cannot use the SQLite file
So far I found that the easiest thing that I can do is Encryption, you make it so that anybody without a correct password gets a message like "This file is not a database" if he tries to open it.
Yes we can do this with Embarcadero VCL, doc. using a TFDSQLiteSecurity component and these lines :
FDSQLiteSecurity1->Password = "";/* we are protecting (encrypting) our uncyphered database*/
FDSQLiteSecurity1->ToPassword = 'newpassword';
FDSQLiteSecurity1->ChangePassword();
Unfortunately the VCL Firedac app cannot connect to an encrypted sqlite database so it must decrypt it first.
In order to make things work my program starts and decrypts the database ( removes password) then it connects to the database and use it. When finished I recrypt the database again (when closing app).
THE PROBLEM:
During this time (My program is up and running and the database in uncrypted) can I stop other programs from opening the SQLITE database? Is there a better approach, I am opened for any suggestion
Once it is encrypted by FireDac just set the appropriate properties on the FDConnection. Those would be password to the password and encrypt to the encryption method.
Firedac can open a SQLite database it has encrypted itself so the problem resolves itself by doing that as a better approach. Other programs only see the encrypted version on disk and can't open it without the password.
I have a Swift app that uses the Realm Object Server running remotely on a Linux server. Everything is working, including real-time sync.
Occasionally I want to inspect the contents of a local Realm file used by the iOS Simulator so I can do some debugging. When I browse here:
~/.../CoreSimulator/.../Documents/realm-object-server/<unique id>/
...and I try to open this file: realm%3A%2F%2F104%2E236%2E129%2E235%3A9080%2F%7E%2Fmyapp.realm
I get prompted with: Please enter a valid encryption key for this Realm file.
Where do I get this encryption key? I tried using the admin token from the server, but that doesn't appear to be working.
Also, can I turn off encryption everywhere? Or is it mandatory for any app using the Realm Object Server?
It is not possible to open the local version of a synced Realm file using the Browser (or anything else, for that matter). This is due to differing history types internally (but I won't go into that now). In order to inspect the contents of the Realm file, you have to open it using the previously defined syncURL. The browser will then download the file and show you the contents.
A few links on this topic:
https://github.com/realm/RealmTasks/issues/327
https://github.com/realm/realm-core/issues/2276
You may use old version of Realm Browser, please update it and check the result again.
Use Realm Studio instead which worked for me.
Here can download the file
byte[] key = new byte[64];
new SecureRandom().nextBytes(key);
String encryptionKey = byteArrayToHexString(key);
//encryptionKey is what you want byteArrayToHexString see
Log.d("test", "encryptionKey:"+encryptionKey);
byteArrayToHexString() method you can see:How to convert a byte array to a hex string in Java?