I've got an AS3 project that I've successfully added encryption to with the excellent as3crypto library. I've also got an AS2 project that I would like to add the exact same encryption to, with the AS2 version of as3crypto.
Unfortunately, AS2 doesn't have the excellent ByteArray class, so it hasn't been as easy to get working.
My basic process is this: Open a Socket connection, create an ARC4 object, encrypt data with the ARC4 instance before sending, decrypt incoming data with an ARC4 object when receiving. Straightforward.
In AS3 this is working great. How do I do the same thing in AS2? Is there an example of usage of the AS2 RSA library somewhere that I haven't been able to find? Anyone have any idea of how the ARC4 class is supposed to be used in AS2?
Here are examples:
Flash Hacks
ActionScript Cookbook
Protect and Obfuscate your Flash files
Related
I am looking for a way on how to implement file download functionality using gRPC but I can't find in the documentation how this is done.
What is an optimal way to do this? I wanted to have a gRPC server that holds files and a gRPC client to request something from gRPC.
I have looked at the examples in Java but could not figure out a way on how to do this. I just started reading about gRPC today.
You must define a specific message as data container and you must transfer it to the client in chunks using a stream.
Example of proto Message and RPC service:
message DataChunk {
bytes data = 1;
}
rpc DownloadProductImage(DownloadProductImageRequest) returns(stream DataChunk){}
In java you can use BufferedInputStream to stream the resource to the client.
protobuf / grpc
server side code
client side code
There are a few possible approaches.
If your file size is small enough, you can define a proto file with a single String field, and dump the entire text content into that field.
If your file size is too large to do this, you might want to chunk the file and use the streaming API to send the file chunk by chunk.
Below is a good guide for getting started with gRPC.
https://grpc.io/docs/tutorials/basic/java.html
I have taken the working example from db80 and have created a PR with a full example: https://github.com/grpc/grpc-java/pull/5126
Hopefully they will merge this then everyone can have a working example of this common use-case for GRPC.
I am totally newbie in c#, .net core 2 and protocol buffers but I have to work with thoses 3 technologies for a personnel project (server/client architecture). I have some questions about serialization/deserialization in multiple message.
I have already see this:
https://developers.google.com/protocol-buffers/docs/techniques#streaming
So I know it's need a special technique. After a little google session I found something about put and pop limits in c++ but I haven't see docs on c#.
I have an another question, does google protocol buffers handle nicely reading ? My sockets are monitored with select so when I want to read my messages (using https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/message-parser#class_google_1_1_protobuf_1_1_message_parser_1a110e5d9bc61837e369e5deb093f59161)
I am not sure how protobuf will stop reading (I don't want to read beyond the data available on the socket because it will make my server blocking...)
Does it manage it ? Thank you...
Standalone protobufs aren't delimited in any way - they don't encode their length and have no fixed start nor end.
But the API gives you some tools for sending and storing multiple messages - specifically, you can use WriteDelimitedTo() to write multiple protobufs to some output, and then read them using parseDelimitedFrom()
I have a Java application (an ESB - Enterprise Service Bus) which deals with customer sensitive data and have a requirement of supporting Data encryption at rest in order to prevent data abuse.
The application stores customer data for processing on the file system and application interacts with it through java.io.File API. So basically, I need to encrypt the file before it is persisted on the file system by the application and then decrypt it before application reads it so that it can be parsed and processed.
Are there any good frameworks or libraries that can help me implement Data encryption at rest? I am planning to use PGP encryption/decryption for implementing Data encryption at rest.
I am looking for best and recommended approach for implementing Data encryption at rest within my Java application and any help shall be appreciated.
Why on Earth would you think pgp is the right tool for this? Seems to me that you only need a symmetric key solution, so pgp feels like the wrong answer.
Cryptography in Java is a minefield. Easy to do things wrong, hard to do things right.
Having said that, you have a better chance to not screwing up if you use BouncyCastle rather than something else. They have example code that shows you how to do various operations.
For encrypting data at rest, I recommend you use AES in either CBC mode or CTR mode. If using CBC mode, make sure you choose your IV in a cryptographic secure way (unpredictable). Also, never re-use an IV for any mode of operation.
You should also consider whether you need message integrity. General guidance about symmetric encryption here.
Even though people often get crypto wrong, the bigger problem is key management. That's a whole new can of worms (and don't be fooled into thinking pgp provides a solution to this: all it does is shifts the problem to somewhere else).
I need to use X509 certificate in the BizTalk Custom Pipeline component to Encrypt/Sign the message and to Decrypt/Verify signature, please let me know some good samples/artcile/blogs etc which explains how to acheive this.
RSA needs to be the encrypton algoritham.
Thanks.
What kind of encryption are you looking for? Are you looking for raw RSA encryption, or any specific message format?
Out of the box, BizTalk only supports S/MIME encryption using the SMIME encoder/decoder component; it might be useful depending on exactly your format is.
As for how to create a custom pipeline component from scratch to do it, I recommend first starting with the Pipeline Component Wizard. It will take care of most of the boilerplate code.
I do have a sample on writing custom encryption pipeline components, though my specific sample uses symmetric encryption and not RSA (but should give you a clue as to how to implement this). The code for these components can be found here.
Maybe this post we just uploaded can be of help: http://www.leandrodg.com.ar/blog/2010/03/encryption-and-decryption-with-x-509-certificates/
I am doing file transfers, but the filereference API doesn't support file chunking. Has anyone done this before? For example, I would like to be able to upload a 1 gig file from an AIR client to a custom PHP/Java/etc. service.
It seems that all you should have to do is use the upload() routine. The php or java service should be doing the chunking.
var myHugeFile = new air.File('myHugeLocal.file');
myHugeFile.upload(new URLRequest("http://your.website.com/uploadchunker.php"));
There is a much more elaborate example of using filereference in the adobe learning area here:
http://www.adobe.com/devnet/air/flex/articles/uploading_air_app_to_server.html
Three options jump out on this:
Use an FTP service that supports resumable transfers, assuming flash supports this as well. Maybe not an option if you are wanting to communicate with a custom service of your own.
Leverage the http file part header support. Only applicable if AIR allows access to the appropriate http headers (content-range & content-length). This is what BITS does. Probably a bit harder to implement.
Hand roll your own TCP or UDP protocol exchange. Not for the faint of heart. I'd look in the OSS space before going this route.
I think FileReference does chunk, at least that is what I have observed. Using a tool like Fiddler, you can watch it in action. If you analyze the outgoing headers of a FileReference upload, they are chunked.
If resumes are what you're after, I cannot say how you would go about that with FileReference. I have uploaded small files in generic posts, but that requires the flash/air client to load all bytes into the app. In Air that may or may not crash flash with a 1GB file (depends on your system I guess).