I'm still working with GPG, as in this post:
How do I encrypt plaintext with GnuPG?
What I need now is to be able to list various info (e.g. all recipients) of an encrypted message without necessarily decrypting it. I've seen links to different commands like "--list-only", but nothing seems to work. Does anyone have an authoritative reference (or any input really) on this?
Best.
EDIT #1:
Clarification. --list-only will display all keys but your own (if it was encrypted to you). Basically I need to be able to determine if the item was encrypted to me so as to "file" it or take other action.
In order to see all keys (that are not hidden) that a block of encrypted data was encrypted to - including your own - you could simply make your secret-keyring unavailable, via something like this:
gpg --no-default-keyring --secret-keyring /dev/null -a --list-only
That tells gpg to not use any default keyrings (--no-default-keyring) if an invalid/missing keyring is specified, and then goes on to specify an invalid/missing secret-keyring (--secret-keyring /dev/null)
Related
I'm just learning to use cyphr and doing a very simply exercise, but having a problem that involves session keys. I want to encrypt a file and then, at some later date & time, decrypt, but I ran into the problem below. I'm the only one who will be encrypting and decrypting the file, and occasionally modifying the file. Here's what happened.
library(cyphr)
# SimpFile is a simple character file of length 107.
cykey123022 <- cyphr::key_sodium(sodium::keygen()) # generate a cyphr key
encrypt_file("SimpFile.txt", cykey123022, dest = "SimpFile.enc")
# That worked.
decrypt_file("SimpFile.enc", cykey123022, dest = "SimpFile.dec")
# That worked too.
Another session: reloaded R and the workspace.
library(cyphr)
decrypt_file("SimpFile.enc", cykey123022, dest = "SimpFile.dec")
Error: Failed to decrypt key as session key has changed
The problem now is that, while I understand the purpose of the session key, I haven't been able to reset it or to do the simple task I'm trying to do. By the way, I'm happy, in this particular case, to dispense with session keys all together if I can. I would be happy to simply encrypt the file, hide the encryption key and then reload the same key at the later time in order to decrypt the file.
How can I do that most simply?
I already described what happened in the previous frame. I expected to be able to decrypt the file but couldn't. When I tried to do that, I got the following error message:
Error: Failed to decrypt key as session key has changed
Your decryption commands should probably not have the same input and output file names - you are overwriting the encrypted file each time. I don't think that's the source of the issue but worth trying decrypt_file("SimpFile.enc", cykey123022, dest = "SimpFile_2.txt")
Also, check: https://cran.r-project.org/web/packages/cyphr/vignettes/cyphr.html
"When using key_openssl, keypair_openssl, key_sodium, or keypair_sodium we generate something that can decrypt data. The objects that are returned by these functions can encrypt and decrypt data and so it is reasonable to be concerned that if these objects were themselves saved to disk your data would be compromised.
To avoid this, cyphr does not store private or symmetric keys directly in these objects but instead encrypts the sensitive keys with a cyphr-specific session key that is regenerated each time the package is loaded. This means that the objects are practically only useful within one session, and if saved with save.image (perhaps automatically at the end of a session) the keys cannot be used to decrypt data."
As the title suggests, I'm wondering if it is possible to directly specify the key value in m3u8 in stead of specifying a key file. Hex value of the key file is 723C581D81C3316D89D3E1CB158FFF43 and VLC Player can playback the m3u8 when specifying the key file using URI="0.key". I've tried URI="data:text/plain;charset=utf-8,723C581D81C3316D89D3E1CB158FFF43" and didn't work. Not in favor of a separate key file, so if it's possible, what exactly should I put in the m3u8 as uri?
This is part of the HLS specs and what you have outlined above looks correct but I think you will find that Amy players don't actually support it.
For example an open ShakaPlayer request (at time of writing):
https://github.com/shaka-project/shaka-player/issues/2146
A similar issue with ExoPlayer:
https://stackoverflow.com/a/59625511/334402
You may find the easiest way is actually to host the key in a separate file, even though that is not your preferred approach.
Using base64 encoding seems to work for some implementations at least. VLC can't read it, but hls.js works properly.
First convert your hex key into base64:
> echo '723C581D81C3316D89D3E1CB158FFF43' | xxd -r -p | base64
cjxYHYHDMW2J0+HLFY//Qw==
Then use the base64 string as the key URI in your m3u8 file:
URI="data:text/plain;base64,cjxYHYHDMW2J0+HLFY//Qw=="
When I enter the incorrect password for an encrypted file Vim displays gibberish.
If I accidentally save this file (:wq is muscle memory) I will lose the original content. How do I prevent the save of incorrectly decrypted files? Is it possible to set the 'readonly' option when the file is decrypted incorrectly?
Additional question - Is it possible to recover the original content of the file after we have saved the incorrectly decrypted file?
PS - I was using :se cm=blowfish2
How do I prevent the save of incorrectly decrypted files?
Adding the following map to .vimrc prevents mistakenly overwriting an encrypted file by asking the user if he/she really wants to quit:
au BufWinEnter * if &key!="" | cnoremap wq if input("Sure of quitting encrypted file? (yes or no)") == "yes"\|wq\|endif|endif
The important part here is the &key!="" comparison which evaluates to TRUE only if the file is encrypted.
Is it possible to set the 'readonly' option when the file is decrypted incorrectly?
An incorrectly decrypted file will often display unusual characters. This can help to detect whether a file is incorrectly decrypted, like so if search("[¶Éâ½]")!=0 | set readonly | endif. This comparison evaluates to TRUE if any of the characters inside "[]" appear on the file.
Is it possible to recover the original content of the file after we have saved the incorrectly decrypted file?
From :help encrypt
WARNING: If you make a typo when entering the key and then write the file and exit, the text will be lost!
The File Name in the Send Port should be set with the mask like ABC.txt.pgp. Since I have used the PGP Encryption Component it is generating the File name like ABC.pgp.txt.pgp. But what I need is just the ABC.txt.pgp. How can be this be done. Any help is greatly appreciated.
Thanks
What you are seeing is the expected behavior. If you are referring to this:
https://code.msdn.microsoft.com/windowsdesktop/BizTalk-Sample-PGP-ebcbc8b2
or one of it's derivatives, it will internally modify FILE.ReceivedFileName to append .pgp if that property is set.
So, if you use just %SourceFileName%, you will likely get the desired result. Otherwise, you will have to explicitly set FILE.ReceivedFileName to ABC.txt somewhere before the PGP component.
You can also modify the source code to remove this behavior.
(Same Answer)
Thanks Johns-305. I included the Message assignment shape before the send shape and used the
SendMessage(FILE.ReceivedFileName) = "ABC.txt";
In the Send Port I used Filename as "%SourceFileName%". Now I get the filename as ABC.txt.pgp in the Send Port
I need a piece of code that defines functions which can encrypt and decrypt a piece of string. What I basically want is that the string should not be visible to third-party users, so that when the string originates in one file, it is converted to, say, an integer value using the encrypt function and then it is passed as parameter to another file. There the decrpyt function then decrypts it back and uses the string to perform actions on it.
Any suggestions or already available codes will be just fine!
Please help me out. Thanks!
Install tcllib. There are several standard encryption algorithms implemented in tcllib.
The following encryption algorithms are available:
blowfish: http://tcllib.sourceforge.net/doc/blowfish.html
aes: http://tcllib.sourceforge.net/doc/aes.html
des (including triple des): http://tcllib.sourceforge.net/doc/des.html
rc4: http://tcllib.sourceforge.net/doc/rc4.html
The des package in Tcllib should do what you want. It's pretty easy to use:
package require des
set key "12345678"; # Must be 8 bytes long
set msg "abcde"
##### ENCRYPTION
set encryptedMsg [DES::des -dir encrypt -key $key $msg]
# $encryptedMsg is a bunch of bytes; you'll want to send this around...
##### DECRYPTION
set decryptedMsg [DES::des -dir decrypt -key $key $encryptedMsg]
puts "I got '$decryptedMsg'"
Note that DES will pad the message out to a multiple of 8 bytes long.
Please visit the TCL/TK homepage e.g
here:http://wiki.tcl.tk/900
That's just one way of doing it. There will be much more, I'm sure.