I have a SSIS package that writes the output to Flat file.
Now I need to PGP encrypt the output file and further decrypt in other packages. I am curious if anyone knows of how to do this, or better yet a website with helpful hints on how to do it.
Thanks
Assuming you want to do the en/de-cryption within SSIS, the simplest method will probably to explore the command line version of whichever encryption software you are using, and execute it using an Execute Process task.
If you haven't yet selected encryption software, obvious choices include PGP (commercial) and GnuPG (open source).
The other option would be to write .Net code to carry out en/de-cryption in a Script Task - this would require a .dll from PGP or GnuPG. Various generic .Net examples (not specific to SSIS) are available - like this one - but I can't comment on their completeness or quality.
This SQLServerCentral thread may have some useful pointers.
For stable, well-supported and updated PGP-compatible SSIS task check our BizCrypto product.
Check the third-party commercial CozyRoc SSIS+ library. It includes OpenPGP Task and many other useful extensions.
Related
I'd like to know whether it's possible to encrypt the compiled code in a Unity3D build in a way that de-compiling dlls won't give access to the legible source code to a potential hacker.
Cosmore pointed out in this post that it's possible to
'encrypt the assembly dlls and modify the mono loader (libmono.so)'
My question is, has anybody done this? If so, how? And can it be done on Windows, Mac and Linux builds?
If this is not possible, is there another way?
But the hacker should be capable to run the build (ie. play the game)?
Then in principle it's not possible. While you can encrypt the code, you have to also provide the key, so people can play it (decrypt).
So you are just adding one more layer of obfuscation for hacker. A seasoned hacker will simply disassemble the dll loader and put a breakpoint to a place where the content is decrypted already, and dump that for further tinkering.
That said, not every hacker is a seasoned hacker, and few layers of (unexpected) obfuscation may turn them away. So practically some encryption/obfuscation is done by some people, even if in principle it's hopeless.
There is a file in my server which is encrypted using IonCube encryption, is it possible to decrypt this file? if so what are the steps to be done?
Thanks
from what i could find out about ionCube in the last five minutes, it compiles the code to some bytecode and encrypts that bytecode. decryption can be done on a licensed machine only.
so i think it will be possible (with more or less efford) to tamper the runtime on a licensed machine to obtain the unencoded bytecode, since all needed crypto stuff has to be there for the normal operation.
decompiling that bytecode back to readable PHP code is a totally different thing ... at least all comments will be gone, and since it does compiler optimizations, it's unlikely to be able to reproduce the same code. probably a great efford.
It is actually possible, i lost the plain text source code to some of my projects and only had encrypted copies left, there is a certain web service out there that will decrypt ionCube php files, complete with original spacing and comments... Although it isn't cheap!
I have a bunch of R scripts which I am running on a Windows machine and want to ensure that the code remains unread by those not intended to see it. On a Linux box, I could wrap the R code in a bash script #! and make an encrypted (and perhaps even a limited-life) executable shell script. What are my options to do something on similar lines under Windows?
My answer is a bit late, but I believe this is a good question. Unfortunately, I don't believe that there is a solution, or at least an easy one, at the present time.
The difficulty is common because, for most interpreted languages, including R, it is often possible to turn on logging and inspection of all commands being run. This can negate many tricks to obfuscate the code.
For those who prefer to think of code being open == good, one should know that a common reason to obfuscate the code is if one is consulting with a client that hires multiple vendors. It is not uncommon for a client to take scripts from vendor A and ask vendor B why it doesn't work with their system. (This may be done by a low-level IT flunkie, rather than someone responsible for the NDA contracts.) If A & B are competitors, A's code has just been handed to B. When scripts == serious programs, then serious code has been given away.
The ways I've seen this addressed are:
Make a call to a compiled language, and use standard protections available there.
Host the executable on a different server, and use calls to the server to execute the calculations. (In R, there are multiple server-side options.)
Use compiled (preprocessed / bytecode) code within the language.
Option 2 is actually easier and better when the code may be widely distributed, not just for IP reasons. A major advantage is that it lets you upgrade the code without having to go through the pain of a site-wide release process. If new libraries are needed, no problem - update the server.
Option 3 is done in Matlab with .p files, and can be done with py2exe for Python on Windows. In R, the new bytecode compilation may be analogous, but I am not familiar enough with it to address any differences between .Rc files in the R context and .p files in the Matlab context. For more info on the compiler, see: http://www.inside-r.org/r-doc/compiler/compile
Hosting computations on the server is great for working with unsophisticated users, because it is easier to iterate quickly in response to bugs or feature requests. The IP protection is simply a benefit.
This is not a specifically R-oriented strategy. (And it's a bit unclear what your constraints or goals really are anyway.) If you want a cross-platform encryption method, you should look into the open-source program TrueCrypt. It supports creating encrypted files that can be mounted as volumes on any machine that supports the volume formatting method. I have tested this across the Mac PC divide , since the Mac can read FAT files, but have no experience with how it might work across the Linux-PC chasm.
(Their TODO list for Windows includes;"Command line options for volume creation (already implemented in Linux and Mac OS X versions)". So I don't see any clear way to use this from within R without you running the program from the OS.)
I don't think this is possible because the R interpreter has to be able to decrypt and read the code in order to execute it which means that whoever is using that interpreter will also be able to decrypt and read the code.
I am by no means an expert, so I reserve the right to be 100% wrong about that statement.
I believe the best solution is to ensure value comes from the expertise and services provided by your company and it's employers---not from keeping secrets.
Failing that, you could try separating the code into a client/server model. That way the client just sends data and receives results---they never have access to the code that runs on the server.
However, the scientist in me just said "that solution sucks and I would never trust results provided under such conditions".
What tools are available to encrypt or password-protect a file stored on the IFS?
*integrated file-system, accessible from Windows
You could setup object security so only certain users can view the file.
There are encryption tools available for purchase. There is also some built-in APIs for encrypting.
Here are some resources to look into:
Scenario: Key Management and File Encryption Using the Cryptographic Services APIs
The Next Step in Security
A Simple Encryption/Decryption Algorithm for Numbers
Cryptographic Services APIs
Most of these articles deal with encrypting data in a table, but the concepts should help you encrypt a file on the IFS.
Or you could simply encrypt the file from a Windows box with ccrypt or TrueCrypt (perhaps not what you are looking for). Both are free. As is GnuPG which has a windows port and is probably the best of the bunch.
Don't forget that iSeries with PASE can run many AIX programs as is.
ccrypt for AIX could almost definitely be made to run on the iSeries and be called from QSH. And similarly for GnuPG for AIX; it could be run on the iSeries itself.
There is PkZIP for the iSeries which can provide encryption.
You could also 'roll your own' encryption using Java Cryptography.
We are currently using Arpeggio, which is free. We used to use PKZip, but were able to replace that tool with the free Arpeggio software. Seems to work well
You can set the authority to the file so only users in one group have access to it. I think its option 9 I don't have access to a iseries at this moment.
You can pull a port of GnuPG from Scott Klement's website at : https://www.scottklement.com/gnupg/. We have been using it without issue for years.
A lot has changed since this question was asked! IBM i now has extensive support for open source software in PASE. Several of the other answers here mention packages that IBM now provides for no cost as RPMs, easily installable via yum (or the Access Client Solutions GUI, which includes a graphical front-end for yum). Here is just a sampling of IBM-packaged tools you could use for encryption of IFS files:
GnuPG
p7zip (POSIX version of 7-Zip, compatible with and mostly superior to PKZIP)
Python, Node.js, and other programming languages, with access to various encryption libraries
Note that the RPM-based packaging is only supported on IBM i 7.2 and above. (Some people have been able to get it working on 7.1, but this requires the right combination of PTFs and know-how.)
For those on older (and by now, far out of support) versions of IBM i and its predecessors, you may be able to use Scott Klement's ports of GnuPG and p7zip, or Per Gummedal's iSeriesPython.
I recently discovered the org-mode in emacs and it works very well for me. I also like www.RememberTheMilk.com. I would like to be able to sync my org-mode file and RTM list. I know that RTM has its API exposed as web services. I am currently looking for a HTTP library that I could use to write my script. I found a couple of links but I am still not entirely satisfied.
http://www.koders.com/lisp/fidB46CCCA8D57FBD093BAF6E08289CFB4DA7624B2B.aspx?s=TV+Raman
http://www.emacswiki.org/cgi-bin/wiki/http-post-simple.el
Any pointers in doing web service interactions with emacs would be very useful. Also please keep in mind that I'm not a seasoned emacs expert. I have broken the initial barriers of emacs and can find my way around elisp. So, be gentle. :-)
Emacs ships with url.el and url-http.el. Although http-get.el, http-post.el and http-cookies.el are in vogue today. Here's the GitHub link where you can get it from.
http://github.com/wfarr/dotfiles/tree/master/.elisp
Any other suggestions are also welcome.
If I were to work on this, I'd use Pymacs to interface Emacs to Python and then use the existing Python API kit for Remember the Milk. Why re-implement all the HTTP crud yourself?