I want to encrypt an image using PHP and decrypt it in an Android app. I found someone suggest to use MCrypt. However, I noticed that ImageMagick, which I use to convert pdf into jpg, seemed to have ability for encryption. Can I use ImageMagick to encrypt the jpg at the server side and decrypt it using JAVA? Thanks very much.
As per documentation
"ImageMagick only scrambles the image pixels. The image metadata remains untouched and readable by anyone with access to the image file.
ImageMagick uses the AES cipher in Counter mode. We use the the first half of your passphrase to derive the nonce. The second half is the cipher key."
To decrypt the image on the client side, you would have to keep the image header as is and decrypt the remainder of the file using the password with which it was encrypted with. That will require custom coding with knowledge of the image format internals. You will also have to find out how the nonce is derived from the passphrase.
You can alternatively use a SSL connection between the client and server or use any cryptographic scheme available in both PHP and Java either with symetric key or public key encryption as per your requirements.
Related
I need to encrypt plain text and send it as plain text via JSON
I also need to receive the plain text that was encrypted from JSON and decrypt it to the original plain text.
All examples I can find suggest using encrypt 5.0.1
I can see how they encrypt the text and decrypt the encrypted text but there is no example where you can actually decrypt the plain encrypted text back to the original text.
String Encryption package is not supported anymore and Flutter will not accept it as a valid package anymore.
Could you please give me an idea where to look to solve the issue?
I have been using Google Keyczar for encrypting data in my JAVA app. And I want to change the crypto solution to Google Tink.
But the problem is the already encrypted data by Keyczar. Can I decrypt them by Tink?
If yes, I want to change the crypto solution from Keyczar to Tink. If no, I have to think about another solution.
Thank you.
I did it.
Keyczar is using AES. So I use TinyAES.
Keyczar is also using HMAC. So I use HMAC of avr-crypto-lib.
Just one thing is I have to extract the key from Keyczar key.
I'm trying to make an app where I take pictures from users add them to a canvas, draw stuff in them, then convert them to a base64 string and upload them.
For this purpose I'm considering the possibility to use a cdn but can't find information on what I can upload to them and how the client side uploading works. I'd like to be able to send the image as base64 and the name to be given to the file, so that when it arrives to the origin cdn, the base64 image is decoded and saved under the specified name (which I will add to the database on the server).Is this possible?Can I have some kind of save.php file on the origin cdn where I write my logic to save the file and to which I'll send XHR requests? Or how this whole thing work?I know this question may sound trivial but I'm looking for it for hours and still didn't find anything which explains in detail how the client side uploading work for CDNs.
CDNs usually do not provide such uploading service for client side, so you can not do it in this way.
when client select a file with upload component, I need to implement PGP encryption from client side with JSF 2 (Create a faces component) or primefaces 2.2 (I dont see anything from client side in the upload component), because the file has confidential information, encryption from the server does not help, can you give me some help or any idea?
JSF/PrimeFaces wont help you much - if you have to encrypt the file before sending it will all have to be done client side in JavaScript. So you have to read the file in JS, encrypt in JS, and then you can encode encrypted contents with something like Base64, assign that value to inputText and then submit to server.
See JavaScript read file contents
and
http://www.hanewin.net/encrypt/
Getting ready to submit my app to the Apple's Itunes store and got puzzled by a question during the submission process: "Export laws require that products containing encryption be properly authorized for export...... Does your product use encryption?"
I've used CommonCrypto CommonCryptor.h to encode settings file against its unauthorized modifications.
So now I'm not sure if I have to remove all the encryption completely and leave just an xml file basically as is or should I use some other method to protect the file.
What other simple protection mechanisms I can use to protect it and at the same time do not use any encryption so I can submit my app without tons of extra paperwork?
Your use of "encryption" is not subject to US export rules because it's not for "information security" (I think you answer "yes, yes, yes, no" or so, ICBW, or they could have changed the order). Essentially, if it doesn't stop the NSA from spying on you, they're happy to let you use it.
However, encryption traditionally provides confidentiality, not message integrity. If you want to ensure that the user hasn't tampered with the settings file (e.g. by editing the iPhone backup), just save it with a MAC. That is,
Generate a MAC key (pull some bytes out of /dev/random).
Calculate the MAC of the file when you save it (see Objective-C sample code for HMAC-SHA1; note that the accepted answer is actually HMAC-SHA-256)
Append the MAC to the end of the file (or set it as a file attribute, or stick it in another file).
When reading, calculate the MAC on the file and verify that it's the one you saved. If it's appended to the file, you'll have to remove the last few bytes (e.g. [NSData dataWithContentsOfFile:path], then -subdataWithRange: twice to get the "message" and MAC, then verify the MAC, and parse the "message" if verification succeeds.
It won't stop someone with a jailbroken phone from extracting the MAC key from your binary, but not much will. It also won't stop someone from reading the plaintext settings file, but that might not be such a problem.
If you're generating the file on a computer you control (e.g. it's a file downloaded from a server), then sign it. Technically, RSA signature validation is equivalent to encryption, but I don't think it counts as encryption for export purposes (if it does, it's for "authentication" purposes and still doesn't count). DSA signature validation isn't encryption (I think, the math behind it went way over my head) and should also be fine.