I am using the encryptor gem from https://github.com/shuber/encryptor and need to be able to have a url safe values. Is there an algo. that support this?
I decided to base64 encode the encryption result.
Related
I have been using Google Keyczar for encrypting data in my JAVA app. And I want to change the crypto solution to Google Tink.
But the problem is the already encrypted data by Keyczar. Can I decrypt them by Tink?
If yes, I want to change the crypto solution from Keyczar to Tink. If no, I have to think about another solution.
Thank you.
I did it.
Keyczar is using AES. So I use TinyAES.
Keyczar is also using HMAC. So I use HMAC of avr-crypto-lib.
Just one thing is I have to extract the key from Keyczar key.
I have been working with Amazon's Producct Advertising API for a while now. I was successful in integrating all features provided by this in my app. But the only one remaining is the Cart Create operation which requires an HMAC-SHA256 signature to be generated and used for all the cart actions to be performed. I have gone through the docs and all the threads available regarding this issue but nothing seems to me work in my case.
I have even gone through multiple gems but no one provides a solution for this. I am currently using Vacuum gem with Ruby 2.2.3, Rails 4.2.5.
Question: I mainly need to understand how to generate this HMAC signature so that I could use it in all cart related actions.
The HMAC signature can be created using Ruby's OpenSSL support. This must then be Base64 encoded so that it can be sent over the wire. The basic premise is as follows
require 'openssl'
require 'Base64'
key = "your-secret-access-key"
data = "data you want signed"
signature = Base64.encode64(OpenSSL::HMAC.digest(OpenSSL::Digest.new('sha256'), key, data)).strip()
Adapting the above to your needs, the key is your AWS Access Key, and data is the string representation of the request you want to send, as described here.
How you construct the data string is implementation specific but a common approach is to build a canonical string from the actual request object (most commonly Net::HTTP:HTTPRequest). Hope this helps.
I want to encrypt an image using PHP and decrypt it in an Android app. I found someone suggest to use MCrypt. However, I noticed that ImageMagick, which I use to convert pdf into jpg, seemed to have ability for encryption. Can I use ImageMagick to encrypt the jpg at the server side and decrypt it using JAVA? Thanks very much.
As per documentation
"ImageMagick only scrambles the image pixels. The image metadata remains untouched and readable by anyone with access to the image file.
ImageMagick uses the AES cipher in Counter mode. We use the the first half of your passphrase to derive the nonce. The second half is the cipher key."
To decrypt the image on the client side, you would have to keep the image header as is and decrypt the remainder of the file using the password with which it was encrypted with. That will require custom coding with knowledge of the image format internals. You will also have to find out how the nonce is derived from the passphrase.
You can alternatively use a SSL connection between the client and server or use any cryptographic scheme available in both PHP and Java either with symetric key or public key encryption as per your requirements.
I develop for iOS primarily and I'm flirting with Rails as I divorce PHP, so I'm having my first encounter with Paperclip.
Looking for a simple example of the request format Paperclip is expecting, it seems that everyone is encoding their images to base64 on the client before sending the data to Rails. But when their Rails receives the data, they just unpack the base64 and pass the image into paperclip.
Why do people encode and decode their image data when sending it to rails?
Is there any way that a plaintext png byte stream would get corrupted where base64 wouldn't?
Or is this just an early optimization for security reasons?
Here is a related question about why base64 encoding is used Why do we use Base64? and here is a quote from there that relates to embedding images in html.
Historically it has been used to encode binary data in email messages where the email server might modify line-endings. A more modern example is the use of Base64 encoding to embed image data directly in HTML source code. Here it is necessary to encode the data to avoid characters like '<' and '>' being interpreted as tags.
From what I found both libraries aws-sdk and aws-s3 (Ruby) provide methods to download S3 object data only in string chunks. I'd like to be able to read it in binary chunks, so that it resembles file I/O and be more efficient. Does anyone know if there is a supported way to do it? One hack that I thought about is creating an access URL for the S3 object (S3 functionality) and download the file with some HTTP client library. What's a good library for that in Ruby?
P.S.: I need to stream data, so that I can decrypt files on-the-fly. AWS has client-side encryption library only in Java SDK.
So, it turns out in ruby (since 1.9?) a string of encoding ASCII-8BIT is used as a binary block, so you have to work with that. P.S.: net/http is a ruby http client library that can be used to read response body.