Programming :: Libgrypt And Symmetric Block Cipher?
May 1, 2011
i have a program which have to encrypt data by using a symmetric block cipher with cbc encryption mode . it seems, that the IN data length must be a multiple of the cipher block length. is there a possibility to advice libgrypt to do the padding of the IN buffer automatically or must i do this manually? in case of manual padding: what is the recommended strategy to perform high security? fill with zeros or random numbers
View 1 Replies
ADVERTISEMENT
Apr 14, 2011
I am having difficulties setting up Symmetric NAT through iptables.
First things first:
"A symmetric NAT is one where all requests from the same internal IP address and port, to a specific destination IP address and port, are mapped to the same external IP address and port. If the same host sends a packet with the same source address and port, but to a different destination, a different mapping is used. Furthermore, only the external host that receives a packet can send a UDP packet back to the internal host."
Need:
I am working on a SIP application and SIP apps face a problem with NATed networks. STUN is a solution to such a problem and my SIP application has an embedded STUN client functionality.
Scenario and Technical Details:
192.168.0.200
+-----------------+
| ClientA - My IP |
+-----------------+
|
|GW:
| eth0 eth1 (example public IP address)
| 192.168.0.1 | 123.123.123.123
+-------------|-------------+
| NAT1 |
+-------------|-------------+
|
|
|
stun.1und1.de |
+---------------------------+
| STUN Server |
+---------------------------+
I am using WinSTUN, which requires a STUN Server address (such as the one I specified above) to return my type of NAT. What I need to achieve is Symmetric NAT through iptables, on the GW server, only on my IP address (192.168.0.200). I don't want it to affect the whole network. I am running CentOS release 5.4 (Final), and iptables v1.4.10
View 1 Replies
View Related
Apr 14, 2011
I am having difficulties setting up Symmetric NAT through iptables and I hope you can help me with this issue. First things first: "A symmetric NAT is one where all requests from the same internal IP address and port, to a specific destination IP address and port, are mapped to the same external IP address and port.If the same host sends a packet with the same source address and port, but to a different destination, a different mapping is used. Furthermore, only the external host that receives a packet can send a UDP packet back to the internal host."
Need: I am working on a SIP application and SIP apps face a problem with NATed networks. STUN is a solution to such a problem and my SIP application has an embedded STUN client functionality. Scenario and Technical Details:
[Code]...
View 2 Replies
View Related
May 31, 2010
I just upgraded to Fedora 13, with emacs 23.1. Now when I edit a .gpg (encrypted) file, emacs doesn't cache the passphrase, so when I save the file emacs demands that I repeat the passphrase twice.Previously, the following line in .emacs made it cache the passphrase:
Code:
(setq epa-file-cache-passphrase-for-symmetric-encryption t) This is supposed to work, according to the documentation [URL], but in Fedora 13 emacs it seems to have stopped working.
View 1 Replies
View Related
Oct 20, 2010
Can anyone suggest me any open Source Testing tool for testing SMP?
View 1 Replies
View Related
Feb 23, 2010
I'm trying to figure out why Apache is ignoring SSL Cipher statements when placed inside a Virtual Host. Specifically I'm trying to disable SSLv2 and only allow SSLv3 or TLSv1
In httpd-ssl.conf I have the following
Code:
And when I try and connect, I get the expected results.
Quote:
In my virtual host statement I have
Code:
The only difference between the two is the httpd-ssl.conf has -ALL in the CIPHER, and the virtual host entry has ALL. However if I try and change the ALL statement in the virtual host entry to -ALL I get the following error in my logs & get no content.
Quote:
Why it's not working in the virtual host statement? Unfortunately as many of you are probably aware it's impossible to gain PCI certification with SSLv2 enabled.
View 5 Replies
View Related
Sep 22, 2010
How do you find what typs of crypto ciphers are supported.? I've dumped out /proc/crypto, which lists out a bunch of types, but none of the names listed seem to work. So far I have only got a couple types to work, the default(when I don't supply cryptsetup any cipher type) aes-cbc-plain and aes-ecb.
Since I don't even see aes-cbc-plain in /proc/crypto
View 4 Replies
View Related
Jun 13, 2011
I have had for a test installed Feodora but was so silly checking the box for encryption the HD. Now I tested all for removing Feodora (no data anymore on the disc) but even the test unlocking this from my ubuntu system failed with the following error:Error unlocking device: cryptsetup exited with exit code 251: Command failed: Failed to setup dm-crypt key mapping.Check kernel for support for the aes-xts-plain64 cipher spec and verify that /dev/sdb2 contains at least 508 sectorsI installed some encryption packages in the meantime - but non was helpful.Would some kind person - who understands this better than I - please provide the detailed steps needed to mount and unlock the encrypted Feodora installed hard disc. Maybe one of you know which packege I have to install.
View 2 Replies
View Related
Jun 6, 2011
I've been using pdfTk to encrypt PDFs for distribution to unsophisticated users (that is, users without PGP keys or the will to get one). RC4 encryption, although reasonably adequate for my use, is relatively insecure. I would be more comfortable with AES. Have any gnu tools emerged that implement AES within a PDF container?
View 2 Replies
View Related
Feb 26, 2016
I had a pretty much standard installation according to some tutorial (I don't remember, which one) for courier, including ssl. After upgrading from Wheezy (7) to Jessie (8) everything continued working fine, excep ssl connections to pop or imap.
In the log I get this error message while connecting to imapd-ssl:
Code: Select allFeb 26 20:16:22 mx imapd-ssl: couriertls: connect: error:1408A0C1:SSL routines:SSL3_GET_CLIENT_HELLO:no shared cipher
First I thought there got some chiphers removed from default configuration. But even when I try to allow all protocols and all ciphers:
Code: Select allTLS_PROTOCOL="SSL23"
TLS_CIPHER_LIST="ALL"
And then test via s_client:
Code: Select all# openssl s_client -connect 127.0.0.1:993 -cipher ALL
CONNECTED(00000003)
3073349308:error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure:s23_clnt.c:770:
---
no peer certificate available
---
No client certificate CA names sent
---
SSL handshake has read 7 bytes and written 341 bytes
---
New, (NONE), Cipher is (NONE)
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
---
TLS over STARTTLS is also not working and does not invoke a log-entry. So I want to solve the ssl-problem first. I guess the STARTTLS-problem is automatically solved then.
My update procedure was:
Editing /etc/apt/sources.listapt-get updateapt-get upgradeapt-get dist-upgradeKeep all configuration files regarding courier.
View 2 Replies
View Related
Apr 23, 2010
I tried to get a block of lines in awk, but unfortunately it returns output of one line only. I don't state the code here, because it's too short and too poor. What exactly I wanted to do: from file "/boot/grub/menu.lst" get blocks of lines, starting by title and ending by Now I have just
Code:
script="/boot/grub/menu.lst";
OLDIFS=$IFS; IFS=$'
';
[code]....
I want to get every block as one row of array.
View 14 Replies
View Related
Sep 17, 2010
I have one password text file: username<tab>password, I want to wrote any bash script to check if certain user exist at this file, if did exist print out the password. I get stocked at password value to AWK if block:
#!/bin/bash
FILE="$1"
if [ ! -e "$FILE" ]
then
[code]....
it not work , but if I change toassword=$(awk < $FILE -F\t '{ if (test $1=="JIMMY2") print $2;}') it works, anything wrong $1==$user_name? $FILE is the password file, -F\t is use tab as delimiter.
View 4 Replies
View Related
Nov 30, 2010
Is there an easy example of a block device driver I could follow as a guide to write my own module?
View 5 Replies
View Related
Dec 3, 2010
I'm facing a scenario in which i need to block messages from being passed onto a message queue when my code is running. how to proceed.
View 8 Replies
View Related
Apr 26, 2010
I try to get uuid value from variable block got from menu.lst.This try does not work. What is wrong?
Code:
uuid=$( echo $block | awk --re-interval '/(root=UUID=/{ x=gensub(/([0-9a-f-]{36,36})/,"\1","g");
print $1}')
View 14 Replies
View Related
Oct 16, 2010
How do you go about getting the raw size of a block device under Linux from within a C program? And I mean the raw size of the block device itself, not a file system that may or may not be installed on it. And I'd like to be able to get the raw size of any block device, from hard drives (e.g., /dev/sda) to LVM partitions (/dev/mapper/vg0-home) to loop devices to anything else that is a Linux block device.
View 3 Replies
View Related
Nov 22, 2010
I have a log file and want to extract all blocks of text that start with START and ends with END. Each block is 5 lines.
Code:
--- START
blah blah blah
[code]...
View 1 Replies
View Related
Feb 13, 2009
I'm setting up a machine that's going to be used to test randomly connected tape drives one at a time, and as such, I'm writing the test routine using mt in a bash script, for user-friendliness. The problem is the block device name changes on occasion as tape drives are swapped out and busses are rescanned, so I can't "hard code" a block name into the script.
I know programs like lsscsi and hwinfo will give you block device names as part of their output, but I can't seem to grep anything in such a way as to have the final output be just the block name (ie /dev/st2, or optimally 'st2'), so that I can just have the script read said output, and drop it into the necessary variable.
View 2 Replies
View Related
Mar 16, 2010
So I have file which looks something like this:
cat .opera/operaprefs.ini
Code:
[User Prefs]
Language Files Directory=
[code]...
View 1 Replies
View Related
Nov 1, 2010
I have a write call to a ttyACM serial device that blocks after several hundreds bytes are written.I'm writing in ~25 byte chunks, so I have 5-8 successful writes, then the next write blocks forever.I can bypass the blocked call using select, but I can never call write again without closing and re-opening the port.
The serial port is opened correctly because I can read from it just fine. Write permissions are correct, and it's opened RW.The code is likely correct because I tested the same code using the same device on a pure RS-232 serial port, and it worked fine - no block. Is there anything to know about the linux ACM module?It's my understanding that write calls basically shouldn't block.They're supposed to return -1 if there's an error.
View 1 Replies
View Related
Jul 15, 2011
What I want to do is from a file having block like
<event>
8 3 0.2685416E-02
2 -1 0
21 -1 0
[code]...
The first line after the "<event>" is its process-id, so I would like to have at the end a summary of how many "event" block I have for each type, ie how many
6 1 0.2685416E-02
or how many
7 2 0.2685416E-02
etc etc
I do not know in advance how many different-kind of block I will have, so it has to be a bit smart to scan the file, and make an new "summary" info for each unique type I was using something like
awk '/<event>/,/</event>/{if ($3 -eq 0.2685416E-02 ) { print $1" "$2" "$3}}' file > out
and then
grep -c "$1" "$2" "$3" but with no success since my awk commands prints all lines of each block
Suppose, that in advance I do know the $3, ie the 0.2685416E-02 which is a kind of weight
View 8 Replies
View Related
Apr 15, 2011
I am trying to run C++ program on linux.
My program consume a lot of memory so that the memory is used up fast and memory swap is very high.
I can find this by "ps" .
My program is long.
I need to find out which part of my program consume so much memory ?
View 1 Replies
View Related
Jul 31, 2011
I have a C program like this:
...
CODE_BLOCK;
...
I want to know how much CPU time spent on CODE_BLOCK. Since the process executing CODE_BLOCK may be preempted during execution, this CPU time may not be equal to the (wall-clock) time elapsed from the beginning of CODE_BLOCK to the end of it.
View 3 Replies
View Related
Jul 12, 2011
Here [URL].. it says that you need to provide a block size to open an archive. What does that mean, and what would be a good number to use?
View 1 Replies
View Related
Dec 15, 2010
I have a clump of text that needs to be broke up:gdbm Sat 07 Feb 2009 03:28:18 AM EST libattr Sat 07 Feb 2009 03:28:18 AM EST db4 Sat 07 Feb 2009 03:28:19 AM EST mktemp Sat 07 Feb 2009 03:28:19 AM EST keyutils Sat 07 Feb 2009 03:28:20 AM EST pcre Sat 07 Feb 2009 03:28:21 AM EST setserial Sat 07 Feb 2009 03:28:24 AM EST zlib Sat 07 Feb 2009 03:28:24 AM EST gawk Sat 07 Feb 2009 03:28:25 AM EST readline Sat 07 Feb 2009 03:28:26 AM EST rhpl Sat 07 Feb 2009 03:28:28 AM EST cracklib-dicts Sat 07 Feb 2009 03:28:37 AM EST setools Sat 07 Feb 2009 03:28:37 AM EST hal Sat 07 Feb 2009 03:28:38 AM EST which Sat 07 Feb 2009 03:28:39 AM EST Is there a way to get everything after the EDT in the text to be moved to a new line?
View 13 Replies
View Related
Nov 8, 2010
In one of our core dump we have the followings in the core back trace:
#0 0xb77bf947 in raise () from /lib/tls/libc.so.6
#1 0xb77c10c9 in abort () from /lib/tls/libc.so.6
#2 0xb77f56ba in __fsetlocking () from /lib/tls/libc.so.6
#3 0xb77fcf7f in mallopt () from /lib/tls/libc.so.6
#4 0xb77fd022 in free () from /lib/tls/libc.so.6
It occurred in a memory block free operation. From our analysis, there seems no issue relate the the memory block it self. The memory pointer pointed to the right memory block to be freed and the contents of the memory seems right (not corrupted), in one world, there is nothing obviously wrong. Does any one have any ideas what could be wrong when seeing about?
View 1 Replies
View Related
Mar 22, 2011
I am going to create a parent process and fork a child process from it. I want to write a code in such a way that whenever my child process end it must indicate that the child process is terminated by a signal or not. This code must be written in the parent process block.
View 6 Replies
View Related
Dec 14, 2010
In 10.04 I was using the following commands to mount an encrypted disk image:
Code: sudo losetup -f Which tells what loop back device block is available Then I'd type:
Code: sudo losetup -e aes /dev/loop0 /home/user/crypt.img and then enter the device's password
Code: sudo mount -t ext4 /dev/loop0 /media/crypt I've tried this in 10.10 and it hasn't been working (I can't remember if I did anything in 10.04 to make it work). I've installed the loop-aes-utils package and restarted my machine. Every time I try the 2nd step, after entering the password I get: Code: ioctl: LOOP_SET_STATUS: Invalid argument, requested cipher or key length (128 bits) not supported by kernel
View 1 Replies
View Related
Sep 23, 2015
Just installed Debian 8 last night and trying to run one a few of my scripts that use easygui (a front-end for python-tk basically) and I keep getting alloc: invalid block any time a file or folder selection dialog is presented. I'm able to select a file/folder with no issues, but once the dialog closes I get a variation of what appears to be a memory error followed by alloc: invalid block.
Here's one of my scripts that does it. This one pops up a file selection dialog pretty early on to ask for a file to check, and as soon as I select any file the dialog closes and that error appears in the terminal. It happens whether I run it with Python 2 or Python 3. You will need to install python3-easygui for this script to run properly if you want to check for yourself what happens. This is a first time encountering this error for me.
View 1 Replies
View Related
May 20, 2010
algorithm:breada
input: file system block number for immediate read
file system block number for asynchronous read
output:buffer containing data for immediate read {
if(first block not in cache) {
get buffer for first block
if(buffer data not valid)
initiate disk read }
if(second block not in cache) {
get buffer for second block)
if(buffer data valid) //line 1
release buffer else
initiate disk read //line 2 }
if(first block was originally in cache) //line 3 {
read first block
return buffer }
sleep (event first buffer contains valid data)
return buffer }
Here is an algorithm for block read algorithm. I have problem in
line 1: If buffer data is valid why is it releasing the buffer?
line 2: If buffer data valid why is it initiating disk read. It should have read directly from buffer?
line 3: It should be the first condition as if it is there in cache then it should return it without delay?
View 5 Replies
View Related
