ActionScript 3.0 :: MD5 "encryption" The Same In PHP?
Mar 6, 2010
I am currently in need of being able to encrypt a string to MD5 (yes, I know you don't technically encrypt it, since you can't really decrypt it, but I'm not sure what to call it, and you get the point!)
A few weeks back I needed some MD5 for a PHP and MySQL site, and several people warned of the fact that the PHP function for encrypting and the MySQL function for encrypting don't always return the same results.
It is very important for me to find an AS3 function as well as a PHP function that returns the exact same MD5 string when the same parameters are passed into both functions.
Currently writing my own AMF TcpSocketServer. Everything works good so far i can send and recieve objects and i use some serialization/deserialization code. Now i started working on the encryption code and i am not so familiar with this stuff.I work with bytes , is DES-CBC a good way to encrypt this stuff? Or are there other more performant/secure ways to send my data? Note that performance is a must :). When i call: ReadAmf3Object with the decrypter specified i get an: InvalidOperationException thrown by my ReadAmf3Object function when i read out the first byte the Amf3TypeCode isn't specified ( they range from 0 to 16 i believe (Bool, String, Int, DateTime, etc) ).I got Typecodes varying from 97 to 254?I think it has something to do with the encryption part. Since the deserializer works fine w/o the encryption. I am using the right padding/mode/key?
I used: http:[url].... as as3 encryption/decryption library. And i wrote an Async tcp server with some abuse of the threadpool ;)Anyway here some code:
C# crypter initalization code System.Security.Cryptography.DESCryptoServiceProvider crypter = new DESCryptoServiceProvider();[code]........
I am creating a TCP connect with Flash to a C# daemon. Now I have come to the part of encryption... I know that Flash is decompilable and so not safe to store private keys on. I need 2 way encryption because of the messages that have to be send back to the Flash client. I have been thinking and googling, but cannot find a proper solution yet.
Is there any way to create a direct data connection between two flash clients without the use of Cirrus?
I'm asking because I create a multiplayer iPhone game with flash which currently uses Cirrus for all online multiplayer data. now I read that, if your iPhone app uses encryption (which cirrus does) you need to go through a long encryption export approval process by the U.S government. I want to avoid this, so now i'm looking for another method to exchange data directly between clients without having to route all traffic through my server.
I would like to protect my published SWFs against decryption.I've found some commercial tools performing what I need, but I think it's always wise to wait and think about it before spending money. Does anybody know valid (freeware) alternatives to do that? Do you currently protect your SWF? What may be my satisfaction level of protection (I am perfectly conscious that a perfect encrypter does not exist, but if decryption is difficoult, maybe a not-so-motivated hacker would give up)?
I've got an AS3 loader making a Get URLRequest on the local machine (not browser based). The URL being reported back has this:[url]explain why [[DYNAMIC]]/3 is being appended to the URL at runtime? No encryption has been applied to the swf file. What does [[DYNAMIC]] mean?
what's the recommended method to encrypt flash files? i'd like to make some flash programs that are commericals, how can i made sure that they won't get decrypted or to make sure that i used to strongest file encryption possible.
we have one application where we are pulling some confidential information from one of the product design tools. So we have used HTTPS as the channel and also we are encrypting the Request Parameters and Some data before we sent it to Web Services.Everything seems OK.But when we gave the application for Security auditing they found we have hard coded the encryption key in source code. They have used Sothink SWF Decompiler to look into my SWF file. They caught the key and raised concern over it.
We have developed this application using Flex 3(SDK 3.4). Is there any best way to use Secret key without being hard coded in source code. If anybody come across this kind of problem, please let me know. use the secret keys in SourceCode without being Hard coded.
Here is my sample code:
var currentResult:String = ""; var strDataToEncrypt:String = ""; var kdata:ByteArray;
I'm using as3crypto classes for encryption/decryption of a string. The encryption is ok (I'm using the following encryption method):
Code: var cut:ByteArray = new ByteArray(); cut.writeUTFBytes(iutime); var key:ByteArray = new ByteArray(); var random:Random = new Random(); random.nextBytes(key, 8); var aes:ICipher = Crypto.getCipher("blowfish-ecb", key, Crypto.getPad("pkcs5")); aes.encrypt(cut);
Now, I'm trying to decrypt the encrypted string using the same method, but I can't and I don't know why. Every time I'm debugging my air application I'm receiving an error (something about the decrypt() and IPad). How to use the same method to decrypt?
I have flex client application with php as a server and i want to implements domain user and password authentication. I'm sending the user and the password from the flex client through httpservice to php script and the php script authenticate the user and the password with the domain But! I want to encrypt the user's password in flex and to decrypt it in the php. I have the as3crypto.swc module for the flex but I don't find any way to decrypt it in the php. So, how can I do that and If this is not the right way to do that how can I do that?
I'm having a problem setting up RSA encryption/decryption mechanism between flex client and web service written in c#. The idea is this: I'll encrypt some text from flex and then decrypt it from web service. I'm using as3crypto library from google. It is encrypting/decrypting text properly. I also have the code on the web service side to encrypt/decrypt properly. My problem is synchronizing them - basically sharing the public key to flex and keeping the private key to the web service.
My flex "encrypt" function takes modulus and exponent of RSA to do text encryption, so how do i get these modulus and exponent attributes from the web service's RSACryptoServiceProvider, so they speak the same standard.
I'm using as3corelib's MD5 class to encrypt data sent from a flash form.. so far so good... I can validate a user's login and password , no problems the thing is I need to decrypt a value that's stored in the database with an md5 encryption and is sent by the php script to the flash app.
Not sure this is the right place to ask this, but... Are there any free or Open Source SWF Encryption programs out there? And if so, which are best? Google hasn't been able twith this.From what I hear, kindiSoft has the best paid-for encryption product, but since I'm a micro business with a budget of about $0, I'd rather use a free solution.
When looking for encryption related classes/functions in action script / air / flash, I saw the as3crypto project. This one provides a v. nice set of options, but I am a bit concerned on what the numbers presented means when these are used to decrypt a local media file when its selected about to be played. I am looking for security vs. performance balance.
For video/music, it needs to decode at a fast enough pace so the player plays it smoothly - which is something that depends on the format used, but is in all cases less than the delay of having to wait to decode the whole file.
Do you know a library in ActionScript 3 that can encrypt and decrypt using the TwoFish algorithm? I have been using as3crypto for other cryptographic algorithms, but unfortunately, it doesn't seems to handle Twofish...
I'm trying to use the Simple Encryption Key Generator Class found here - http:[url]..........Everything seems to working properly except the hash encryption key that is returned is the same string every time (as mentioned in the the comments of the link above). locate an updated version of this class.
Does flash have any built in encryption / decryption tools?I would like to send text from a server to flash, and would like to encrypt it on the server then have flash decrypt it. How can I do this?
i'm need HMAC-SHA1 for doing some encryption, but so far i'm able to found SHA1 in meychi crypto library, but until now i'm still not able to found HMAC encryption method so far.i'm trying to refer to hurlant crypto library, but it's quite confuse as it's using ByteArray which only available on AS3.
I have created a Java program to Encrypt the FLV video. Here is what I am trying to do: 1. I have encrypted first 100K of the FLV video. 2. I have created a Flash player to play the FLV file. 3. At the load of player, player sends a request to Java server for the location of the video. 4. Java returns the HTTP path of the encrypted FLV to the player.
Now here is what I want to do: 1. As soon as first 100K of video is loaded I want to send it to java code for decryption. 2. While the decryption happens I want to continue downloading the video in Flash. 3. Once I receive the first 100K of decrypted video I want to replace the first 100K of buffered video and start playing the video.
We are planning a desktop client application with Adobe AIR. The client app will be delivered to our customers with a database, which contains monthly updated marketing data provided by our company. As different customers will buy different sets of data from us, for example, a customer is only interested in marketing data in a specific product category, while another customer need all data in a certain region. After a customer installs this client app, new data will be emailed to the customer every month.
So, the requirement is to keep the data accessible only by the customer who bought it. After reading through AIR's secure local store and database encryption feature, I came up with the following design: each customer will have his own secret key (stored in AIR's secure local store), the secret key is used to encrypt the data that the customer has purchased. Of course, the monthly data that we sent to the customer will be encrypted using the same secret key. So my questions are: is AIR's database encryption and secure local store secure enough for this use case? If someone gets the encrypted database file, can he decrypt the DB?