I need to write code that picks up PGP-encrypted files from an FTP location and processes them. The files will be encrypted with my public key (not that I have one yet). Obviously, I need a PGP library that I can use from within Microsoft Access. Can you recommend one that is easy to use?
I'm looking for something that doesn't require a huge amount of PKI knowledge. Ideally, something that will easily generate the one-off private/public key pair, and then have a simple routine for decryption.
A command line solution is good. If your database is an internal application, not to be redistributed, I can recommend Gnu Privacy Guard. This command-line based tool will allow you to do anything that you need to with regard to the OpenPGP standard.
Within Access, you can use the Shell() command in a Macro like this:
Public Sub DecryptFile(ByVal FileName As String)
Dim strCommand As String
strCommand = "C:\Program Files\GNU\GnuPG\gpg.exe " _
& "--batch --passphrase ""My PassPhrase that I used""" & FileName
Shell strCommand, vbNormalFocus
End Sub
This will run the command-line tool to decrypt the file. This syntax uses a plaintext version of your secret passphrase. This is not the most secure solution, but is acceptable if your database is internal and only used by trusted personnel. GnuPG supports other techniques to secure the passphrase.
PGP has a commandline option for decrypting files.
We have a batchfile that does the decryption, passing in the filename to be decrypted:
Batch file:
"C:\Program Files\Network Associates\PGPNT\pgp" +FORCE %1 -z *password*
We than call that from a VBS:
Command = "decrypt.bat """ & FolderName & FileName & """"
'Executes the command script.
Set objShell = WScript.CreateObject ("WSCript.shell")
Command = "cmd /c " & Command
objShell.run Command, 1, True
Hope that points you in a useful direction.
You can use OpenPGPBlackbox (ActiveX edition) for this
Stu... I once had to write a "Secure SMTP" server in Java... The easiest, and quickest way to do this is to download and/or purchase PGP. They have an SDK that you can use to access in anything you want.
I'd have to go back and see if I had to write a COM wrapper, or if they already had one. (I wrote this SMTP server about 10 years ago). Anyways, don't get discouraged. About 5 years ago, I wrote an entire PGP based application (based on the openPGP RFC) in C++, but the catch was, I was NOT allowed to use any existing libraries. So I had to write all that stuff myself. And, I used GPG, OpenPGP, and PGP for testing, etc....
So, I could even provide help for you on how to decode this stuff in VBA. It's not impossible, (it may be slow as hell, but not impossible), and I'm NOT one to "shell out and run cmdline stuff to do work like this for you, as it will open you up to some SERIOUS security risks, as hurcane's suggestion (for example) will cause your passphrase to be displayed to tools like ProcExp). The first step is learning how PKE works, etc. Then, the steps you need to do to get what you want.
This is something I'd be interested in helping with since I'm always one to write code that everyone says can't be done. :) Plus, I own the source code of the app I wrote, because of of mergers, closures, etc...
It was originally written for the Oil and Gas industry, so I know it's secure. That's not to say I don't have ANY security flaws in the code, but I think it's stable. I know I have an issue with my Chinese Remainder Threory code.. For some reason when I use that short-cut, I can't decode the data correctly, but if I use the RSA "long way" it works...
Now, this application was never fully finished, so I don't support things like DSA Key-pairs, but I do support RSA key pairs, with SHA1, MD5, using IDEA, AES, (I THINK my 3DES code does not work correctly, but I may have fixed that since). I didn't implement compression yet, etc... But, I'd love a reason to go back and work on this code again.
I /COULD/ make you a COM object that you could call from VBA passing the original Base64 data in, along with the Base64 key data, (or a pointer to a key file on disk), and a passpsshrase to decode files....
Think about it... Let me know..
Over the years, I have collected vbScript code for doing things like MD5, SHA1, IDEA, and other crypto routines, but I didn't write them. Hell, you could probably just interface with Microsoft's CryptoAPI, and break each action down to it's core parts and still get it to work. (You will not find a Micosoft CryptoAPI call like "DecryptPGP()"... It'd all have to be done in chunks).
Lemme know if I can help.
I would look for a command line encrypter / decrypter and just call the exe from within your Access application, with the right parameters.
There is no PGP encrypter / decrypter in VBA that I know of.
I am not familiar with VBA for Access, but i think that the best solution (perhaps easiest) would be run external command-line PGP utility.
There is a DLL you can call directly from your VBA application without having to span an external program: CryptoCX. PGP has also a DLL you can call.
Related
With version 3.02 of NSIS came the addition of the WriteRegMultiStr function. When the function is called in my script the script throws an error:
Usage: WriteRegMultiStr /REGEDIT5 rootkey subkey entry_name hex_string_like_660000000000
root_key=(HKCR[32|64]|HKLM[32|64]|HKCU[32|64]|HKU|HKCC|HKDD|HKPD|SHCTX)
The call itself looks like this:
WriteRegMultiStr /REGEDIT5 HKLM "System\CurrentControlSet\Services\SomeService" "DependsOnService" "service1 service2"
Since there is no documentation on this specific function which was added later on, long after WriteRegStr and WriteRegDWORD were available, I have to wonder - how does one use it?
So far with respect to entering REG_MULTI_SZ values I only found the directive to use a registry-NSIS -plugin. Yet the function exists, so how can it be used?
Addendum:
Encoding the string to hex and passing it with ot without quotation marks yields no desirable result either.
I was actually able to find an answer after digging through the depths of the internet. Since I don't think this has been answered on StackOverflow I will leave a response here, in case anyone wants to use this function.
The structure of the command as described in the opening post is basically correct, but the value must be encoded precisely. My command looks like this:
WriteRegMultiStr /REGEDIT5 HKLM "System\CurrentControlSet\Services\SomeService" "DependsOnService" 54,00,63,00,70,00,69,00,70,00,00,00,41,00,66,00,64
For anyone intending to test this string, this is
Tcpip
Afd
encoded in hexadecimal regedit format. Precisely this is Regedit Version 5.0 format, as opposed to REGEDIT4 format. A conversion editor can be used to achieve this, I used OTConvertIt.
The script should then compile, assuming you run NSIS version 3.02 or higher.
As you found out, the value data must be in the exact same format as .reg files from Windows 2000+.
The reason this instruction works this way is because it is actually the same as WriteRegBin under the hood and very little code was added to support this new functionality.
In the future you might be able to drop the /REGEDIT5 switch and give it plain strings but support for that has not been added yet.
The Registry plug-in does allow you to write these strings in a sane manner.
I note that when cygwin's setup.exe installs packages now, it looks for a file named "setup.zst.sig" first. What's the content and format of this binary file? How to produce a valid "setup.zst.sig"?
This must have been a recent change. Previously it looked for "setup.exe.sig" first. I use the feature (to detect whether "setup.exe.sig" changed) to decide whether my cygwin installation needs to be updated. See also this for an application example.
EDIT: #matzeri:
setup.zst.sig is not yet used.
The "zst" functionality was introduced in the program to eventually replace the
previous compression methods of setup.ini and the packages
const std::string setup_exts[] = { "zst", "xz", "bz2", "ini" };
For checking the update of setup-ARCH.exe you need to use the standard signature.
https://cygwin.com/setup-x86.exe.sig
https://cygwin.com/setup-x86_64.exe.sig
The pop up you shows seems to happen only on FTP mirror server, the HTTP servers
do not produce it.
It is clearly a bug in setup
https://cygwin.com/ml/cygwin/2019-02/msg00153.html
According to the documentation, the .sig files carry a SHA-512 hash of the respective file without that extension, signed with the private key available only to Cygwin the company.
https://www.cygwin.com/faq.html#faq.setup.install-security
I have a handheld device running WM6.5 and trying to put together an application that should prompt the user for some information (login, password) and save it to a file for later use.
Have tried app.config files but unfortunately it requires System::Configuration, I can add the DLL but can't get the code to run, it requires CRL or something like that which I can't configure this being a mobile app - the required option is missing from the project/solution configuration section.
I am using Visual Studio 2008 C++
What's the best way to make this happen? Precisely, 1) write a string somewhere and 2) read it back later on.
TIA
Later edit:
I have tried using a binary file, like this
// write to config file
std::string s="helloworldhelloworldhelloworld";
ofstream ofile("test.txt",ios::binary);
ofile.write((char*)s.c_str(),strlen(s.c_str()));
ofile.close();
And then I have tried reading it back like this
// read config file
char read_str[60];
ifstream inf("test.txt",ios::binary);
inf.read(read_str,60);
inf.close();
LPCTSTR application_settings = CA2W(read_str);
What happens is it adds some garbage at the end of the string, if the string is longer less garbage, otherwise more.
Is there a way to sort out this conversion issue?
Turns out, project was using Unicode and had to use wifstream and wofstream to be able to properly read the strings, rather than attempt to convert them from ANSI to unicode.
This should be a reminder for me to stay away from strong typed languages in the future. Too bad there's no other significant choice for Windows Mobile. Spent a bunch of hours on this, I could have used that time for something else.
I made a program which i want to launch with some protocal for eg : proto
Called like proto://122122 from the browser.
When the user clicks on the link it opens my program and sends the number ahead it as some variable or something.
I have basic knowledge of c++ but no knowledge on this topic
Thanks
You will need to add the protocol to the registry, in HKEY_CLASSES_ROOT.
In particular you need to create the following keys:
[HKCR\proto]
#="URL:My Protocol"
"Url Protocol"=""
[HKCR\proto\shell\open\command]
#="Path\To\My\Program.exe '%1'"
Then opening proto://122122 will execute Program.exe, and the numbers will be available in $CmdLine[1] (assuming you are using AutoIt, as you tagged it like that but don't mention it at all).
Edit:
To programatically do the above in AutoIt, you will need to look at the registry functions, in particular RegWrite. Above I was lazy and gave a .reg file like answer, but in AutoIt it looks something like:
Local $sProtoName = "proto"
RegWrite("HKCR\" & $sProtoName)
RegWrite("HKCR\" & $sProtoName, "", "REG_SZ", "URL:My Protocol")
RegWrite("HKCR\" & $sProtoName, "Url Protocol", "REG_SZ", "")
RegWrite("HKCR\" & $sProtoName & "\shell\open\command")
RegWrite("HKCR\" & $sProtoName & "\shell\open\command", "", "REG_SZ", "Path\To\My\Program.exe '%1'")
As with all things registry, don't do it, if you don't know what you are doing. Modifying HKCR is relatively safe. The worst that will happen is you'll overwrite some other protocol and it's a bit of a pain to undo, but I still recommend doing some reading first. Google is your best friend as usual, but a small into like this one is probably a good idea.
To remove the above code just delete the entire "HKCR\proto" key.
I'm trying to write some code against libnotify, but the documentation for perl with libnotify is seriously lacking. So is there something that, as of 2011-08-26, is "better" than libnotify? All I need is to send a notification to the currently logged in user on a Linux machine (Ubuntu specifically).
Gtk2::Notify does seem to lack good documentation, but you can browse through some examples at http://cpansearch.perl.org/src/FLORA/Gtk2-Notify-0.05/examples/ including the basic one:
#!/usr/bin/perl
use strict;
use warnings;
use Gtk2::Notify -init, 'Basic';
my $n = Gtk2::Notify->new('Summary', 'This is some sample content');
$n->show;
In fact this seems pretty cool, I may use it for something soon! Thanks for bringing it to my attention.
Otherwise:
On Linux you can use zenity to send a popup message, and to send it to another user's screen you have to play with some environment variables but it can be done. From Perl I would set the appropriate %ENV values and then just execute system or backtick (``) calls to zenity.
Perhaps start here http://www.cyberciti.biz/tips/spice-up-your-unix-linux-shell-scripts.html
Also from within that link, perhaps libnotify-bin/notify-send would also work, depending on the message you are sending.
perl -E '$ENV{DISPLAY} = ":0.0";`notify-send "Hello World"`;'
From what I searched, when porting an application from Windows to Linux, there's no :(
I'll glad to here if there's.
Update: Indeed I was talking about libinotify and not about libnotify.
As far as I can tell freedesktop specification contains a notification service which can be accessed via dbus.
Here is a link to a perl module for that feature.