Tuesday, July 30, 2013

OpenSSL - AES

To encrypt and decrypt a file with AES, you can do the following with OpenSSL

Quick Encryption with AES

Encrypt a file with AES key size 256 bit and CBC
openssl enc -aes-256-cbc -in plaintext.txt -out ciphertext.txt
Note: the above command will prompt user to enter passphase

Decrypt a file with AES key size 256 bit and CBC
openssl enc -d -aes-256-cbc  -in ciphertext.txt -out decrypt.txt
Note: the above command will prompt user to enter passphase

Providing passphase at command line
openssl enc -aes-256-cbc -salt -in plaintext.txt -out ciphertext.txt -pass pass:my_passphase

Providing passphase in password file
openssl enc -aes-256-cbc -salt -in plaintext.txt -out ciphertext.txt -pass file:/my/path/to/passphase

AES Encryption with Keys

Generate AES keys with key size 256 bits with CBC and SHA1

openssl enc -aes-256-cbc -k your_passphase -P -md sha1 > my_aes_256_key_info.txt

The above command generate a file with following example information

salt=245D8619A778BBE8
key=16CDE36765F89C3888F48D72F1A41C8522D4ACDBADE6BC4C24E4709E3E33E5A5
iv =D569CFD50F7E93DCFB19867682244BBE

Now, you need the key and iv information for encrypt and decrypt

Encrypt with key and iv and provide a Base64 result (assuming the key and iv is given by the above example)

openssl enc -aes-256-cbc -K 16CDE36765F89C3888F48D72F1A41C8522D4ACDBADE6BC4C24E4709E3E33E5A5 -iv D569CFD50F7E93DCFB19867682244BBE -a -in plain_text.txt -out your_cipher.txt

Decrypt with key and iv for a Base64 encoded ciphertext (assuming the key and iv is given by the above example)

openssl enc -d -aes-256-cbc -K 16CDE36765F89C3888F48D72F1A41C8522D4ACDBADE6BC4C24E4709E3E33E5A5 -iv D569CFD50F7E93DCFB19867682244BBE -a -in  your_cipher.txt -out decrypted.txt



OpenSSL - RSA Commands

Some fast notes on generating RSA keys, encrypting and decrypting via OpenSSL

Generate private key of 1024 bits

openssl genrsa -out my_private_key.pem 1024

Generate public key with the generated private key

openssl rsa -in my_private_key.pem -pubout -out my_public_key.pem

Encrypting your plaint text file (plaintext.txt) to cipher text file (ciphertext.txt) with RSA public key

openssl rsautl -encrypt -pubin -inkey my_public_key.pem -in plaintext.txt -out ciphertext.txt

Encrypting your plaint text file (plaintext.txt) to cipher text file (ciphertext.txt) with RSA private key

openssl rsautl -encrypt -inkey my_private_key.pem -in plaintext.txt -out ciphertext.txt

Decrypting your plaint text file (plaintext.txt) to cipher text file (ciphertext.txt) with RSA private key

openssl rsautl -decrypt -inkey my_public_key.pem -in plaintext.txt -out ciphertext.txt

Note: 
1. openssl does not allow you to decrypt with a public key even if you encrypt your data with a private key. If you do so, you will get an error message "A private key is needed for this operation"
2. You can decrpyt a cipher text that is encrpyted by a private key by the same private key. The reason being is public key can be derived from private key
3. In general, when using private key to encrypt a message, you are trying to sign a message to provide authenticity of the message. Use -sign and -verify for such operation. -sign and -verify is the exact operation of encrypting with private key and decrypting with public key.

Signing a message

openssl rsautl -inkey my_private_key.pem -in my_signature_digest.txt -out my_encrypted_signature.txt -sign

Verifying a message

openssl rsautl -pubin -inkey my_public_key.pem -in my_encrypted_signature.txt -out my_signature_digest.txt -verify

Saturday, July 13, 2013

Goggle Map 7.0 - Offline Caching Map

For some unknown reason, the latest Google Map 7.0 had removed the cached offline map features from the previous version. In previous version, you can select an area of your map and save it for offline usage. This is exceptionally useful if you are oversea and do not have any mobile data connection when you are on the road.

For the latest Google Map 7.0, Google actually did not removed the feature, but, they make it more user-unfriendly to use the feature. There are 2 ways to cache offline map

Using "ok maps" command

To use "ok maps" command, follow the following steps

1. Search a location you want to go. For example, Boston, MA. You can zoom your map to your desired size before caching. It will cache the map based on the on-screen information



2. If you are happy with the zoom, type "ok maps" at the search bar and click on the search button


3. Then, Google Map will start pre-loading the map with a progress bar. When complete, it will prompt a message "The on-screen map area has been cached"


Cache offline map based on search location

In addition to "ok maps" command, Google actually allow you to click on a link to make the map available offline. Follow the following steps

1. Search your interested location. For example, I searched Boston Public Library


2. When the search completed and Google Map will bring you to your location. Now, click on the search icon.


3. It will bring you back to the search interface. Now, click on the X icon


4. Clicking on the X icon will make Google to provide suggestion based on your last search. Now, scroll down to the bottom of the Google Map recommendation page.


5. At the bottom of the page, you will see, a link "Make this map area available offline". Click on this to cache the map area for your search location




Thursday, July 11, 2013

Java - Synthetic Keyword

Reading on this post - Worst -- and best -- IT interview questions. It stated a Favorite IT interview question - "Tell me about Java's 'synthetic' keyword." Hmmm.. I myself have no idea what is a synthetic keyword

After some search in Google, to sum up, Synthetic keyword is an attribute generated by the Java compiler and that section of code is not suppose to be appear in the actual code. Thus, a normal programmer will not be able to use this keyword.

In JVM Documentation 4.7.8, it said "A class member that does not appear in the source code must be marked using a Synthetic attribute"

Wednesday, July 3, 2013

Secure Shell Client - Revert to default setting

After some messing around with the Secure Shell Client setting, my Quick Connect's Authentication Method is stuck to Public Key.



No matter what I do with the Setting, I simply could not revert to Profile Setting.

So, what I had done is to manually edit the default setting file as follow (Assuming you are using Windows 7)

1. Navigate to C:\Users\your_user_name\AppData\Roaming\SSH
2. Open default.ssh2 with Notepad or any other text editor
3. Look for a line Quick Connect Method=N:1 and delete it
4. Save the file and relaunch Secure Shell Client

You should see the following after relaunch



Hadoop - How to setup a Hadoop Cluster

Below is a step-by-step guide which I had used to setup a Hadoop Cluster Scenario 3 VMs involved: 1) NameNode, ResourceManager - Host...