Re: [Dev] Is there a CryptoUtil available in C5?

2017-10-13 Thread Subhashinie Koshalya 
Hi all,

When using DefaultSecretRepository class [1] , which uses
JKSBasedCipherProvider [2] the string that can be encrypted limits to 245
characters.


​
Seems like it is due to the RSA algorighm [3]. If that is case, is there a
plan to facilitate encryption of larger blocks data for C5?

[1] https://github.com/wso2/carbon-secvault/blob/master/
components/org.wso2.carbon.secvault/src/main/java/org/wso2/carbon/secvault/
repository/DefaultSecretRepository.java
[2]
https://github.com/wso2/carbon-secvault/blob/master/components/org.wso2.carbon.secvault/src/main/java/org/wso2/carbon/secvault/cipher/JKSBasedCipherProvider.java
[3]
https://stackoverflow.com/questions/15470222/cipherinputstream-and-cipheroutputstream-are-not-generating-files

Regards,
Subhashinie
Intern | Software Engineering
WSO2, Inc. : http://wso2.com

Email : subhashi...@wso2.com


On Thu, Oct 12, 2017 at 12:37 PM, Subhashinie Koshalya  wrote:

> Hi all,
>
> Is there a way to know the maximum length of a string that can be
> encrypted using a key in wso2carbon.jks [1] or
> securevault.jks [2] while using DefaultSecretRepository.java [3].
>
> I have a RS256 encoded JWT which is about 900 characters long. When
> encrypting it by storing it in secrets.properties, it does not give a
> cipherText. This is all i get,
>
> ​
> Is it because of the length or are there any other constraints?
> Also is there a better way that I could store my token securely?
>
> [1] https://github.com/wso2/product-apim/blob/master/
> product/carbon-home/resources/security/wso2carbon.jks
> [2] https://github.com/wso2/carbon-secvault/blob/master/
> features/org.wso2.carbon.secvault.feature/resources/resources/security/
> securevault.jks
> [3] https://github.com/wso2/carbon-secvault/blob/master/
> components/org.wso2.carbon.secvault/src/main/java/org/
> wso2/carbon/secvault/repository/DefaultSecretRepository.java
>
> Thanks and regards,
> Subhashinie
> Intern | Software Engineering
> WSO2, Inc. : http://wso2.com
>
> Email : subhashi...@wso2.com
>
> On Mon, Oct 9, 2017 at 5:13 PM, Subhashinie Koshalya  > wrote:
>
>> Hi Thusitha and Niranjan,
>>
>> The requirement is to encrypt a JWT without having to store another
>> password or a key. Thanks a lot for the links. They seem to solve the
>> problem. I'll get back to you if it did not come out as expected.
>>
>> Thanks and regards,
>>
>> Subhashinie
>> Intern | Software Engineering
>> WSO2, Inc. : http://wso2.com
>>
>> Email : subhashi...@wso2.com
>>
>> On Mon, Oct 9, 2017 at 3:35 PM, Niranjan Karunanandham > > wrote:
>>
>>> Hi Subhashinie,
>>>
>>> In C5, the secure vault component is moved to a separate repo [1]. In
>>> order to encrypt your value, you need to get an instance of the secure
>>> vault and call the encrypt method in [2].
>>>
>>> [1] - https://github.com/wso2/carbon-secvault
>>> [2] - https://github.com/wso2/carbon-secvault/blob/master/tools/
>>> org.wso2.carbon.secvault.ciphertool/src/main/java/org/wso2/
>>> carbon/secvault/ciphertool/CipherTool.java
>>>
>>> Regards,
>>> Nira
>>>
>>> On Mon, Oct 9, 2017 at 3:32 PM, Thusitha Thilina Dayaratne <
>>> thusit...@wso2.com> wrote:
>>>
 Hi Subhashinie,

 C5 doesn't contain that particular class. Could you tell us what do you
 wanna achieve?
 If you want to encrypt/decrypt texts, you can use the secvault. You can
 refer [1] if that is your intention.

 [1] https://github.com/wso2/carbon-secvault/blob/master/samp
 les/org.wso2.carbon.secvault.samples.standalone/src/main/jav
 a/org/wso2/carbon/secvault/samples/standalone/Application.java

 Thanks
 Thusitha

 On Mon, Oct 9, 2017 at 3:25 PM, Subhashinie Koshalya <
 subhashi...@wso2.com> wrote:

> Hi all,
>
> I am supposed to store a token securely. Is there something similar to
> CryptoUtil [1] available in C5?
>
> [1] https://github.com/wso2/carbon-kernel/blob/4.4.x/core/org.ws
> o2.carbon.core/src/main/java/org/wso2/carbon/core/util/CryptoUtil.java
> 
>
> Thanks and regards,
> Subhashinie
> Intern | Software Engineering
> WSO2, Inc. : http://wso2.com
>
> Email : subhashi...@wso2.com
>



 --
 Thusitha Dayaratne
 WSO2 Inc. - lean . enterprise . middleware |  wso2.com

 Mobile  +94712756809 <+94%2071%20275%206809>
 Blog  alokayasoya.blogspot.com
 Abouthttp://about.me/thusithathilina
 


>>>
>>>
>>> --
>>>
>>>
>>> *Niranjan Karunanandham*
>>> Associate Technical Lead - WSO2 Inc.
>>> WSO2 Inc.: http://www.wso2.com
>>>
>>>
>>
>
___
Dev mailing list
Dev@wso2.org

Re: [Dev] Entitlement Mediator is Content Aware

2017-10-13 Thread Isuru Udana 
Hi IsuruH,

I think it shouldn't be content-aware. XACML request generation does not
depend on the incoming request message payload.

Thanks.

On Fri, Oct 13, 2017 at 11:28 AM, Abimaran Kugathasan 
wrote:

> Because it has to create XACML request for PDP based on the content and
> process response.
>
>
>
> On Fri, Oct 13, 2017 at 6:03 AM, Isuru Haththotuwa 
> wrote:
>
>> Hi,
>>
>> It seems $subject [1]. Any specific reason?
>>
>> [1]. https://github.com/wso2/carbon-mediation/blob/master/compone
>> nts/mediators/entitlement/org.wso2.carbon.identity.
>> entitlement.mediator/src/main/java/org/wso2/carbon/identity/
>> entitlement/mediator/EntitlementMediator.java
>>
>> --
>> Thanks and Regards,
>>
>> Isuru H.
>> +94 716 358 048 <+94%2071%20635%208048>* *
>>
>>
>>
>> ___
>> Dev mailing list
>> Dev@wso2.org
>> http://wso2.org/cgi-bin/mailman/listinfo/dev
>>
>>
>
>
> --
> Thanks
> Abimaran Kugathasan
> Senior Software Engineer - API Technologies
>
> Email : abima...@wso2.com
> Mobile : +94 773922820 <077%20392%202820>
>
> 
> 
>   
> 
>
>
> ___
> Dev mailing list
> Dev@wso2.org
> http://wso2.org/cgi-bin/mailman/listinfo/dev
>
>


-- 
*Isuru Udana*
Senior Technical Lead
WSO2 Inc.; http://wso2.com
email: isu...@wso2.com cell: +94 77 3791887
blog: http://mytecheye.blogspot.com/
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev