Tag: Key

Does mysql “order by” guarantees to give the same order for the same query every time if the sort key is equal?

When the field being sorted on is not unique, then the order of the results are non-deterministic, meaning there is no guarantee on their exact ordering. Specifically in your example case where the first 10 results all share the same exact value for the s field could yield indeterminate results for the first time you run the query vs the second time. It is possible you see the same result in both cases or not at all as you guessed. You would need to add another field to the ORDER BY clause that uniqifies the sort in order to always guarantee deterministic results.

For a little proof of case and further reading, here is a DBA.StackExchange question and answer where the user was experiencing unpredictable ordering of results because the field they were sorting on wasn’t unique. The comments on that answer briefly mention that being the cause.

encryption – Curve25519 vs. Curve25519 and AES Key vs. Curve25519 AES Ciphertext (Instagram)

I am trying to send a password from a client to the server. I just don’t know how to encrypt it.

  1. method:
    I used a website (Instagram) as a guide here.
    Here the password is encrypted with AES and the key is then encrypted with a Curve25519 public key and sent to the server together with the encrypted text.

  2. method:
    I wonder why you only encrypt the key. I mean then you can already see how long the password has to be by using the AES encrypted password, or not?

    So why not encrypt the AES key and the encrypted password with Curve25519?

  3. method.
    The only problem is when you get the private key. Yes, just decrypt the text and you have the key to decrypt the AES directly. So the password is basically only encrypted with Curve25519. Is that enough?

Why does Instagram use Method 1? Reasons for performance?

Instagram always gives the same IV encrypted with the AES … is that bad if a new key is always generated?

I would appreciate a helpful answer 🙂
best regards

I want to decrypt the message "Boe an emait" but i don’t know either the algorithm or key, any help? [closed]

the encrypted code is "Boe an emait" and the method is unknown

routing – Wireguard client communication without peer key via 1 router server

I have this setup:

—server 1 config—

[Interface]
Address = 10.200.200.1/24
ListenPort = 6666
PrivateKey = server_private_key

[Peer]
PublicKey = client1_public_key
AllowedIPs = 10.200.200.2/32
PersistentKeepalive = 21

[Peer]
PublicKey = client2_public_key
AllowedIPs = 10.200.200.4/32
PersistentKeepalive = 21

— client 1 config—

[Interface]
Address = 10.200.200.2/24
PrivateKey = client1_private_key
DNS = 10.200.200.1

[Peer]
PublicKey = server_public_key
Endpoint = server_ip:6666
AllowedIPs = 10.200.200.1/32
PersistentKeepalive = 21

— client 2 config—

[Interface]
Address = 10.200.200.4/24
PrivateKey = client2_private_key
DNS = 10.200.200.1

[Peer]
PublicKey = server_public_key
Endpoint = server_ip:6666
AllowedIPs = 10.200.200.1/32
PersistentKeepalive = 21

I can ping server from client1 and client2, but i can’t ping client1 from client2 and client2 from client1.

Is there a way for client1 ping client2 without adding client2 key to client1 config, since this will make addding client much harder. For example, if i add 1 new client when having 5 clients, all of the config must be changed.

javascript – Filter object properties by key in ES6

Let’s say I have an object:

 var item=   {
      date1: {enabled: false, label: "Date1 Label"},
      date2: {enabled: false, label: "Date2 Label"},
      date3: {enabled: true, label: "Date2 Label"},
    }

Like this I have textbox and dropdown.
I want to create html input , dropdown based on enabled is true
by filtering the object need to get an array which is having enabled option.
I am looking for a clean way to accomplish this using Es6.

encryption – I am unable to generate and use a aes-256-gcm key in openssl, help

When I run:

openssl genrsa -aes-256-gcm -out rootca.key 4096

Then I get the following output:

$ openssl genrsa -aes-256-gcm -out rootca.key 4096
Generating RSA private key, 8192 bit long modulus (2 primes)
..........................................................+++
..........................................................................+++
e is 65537 (0x010001)
Enter pass phrase for rootca.key:
Verifying - Enter pass phrase for rootca.key:

And when I run:

openssl req -sha512 -new -x509 -days 1000 -key rootca.key -out rootca.crt

I get the following error:

$ openssl req -sha512 -new -x509 -days 1000 -key rootca.key -out rootca.crt
Enter pass phrase for rootca.key:
unable to load Private Key
140287193601344:error:0906A065:PEM routines:PEM_do_header:bad decrypt:../crypto/pem/pem_lib.c:461:

For the above, I used OpenSSL 1.1.1f (provided by apt.
I even tried using the latest 3.0.0-alpha version of OpenSSL. But I get a different error when generating the private key first of all:

Enter PEM pass phrase:
Verifying - Enter PEM pass phrase:
4067E7A7827F0000:error:0300007A:digital envelope routines:evp_cipher_param_to_asn1_ex:cipher parameter error:crypto/evp/evp_lib.c:160:
4067E7A7827F0000:error:06800072:asn1 encoding routines:PKCS5_pbe2_set_iv:error setting cipher params:crypto/asn1/p5_pbev2.c:81:
4067E7A7827F0000:error:1188000D:PKCS12 routines:PKCS8_encrypt:ASN1 lib:crypto/pkcs12/p12_p8e.c:32:

How can I make this work?? Is AES-256-GCM not supported by OpenSSL? If so, is there an alternative to OpenSSL that can generate this type of key?

Btw, AES-256-CBC works perfectly. But, no luck with GCM.

cryptography – Why is a password encrypted with AES and then sent back to the server together with the key with RSA (Instagram)?

I am trying to understand an encryption process on a website (Instagram). As far as I know, a public key is sent from the server to the client. Then the password is encrypted with AES_GCM_256 and packed together with the AES key in an array and then in a sealed box with the public key from the Server.

Is a sealed box the same as simply encrypting the array with RSA?

Why do you do that?

I mean, if you find out the RSA private key and then decrypt the data encrypted with RSA, wouldn’t you also have the AES key to decrypt the password?

And the public key is very short:

297e5cd13e20f701d57bd5a1ee82bcead9a20e4080bc6c737917b868eb65f505

Only 64 characters so 512 bits.

Is that even safe enough for RSA?
Or is the key Curve25519?

As far as I know, should an RSA key be at least 2048 bit large?

I would appreciate a link or the answer to a few questions 🙂

Best regards

settings – Any way to preserve portable hotspot configuration (SSID, key)?

How can I preserve my initial portable hotspot configuration (mainly current SSID, encryption) settings on my device. I noticed when I use 3rd-party applications (such as WiFi transfer, Mi Drop etc) my hotspot configuration gets messed up and worse deletes the previous encryption, sometimes I only find out later that situation.

So in case of unattended session, I would love to preserve my initial config, to prevent unauthorised access to portable hotspot, which could incur significant data charges. Is there a way to achieve that (Running Android 7.0, Miui 11)

I had automation in mind to restore back to original setting, (but can’t figure out full workaround) where the trigger type is WIFi tethering state → Enabling(but the limitation here I can’t put the desired config rather its just an on switch AFAIK but I may be wrong)

enter image description here

Does abstraction have a relationship with the abstract key word in java?

No, it does not. Those are two different things.

The abstract in your case is a language keyword, which is also adapted by several other OOP languages, such as PHP or C#. On the other hand, C++ does not know the abstract keyword and instead uses a concept called pure virtual functions. It is a keyword directly related to OOP and polymorphism, making it possible to choose a valid implementation e.g. during runtime.

The other abstraction of hiding implementation details is a general programming concept, revolving around the idea that when you call some code, you shouldn’t rely on its inner workings, but on the provided API (e.g. method signature).

Given an example function to add two numbers:

public class Calculator {

    public int addInts(int left, int right) {
        return left + right;
    }
}

you are inherently hiding the implementation detail that adding two numbers requires placing the plus (+) symbol between them. Thanks to this, some other code may use your method without such knowledge:

int result = Calculator.addInts(10, 15);

However silly this example is regarding addition, introduction e.g. of a more complicated function, such as sqrt for square root calculation, simplifies callers of your sqrt method which no longer need to focus on the inner working of how a square root is calculated. Also, given a stable definition of your API (in methods analogy the input and output arguments), you could perhaps completely rework the implementation of your sqrt method. Given the calculation would still be correct, the algorithm could suddenly be 10 times faster and the consumers of the sqrt method would automatically benefit from this, without having to change anything (as long as the consumers of the method relied only on its input and output arguments semantics and not on the method’s inner workings).

And of course, abstraction can be applied on entire layers of software. Perhaps you have some method which loads users:

List<User> loadUsers() {
   // ...
}

which internally calls a database by running a SQL statement. By introducing this method, you added a level of abstraction to shield other layers of your application from interacting with SQL directly and instead put the SQL into this method. Thanks to this you could in the future decide to store the users in a completely different way, and the users of the loadUsers method wouldn’t be bothered by it at all, since they didn’t know anything about a SQL database in the first place.

domain driven design – Reusing aggregate root key accross bounded contexts?

As the question states, is this bad practice?
I have a User aggregate root in the bounded context of Identity for authenticating the user. In this bounded contexts I have fields for the User related to identification of the User e.g. email, salted pw and so on.

I also have a generic subdomain for handling notifications. In this context a User is a Notificant. In this context, the Notificant has fields for e.g. the number of unread notifications, lastRead etc.

Is it good to reuse the User id in this case, as I know there is a 1-to-1 correspondence between a User and Notificant? Or should I have a field in the Notificant root referencing the User? It feels redundant, because then I have to make a lookup to map between them when I know their relationship is symmetric.