Blackbox decrypt already encrypted files in case of key loss [on hold]

I have files encrypted data in my git repo but lost my blackbox gpg keys .Is there anyway I can recover these files or decrypt them again.I have generated new keys and executed blackbox_update_all files and blackbox_update but when I try to decrypt them again with blackbox_decrypt_all_files.It is giving me “pg: decryption failed: No secret key” and Unfortunately there is no other blackbox_admin of git repo.

Pattern to encrypt / decrypt data to / from a server without entering the secret key each time?

The title maybe it’s a little bit confusing but I am certain that what I want to achieve is a common pattern, even if I didn’t found anything on internet.

I’m developing a web app that store encrypted critical user data in a database, through server. User must be able to see decrypted data every time access the app. Nothing of innovative.

What is the best way to store data and retrieve them without inserting every time the secret key for the encryption/decryption in a secure way?

There’s a way to do that without hard coding the secret key in the client-side?

If it’s not possible, what is the pattern used by most famous password services to do something like this?

thanks for any help!

Failes to decrypt encrypted home directory after reinstall of Ubuntu 18.04 (fscrypt)

I encrypted my /home/ directory on Ubuntu 18.04, by following

Due to a failed update, I had to do a reinstall.

Since I had /home on a separate partition, I first tried a reinstall with reusing the /home partition. Unfortunately, that didn’t work. I could not log in. No warning, just back to the login screen.

So I did an install on one partition, using same username and password as before, and mounted the old /home partition manually and tried to decrypt my old home/ dir using fscrypt unlock, but that fails.

fscrypt status of my user home directory:

fscrypt status aak  "aak" is encrypted with fscrypt.  Policy:   5a49d89d52d640f9 Unlocked: No  Protected with 1 protector: PROTECTOR  LINKED  DESCRIPTION                     [filesystem /mnt: no device with UUID "e2a3115b-7111-4cb8-ac31-966baea755c3": cannot follow filesystem link] 

And when I try to unlock it:

aak@aak-XPS-15-9570:/mnt$   fscrypt unlock aak --verbose 2019/07/06 11:43:22 keyringID(_uid.1000) = 251180423, <nil> 2019/07/06 11:43:22 KeyctlLink(251180423, -2) = <nil> 2019/07/06 11:43:22 keyringID(session) = 753358341, <nil> 2019/07/06 11:43:22 KeyctlSearch(753358341, keyring, _uid.1000) = 251180423, <nil> 2019/07/06 11:43:22 Reading config from "/etc/fscrypt.conf" 2019/07/06 11:43:22 creating context for "aak" 2019/07/06 11:43:22 aak is on ext4 filesystem "/mnt" (/dev/nvme0n1p9) 2019/07/06 11:43:22 performing sanity checks 2019/07/06 11:43:22 directory /mnt/.fscrypt/policies has incorrect permissions 2019/07/06 11:43:22 directory /mnt/.fscrypt/protectors has incorrect permissions 2019/07/06 11:43:22 found policy 5a49d89d52d640f9 for "aak" 2019/07/06 11:43:22 directory /mnt/.fscrypt/policies has incorrect permissions 2019/07/06 11:43:22 directory /mnt/.fscrypt/protectors has incorrect permissions 2019/07/06 11:43:22 successfully read metadata from "/mnt/.fscrypt/policies/5a49d89d52d640f9" 2019/07/06 11:43:22 found data for policy 5a49d89d52d640f9 on "/mnt" 2019/07/06 11:43:22 data from filesystem and path agree 2019/07/06 11:43:22 KeyctlSearch(251180423, logon, ext4:5a49d89d52d640f9) = -1, required key not available 2019/07/06 11:43:22 directory /mnt/.fscrypt/policies has incorrect permissions 2019/07/06 11:43:22 directory /mnt/.fscrypt/protectors has incorrect permissions 2019/07/06 11:43:22 optionFn(5a49d89d52d640f9) 2019/07/06 11:43:22 selecting from 1 protector 2019/07/06 11:43:22 when loading option: filesystem /mnt: no device with UUID "e2a3115b-7111-4cb8-ac31-966baea755c3": cannot follow filesystem link fscrypt unlock: could not load any protectors  You may need to mount a linked filesystem. Run with --verbose for more information. 

Any help appreciated.

How to decrypt image use crypto.js

I had a difficult about decrypting image with crypto.js AES.

I need to read an encrypted image downloaded locally from the service, then I need to decrypt it. Now I failed to decrypt the picture. But if I just decrypt the base64 of the encrypted image,I will be able to decrypt it successfully.

So here’s a demo that I’m doing in electron-vue

<template>     <div>         <el-button @click="encrypt">加密</el-button>         <el-button @click="decrypt">解密</el-button>     </div> </template> <script> import fs from 'fs'; import CryptoJS from 'crypto-js';  export default {     data() {         return {             file: {},             fileName: '',             mydata: '',             beforeBase64: '',             afterBase64: ''         };     },     methods: {         async encrypt() {             const eKey = '123';             const filedir = '/Users/haoxiaoli/Documents/data/old.jpg';             const c = fs.readFileSync(filedir);             const data = new Buffer(c).toString('base64');             let encrypted = CryptoJS.AES.encrypt(data, eKey).toString();             this.mydata = encrypted;             fs.writeFile('haoxl.jpg', encrypted, function (err) {                 if (err) {                     console.log(err);                 }                 else {                     console.log('save success');                 }             });         },         decrypt() {             const eKey = '123';             const filedir = '/Users/haoxiaoli/Documents/data/haoxl.jpg';             const c = fs.readFileSync(filedir);             const data = new Buffer(c).toString('base64');              // It was successful, but I need to decrypt a picture             // let base64 = CryptoJS.AES.decrypt(this.mydata, eKey).toString(CryptoJS.enc.Utf8);              let decrypted = CryptoJS.AES.decrypt(data, eKey);             let base64 = new Buffer(decrypted.words).toString('base64');              let img = new Image();             img.src = 'data:image/jpeg;base64,' + base64;    = '600px';    = '600px';             document.body.append(img);         }     }  }; </script> 

I expect to be able to successfully decrypt the encrypted image, please help me, thank you!

Single vs. multiple synchronous keys to encrypt list for multiple users to decrypt

I’ve found a few questions which address a single document that needs decryption by multiple users, but I would like to encrypt a list of words stored on mySQL datbases using PhP in such a way that different users can decrypt different words on the list.

I’m wondering whether there’s a way for collaborators who have a lot of words that they want encrypted to do it without having an insane number of keys. For example, let’s say we have Andrew, David and Sam, who all have public keys stored on the server, and each have a private key that is encrypted using their password. Now Andrew wants to share a list of groceries with David so that Sam can’t read it. What seems secure is for Andrew to generate a symmetric key to encrypt the whole list, and then encrypt this symmetric key using his and David’s public key so that they can then decrypt the symmetric key using their private keys.

However, what if the grocery list is going to frequently have items added to it? My understanding is that using the same symmetric key to encrypt all the items individually in the list is not safe (e.g. encrypting the words “apple” and “orange” separately with a single synchronous key). Does that mean a unique synchronous key is required for each item?

As the items would be stored as separate entry in a mysql database, I think I would need to encrypt each item individually, rather than merge them into a single list and then encrypt.

How do I decrypt a .dmg image if I know details about the password?

I encrypted a folder and forgot to save the password.

I remember how long I made the password (40 characters)

I know the last two characters (40)

I don’t know the first 38 characters but I do know what they might be (a-z, A-Z, / and \)

I’ve come accross this thread that might help but I am having trouble modifying it to my specific problem.

How to decrypt wifi traffic in realtime and write it to file with Tshark?

I have Wireshark setup to decrypt and display packets in realtime. But I need to have them written to file in realtime also. Someone suggested Tshark, but I can only get it to write to file and not decrypt. Here are the command line parameters I tried:

"C:\Program Files\Wireshark\tshark.exe" -i 7 -w "C:\Users\My Name\Desktop\packets.pcap" -o ssl.keys_list:,443,http,SSLKEYLOG 

I’ve tried different variations of that but none of them result in the decrypted packets being written to file, they are still encrypted. It doesn’t even give an error.