Hey, Chris, thanks for getting back to me on this issue.
I followed the steps you suggested, save for step 1: about the server, apparently I am not using any server, I am trying to use BriefCase to get data off of my sd card from odk collect.
I specified the submission_url column because at the time it appeared to be a prerequisite for encryption to work - please let me know if this sis not the case.
Presently the error still persists, I think I carefully followed the steps to create the private and public key .pem files unless otherwise. Would be glad to learn from your procedures to achieve this in case I have some steps totally wrong.
Plus I checked the to make sure 'submission_url' column is spelt right this time.
Thanks again.
Regards.
Ezra.
···
Sent from my Nokia phone -----Original Message----- From: Christopher Robert Sent: 05/07/2013, 10:56 To: opendatakit@googlegroups.com Subject: Re: [ODK Community] Decryption support in BriefcaseEzra,
You might receive that error if anything changed between encryption time
and decryption time. So, for example, we've seen it when the submission URL
changed slightly, but there was still some old form data that had been
encrypted with the older submission URL. Likewise, if you changed the key
that you were using, but still had some old form data, you would run into
trouble.
I would suggest the following:
-
Delete the form completely from the server.
-
Delete the blank form from your device, as well as any filled-out forms.
-
Locate your Briefcase storage directory, and, within its "forms"
subdirectory, fully delete the subdirectory for your form. -
Update your form definition to have an "https://" at the beginning of
your submission URL. Confirm also that the column header is
"submission_url" (not "submissions_url"). -
Upload your form anew and try everything again. With any luck, it will
work just fine.
(If you want to skip steps 1-3, you can also just change your form's formid
and title, and that should avoid any issues with old data from earlier
attempts.)
Best,
Chris
On Tue, May 7, 2013 at 8:15 AM, Rwakazooba Ezra Aliija <rwakazooba@gmail.com wrote:
Hello Chris, Allyson and Waylon,
this has been the closes thread similar to the issue I am facing right now
to decrypt a finalized form in odk brief case, for the record, I have JCE 6
installed in the right jre location.Also in my xls worksheet, my submissions_url reads" "
m16ezra.appspot.com/submission" with the respective public_key column
filled with the public key.I created a public and primary key with openSSL as described
http://opendatakit.org/help/encrypted-forms/ however I get the following
error when I use the private key created to decrypt the form:"cause org.opendatakit.breifcase.model.CryptoException: error decrypting
base64encryptedKey cause: javax.crypto.BadPaddingException:data hash wrong
Failed! "Any ideas what this means and how I could possible solve this.
Thanks.
Regards.
EzraOn Wednesday, August 22, 2012 8:14:13 PM UTC+3, Allyson Barnett wrote:
Thanks for your response. We are pulling data directly from devices so
that is what happened I think. I filed issue #670
http://code.google.com/p/**opendatakit/issues/detail?id=**670http://code.google.com/p/opendatakit/issues/detail?id=670On Sunday, August 19, 2012 7:05:35 PM UTC, Waylon Brunette wrote:
Also if you haven't already file an issue on our website about
changing the level of encryption. The problem is that we don't want to
make it easy enough for someone to break. However you bring up good
points so file an issue so that ODK core team discusses how we might
address this.
Waylon
On Sun, Aug 5, 2012 at 11:29 PM, Christopher Robert chrisl...@gmail.com wrote:
ODKers,
In order for field staff to be able to download and decrypt data using
Briefcase, they typically have to first install the Java Cryptography
Extension (JCE) Unlimited Strength Jurisdiction Policy Files in order
toupgrade their JREs to support the key size used by ODK. If they
don't, theyare treated to an "illegal key size" exception upon attempting
decryption.This has been a support headache and I am trying to devise a
longer-termstrategy that works around this problem.
One option would be to build a custom Briefcase installer that
installs thenecessary JCE files. However, my understanding is that this installer
wouldbe subject to U.S. export restrictions. Thus, I am unsure of the
legality ofbroadly distributing such an installer.
Another option would be to default ODK encryption to 128-bit and
allow anoption for stronger encryption. Perhaps some kind of option along
theselines already exists? Ideally, you would be able to use stronger
encryptionin those contexts for which it is legal, and weaker in others.
Does anybody have any thoughts on this? One way or another I'd like
to makethe process of deploying encrypted forms easier, and this JRE/JCE
issue is areal hang-up. I can't imagine that I'm alone here.
Thanks,
Chris
--
Unsubscribe: opendatakit...@**googlegroups.com
Options: http://groups.google.com/**group/opendatakit?hl=enhttp://groups.google.com/group/opendatakit?hl=en
--
--
Post: opendatakit@googlegroups.com
Unsubscribe: opendatakit+unsubscribe@googlegroups.com
Options: http://groups.google.com/group/opendatakit?hl=en
You received this message because you are subscribed to the Google Groups
"ODK Community" group.
To unsubscribe from this group and stop receiving emails from it, send an
email to opendatakit+unsubscribe@googlegroups.com.For more options, visit https://groups.google.com/groups/opt_out.
--
Post: opendatakit@googlegroups.com
Unsubscribe: opendatakit+unsubscribe@googlegroups.com
Options: http://groups.google.com/group/opendatakit?hl=en
You received this message because you are subscribed to a topic in the Google Groups "ODK Community" group.
To unsubscribe from this topic, visit https://groups.google.com/d/topic/opendatakit/-_i-Go4zIsw/unsubscribe?hl=en.
To unsubscribe from this group and all its topics, send an email to opendatakit+unsubscribe@googlegroups.com.
For more options, visit https://groups.google.com/groups/opt_out.