sharepoint online – AADSTS7000215: Invalid client secret is provided

We are integrating with client’s SharePoint using SharePoint REST API. For this, the client has registered an add-in at their side using the appregnew.aspx and provided permissions to the Add in using appinv.aspx.

Now when I am trying to get the bearer token for using the tenant id and giving all other parameters in request body, I am getting the following error:

 "error": "invalid_client",
 "error_description": "AADSTS7000215: Invalid client secret is provided.rnTrace ID: 993e6c16 
  -68f3-4105-baf5-b08368de0700rnCorrelation ID: 59a5e402-1583-422b-8b62- 
    03b620eb72c1rnTimestamp: 2020-06-04 06:34:01Z"

The error message says the client secret is invalid but it is the same client secret that we got from the appregnew.aspx. Can someone help me with this error?

I am using postman to hit the URL and using the application/x-www-form-urlencoded for request body.

enter image description here

encryption – Securely erase firmware secret key

I have an SSD with the option (with ATA-commands) to erase the firmware for security reasons. In the firmware flash cells, the secret key is stored for encrypting the data on the fly. When I ask the vendor how it is deleted, they tell me it is erased. But I would like to know “how it is erased”.
They tell me the cells are not zeroized. That would require extra configuration. “it is just erased”.

My worries: The key can still be extracted due to the flash cells are not overwritten. Are all the electric fields depleted? What stops someone for extracting the key?

Am I totally wrong in this case?

Multibit HD wallet – cannot open or restore, I have password and secret words

I can’t open either of my 2 Multibit HD wallets. It says “Password did not unlock the wallet” on both. I have tried restoring from all the possible backups, my passwords are correct and my secret words successfully verify each time. On clicking “next” I get:-

1] TICK. Backup location created
2] CROSS. Wallet created.
3] TICK. Security certificates
4] CROSS. Wallet is synchronising. Please wait until complete.

The finish button is grey, the wallet seems to do nothing else – it never synchs. I am 3 coin worth $6k down at the moment. I am also trying to restore my wallet in electrum, but because I don’t know how to select the wallet location from Multibit HD I am struggling. Repeat, I have all correct info required for backup. Also, I have my .zip.aes files – I stored them on the root of C: I can’t seem to open them with AES Decrypt, tried using my 12 word seed chain and the password on the wallets. Plz help, its all our company bitcoin sales for the past 6 months…

Yes, I have gone through other forum posts, but am a little out of my depth and can’t understand why with all the right backup info, I get no restoration. I will stick to Electrum in future, but had no problems previously with Multibit standard , the upgrade has screwed me good and proper!

MJT

Is that possible to update JWT Token secret without logging out every user?

I am using a JWT token implementation of this https://jwt-auth.readthedocs.io/en/develop/quick-start/

I need to update the secret key and is there a way to update it without logging out every user? I presume it’s not possible to reuse the old token once my secret key is changed. So all my users will be logged off and need to log in again. Is there any way to go around this?

If not, if for security reason, I need to update the secret monthly, that will be pretty troublesome to ask my user to re-login monthly.

Wrapped Key Encryption – Hide AES secret key in Javascript & Java

I need to encrypt some sensitive fields back and forth in browser and server, same goes for decryption, for this I am planning to implement AES algorith, but the problem here is with secret key which is exposed to the client side.

I got to know about this Envelope/Wrapped Key Encryption which used shared public key for symmetric encryption like AES

I am totally new to this so don’t kmow where to start, please help me implenent it in both Javascript and Java side.

Thanks a ton in advance.

extreme tourism – Any information on this secret / hidden cave in A Coruña, Spain?

There’s an intentionally secret / hidden cave in A Coruña’ city in Spain. Is there any information about it anywhere ?

Unfortunately I cannot obtain better photos of it.
When looking at it in person from the other side of the bay, you can clearly see it is a cave, and the window .

is there any information about it anywhere ?

enter image description here

enter image description here

openssl – Why does it take so much time to create a secret key on a HSM?

I was testing key generation on a Hardware Security Module and I noticed that it takes so much time to generate an AES 256 secret key on the HSM.

I’ve used pkcs11-tool to generate the key and it took about 5 sec to complete the task:

$ pkcs11-tool --module <modules.so> --key-type aes:32 -p <PIN> --token-label SC_TEST --keygen --id 6887513122


Secret Key Object; AES length 32
  VALUE:      622650851419537140e20f58570bf1815d523d7a673dbbfd34d04a635326bb12
  label:
  ID:         6887513122
  Usage:      encrypt, decrypt, wrap, unwrap

real    0m4.847s
user    0m0.022s
sys     0m0.015s

OpenSSL on the other hand is very fast (does not use a HSM):

$ touch file
$ openssl aes-256-cbc -pbkdf2 -nosalt -P -in file -pass pass:testpassphrase


key=4E1F51BCB47608C267B9AE35E4648926D8A9E671521747E942857FC9671FC52B
iv =F773521265678AB0F4D6AA9AFED6912A

real    0m0.026s
user    0m0.023s
sys     0m0.004s

So I wanted to know why does it take so long to generate keys on the HSM ? or am I doing something wrong ?

Note that this is high end and expensive HSM.

openssl – Why does it take so much time to create a secret key on an HSM?

I was testing key generation on a Hardware Security Module and I noticed that it takes so much time to generate an AES 256 secret key on the HSM.

I’ve used pkcs11-tool to generate the key and it took about 5 sec to complete the task:

$ pkcs11-tool --module <modules.so> --key-type aes:32 -p <PIN> --token-label SC_TEST --keygen --id 6887513122


Secret Key Object; AES length 32
  VALUE:      622650851419537140e20f58570bf1815d523d7a673dbbfd34d04a635326bb12
  label:
  ID:         6887513122
  Usage:      encrypt, decrypt, wrap, unwrap

real    0m4.847s
user    0m0.022s
sys     0m0.015s

OpenSSL on the other hand is very fast (does not use an HSM):

$ touch file
$ openssl aes-256-cbc -pbkdf2 -nosalt -P -in file -pass pass:testpassphrase


key=4E1F51BCB47608C267B9AE35E4648926D8A9E671521747E942857FC9671FC52B
iv =F773521265678AB0F4D6AA9AFED6912A

real    0m0.026s
user    0m0.023s
sys     0m0.004s

So I wanted to know why does it take so long to generate keys on the HSM ? or am I doing something wrong ?

Note that this is high end and expensive HSM.

pgp – Import secret key into GnuPg doesn’t work?

I would like to import a private key into GPG so I did:

gpg --allow-secret-key-import --import /path/to/key/key.asc
gpg: key 51D5DF493ECAFF88: "John Doe <john.doe@acme.com>" not changed
gpg: key 51D5DF493ECAFF88: secret key imported
gpg: Total number processed: 1
gpg:              unchanged: 1
gpg:       secret keys read: 1
gpg:  secret keys unchanged: 1

But then, the key is not listed :

$ gpg --list-secret-keys | grep 51D5DF493ECAFF88
(nothing)

What’s wrong?

$ gpg --list-packets /path/to/key/key.asc | grep dummy
(nothing)

$ gpg --version
gpg (GnuPG) 2.2.4
libgcrypt 1.8.1