 |
| ASP Forms As of Oct 5, 2005, this forum is now locked. Please use "Classic ASP beginner" at http://p2p.wrox.com/forum.asp?FORUM_ID=54 or "Classic ASP Professional" http://p2p.wrox.com/forum.asp?FORUM_ID=56 instead. |
Welcome to the p2p.wrox.com Forums.
You are currently viewing the ASP Forms section of the Wrox Programmer to Programmer discussions. This is a community of software programmers and website developers including Wrox book authors and readers. New member registration was closed in 2019. New posts were shut off and the site was archived into this static format as of October 1, 2020. If you require technical support for a Wrox book please contact http://hub.wiley.com
|
|
|
|
January 30th, 2004, 09:20 PM
|
|
Friend of Wrox
|
|
Join Date: Jul 2003
Posts: 112
Thanks: 0
Thanked 0 Times in 0 Posts
|
|
Encryption routine
I'm looking for source code to encrypt arbitrary string data before storing into SQL database field.
Currently using RC4 en/decryption routine. But would like to use AES encryption.
Anyone know/have AES routine suitable for use in ASP page?
|
|
February 9th, 2004, 10:50 PM
|
|
Registered User
|
|
Join Date: Feb 2004
Posts: 5
Thanks: 0
Thanked 0 Times in 0 Posts
|
|
Try This link:
http://www.frez.co.uk/freecode.htm#rijndael
if you manage to separate out the encryption and decryption routines into separate functions i would be really grateful if you could email me the result to : [email protected]
Thanks
Joe
|
|
February 10th, 2004, 01:22 AM
|
|
Friend of Wrox
|
|
Join Date: Jul 2003
Posts: 112
Thanks: 0
Thanked 0 Times in 0 Posts
|
|
Excellent!
Thank you for the link. It's all there in rijndaeltest.asp!
Most of it is initialization of the cypher tables and formating for demo purposes.
Let me analyze this code a bit further before I reply to you in full...
Thanks again!
|
|
February 10th, 2004, 09:00 AM
|
|
Registered User
|
|
Join Date: Feb 2004
Posts: 5
Thanks: 0
Thanked 0 Times in 0 Posts
|
|
Yeah i worked out that you don't really need most of the script - as far as i can work out it's just the last bit of rijndaeltest.asp that you need, but i couldn't figure how to encode the key into binary for the decrryption routine if it wasn't taken straight from the encryption routine.
Basically i wanted to split this bit of the code into two functions, something like:
sPlain = "Plain text"
sPassword = "0x060x020000000000000xa4000000000x520x530x410 x31"
'-------------------------------------------------------------
function Encrypt(sPlain, sPassword)
lLength = Len(sPlain)
ReDim bytIn(lLength-1)
For lCount = 1 To lLength
bytIn(lCount-1)=CByte(AscB(Mid(sPlain,lCount,1)))
Next
lLength = Len(sPassword)
ReDim bytPassword(lLength-1)
For lCount = 1 To lLength
bytPassword(lCount-1)=CByte(AscB(Mid(sPassword,lCount,1)))
Next
bytOut = EncryptData(bytIn, bytPassword)
sTemp = ""
For lCount = 0 To UBound(bytOut)
sTemp = sTemp & Right("0" & Hex(bytOut(lCount)), 2)
Next
Response.Write "Encrypted=" & sTemp & "<BR>"
End Function
'--------------------------------------------------------
Function DoDecrypt(bytOut, bytPassword)
bytClear = DecryptData(bytOut, bytPassword)
lLength = UBound(bytClear) + 1
sTemp = ""
For lCount = 0 To lLength - 1
sTemp = sTemp & Chr(bytClear(lCount))
Next
Response.Write "Decrypted=" & sTemp & "<BR>"
Response.Write "<BR>"
End Function
'------------------------------------------------------
So if you try and run the DoDecrypt function you need the binary encrypted strings for both the password and the string. Any ideas?
The password's going to have to be randomly generated and encrypted with a second, asymmetric encryption like RSA, using a public key before it's saved to the database, so you decrypt the key using RSA (Private Key) then decrypt the data using the key and the AES encrypted string.
AAgh! Security is so hard!
Many thanks for your help
Joe
|
|
February 11th, 2004, 01:42 PM
|
|
Friend of Wrox
|
|
Join Date: Jul 2003
Posts: 112
Thanks: 0
Thanked 0 Times in 0 Posts
|
|
I have the exact problem. In fact my plain text version of the encrypt routine is identical! My decrypt routine below does not work due to a compiler error.
I'm baffled as to why I'm getting an error on UBound()...
<%
Function MyDecrypt(sCypher, sPassword)
Dim bytIn()
Dim bytPassword()
lLength = Len(sCypher)
ReDim bytIn(lLength-1)
For lCount = 1 To lLength
bytIn(lCount-1)=CByte(AscB(Mid(sCypher,lCount,1)))
Next
lLength = Len(sPassword)
ReDim bytPassword(lLength-1)
For lCount = 1 To lLength
bytPassword(lCount-1)=CByte(AscB(Mid(sPassword,lCount,1)))
Next
bytOut = DecryptData(bytIn, bytPassword)
lLength = UBound(bytOut) + 1 ' <- data type error here!
sTemp = ""
For lCount = 0 To lLength - 1
sTemp = sTemp & Chr(bytOut(lCount))
Next
MyDecrypt = sTemp
End Function
%>
<%
sCypher = MyEncrypt("test messsage", "test password")
' do something with sCypher here...
sClear = MyDecrypt(sCypher,"test password")
%>
|
|
February 11th, 2004, 09:07 PM
|
|
Registered User
|
|
Join Date: Feb 2004
Posts: 5
Thanks: 0
Thanked 0 Times in 0 Posts
|
|
I think something to do with the fact that the password/string has to be byte-encoded but i have no idea how to do it!
Had me puzzled for two days then i had to quit - the prob is i cant save the byte-encoded data into the database and i can't convert it back to bytes if i save as text to the database. Have tried contacting the author but don't know if he will oblige as it's free anyway.
The other alternative may be to use a COM object, which there are a few of around but u need to get your server administrator to install it if you;re not running your own.
Any joy on the problem please let me know. Would love to get this working.
There's a javascript aes encrypter here: http://www.fourmilab.ch/javascrypt/ but the code is well complicated.
See what you can do!
Joe
|
|
February 12th, 2004, 12:21 AM
|
|
Friend of Wrox
|
|
Join Date: Jul 2003
Posts: 112
Thanks: 0
Thanked 0 Times in 0 Posts
|
|
I figured it out... :)
The problem was to come up with the inverse of the Hex encoding code fragment... (see below in decrypt routine)
My plain text encrypt and decrypt routines below:
<%
Function MyEncrypt(sPlain, sPassword)
Dim bytIn()
Dim bytPassword()
lLength = Len(sPlain)
ReDim bytIn(lLength-1)
For lCount = 1 To lLength
bytIn(lCount-1) = CByte(AscB(Mid(sPlain,lCount,1)))
Next
lLength = Len(sPassword)
ReDim bytPassword(lLength-1)
For lCount = 1 To lLength
bytPassword(lCount-1) = CByte(AscB(Mid(sPassword,lCount,1)))
Next
bytOut = EncryptData(bytIn, bytPassword)
sTemp = ""
For lCount = 0 To UBound(bytOut)
sTemp = sTemp & Right("0" & Hex(bytOut(lCount)), 2)
Next
MyEncrypt = sTemp
End Function
Function MyDecrypt(sCypher, sPassword)
Dim bytIn()
Dim bytPassword()
Dim n ' sorry... one more variable
'+
' Following creates byte array from hex encoded ascii string
'-
lLength = Len(sCypher)
ReDim bytIn(lLength/2-1)
For lCount = 1 To lLength Step 2
bytIn(n) = CByte("&H" & Mid(sCypher,lCount,2))
n = n + 1
Next
lLength = Len(sPassword)
ReDim bytPassword(lLength-1)
For lCount = 1 To lLength
bytPassword(lCount-1) = CByte(AscB(Mid(sPassword,lCount,1)))
Next
lLength = UBound(bytIn) + 1
sTemp = ""
For lCount = 0 To lLength - 1
sTemp = sTemp & Chr(bytIn(lCount))
Next
bytOut = DecryptData(bytIn, bytPassword)
lLength = UBound(bytOut) + 1
sTemp = ""
For lCount = 0 To lLength - 1
sTemp = sTemp & Chr(bytOut(lCount))
Next
MyDecrypt = sTemp
End Function
%>
The test page below:
<%
Dim sPlain
Dim sPassword
' I plan to use it to encrypt credit card numbers...
sPlain = "4128-5388-6474-3319"
' Use a complex key (created by GUIDGen from MS)
sPassword = "{43CD41AD-3B78-3531-9031-3059E0AA64EB}"
Response.Write "Message=" & sPlain & "<BR>"
Response.Write "Key=" & sPassword & "<BR>"
sCypher = MyEncrypt(sPlain , sPassword)
' do something with sCypher here e.g. store into database
Response.Write "Encrypted=" & sCypher & "<BR>"
Response.Write "Decrypted=" & MyDecrypt(sCypher, sPassword) & "<BR>"
%>
|
|
February 12th, 2004, 01:37 AM
|
|
Friend of Wrox
|
|
Join Date: Jul 2003
Posts: 112
Thanks: 0
Thanked 0 Times in 0 Posts
|
|
Sorry for the double post... Couldn't find edit button.
Updated:
<%
Function MyEncrypt(sPlain, sPassword)
Dim bytIn()
Dim bytPassword()
Dim lCount
Dim lLength
lLength = Len(sPlain)
ReDim bytIn(lLength-1)
For lCount = 1 To lLength
bytIn(lCount-1) = CByte(AscB(Mid(sPlain,lCount,1)))
Next
lLength = Len(sPassword)
ReDim bytPassword(lLength-1)
For lCount = 1 To lLength
bytPassword(lCount-1) = CByte(AscB(Mid(sPassword,lCount,1)))
Next
bytOut = EncryptData(bytIn, bytPassword)
sTemp = ""
For lCount = 0 To UBound(bytOut)
sTemp = sTemp & Right("0" & Hex(bytOut(lCount)), 2)
Next
MyEncrypt = sTemp
End Function
Function MyDecrypt(sCypher, sPassword)
Dim bytIn()
Dim bytPassword()
Dim lCount
Dim lLength
lLength = Len(sCypher)
ReDim bytIn(lLength/2-1)
For lCount = 0 To lLength/2-1
bytIn(lCount) = CByte("&H" & Mid(sCypher,lCount*2+1,2))
Next
lLength = Len(sPassword)
ReDim bytPassword(lLength-1)
For lCount = 1 To lLength
bytPassword(lCount-1) = CByte(AscB(Mid(sPassword,lCount,1)))
Next
bytOut = DecryptData(bytIn, bytPassword)
lLength = UBound(bytOut) + 1
sTemp = ""
For lCount = 0 To lLength - 1
sTemp = sTemp & Chr(bytOut(lCount))
Next
MyDecrypt = sTemp
End Function
%>
|
|
|
