Hi,
I'm in the process about migrating encrypted data (it is a database of passwords to foreign databases) from one application to another, and in the same process I would make the data safe for a later X# migration.
Currently the passwords are encrypted using the VO Crypt() function and saved to a DBFCDX table.
The target application uses a ADS database, and I'm migrating because I need the SQL access for faster searching.
My question now is how to encrypt the data so it can be used from both X# and VO, and in both ADS and DBFCDX.
For the last step I have thought about enconding the crypted string in Base64, so there is no danger to corrupt the data in the database layer.
But what about the encrypting itself?
Wolfgang
Question about saving encrypted data
Question about saving encrypted data
Wolfgang Riedmann
Meran, South Tyrol, Italy
wolfgang@riedmann.it
https://www.riedmann.it - https://docs.xsharp.it
Meran, South Tyrol, Italy
wolfgang@riedmann.it
https://www.riedmann.it - https://docs.xsharp.it
-
lumberjack
- Posts: 723
- Joined: Fri Sep 25, 2015 3:11 pm
Question about saving encrypted data
Hi Wolfgang,
Think it is easy enough to adapt to be consistent over any platform, and since it is only a number that is stored in the DB, relatively difficult to detect what the "Password" was.
HTH,
I moved away from traditional encryption and ended with this one-way encryption algorithm that I adapt as required.wriedmann wrote:Hi,
But what about the encrypting itself?
Wolfgang
Code: Select all
FUNCTION EncryptS2N(cString AS STRING) AS WORD
LOCAL nChar, nRetVal, nSLen AS WORD
LOCAL cSoundex AS STRING // Might want to remove this if there are differences in Soundex()
nRetVal := 0
cSoundex := SoundEx(cString := Trim(cString))
nSLen := SLen(cSoundex)
FOR nChar := 1 UPTO nSLen
nRetVal += Asc(SubStr3(cSoundex, nChar, 1))
NEXT
nSLen := SLen(cString)
FOR nChar := 1 UPTO nSLen
nRetVal += Asc(SubStr3(cString, nChar, 1))
NEXT
nRetVal *= nSLen
RETURN nRetVal
Code: Select all
EncryptS2N(sPwd + sUsr + sKey)Question about saving encrypted data
Hi Johan,
I cannot use any one-way encryption as I need to display the passwords (they are not the passwords to access my system, but for a lot of other different systems).
Wolfgang
I cannot use any one-way encryption as I need to display the passwords (they are not the passwords to access my system, but for a lot of other different systems).
Wolfgang
Wolfgang Riedmann
Meran, South Tyrol, Italy
wolfgang@riedmann.it
https://www.riedmann.it - https://docs.xsharp.it
Meran, South Tyrol, Italy
wolfgang@riedmann.it
https://www.riedmann.it - https://docs.xsharp.it
-
lumberjack
- Posts: 723
- Joined: Fri Sep 25, 2015 3:11 pm
Question about saving encrypted data
Hi Wolfgang,
where key is Replicated internally to string.length
Regards,
Well you can always just use a xor(string, key)wriedmann wrote: I cannot use any one-way encryption as I need to display the passwords (they are not the passwords to access my system, but for a lot of other different systems).
where key is Replicated internally to string.length
Regards,
Question about saving encrypted data
That's not implemented yet, but I think the best solution is that we implement Crypt() so that it uses a byte array to hold the encrypted string. So we implement 2 overloads:
1. For encrypting:
FUNCTION Crypt(cText AS STRING) AS BYTE[]
this will first convert the (unicode) string input to an ansi 8-bit string, then crypt this with the exact same method that VO uses. Then return the crypted data as a BYTE array that can be save directly to dbfs, text files etc. This data cannot be reliably converted to unicode, because it does not consist of "real" text, so many chars will not have ansi->unicode equivalents.
2. For decrypting:
FUNCTION Crypt(aCrypted AS BYTE[]) AS STRING
this will take the crypted data that was stored to a dbf or file, decrypt it, and convert/return it as a normal unicode string, which will be the same as the original one.
Should be relatively easy to implement this quickly. Do you guys agree about the above?
1. For encrypting:
FUNCTION Crypt(cText AS STRING) AS BYTE[]
this will first convert the (unicode) string input to an ansi 8-bit string, then crypt this with the exact same method that VO uses. Then return the crypted data as a BYTE array that can be save directly to dbfs, text files etc. This data cannot be reliably converted to unicode, because it does not consist of "real" text, so many chars will not have ansi->unicode equivalents.
2. For decrypting:
FUNCTION Crypt(aCrypted AS BYTE[]) AS STRING
this will take the crypted data that was stored to a dbf or file, decrypt it, and convert/return it as a normal unicode string, which will be the same as the original one.
Should be relatively easy to implement this quickly. Do you guys agree about the above?
Chris Pyrgas
XSharp Development Team test
chris(at)xsharp.eu
XSharp Development Team test
chris(at)xsharp.eu
Question about saving encrypted data
Hi Chris,
yes, this would be a solution.
To save then the crypted string to a database field I can use base64 encoding.
So I can now implement it with VO and can be sure that it will work afterwards also with X# (this application will be the first one migrated entirely to X#).
The Crypt() key will remain a string, or better a byte array?
Wolfgang
yes, this would be a solution.
To save then the crypted string to a database field I can use base64 encoding.
So I can now implement it with VO and can be sure that it will work afterwards also with X# (this application will be the first one migrated entirely to X#).
The Crypt() key will remain a string, or better a byte array?
Wolfgang
Wolfgang Riedmann
Meran, South Tyrol, Italy
wolfgang@riedmann.it
https://www.riedmann.it - https://docs.xsharp.it
Meran, South Tyrol, Italy
wolfgang@riedmann.it
https://www.riedmann.it - https://docs.xsharp.it
Question about saving encrypted data
Hi Wolfgang,
You will not need BASE64 conversion to save the encrypted string in a dbf, instead the X# runtime will include commands for saving directly byte arrays to dbfs, so you will be able to save the result of Crypt() directly!
Yes, the key is not affected, at least as long as it is a "real" text string. You are not using keys with random ascii chars, right?
Chris
You will not need BASE64 conversion to save the encrypted string in a dbf, instead the X# runtime will include commands for saving directly byte arrays to dbfs, so you will be able to save the result of Crypt() directly!
Yes, the key is not affected, at least as long as it is a "real" text string. You are not using keys with random ascii chars, right?
Chris
Chris Pyrgas
XSharp Development Team test
chris(at)xsharp.eu
XSharp Development Team test
chris(at)xsharp.eu
Question about saving encrypted data
Hi Chris,
I would prefer Base64 so there is no possibilty that data will be corrupted between VO and X#. And there is ADS also in the middle....
Wolfgang
I would prefer Base64 so there is no possibilty that data will be corrupted between VO and X#. And there is ADS also in the middle....
Wolfgang
Wolfgang Riedmann
Meran, South Tyrol, Italy
wolfgang@riedmann.it
https://www.riedmann.it - https://docs.xsharp.it
Meran, South Tyrol, Italy
wolfgang@riedmann.it
https://www.riedmann.it - https://docs.xsharp.it
Question about saving encrypted data
Hi Wolfgang,
Yes, Base64 is better in the sense that you can use it even now, without any considerations etc. Only problem is it can't be used when needing to reuse existing data already stored in dbfs from VO apps that do not use Base64 storing.
But the byte array method will be perfectly safe, too. Only thing that could go wrong is if you are not using standard text of the system's locale settings, for example if you use strings in your (.Net) app from different (human) languages, in which case Crypt() itself will not work properly anyway.
This was never an issue in VO, as it did not have unicode strings anyway to make this a possibility, but if you do that in .Net (you use for example both English, Greek, Cyrillic, German, Spanish etc special chars in your apps and want to crypt such texts) that you'll need to use a different mechanism for encryption, most probably one of the build in .Net classes.
Chris
Yes, Base64 is better in the sense that you can use it even now, without any considerations etc. Only problem is it can't be used when needing to reuse existing data already stored in dbfs from VO apps that do not use Base64 storing.
But the byte array method will be perfectly safe, too. Only thing that could go wrong is if you are not using standard text of the system's locale settings, for example if you use strings in your (.Net) app from different (human) languages, in which case Crypt() itself will not work properly anyway.
This was never an issue in VO, as it did not have unicode strings anyway to make this a possibility, but if you do that in .Net (you use for example both English, Greek, Cyrillic, German, Spanish etc special chars in your apps and want to crypt such texts) that you'll need to use a different mechanism for encryption, most probably one of the build in .Net classes.
Chris
Chris Pyrgas
XSharp Development Team test
chris(at)xsharp.eu
XSharp Development Team test
chris(at)xsharp.eu
Question about saving encrypted data
Hi Chris,
I'm in the process to transfer the functionality and the data from one VO application to another one. The current application is based on DBFCDX, and the destination application uses AXDBFCDX, so I need to transfer the data, and in this process I can do some translations.
Wolfgang
I'm in the process to transfer the functionality and the data from one VO application to another one. The current application is based on DBFCDX, and the destination application uses AXDBFCDX, so I need to transfer the data, and in this process I can do some translations.
Wolfgang
Wolfgang Riedmann
Meran, South Tyrol, Italy
wolfgang@riedmann.it
https://www.riedmann.it - https://docs.xsharp.it
Meran, South Tyrol, Italy
wolfgang@riedmann.it
https://www.riedmann.it - https://docs.xsharp.it