Hi Arne,
thank for kind words about CryptPak :). The reason why I didn't give the possibility to select the different algorith was that I've some problems during declaring entry point and I didn't want anybody has problems with it.
I've better program for you - it is BCA.DLL (which you can download at
http://www.volny.cz/petricm/dll095ge.zip - it is freeware and you can also download sources on that page (but the page is just in Czech :))). After that you can select from following alg : AES, Cast, Blowfish, Twofish. Using it is simple :
first declare entry points:
DECLARE INTEGER bc_version IN bca.DLL
DECLARE INTEGER bc_encryptdata IN bca.DLL ;
STRING plaintext, ;
INTEGER plainsize, ;
STRING PASSWORD, ;
STRING @ ciphertext, ;
INTEGER @ ciphersize, ;
INTEGER hash_level, ;
INTEGER crypt_level
DECLARE INTEGER bc_decryptdata IN bca.DLL ;
STRING ciphertext,;
INTEGER ciphersize,;
STRING PASSWORD,;
STRING @ plaintext,;
INTEGER @ plainsize,;
INTEGER crypt_level
For example for AES (to test that enc/dec works):
bca("D",bca("E",lcText, lcPass, 0x30000001), lcPass, 0x30000001)
where BCA.PRG is :
PROCEDURE bca (pcType, pcText, pcPassword, lnCryptLevel)
LOCAL lnHashLevel, lnCryptLevel, lnPlainSize, lcCipherText, lnCipherSize, lnCryptSize, lcPlainText
ASSERT pcType$"ED"
lnHashLevel = 1
IF pcType="E"
lnPlainSize = LEN(pcText)
lcCipherText = SPACE(lnPlainSize + 4)
lnCipherSize = LEN(lcCipherText)
IF bc_encryptdata (;
pcText, ;
lnPlainSize, ;
pcPassword, ;
@lcCipherText, ;
@lnCipherSize, ;
lnHashLevel, ;
lnCryptLevel) = 0
RETURN lcCipherText
ELSE
ERROR "Error in BCA!"
RETURN ""
ENDIF
ELSE
lnCryptSize = LEN(pcText)
lcPlainText = SPACE(lnCryptSize - 4)
lnPlainSize = LEN(pcText)
IF bc_decryptdata (;
pcText, ;
lnCryptSize, ;
pcPassword, ;
@lcPlainText, ;
@lnPlainSize, ;
lnCryptLevel) = 0
RETURN lcPlainText
ELSE
ERROR "Error in BCA!"
RETURN ""
ENDIF
ENDIF
Best regards,
Milan
>Hi All,
>
>been away for a while; hope everyone's doing well.
>
>Last year I asked a question about an OCX or other control/class that might provide robust encryption and a couple of you responded with ideas. However, the suggestions will not quite work in my situation. My original request was:
>
>"Anyone know of a good, tight little OCX (or other class library) that offers 'robust' encryption like DES? The application here will pass sensitive data over an 'open' Internet connection via ODBC (to a mySQL d/b) and I need to have the data strongly encrypted and then read from the d/b and unencrypted on the other side by Perl and PHP scripts. So, something that uses certs would be ideal but pass-phrase based encryption would probably be ok too. I suppose I'm looking for something that would be 'compatible' with "mcrypt.so" for PHP, or one of Crypt::DES, Crypt::Blowfish or Crypt::RSA for Perl. Any suggestions welcomed including commercial solicitations."
>
>I should add to this that it MUST work under VFP6 (I know that 7 and 8 have a crypt function (of sorts) built-in). The most promising suggestion was to use CryptPak by Milan Kosina which supports Blowfish. However, this will not work because the idea is to read ALREADY encrypted data from a SQL d/b on a webserver that has been encrypted using PHP.mcrypt or Perl.Crypt. The CryptPak has abstracted the encryption process somewhat and does not offer a choice of encryption mode (CBC, ECB, etc) nor of algorithm (DES, 3DES, Blowfish, etc., etc.) - it simply offers "robust" encryption and decryption.
>
>As an aside, I should point out that because CryptPak uses a (presumably at least to some) known IV and algorithm/mode, it is not actually as secure as it might be.
>
>In order to be truly useful, I need something that I can use in VFP that will IDEALLY let me specify mode and algorithm AND also let me specify an Input Vector (sometimes referred to as crypt.IV or crypt-4). At a minimum, I must know what mode/algo/IV the control or class uses - something I can't seem to figure out for CryptPak.
>
>So, after all that... anyone have any suggestions?
>
>Cheers,
>
>-Arne
