Sunday, March 05, 2006
Another Update VFPEncryption FLL

Kenneth Reproduces another RC4 Bug

Using the previous update to the VFP Encryption FLL, Kenneth Tamayo reproduces another bug in the RC4 code of the vfpencryption71.fll (also exists in vfpencryption.fll) and posts some repro code in the comments section of my previous blog entry.

Another great catch Kenneth! I have made the appropriate fixes in the vfpencryption.fll and vfpencryption71.fll code. These bug reports and fixes are very important since RC4 is perhaps one of the more useful ciphers in the FLLs when working with table data as it provides for ciphertext that is the same length as the plaintext. My thanks to Kenneth for his help. Here are the downloads for the newest versions of both FLLs and also the repro code for this latest bug and the previous bug that Kenneth reported that are now fixed.

Download the Latest Version of the VFP Encryption FLL (58 KB approx.)
(compiled with Visual Studio 2005 and requires the C++ 8.0 runtimes)

Download the Latest Version of the VFP Encryption 71 FLL (59 KB approx.)
(compiled with Visual Studio 2003 and requires the C++ 7.1 runtimes)

Code to Reproduce Bugs in previous versions of the FLLs using the RC4 stream cipher:

SET LIBRARY TO (LOCFILE("vfpencryption.fll")) && or vfpencryption71.fll

CREATE cursor myTable (myField C(28))

*!* Shows new bugs that Kenneth reported are fixed
INSERT INTO myTable (myField) VALUES ("CALLE RAFAEL GIMENEZ")
INSERT INTO myTable (myField) VALUES ("CALLE GONZALO BERCEO")
INSERT INTO myTable (myField) VALUES ("COND COOP EL ALCAZAR")
INSERT INTO myTable (myField) VALUES ("CALLE MANUEL F ROSSY")
INSERT INTO myTable (myField) VALUES ("CALLE EFIGENIO COCO FERRER")
INSERT INTO myTable (myField) VALUES ("CALLE MANUEL JIMENEZ")
INSERT INTO myTable (myField) VALUES ("COND EST DEL BLVD")
INSERT INTO myTable (myField) VALUES ("URB PRADO ALTO")
INSERT INTO myTable (myField) VALUES ("HACIENDA LOMAS")
*!* Shows bug from before that Kenneth reported is fixed
INSERT INTO myTable (myField) VALUES ("QTAS DE CANOVANAS")

BROWSE TITLE "Data is Inserted... (No problem)"
REPLACE ALL MyField WITH ENCRYPT(mytable.MyField,"RUSHLIFE",1024)

BROWSE TITLE "Data is Encrypted... (No problem)"
REPLACE ALL MyField WITH DECRYPT(mytable.MyField,"RUSHLIFE",1024)

BROWSE TITLE "Data is Decrypted... (Bugs are now fixed)"

SET LIBRARY TO

Monday, March 06, 2006 3:35:42 AM (Central Standard Time, UTC-06:00)  #    Comments [7]
Tuesday, March 07, 2006 8:28:17 PM (Central Standard Time, UTC-06:00)
Craig,

I'm having an issue with the HashFile() function. It will work fine, until it doesn't, then it won't work at all until I re-load the FLL.

All VFP tells me is:
API call caused an exception.

I can consistantly reproduce the error by repeatedly calling:
?STRCONV(HashFile("path\to\a\file", 2), 15)

++Alan
Alan Stevens
Saturday, March 11, 2006 10:14:52 PM (Central Standard Time, UTC-06:00)
Craig,

The VFP Encryption FLL is a gem!!!

I've tested the RC4 functionality in the revised "VFP Encryption FLL" and found NO ERRORS/BUGS to report at this time.

I can't wait to find the time to implement it in my applications.

CONGRATULATIONS!!! Please keep up the remarkable work!!!



Kenneth Tamayo
Thursday, April 06, 2006 5:09:08 AM (Central Daylight Time, UTC-05:00)
As of today, the problem that Alan Stevens posted about above is fixed. I have replaced the zip files on the server with the newer versions of vfpencryption.fll and vfpencryption71.fll.
Craig Boyd
Monday, April 10, 2006 4:58:41 PM (Central Daylight Time, UTC-05:00)
Craig,

You totally rock! I can confirm that I no longer get the API exception message.

This is a terrific tool. Thanks for your generous contributions to the VFP community.

++Alan
Alan Stevens
Wednesday, August 30, 2006 6:35:28 PM (Central Daylight Time, UTC-05:00)
Hi Craig,

I'm having trouble with accented characters.

Check this example:

a = Encrypt([Garçon],[RUSHLIFE],1024)
? Decrypt(a,[RUSHLIFE],1024)

Note how the decrypted string does not match the original.

Also, where can I get some info on the 3rd parameter (1024??).

Thanks,

Henry
Henry Dagher
Friday, September 22, 2006 7:49:51 AM (Central Daylight Time, UTC-05:00)
Hi Henry,

Thanks for the heads-up regarding accented characters. I'll check that out and see what is going on. As for documentation you can find the full documentation for the functions at the following url...
http://www.sweetpotatosoftware.com/SPSBlog/PermaLink,guid,5d4a0cf0-7d1d-4353-a49b-667946ff1c81.aspx
Craig Boyd
Thursday, February 08, 2007 4:30:34 PM (Central Standard Time, UTC-06:00)
I accidentally passed some encoded base64 text to the decrypt function and it produced an API Exception. Is it possible to avoid such errors by having the Decrypt function detect this situation and return an empty string instead of causing an error?
Simon White
Name
E-mail
(will show your gravatar icon)
Home page

Comment (Some html is allowed: a@href@title, b, blockquote@cite, em, i, strike, strong, sub, super, u)  

Enter the code shown (prevents robots):

© Copyright 2008 SweetPotato Software, Inc.
RSS 2.0|Atom 1.0|CDF  Send mail to the author(s) | Page rendered at Wednesday, August 20, 2008 1:40:38 PM (Central Daylight Time, UTC-05:00)
 

Archive

<August 2008>
SunMonTueWedThuFriSat
272829303112
3456789
10111213141516
17181920212223
24252627282930
31123456