# Monday, August 10, 2009

The free vfpencryption71.fll and vfpencryption.fll have been updated. Changes include:

  • Bug fixes for Blowfish encryption (including blocksize and allowing keysize between 8 and 448 bits)
  • Bug fixes to modes CBC and CFB - operate correctly now.
  • Added ability to specify padding, key size, block size, and initialization vector (IV) where applicable (these changes allow compatibility with .NET and other encryption systems as well as the ability to adhere specifically to the AES specification as set out in the FIPS 197 Specification).
  • Added mode OFB to encryption/decryption algorithms.
  • Padding types supported are Zeroes (NULLs), Spaces (blanks), PKCS7, ANSI X.923, and ISO 10126.
  • Added HMAC() function that works with all supported hash types.
  • Added VFP test program files to the downloads that allow developers to see for themselves that return values are correct for various functions provided by the FLL.
  • Added GenerateKey() function that will return a random key or IV based on some specified rules (parameters).
  • Corrected and updated documentation (see below).
Please provide feedback here or send me an email if you run into any problems with this latest version. You'll be able to tell from the test program files (Test Vectors) that I did a lot of testing on my own to make sure that this version was solid. I also did a number of tests between .NET System.Security.Cryptography classes (such as RijndaelManaged for instance) and this FLL to ensure that there was a good deal of compatibility.

The vfpencryption71.fll requires the VC++ 7.1 runtimes whereas the vfpencryption.fll requires the VC++ 9.0 runtimes. If you are getting a "FLL is Invalid" error when running either of these FLLs it is because you are missing the runtimes on the system you are deploying your application on. What about the previous vfpencryption.fll that used the VC++ 8.0 runtimes? I continue to update to the latest Visual Studio (10.0 will be next) and I suggest you do the same. Most VFP developers are using the vfpencryption71.fll as the C runtime matches the one used for VFP 9.0 (msvcr71.dll) and it provides the exact same functionality as vfpencryption.fll. However, I have had numerous requests for an updated build of the FLL using the latest Visual Studio, so I include it below.

Download the Latest Version of the vfpencryption71.fll (134 KB approx.)

Download the Latest Version of the vfpencryption.fll (142 KB approx.)



vfpencryption71.fll/vfpencryption.fll Documentation...

Function ENCRYPT()

Signature: Encrypt(cStringtoEncrypt, cSecretKey[, nEncryptionType[, nEncryptionMode[, nPaddingType[, nKeySize[, nBlockSize[, cIV]]]]]])

Parameters:

cStringtoEncrypt - A plain text string that you want to have encrypted, such as "Hello World!"

cSecretKey - A plain text string that is the Key you want used during encryption, such as "My_SeCrEt_KeY".
Please note that keys may need to be of a particular length for certain types of encryption. Refer below for more information.

nEncryptionType - There are currently 5 types of encryption available. The value of this parameter determines that type of encryption used and how long your Secret Key should be. A single character in Visual FoxPro is equal to 1 byte or 8 bits. So an encryption algorithm requiring a 128-bit key would need a Secret Key of 16 characters (16 x 8 = 128).

0 = Rijndael\AES 128 (requires a 16 character Key)
1 = Rijndael\AES 192 (requires a 24 character Key)
2 = Rijndael\AES 256 (requires a 32 character Key) *Default
4 = Blowfish (key between 1 and 56 characters)
8 = TEA (requires a 16 character Key)
1024 = RC4 (Key can be any length)

nEncryptionMode - There are three different modes available for the each of the encryption types listed above. They include: Electronic Code Book (ECB), Cipher Block Chaining (CBC), Cipher Feedback Block (CFB), and Output Feedback Block. The nEncryptionMode parameter does not apply to RC4 encryption (nEncryptionType = 1024).

0 = ECB *Default
1 = CBC
2 = CFB
3 = OFB

nPaddingMode - For Block Ciphers the cStringtoEncrypt is padded to a multiple of the block size for the algorithm. Setting this parameter allows you to specify how this padding is done.

0 = Zeroes (NULLs) *Default
1 = Spaces (blanks)
2 = PKCS7
3 = ANSI X.923
4 = ISO 10126

nKeySize - The size of the cSecretKey in bytes (characters).

nBlockSize - The block size the nEncryptionType should use.

cIV - The Initialization Vector (IV) that should be used for CBC, CFB, and OFB modes should use. This IV should match the specified nBlockSize in total bytes (characters).

Return Value:

Character data type - the encrypted form of cStringtoEncrypt.

Remarks:

When saving the return value of Encrypt() function to a field in a table, remember that Visual FoxPro will append blanks to the end of the string in order to fill the character field to its designated length. This can cause problems when decrypting the data as the spaces will be considered part of the encrypted string. To work around this, I suggest placing a single CHR(0) at the end of the encrypted string when saving it to the table. Then when decrypting the data just the portion prior to the CHR(0) can be sent into the Decrypt() function. This does not apply when using RC4 encryption (nEncryptionType = 1024).


Function DECRYPT()

Signature: Decrypt(cEncryptString, cSecretKey[, nDecryptionType[, nDecryptionMode[, nPaddingType[, nKeySize[, nBlockSize[, cIV]]]]]])

Parameters:

cEncryptedString - A string that has been encrypted using the Encrypt() function.

cSecretKey - A plain text string that is the same Key that you used when you encrypted the data using the Encrypt function, such as "My_SeCrEt_KeY".
Please note that keys may need to be of a particular length for certain types of decryption. Refer below for more information.

nDecryptionType - There are currently 5 types of decryption available and they correspond to the same ones available in Encrypt(). A single character in Visual FoxPro is equal to 1 byte or 8 bits. So an decryption algorithm requiring a 128-bit key would need a Secret Key of 16 characters (16 x 8 = 128).

0 = Rijndael\AES 128 (requires a 16 character Key)
1 = Rijndael\AES 192 (requires a 24 character Key)
2 = Rijndael\AES 256 (requires a 32 character Key) *Default
4 = Blowfish (key between 1 and 56 characters)
8 = TEA (requires a 16 character Key)
1024 = RC4 (Key can be any length) 

nDecryptionMode - There are three different modes available for the each of the encryption types listed above. They include: Electronic Code Book (ECB), Cipher Block Chaining (CBC), Cipher Feedback Block (CFB), and Output Feedback Block. The nDecryptionMode parameter does not apply to RC4 decryption (nDecryptionType = 1024).

0 = ECB *Default
1 = CBC
2 = CFB
3 = OFB

nPaddingMode - For Block Ciphers the cStringtoEncrypt is padded to a multiple of the block size for the algorithm. Setting this parameter allows you to specify how this padding is done.

0 = Zeroes (NULLs) *Default
1 = Spaces (blanks)
2 = PKCS7
3 = ANSI X.923
4 = ISO 10126

nKeySize - The size of the cSecretKey in bytes (characters).

nBlockSize - The block size the nEncryptionType should use.

cIV - The Initialization Vector (IV) that should be used for CBC, CFB, and OFB modes should use. This IV should match the specified nBlockSize in total bytes (characters).

Return Value:

Character data type - the decrypted form of cEncryptedString followed by a variable number of CHR(0)s. See Remarks below for further clarification

Remarks:

IMPORTANT: Decryption is done on blocks of memory, so when the decrypt function returns the encrypted string it will be followed by a variable number of CHR(0)s unless the decrypted string just happens to end at exactly the same location as the last block decrypted. These extraneous CHR(0)'s can be removed using a number of Visual FoxPro functions, such as STRTRAN(), CHRTRAN(), or a combination of LEFT() and AT(). This does not apply when using RC4 decryption (nDecryptionType = 1024).



Function ENCRYPTFILE()

Signature: EncryptFile(cFiletoEncrypt, cDestinationFile, cSecretKey[, nEncryptionType[, nEncryptionMode[, nPaddingType[, nKeySize[, nBlockSize[, cIV]]]]]])

Parameters:

cFiletoEncrypt - A plain text string that is the fullpath to the file you wish to be encrypted, such as "C:\SensitiveInfo.doc"

cDestinationFile - A plain text string that is the fullpath to an encrypted file you wish to have created on disk, such as "C:\EncryptedInfo.doc". If this file doesn't exist then it will be created for you.

cSecretKey - A plain text string that is the Key you want used during encryption, such as "My_SeCrEt_KeY".
Please note that keys may need to be of a particular length for certain types of encryption. Refer below for more information.

nEncryptionType - There are currently 5 types of encryption available. The value of this parameter determines that type of encryption used and how long your Secret Key should be. A single character in Visual FoxPro is equal to 1 byte or 8 bits. So an encryption algorithm requiring a 128-bit key would need a Secret Key of 16 characters (16 x 8 = 128).

0 = Rijndael\AES 128 (requires a 16 character Key)
1 = Rijndael\AES 192 (requires a 24 character Key)
2 = Rijndael\AES 256 (requires a 32 character Key) *Default
4 = Blowfish (key between 1 and 56 characters)
8 = TEA (requires a 16 character Key)
1024 = RC4 (Key can be any length) 

nEncryptionMode - There are three different modes available for the each of the encryption types listed above. They include: Electronic Code Book (ECB), Cipher Block Chaining (CBC), Cipher Feedback Block (CFB), and Output Feedback Block. This does not apply when using RC4 encryption (nEncryptionType = 1024).

0 = ECB *Default
1 = CBC
2 = CFB
3 = OFB

nPaddingMode - For Block Ciphers the cStringtoEncrypt is padded to a multiple of the block size for the algorithm. Setting this parameter allows you to specify how this padding is done.

0 = Zeroes (NULLs) *Default
1 = Spaces (blanks)
2 = PKCS7
3 = ANSI X.923
4 = ISO 10126

nKeySize - The size of the cSecretKey in bytes (characters).

nBlockSize - The block size the nEncryptionType should use.

cIV - The Initialization Vector (IV) that should be used for CBC, CFB, and OFB modes should use. This IV should match the specified nBlockSize in total bytes (characters).

Return Value:

None

Remarks:

Currently the cFiletoEncrypt and cDestinationFile parameters cannot point to the same file. This may be revised in a future version. But for safety sake, this function requires that the original file be left untouched.



Function DECRYPTFILE()

Signature: DecryptFile(cEncryptedFile, cDestinationFile, cSecretKey[, nDecryptionType[, nDecryptionMode[, nPaddingType[, nKeySize[, nBlockSize[, cIV]]]]]])

Parameters:

cEncyptedFile - A plain text string that is the fullpath to the file you wish to be decrypted, such as "C:\EncryptedInfo.doc"

cDestinationFile - A plain text string that is the fullpath to a decrypted file you wish to have created on disk, such as "C:\SensitiveInfo.doc". If this file doesn't exist then it will be created for you.

cSecretKey - A plain text string that is the same Key that you used when you encrypted the data using the Encrypt function, such as "My_SeCrEt_KeY".
Please note that keys may need to be of a particular length for certain types of decryption. Refer below for more information.

nDecryptionType - There are currently 5 types of decryption available and they correspond to the same ones available in Encrypt(). A single character in Visual FoxPro is equal to 1 byte or 8 bits. So an decryption algorithm requiring a 128-bit key would need a Secret Key of 16 characters (16 x 8 = 128).

0 = Rijndael\AES 128 (requires a 16 character Key)
1 = Rijndael\AES 192 (requires a 24 character Key)
2 = Rijndael\AES 256 (requires a 32 character Key) *Default
4 = Blowfish (key between 1 and 56 characters)
8 = TEA (requires a 16 character Key)
1024 = RC4 (Key can be any length) 

nDecryptionMode - There are three different modes available for the each of the encryption types listed above. They include: Electronic Code Book (ECB), Cipher Block Chaining (CBC), Cipher Feedback Block (CFB), and Output Feedback Block. This does not apply when using RC4 decryption (nDecryptionType = 1024).

0 = ECB *Default
1 = CBC
2 = CFB
3 = OFB

nPaddingMode - For Block Ciphers the cStringtoEncrypt is padded to a multiple of the block size for the algorithm. Setting this parameter allows you to specify how this padding is done.

0 = Zeroes (NULLs) *Default
1 = Spaces (blanks)
2 = PKCS7
3 = ANSI X.923
4 = ISO 10126

nKeySize - The size of the cSecretKey in bytes (characters).

nBlockSize - The block size the nEncryptionType should use.

cIV - The Initialization Vector (IV) that should be used for CBC, CFB, and OFB modes should use. This IV should match the specified nBlockSize in total bytes (characters).

Return Value:

None

Remarks:

As with EncryptFile(), the cFiletoEncrypt and cDestinationFile parameters cannot point to the same file.


Function HASH()

Signature: Hash(cStringtoHash[, nHashType])

Parameters:

cStringtoHash - A plain text string you wish to have hashed

nHashType - The type of hash function to generate. There are currently 7 different hash functions supported

1 = SHA1 (a.k.a SHA160)
2 = SHA256
3 = SHA384
4 = SHA512 *Default
5 = MD5
6 = RIPEMD128
7 = RIPEMD160

Return Value:

Binary Character Data - the hash for cStringtoHash.

Remarks:

The hash is returned as a series of binary characters. However, it is more common to see hashes in a hexBinary format. This can be accomplished in Visual FoxPro by taking the return of the Hash() function and sending it in as a parameter to the STRCONV() function. For example:

?STRCONV(Hash("Some String"), 15) && hexBinary Hash


Function HASHFILE()

Signature: HashFile(cFileName[, nHashType])

Parameters:

cFileName - The fullpath and name of an existing file you wish to generate a message digest for

nHashType - The type of hash function to generate. There are currently 7 different hash functions supported

1 = SHA1 (a.k.a SHA160)
2 = SHA256
3 = SHA384
4 = SHA512 *Default
5 = MD5
6 = RIPEMD128
7 =
RIPEMD160

Return Value:

Binary Character Data - the hash for cFileName.

Remarks:

The hash is returned as a series of binary characters. However, it is more common to see hashes in a hexBinary format. This can be accomplished in Visual FoxPro by taking the return of the HashFile() function and sending it in as a parameter to the STRCONV() function. For example:

?STRCONV(HashFile("C:\MyFile.txt"), 15) && hexBinary Hash


Function HASHRECORD()

Signature: HashRecord(cAlias[, nHashType[,lIncludeMemos]])

Parameters:

cAlias - The table alias containing the record to be hashed

nHashType - The type of hash function to generate. There are currently 7 different hash functions supported

1 = SHA1 (a.k.a SHA160)
2 = SHA256
3 = SHA384
4 = SHA512 *Default
5 = MD5
6 = RIPEMD128
7 =
RIPEMD160

lIncludeMemos - Flag determining whether Memo fields should be included when generating the message digest. .T. = Include Memo Fields, .F. = Exclude Memo Fields

Return Value:

Binary Character Data - the hash for the current record in cAlias.

Remarks:

The hash is returned as a series of binary characters. However, it is more common to see hashes in a hexBinary format. This can be accomplished in Visual FoxPro by taking the return of the HashRecord() function and sending it in as a parameter to the STRCONV() function. For example:

?STRCONV(HashRecord("MyTable",5,.T.), 15) && hexBinary Hash


Function HMAC()

Signature: HMAC(cStringtoHash, cSecretKey[, nHashType])

Parameters:

cStringtoHash - A plain text string you wish to have a keyed Hash Message Authentication Code (HMAC) generated from.

cSecretKey - A plain text string that is the Key you want used during generation of the keyed HMAC.

nHashType - The type of hash function to use when generating the keyed HMAC. There are currently 7 different hash functions supported:

1 = SHA1 (a.k.a SHA160)
2 = SHA256
3 = SHA384
4 = SHA512 *Default
5 = MD5
6 = RIPEMD128
7 = RIPEMD160

Return Value:

Binary Character Data - the HMAC for the given cStringtoHash and cSecretKey.

Remarks:

The HMAC is returned as a series of binary characters. However, it is more common to see HMACs in a hexBinary format. This can be accomplished in Visual FoxPro by taking the return of the HMAC() function and sending it in as a parameter to STRCONV(cReturn, 15).


Function CRC()

Signature: CRC(cExpression[, nCRCType])

Parameters:

cExpression - The string you wish to have a CRC generated for

nCRCType - The type of CRC to generate. There are currently 2 different CRC types supported

1 = 16-bit
2 = 32-bit

Return Value:

Numeric Data - the CRC for cExpression.

Remarks:

The CRC that is returned is unsigned, which means that the returned 16-bit CRC needs to be treated as a 4 Byte numeric value and the 32-bit CRC as a 8 byte numeric value in Visual FoxPro. The operation of the CRC() function presented here is quite similar to Visual FoxPro's Sys(2007) function, however you will find that creation of 32-bit CRCs is much faster using this function.


Function CRCFILE()

Signature: CRCFile(cFileName[, nCRCType])

Parameters:

cFileName - The fullpath and name of an existing file you wish to generate a CRC for

nCRCType - The type of CRC to generate. There are currently 2 different CRC types supported

1 = 16-bit
2 = 32-bit

Return Value:

Numeric Data - the CRC for cFileName.

Remarks:

The CRC that is returned is unsigned, which means that the returned 16-bit CRC needs to be treated as a 4 Byte numeric value and the 32-bit CRC as a 8 byte numeric value in Visual FoxPro.


Function CRCRECORD()

Signature: CRCRecord(cAlias[, nCRCType[,lIncludeMemos]])

Parameters:

cAlias - The table alias containing the record to be hashed

nCRCType - The type of CRC to generate. There are currently 2 different CRC types supported

1 = 16-bit
2 = 32-bit

lIncludeMemos - Flag determining whether Memo fields should be included when generating the message digest. .T. = Include Memo Fields, .F. = Exclude Memo Fields

Return Value:

Numeric Data - the CRC for the current record in cAlias .

Remarks:

The CRC that is returned is unsigned, which means that the returned 16-bit CRC needs to be treated as a 4 Byte numeric value and the 32-bit CRC as a 8 byte numeric value in Visual FoxPro. The operation of the CRC() function presented here is quite similar to Visual FoxPro's Sys(2017) function, however you will find that this CRC function is faster than Visual FoxPro's Sys(2017). Also, this function allows you to specify a table alias, which allows CRCs to be created for a record in a table other than the currently selected work area. On the downside, this function does not allow you to specify a comma delimited list of fields to exclude like Sys(2017) does.


Function GENERATEKEY()

Signature: GenerateKey(nKeySize[, lIncludeNumbers[, lIncludeUpper[, lIncludeSpecial]]])

Parameters:

nKeySize - The size of the key to be returned in bytes (total characters you want returned)

lIncludeNumbers -
Flag determining whether Numbers (digits "0-9") should be included when generating the key. .T. = Include Numbers, .F. = Exclude Numbers (default)

lIncludeUpper - Flag determining whether uppercase characters should be included when generating the key. .T. = Include Uppercase Characters, .F. = Exclude Uppercase Characters (default)

lIncludeSpecial - Flag determining whether Special Characters (characters "{}|\\]?[\":;'><,./~!@#$%^&*()_+`-=") should be included when generating the key. .T. = Include Special Characters, .F. = Exclude Special Characters (default)

Return Value:

Character Data - the random key generated based on the specified rules.

Remarks:

The key generated is a random set of lowercase characters by default. To add additional possible characters for generating the key you can use the parameters (2-4) as specified. The random keys returned can be used for the other FLL functions that allow for a cSecretKey or cIV. This function is provided as a convenience function for developers needing to produce a random key quickly and easily.


Monday, August 10, 2009 12:16:26 AM (GMT Daylight Time, UTC+01:00)  #    Comments [17]

 

Archive

<August 2009>
SunMonTueWedThuFriSat
2627282930311
2345678
9101112131415
16171819202122
23242526272829
303112345