Encrypt function

[Craig]

Hi

does anyone have a couple of functions that can encrypt and decrypt a string.
I'm not after anything fancy, just enough to hide a password in a database
field and the registry.

Cheers

[Larry Rebich]

Craig,

This code is not yet a tip-of-the-month:

Private Function EncodeDecode(ByVal sPassword As String, bEncode As Boolean)
As String
' Concept = Subtract the key [base "a"] character by character from the
sPassword.
' bEncode if true then Encode, else Decode
Dim sTempString As String, sNewString As String
Dim iTempLen As Integer
Dim i As Integer
Dim iPos As Integer
Dim sBigKey As String

' Warning: If you change csKey then all passwords stored in the user's
registry will be invalidated.
' Const csKey = "toufzzqqdjcsmwcfrkrijqgveq" 'change periodically
' Const csKey = "gwzeralghncgyhcjgnbujgyhme" 'change periodically
Const csKey = "jbzdbmunypxswodxtudakcpros" 'change periodically

sTempString = Trim$(sPassword) 'trim it
iTempLen = Len(sTempString)
While Len(sBigKey) < iTempLen 'handle a very large string
sBigKey = sBigKey & csKey
Wend
If bEncode = True Then 'encode
For i = 1 To iTempLen 'generate the sPassword
iPos = Asc(Mid$(sTempString, i, 1)) + Asc("a") -
Asc(Mid$(sBigKey, i, 1))
If iPos < 0 Then iPos = iPos + 256 'wrap
sNewString = sNewString + Chr$(iPos)
Next
Else 'decode
For i = 1 To iTempLen 'un-decode sPassword
iPos = Asc(Mid$(sTempString, i, 1)) - Asc("a") +
Asc(Mid$(sBigKey, i, 1))
If iPos > 255 Then iPos = iPos - 256 'unwrap
sNewString = sNewString + Chr$(iPos)
Next
End If
EncodeDecode = sNewString
End Function

Cheers,
Larry Rebich

larry@buygold.net
www.buygold.net


"Craig" <cjewiss@hotmail.com> wrote in message
news:39162535$1@news.devx.com...
>
> Hi
>
> does anyone have a couple of functions that can encrypt and decrypt a
string.
> I'm not after anything fancy, just enough to hide a password in a
database
> field and the registry.
>
> Cheers

[Shawn K. Hall]

Craig,

I just wanted to add to Larry's response that whenever you store a
constant within your app it can be read by a hex editor. That means
that it is entirely possible for someone to open up the app in hex and
read your seed constant to be able to more easily crack your
passwords. A good way around this (though annoying) is to use a
variable and create it via Chr$(#) calls during initialization.

Example:
csKey = Chr$(65) & Chr$(84) & Chr$(92) & Chr$(68) & Chr$(54) &
Chr$(77) & Chr$(75) & _
Chr$(72) & Chr$(72) & Chr$(90) & Chr$(63) & Chr$(84) &
Chr$(91) & Chr$(84) & _
Chr$(67) & Chr$(78) & Chr$(104) & Chr$(69) & Chr$(112) &
Chr$(98) & Chr$(103)

This comes up with "AT\D6MKHHZ?T[TCNhEpbg"

Regards,

Shawn K. Hall
Programmer / Analyst
*Please* post/respond in the newsgroups!
http://i.am/shawnkhall


"Larry Rebich" <lrebich@earthlink.net> wrote in message
news:39164193@news.devx.com...
> Craig,
>
> This code is not yet a tip-of-the-month:
>
> Private Function EncodeDecode(ByVal sPassword As String, bEncode As
Boolean)
> As String
> ' Concept = Subtract the key [base "a"] character by character from
the
> sPassword.
> ' bEncode if true then Encode, else Decode
> Dim sTempString As String, sNewString As String
> Dim iTempLen As Integer
> Dim i As Integer
> Dim iPos As Integer
> Dim sBigKey As String
>
> ' Warning: If you change csKey then all passwords stored in the
user's
> registry will be invalidated.
> ' Const csKey = "toufzzqqdjcsmwcfrkrijqgveq" 'change
periodically
> ' Const csKey = "gwzeralghncgyhcjgnbujgyhme" 'change
periodically
> Const csKey = "jbzdbmunypxswodxtudakcpros" 'change
periodically
>
> sTempString = Trim$(sPassword) 'trim it
> iTempLen = Len(sTempString)
> While Len(sBigKey) < iTempLen 'handle a very large string
> sBigKey = sBigKey & csKey
> Wend
> If bEncode = True Then 'encode
> For i = 1 To iTempLen 'generate the sPassword
> iPos = Asc(Mid$(sTempString, i, 1)) + Asc("a") -
> Asc(Mid$(sBigKey, i, 1))
> If iPos < 0 Then iPos = iPos + 256 'wrap
> sNewString = sNewString + Chr$(iPos)
> Next
> Else 'decode
> For i = 1 To iTempLen 'un-decode sPassword
> iPos = Asc(Mid$(sTempString, i, 1)) - Asc("a") +
> Asc(Mid$(sBigKey, i, 1))
> If iPos > 255 Then iPos = iPos - 256 'unwrap
> sNewString = sNewString + Chr$(iPos)
> Next
> End If
> EncodeDecode = sNewString
> End Function
>
> Cheers,
> Larry Rebich
>
> larry@buygold.net
> www.buygold.net
>
>
> "Craig" <cjewiss@hotmail.com> wrote in message
> news:39162535$1@news.devx.com...
> >
> > Hi
> >
> > does anyone have a couple of functions that can encrypt and
decrypt a
> string.
> > I'm not after anything fancy, just enough to hide a password in a
> database
> > field and the registry.
> >
> > Cheers
>
>

[Larry Rebich]

Shawn,

I think that VB code is stored in Unicode? Is there a hex editor that easily
reads and finds constants in the compiled VB code? You suggestion does add
additional security to the code.

Cheers,
Larry Rebich

larry@buygold.net
www.buygold.net


"Shawn K. Hall" <shawnkhall@iname.com> wrote in message
news:3916bfc9$1@news.devx.com...
> Craig,
>
> I just wanted to add to Larry's response that whenever you store a
> constant within your app it can be read by a hex editor. That means
> that it is entirely possible for someone to open up the app in hex and
> read your seed constant to be able to more easily crack your
> passwords. A good way around this (though annoying) is to use a
> variable and create it via Chr$(#) calls during initialization.
>
> Example:
> csKey = Chr$(65) & Chr$(84) & Chr$(92) & Chr$(68) & Chr$(54) &
> Chr$(77) & Chr$(75) & _
> Chr$(72) & Chr$(72) & Chr$(90) & Chr$(63) & Chr$(84) &
> Chr$(91) & Chr$(84) & _
> Chr$(67) & Chr$(78) & Chr$(104) & Chr$(69) & Chr$(112) &
> Chr$(98) & Chr$(103)
>
> This comes up with "AT\D6MKHHZ?T[TCNhEpbg"
>
> Regards,
>
> Shawn K. Hall
> Programmer / Analyst
> *Please* post/respond in the newsgroups!
> http://i.am/shawnkhall
>
>
> "Larry Rebich" <lrebich@earthlink.net> wrote in message
> news:39164193@news.devx.com...
> > Craig,
> >
> > This code is not yet a tip-of-the-month:
> >
> > Private Function EncodeDecode(ByVal sPassword As String, bEncode As
> Boolean)
> > As String
> > ' Concept = Subtract the key [base "a"] character by character from
> the
> > sPassword.
> > ' bEncode if true then Encode, else Decode
> > Dim sTempString As String, sNewString As String
> > Dim iTempLen As Integer
> > Dim i As Integer
> > Dim iPos As Integer
> > Dim sBigKey As String
> >
> > ' Warning: If you change csKey then all passwords stored in the
> user's
> > registry will be invalidated.
> > ' Const csKey = "toufzzqqdjcsmwcfrkrijqgveq" 'change
> periodically
> > ' Const csKey = "gwzeralghncgyhcjgnbujgyhme" 'change
> periodically
> > Const csKey = "jbzdbmunypxswodxtudakcpros" 'change
> periodically
> >
> > sTempString = Trim$(sPassword) 'trim it
> > iTempLen = Len(sTempString)
> > While Len(sBigKey) < iTempLen 'handle a very large string
> > sBigKey = sBigKey & csKey
> > Wend
> > If bEncode = True Then 'encode
> > For i = 1 To iTempLen 'generate the sPassword
> > iPos = Asc(Mid$(sTempString, i, 1)) + Asc("a") -
> > Asc(Mid$(sBigKey, i, 1))
> > If iPos < 0 Then iPos = iPos + 256 'wrap
> > sNewString = sNewString + Chr$(iPos)
> > Next
> > Else 'decode
> > For i = 1 To iTempLen 'un-decode sPassword
> > iPos = Asc(Mid$(sTempString, i, 1)) - Asc("a") +
> > Asc(Mid$(sBigKey, i, 1))
> > If iPos > 255 Then iPos = iPos - 256 'unwrap
> > sNewString = sNewString + Chr$(iPos)
> > Next
> > End If
> > EncodeDecode = sNewString
> > End Function
> >
> > Cheers,
> > Larry Rebich
> >
> > larry@buygold.net
> > www.buygold.net
> >
> >
> > "Craig" <cjewiss@hotmail.com> wrote in message
> > news:39162535$1@news.devx.com...
> > >
> > > Hi
> > >
> > > does anyone have a couple of functions that can encrypt and
> decrypt a
> > string.
> > > I'm not after anything fancy, just enough to hide a password in a
> > database
> > > field and the registry.
> > >
> > > Cheers
> >
> >
>
>

[Eric D. Burdo]

I have some encrypt/decrypts stuff at my website. Check it out below and
search for Encrypt. I think it should work perfectly for what you want...

--

Eric D. Burdo, Red-Leif International
VB Programmer and Consultant
<http://www.redleif.com>


"Craig" <cjewiss@hotmail.com> wrote in message
news:39162535$1@news.devx.com...
>
> Hi
>
> does anyone have a couple of functions that can encrypt and decrypt a
string.
> I'm not after anything fancy, just enough to hide a password in a
database
> field and the registry.
>
> Cheers

[Jason Bock]

"Craig" <cjewiss@hotmail.com> wrote in message
news:39162535$1@news.devx.com...
> does anyone have a couple of functions that can encrypt and decrypt a
string.
> I'm not after anything fancy, just enough to hide a password in a
database
> field and the registry.

Check out the CryptoAPI functions provided by MS, specifically the hash
functions.

Regards,

Jason

[Shawn K. Hall]

Hello Larry,

The strings are generally straight ASCII, but that depends on how it
was compiled too, I think.

I used to do this a lot when checking downloads for virii on AOL - the
email address that it would send your username/password to was almost
always in plain sight within a hex editor. Haven't had to do that in a
long time <g>, my wife finally got off AOL in February so I haven't
had to deal with hex-scanning viruses since.

I don't know of any hex editors that easily find strings but I can
recommend HEXpert32. It's got a very small footprint and works
correctly with the IntelliMouse (very important if you want to scroll
through 30meg of hex without having to ride it).

Regards,

Shawn K. Hall
Programmer / Analyst
*Please* post/respond in the newsgroups!
http://i.am/shawnkhall


"Larry Rebich" <lrebich@earthlink.net> wrote in message
news:3916c9ac@news.devx.com...
> Shawn,
>
> I think that VB code is stored in Unicode? Is there a hex editor
that easily
> reads and finds constants in the compiled VB code? You suggestion
does add
> additional security to the code.
>
> Cheers,
> Larry Rebich
>
> larry@buygold.net
> www.buygold.net

[Anton Britten]

If you want EVERYBODY to be able to read it use the MS routines! :-)

You can of course go to my website (see below) and get a Public/Private
encryption control that does up to 2048 bit keys.

That is secure!

Jason Bock wrote:

> "Craig" <cjewiss@hotmail.com> wrote in message
> news:39162535$1@news.devx.com...
> > does anyone have a couple of functions that can encrypt and decrypt a
> string.
> > I'm not after anything fancy, just enough to hide a password in a
> database
> > field and the registry.
>
> Check out the CryptoAPI functions provided by MS, specifically the hash
> functions.
>
> Regards,
>
> Jason

--

Anton Britten

EMail :- anton@ab-computing.co.uk
or anton@brittena.demon.co.uk

Web site :- www.ab-computing.co.uk

Anton Britten Computing Ltd
You find sympathy in the dictionary
- between sh*t and syphilis !