Page 1 of 1

Tool to store data encrypted

Posted: Thu Dec 20, 2012 11:30 pm
by Otto
I made a little tool to store encrypted data.
Here is my source.

http://www.atzwanger-software.com/fw/codememo.zip

Best regards,
Otto

Re: Tool to store data encrypted

Posted: Fri Dec 21, 2012 11:58 am
by IBTC
Thanks!

But if somebody look inside source.cdx he can see the password.

Re: Tool to store data encrypted

Posted: Fri Dec 21, 2012 1:07 pm
by Otto
Yes you are right. The same is with exe file.
But I think we will find a solution.
Do you have an idea.
Best regards,
Otto

Re: Tool to store data encrypted

Posted: Fri Dec 21, 2012 1:09 pm
by Otto
I forgot to write that I wanted to start a common project for personal security container.
Best regards,
Otto

Re: Tool to store data encrypted

Posted: Fri Dec 21, 2012 1:56 pm
by Rick Lipkin
To All

As many of you know or perhaps have heard on the US news, upwards to 3.8 million Social Security numbers were breached from the South Carolina Dept of Revenue by hackers. It was not so much that the data was 'hacked' and 'stolen' but the data itself was not encrypted.

How many of us have databases that have sensitive information in them like Social Security numbers , or credit card information? .. bet we never thought our programs would be subject to hackers and would contain information that could be used to steal someones identity ?

As we all know, just about any .dbf can be opened by Ms Excel and can be read and extracted. Many years ago ( in my clipper days ) I ran across a book with a nice data encryption and De-encryption routine... Forgive me, I would like to give the Author credit .. however these routines have been in the public domain for years and in this era of data hacking, I think it is once again appropriate to bring data encryption's importance back to the forefront.

I do believe there are good Encrypt() and DeEncrypt() functions that Antonio has built into FW or you may consider this code I mention above which you can easily use and modify if you so desire. It works well for any character field be in a .dbf or Sql table.

Rick Lipkin

Code: Select all

//------------------------

Func ENCRYPT( TO_DO )

LOCAL PADBACK := LEN(TO_DO), DONE := " ", QAZ
TO_DO := ALLTRIM(TO_DO)

FOR QAZ = LEN(TO_DO) TO 1 STEP -1
    DONE := DONE + CHR(ASC(SUBSTR(TO_DO, QAZ, 1)) + 104)
NEXT

RETURN(FILL_OUT(DONE, PADBACK))

//--------------------

Func DENCRYPT( TO_DO )

LOCAL PADBACK := LEN(TO_DO), DONE := " ", QAZ

TO_DO := ALLTRIM(TO_DO)
FOR QAZ = LEN(TO_DO) TO 1 STEP -1
    DONE := DONE + CHR(ASC(SUBSTR(TO_DO, QAZ, 1)) - 104)
NEXT

RETURN(FILL_OUT(DONE, PADBACK))

//----------------------

Func FILL_OUT( FILL_A, FILL_B )

IF PCOUNT() = 1
   FILL_B := 80
ELSE
   IF TYPE("FILL_B") = "C"
      FILL_B := VAL(B)
   ENDIF
   FILL_B := IIF(FILL_B <= 1, 80, FILL_B)
ENDIF
IF FILL_B <= LEN(FILL_A)
   RETURN(FILL_A)
ENDIF

RETURN(FILL_A + SPACE(FILL_B - LEN(FILL_A)))


 

Re: Tool to store data encrypted

Posted: Fri Dec 21, 2012 2:48 pm
by MarcoBoschi
Rick,

in this line compiler gives me an error

FILL_B := VAL(B)

to_do.prg(47) Warning W0001 Ambiguous reference: 'B'

Re: Tool to store data encrypted

Posted: Fri Dec 21, 2012 2:59 pm
by MarcoBoschi
Otto,
two years ago I create crypted version in a particular project
I studied a bit the topic encryption.
I have come to these conclusions:
- non memo fields in dbf table
- usage of clause
#include "Dbinfo.ch"

SELECT 0
USE cust_critted
DBINFO( DBI_PASSWORD, "19610312" )

:D from this point every actions in the table is totally transparent :D

Another thing is to use

HB_CRYPT( cBufferIn, cChiave )
HB_DECRYPT( cBufferIn, cChiave )
expecially when you have to crypt entire files suche as .doc files

Re: Tool to store data encrypted

Posted: Fri Dec 21, 2012 4:20 pm
by Otto
Hello Rick,
this is exactly the reason why I started this project. I have all my passwords stored in a help file.
I never could decide for a commercial solution.
Now as there are more an more users how can operate PCs I think this is a must have.
Hope that we can make a nice little tool together.
Best regards,
Otto

Re: Tool to store data encrypted

Posted: Fri Dec 21, 2012 4:37 pm
by Otto
To hide the password inside the cdx file it seems that this code helps:
cPW := pw()
Best regards,
Otto

Code: Select all

static function OpenData()

   local  lOpen := .f.
   local  cKey
    
    cPW := pw()
   
   
   if ! File( ".\SOURCE.CDX" )
      USE ".\SOURCE.DBF" NEW EXCLUSIVE
      //cKey     := 'DECRYPT( DESCRIPT, "' + cPW + '" )'
      
       cKey     := 'DECRYPT( DESCRIPT, pw() )'
      
      INDEX ON &cKey  TAG DES
      //cKey     := 'DECRYPT( DESCRIPT, "' + cPW + '" )'
      
      cKey     := 'DECRYPT( DESCRIPT, pw() )'
      INDEX ON &cKey TAG CAT
      SOURCE->( DBCLOSEAREA() )
   endif

   cAlias := cGetNewAlias( "SOUR" )
   USE ".\SOURCE.DBF"  NEW ALIAS (cAlias) SHARED VIA 'DBFCDX'
   SET ORDER TO TAG DES
   GO TOP

   lOpen := Select( cAlias ) > 0

return NIL
//----------------------------------------------------------------------------//

function pw()

return ("mydata")
//----------------------------------------------------------------------------//

Re: Tool to store data encrypted

Posted: Fri Dec 21, 2012 4:50 pm
by Otto
To create the Password from more variables should help to camouflage the password.
In the exe you can only find my and data.
If you make more variables you should be ok.
Best regards,
Otto

Code: Select all

function pw()
    local cPassword1 := "my"
    local cPassword2 := "data"

return ( cPassword1 + cPassword2 )
//----------------------------------------------------------------------------//

Re: Tool to store data encrypted

Posted: Sat Dec 22, 2012 10:13 am
by Otto
I added an export function to export decrypted data.
I also tried to hide the stored password.
It seems at it is working.
Here is what you now see inside the exe and the cdx file.
Best regards,
Otto
cdx-file
DECRYPT( DESCRIP
T, pw() )

Image

Code: Select all

#include 'fivewin.ch'
#include 'xbrowse.ch'

REQUEST DBFCDX
static cAlias
static cPW := "          "

//----------------------------------------------------------------------------//

function Main()

   local cPwd  := PadR( cPw, 30 )

    if file(  ".\SOURCE.DBF")= .F.
        DbCreate_source()
    endif


   if MsgGet( "PASSWORD", "Enter PassWord", @cPwd, nil, nil, .t. )
      cPW      := AllTrim( cPwd )
   endif
    
    if cPW == pw()
    
    else
        msginfo("falsch")
        return nil
    
    endif
   
   OpenData()

   BrowseData(  )

return nil

//----------------------------------------------------------------------------//

function BrowseData(  )

   local oWnd, oBrw, oFont, nArea, oRes, cMemo

   cMemo := Decrypt( ( cAlias )->Source, cPW )

   DEFINE FONT oFont NAME 'TAHOMA'  SIZE 0,-12
    
    DEFINE WINDOW oWnd STYLE nOr( WS_POPUP, WS_MAXIMIZE )
   oWnd:SetFont( oFont )

   @ 60, 0 XBROWSE oBrw SIZE 500, -40 PIXEL OF oWnd ;
      COLUMNS { || Decrypt( FIELD->DESCRIPT, cPW ) }, { || Decrypt( FIELD->KATEGORIE, CPW ) } ;
      HEADERS "Descript", "Kategorie" ;
      SORT    "DES", "CAT" ;
      ALIAS cAlias FOOTERS NOBORDER AUTOSORT

   WITH OBJECT oBrw

      :nRowHeight             := 18
      :nMarqueeStyle          := MARQSTYLE_HIGHLROW
      :nRowDividerStyle       := LINESTYLE_LIGHTGRAY
      :nColDividerStyle       := LINESTYLE_LIGHTGRAY
      :lColDividerComplete    := .t.
      :nStretchCol            := -1
      :nWidths                := 200
   END

   oBrw:bChange := {|| cMemo := Decrypt( ( cAlias )->Source, cPW ) , oRes:refresh() }
   oBrw:CreateFromCode()

    @ 60,550 GET oRes VAR cMemo MEMO OF oWnd SIZE 400, 470 PIXEL

   MakeBtnBar( oBrw )


      ACTIVATE WINDOW oWnd ;
         ON RESIZE WndResize( oWnd, oRes ) ;
           ON INIT oBrw:SetFocus() ;
         MAXIMIZED

return nil

static function MakeBtnBar( oBrw )

   local oBar

   DEFINE BUTTONBAR oBar OF oBrw:oWnd SIZE 48,48 2007
   DEFINE BUTTON OF oBar RESOURCE 'ALLADD'      ACTION ( add(), oBrw:Refresh(), oBrw:SetFocus() )
   DEFINE BUTTON OF oBar RESOURCE 'ALLEDIT'     ACTION ( add("EDIT"), oBrw:Refresh(), oBrw:SetFocus() )

   DEFINE BUTTON OF oBar RESOURCE 'ALLDELETE'   ACTION ( SOURCEdel(), oBrw:gotop(), oBrw:refresh(), oBrw:SetFocus() )
    
       DEFINE BUTTON ;
              OF oBar ;
          ACTION ( export_Encrypt(), oBrw:refresh(), oBrw:SetFocus() ) ;
          PROMPT "Export"


    DEFINE BUTTON OF oBar RESOURCE 'ENDE'   ACTION ( WndMain():End() )


return nil

//----------------------------------------------------------------------------//

static function WndResize( oWnd, oGet )

   local oRect    := oWnd:GetCliRect()

   oGet:nWidth    := oRect:nWidth - oGet:nLeft - 30
   oGet:nHeight   := oRect:nHeight - oGet:nTop - 40

return nil

//----------------------------------------------------------------------------//

static function OpenData()

   local  lOpen := .f.
   local  cKey
    
    cPW := pw()
   
   
   if ! File( ".\SOURCE.CDX" )
      USE ".\SOURCE.DBF" NEW EXCLUSIVE
      //cKey     := 'DECRYPT( DESCRIPT, "' + cPW + '" )'
      
       cKey     := 'DECRYPT( DESCRIPT, pw() )'
      
      INDEX ON &cKey  TAG DES
      //cKey     := 'DECRYPT( DESCRIPT, "' + cPW + '" )'
      
      cKey     := 'DECRYPT( DESCRIPT, pw() )'
      INDEX ON &cKey TAG CAT
      SOURCE->( DBCLOSEAREA() )
   endif

   cAlias := cGetNewAlias( "SOUR" )
   USE ".\SOURCE.DBF"  NEW ALIAS (cAlias) SHARED VIA 'DBFCDX'
   SET ORDER TO TAG DES
   GO TOP

   lOpen := Select( cAlias ) > 0

return NIL
//----------------------------------------------------------------------------//

function pw()
    local cPassword1 := "m"
    local cPassword2 := "y"
    local cPassword3 := "d"
    local cFiller := "xyz"
    local cPassword4 := "a"
    local cPassword5 := "t"
    local cPassword6 := "a"
    
    
    
   *----------------------------------------------------------

return ( cPassword1 + cPassword2 +  cPassword3 + cPassword4 + cPassword5 +  cPassword6 )
//----------------------------------------------------------------------------//

static function add(cAufruf)
   local  oDlg
   local lOk := .f.
   local oGetDesc
   local oGetCat
   local oGetSource
   local cDesc    := space(50)
   local cTCat    := space(50)
   local cSource  := ""
   *----------------------------------------------------------

   if cAufruf = "EDIT"
      cDesc    := Decrypt( ( cAlias )->DESCRIPT, cPW )
      cTCat    := Decrypt( ( cAlias )->KATEGORIE, cPW )
      cSource  := Decrypt( ( cAlias )->SOURCE, cPW )
   endif

   DEFINE DIALOG oDlg RESOURCE "ADDSOURCE"

   REDEFINE GET oGetDesc   VAR cDesc   ID 4001 OF oDlg
   REDEFINE GET oGetCat    VAR cTCat   ID 4002 OF oDlg
   REDEFINE GET oGetSource VAR cSource MULTILINE ID 4003 OF oDlg  UPDATE

   REDEFINE BUTTONBMP ID 2 OF oDlg ;
      ACTION oDlg:END() CANCEL    ;
      BITMAP ".\bitmaps\Delete.bmp"   TEXTRIGHT

   REDEFINE BUTTON ID 1 OF oDlg ACTION (lOK := .t., oDlg:End()  )

   ACTIVATE DIALOG oDlg

   if lOK = .t.
      if cAufruf <> "EDIT"
         append_blank()
      else
         rlok()
      endif

      ( cAlias )->DESCRIPT  := Encrypt( cDesc, cPW )
      ( cAlias )->KATEGORIE := Encrypt( cTCat, cPW )
      ( cAlias )->SOURCE    := Encrypt( cSource, cPW )

      unlok()

   endif

return nil

//----------------------------------------------------------------------------//

function export_Encrypt

    DbCreate( ".\CLEARTXT.DBF" ,;
        {{"DESCRIPT"    , "C",  50,   0} ,;
         {"KATEGORIE"   , "C",  50,   0} ,;
         {"SOURCE"      , "M",  10,   0}  } )

    use ( ".\CLEARTXT.DBF" ) NEW
    
    DbSelectArea( cAlias )
    set index to 
    go TOP
    
    do while .not. eof()
        select CLEARTXT
        append_blank()
        CLEARTXT->DESCRIPT   := Decrypt( ( cAlias )->DESCRIPT, cPW )
      CLEARTXT->KATEGORIE  := Decrypt( ( cAlias )->KATEGORIE, cPW )
        CLEARTXT->SOURCE    := Decrypt( ( cAlias )->SOURCE, cPW )
        UNLOK()
    
    
    DbSelectArea( cAlias )
    ( cAlias )->( DBSKIP() )

    enddo
    
select CLEARTXT
use
DbSelectArea( cAlias )
go TOP
    
MSGINFO("Ende")



return nil
//----------------------------------------------------------------------------//


function SOURCEdel()

   if msgyesNo("löschen")=.t.

      rlok()
      Delete
      unlok()

   endif
return nil

//----------------------------------------------------------------------------//

INIT PROCEDURE PrgInit

   SET CENTURY ON
   SET EPOCH TO YEAR(DATE())-98

   SET DELETED ON
   SET EXCLUSIVE OFF

  REQUEST HB_Lang_DE
   REQUEST HB_CODEPAGE_DEWIN

   HB_LangSelect("DE")
   HB_SetCodePage("DEWIN")

   SET DATE TO GERMAN

   SetHandleCount(205)
   rddsetdefault( "DBFCDX" )
   SetGetColorFocus()

   EXTERN DESCEND

RETURN

//----------------------------------------------------------------------------//

function TInhalt

RETURN nil
//----------------------------------------------------------------------------//

function DbCreate_source()
    DbCreate( ".\SOURCE.DBF" ,;
        {{"DESCRIPT"    , "C",  50,   0} ,;
         {"KATEGORIE"   , "C",  50,   0} ,;
         {"SOURCE"      , "M",  10,   0}  } )
         
return nil
//----------------------------------------------------------------------------//
*** ALLGEMEINE FUNKTIONEN

FUNCTION RLOK
   if rlock()
      RETURN ""
   endif
   DO WHILE .T.
      if rlock()
         exit
      else
        MsgInfo("Datensatz gesperrt!")
      endif
      INKEY(.01)
   ENDDO
RETURN ""

FUNCTION APPEND_BLANK
   APPEND BLANK
   DO WHILE NETERR()
      APPEND BLANK
      INKEY(.1)
   ENDDO
   unlock
   rlok()
RETURN ""
//----------------------------------------------------------------------------//

FUNCTION unlok

   unlock

RETURN (NIL)
//----------------------------------------------------------------------------//