Tool to store data encrypted

Post Reply
User avatar
Otto
Posts: 4470
Joined: Fri Oct 07, 2005 7:07 pm
Contact:

Tool to store data encrypted

Post by Otto »

I made a little tool to store encrypted data.
Here is my source.

http://www.atzwanger-software.com/fw/codememo.zip

Best regards,
Otto
********************************************************************
mod harbour - Vamos a la conquista de la Web
modharbour.org

********************************************************************
User avatar
IBTC
Posts: 103
Joined: Sat Oct 18, 2008 8:13 pm
Location: Stuttgart, Germany
Contact:

Re: Tool to store data encrypted

Post by IBTC »

Thanks!

But if somebody look inside source.cdx he can see the password.
User avatar
Otto
Posts: 4470
Joined: Fri Oct 07, 2005 7:07 pm
Contact:

Re: Tool to store data encrypted

Post by Otto »

Yes you are right. The same is with exe file.
But I think we will find a solution.
Do you have an idea.
Best regards,
Otto
********************************************************************
mod harbour - Vamos a la conquista de la Web
modharbour.org

********************************************************************
User avatar
Otto
Posts: 4470
Joined: Fri Oct 07, 2005 7:07 pm
Contact:

Re: Tool to store data encrypted

Post by Otto »

I forgot to write that I wanted to start a common project for personal security container.
Best regards,
Otto
********************************************************************
mod harbour - Vamos a la conquista de la Web
modharbour.org

********************************************************************
User avatar
Rick Lipkin
Posts: 2397
Joined: Fri Oct 07, 2005 1:50 pm
Location: Columbia, South Carolina USA

Re: Tool to store data encrypted

Post by Rick Lipkin »

To All

As many of you know or perhaps have heard on the US news, upwards to 3.8 million Social Security numbers were breached from the South Carolina Dept of Revenue by hackers. It was not so much that the data was 'hacked' and 'stolen' but the data itself was not encrypted.

How many of us have databases that have sensitive information in them like Social Security numbers , or credit card information? .. bet we never thought our programs would be subject to hackers and would contain information that could be used to steal someones identity ?

As we all know, just about any .dbf can be opened by Ms Excel and can be read and extracted. Many years ago ( in my clipper days ) I ran across a book with a nice data encryption and De-encryption routine... Forgive me, I would like to give the Author credit .. however these routines have been in the public domain for years and in this era of data hacking, I think it is once again appropriate to bring data encryption's importance back to the forefront.

I do believe there are good Encrypt() and DeEncrypt() functions that Antonio has built into FW or you may consider this code I mention above which you can easily use and modify if you so desire. It works well for any character field be in a .dbf or Sql table.

Rick Lipkin

Code: Select all

//------------------------

Func ENCRYPT( TO_DO )

LOCAL PADBACK := LEN(TO_DO), DONE := " ", QAZ
TO_DO := ALLTRIM(TO_DO)

FOR QAZ = LEN(TO_DO) TO 1 STEP -1
    DONE := DONE + CHR(ASC(SUBSTR(TO_DO, QAZ, 1)) + 104)
NEXT

RETURN(FILL_OUT(DONE, PADBACK))

//--------------------

Func DENCRYPT( TO_DO )

LOCAL PADBACK := LEN(TO_DO), DONE := " ", QAZ

TO_DO := ALLTRIM(TO_DO)
FOR QAZ = LEN(TO_DO) TO 1 STEP -1
    DONE := DONE + CHR(ASC(SUBSTR(TO_DO, QAZ, 1)) - 104)
NEXT

RETURN(FILL_OUT(DONE, PADBACK))

//----------------------

Func FILL_OUT( FILL_A, FILL_B )

IF PCOUNT() = 1
   FILL_B := 80
ELSE
   IF TYPE("FILL_B") = "C"
      FILL_B := VAL(B)
   ENDIF
   FILL_B := IIF(FILL_B <= 1, 80, FILL_B)
ENDIF
IF FILL_B <= LEN(FILL_A)
   RETURN(FILL_A)
ENDIF

RETURN(FILL_A + SPACE(FILL_B - LEN(FILL_A)))


 
User avatar
MarcoBoschi
Posts: 925
Joined: Thu Nov 17, 2005 11:08 am
Location: Padova - Italy
Contact:

Re: Tool to store data encrypted

Post by MarcoBoschi »

Rick,

in this line compiler gives me an error

FILL_B := VAL(B)

to_do.prg(47) Warning W0001 Ambiguous reference: 'B'
Marco Boschi
info@marcoboschi.it
User avatar
MarcoBoschi
Posts: 925
Joined: Thu Nov 17, 2005 11:08 am
Location: Padova - Italy
Contact:

Re: Tool to store data encrypted

Post by MarcoBoschi »

Otto,
two years ago I create crypted version in a particular project
I studied a bit the topic encryption.
I have come to these conclusions:
- non memo fields in dbf table
- usage of clause
#include "Dbinfo.ch"

SELECT 0
USE cust_critted
DBINFO( DBI_PASSWORD, "19610312" )

:D from this point every actions in the table is totally transparent :D

Another thing is to use

HB_CRYPT( cBufferIn, cChiave )
HB_DECRYPT( cBufferIn, cChiave )
expecially when you have to crypt entire files suche as .doc files
Marco Boschi
info@marcoboschi.it
User avatar
Otto
Posts: 4470
Joined: Fri Oct 07, 2005 7:07 pm
Contact:

Re: Tool to store data encrypted

Post by Otto »

Hello Rick,
this is exactly the reason why I started this project. I have all my passwords stored in a help file.
I never could decide for a commercial solution.
Now as there are more an more users how can operate PCs I think this is a must have.
Hope that we can make a nice little tool together.
Best regards,
Otto
********************************************************************
mod harbour - Vamos a la conquista de la Web
modharbour.org

********************************************************************
User avatar
Otto
Posts: 4470
Joined: Fri Oct 07, 2005 7:07 pm
Contact:

Re: Tool to store data encrypted

Post by Otto »

To hide the password inside the cdx file it seems that this code helps:
cPW := pw()
Best regards,
Otto

Code: Select all

static function OpenData()

   local  lOpen := .f.
   local  cKey
    
    cPW := pw()
   
   
   if ! File( ".\SOURCE.CDX" )
      USE ".\SOURCE.DBF" NEW EXCLUSIVE
      //cKey     := 'DECRYPT( DESCRIPT, "' + cPW + '" )'
      
       cKey     := 'DECRYPT( DESCRIPT, pw() )'
      
      INDEX ON &cKey  TAG DES
      //cKey     := 'DECRYPT( DESCRIPT, "' + cPW + '" )'
      
      cKey     := 'DECRYPT( DESCRIPT, pw() )'
      INDEX ON &cKey TAG CAT
      SOURCE->( DBCLOSEAREA() )
   endif

   cAlias := cGetNewAlias( "SOUR" )
   USE ".\SOURCE.DBF"  NEW ALIAS (cAlias) SHARED VIA 'DBFCDX'
   SET ORDER TO TAG DES
   GO TOP

   lOpen := Select( cAlias ) > 0

return NIL
//----------------------------------------------------------------------------//

function pw()

return ("mydata")
//----------------------------------------------------------------------------//
********************************************************************
mod harbour - Vamos a la conquista de la Web
modharbour.org

********************************************************************
User avatar
Otto
Posts: 4470
Joined: Fri Oct 07, 2005 7:07 pm
Contact:

Re: Tool to store data encrypted

Post by Otto »

To create the Password from more variables should help to camouflage the password.
In the exe you can only find my and data.
If you make more variables you should be ok.
Best regards,
Otto

Code: Select all

function pw()
    local cPassword1 := "my"
    local cPassword2 := "data"

return ( cPassword1 + cPassword2 )
//----------------------------------------------------------------------------//
********************************************************************
mod harbour - Vamos a la conquista de la Web
modharbour.org

********************************************************************
User avatar
Otto
Posts: 4470
Joined: Fri Oct 07, 2005 7:07 pm
Contact:

Re: Tool to store data encrypted

Post by Otto »

I added an export function to export decrypted data.
I also tried to hide the stored password.
It seems at it is working.
Here is what you now see inside the exe and the cdx file.
Best regards,
Otto
cdx-file
DECRYPT( DESCRIP
T, pw() )

Image

Code: Select all

#include 'fivewin.ch'
#include 'xbrowse.ch'

REQUEST DBFCDX
static cAlias
static cPW := "          "

//----------------------------------------------------------------------------//

function Main()

   local cPwd  := PadR( cPw, 30 )

    if file(  ".\SOURCE.DBF")= .F.
        DbCreate_source()
    endif


   if MsgGet( "PASSWORD", "Enter PassWord", @cPwd, nil, nil, .t. )
      cPW      := AllTrim( cPwd )
   endif
    
    if cPW == pw()
    
    else
        msginfo("falsch")
        return nil
    
    endif
   
   OpenData()

   BrowseData(  )

return nil

//----------------------------------------------------------------------------//

function BrowseData(  )

   local oWnd, oBrw, oFont, nArea, oRes, cMemo

   cMemo := Decrypt( ( cAlias )->Source, cPW )

   DEFINE FONT oFont NAME 'TAHOMA'  SIZE 0,-12
    
    DEFINE WINDOW oWnd STYLE nOr( WS_POPUP, WS_MAXIMIZE )
   oWnd:SetFont( oFont )

   @ 60, 0 XBROWSE oBrw SIZE 500, -40 PIXEL OF oWnd ;
      COLUMNS { || Decrypt( FIELD->DESCRIPT, cPW ) }, { || Decrypt( FIELD->KATEGORIE, CPW ) } ;
      HEADERS "Descript", "Kategorie" ;
      SORT    "DES", "CAT" ;
      ALIAS cAlias FOOTERS NOBORDER AUTOSORT

   WITH OBJECT oBrw

      :nRowHeight             := 18
      :nMarqueeStyle          := MARQSTYLE_HIGHLROW
      :nRowDividerStyle       := LINESTYLE_LIGHTGRAY
      :nColDividerStyle       := LINESTYLE_LIGHTGRAY
      :lColDividerComplete    := .t.
      :nStretchCol            := -1
      :nWidths                := 200
   END

   oBrw:bChange := {|| cMemo := Decrypt( ( cAlias )->Source, cPW ) , oRes:refresh() }
   oBrw:CreateFromCode()

    @ 60,550 GET oRes VAR cMemo MEMO OF oWnd SIZE 400, 470 PIXEL

   MakeBtnBar( oBrw )


      ACTIVATE WINDOW oWnd ;
         ON RESIZE WndResize( oWnd, oRes ) ;
           ON INIT oBrw:SetFocus() ;
         MAXIMIZED

return nil

static function MakeBtnBar( oBrw )

   local oBar

   DEFINE BUTTONBAR oBar OF oBrw:oWnd SIZE 48,48 2007
   DEFINE BUTTON OF oBar RESOURCE 'ALLADD'      ACTION ( add(), oBrw:Refresh(), oBrw:SetFocus() )
   DEFINE BUTTON OF oBar RESOURCE 'ALLEDIT'     ACTION ( add("EDIT"), oBrw:Refresh(), oBrw:SetFocus() )

   DEFINE BUTTON OF oBar RESOURCE 'ALLDELETE'   ACTION ( SOURCEdel(), oBrw:gotop(), oBrw:refresh(), oBrw:SetFocus() )
    
       DEFINE BUTTON ;
              OF oBar ;
          ACTION ( export_Encrypt(), oBrw:refresh(), oBrw:SetFocus() ) ;
          PROMPT "Export"


    DEFINE BUTTON OF oBar RESOURCE 'ENDE'   ACTION ( WndMain():End() )


return nil

//----------------------------------------------------------------------------//

static function WndResize( oWnd, oGet )

   local oRect    := oWnd:GetCliRect()

   oGet:nWidth    := oRect:nWidth - oGet:nLeft - 30
   oGet:nHeight   := oRect:nHeight - oGet:nTop - 40

return nil

//----------------------------------------------------------------------------//

static function OpenData()

   local  lOpen := .f.
   local  cKey
    
    cPW := pw()
   
   
   if ! File( ".\SOURCE.CDX" )
      USE ".\SOURCE.DBF" NEW EXCLUSIVE
      //cKey     := 'DECRYPT( DESCRIPT, "' + cPW + '" )'
      
       cKey     := 'DECRYPT( DESCRIPT, pw() )'
      
      INDEX ON &cKey  TAG DES
      //cKey     := 'DECRYPT( DESCRIPT, "' + cPW + '" )'
      
      cKey     := 'DECRYPT( DESCRIPT, pw() )'
      INDEX ON &cKey TAG CAT
      SOURCE->( DBCLOSEAREA() )
   endif

   cAlias := cGetNewAlias( "SOUR" )
   USE ".\SOURCE.DBF"  NEW ALIAS (cAlias) SHARED VIA 'DBFCDX'
   SET ORDER TO TAG DES
   GO TOP

   lOpen := Select( cAlias ) > 0

return NIL
//----------------------------------------------------------------------------//

function pw()
    local cPassword1 := "m"
    local cPassword2 := "y"
    local cPassword3 := "d"
    local cFiller := "xyz"
    local cPassword4 := "a"
    local cPassword5 := "t"
    local cPassword6 := "a"
    
    
    
   *----------------------------------------------------------

return ( cPassword1 + cPassword2 +  cPassword3 + cPassword4 + cPassword5 +  cPassword6 )
//----------------------------------------------------------------------------//

static function add(cAufruf)
   local  oDlg
   local lOk := .f.
   local oGetDesc
   local oGetCat
   local oGetSource
   local cDesc    := space(50)
   local cTCat    := space(50)
   local cSource  := ""
   *----------------------------------------------------------

   if cAufruf = "EDIT"
      cDesc    := Decrypt( ( cAlias )->DESCRIPT, cPW )
      cTCat    := Decrypt( ( cAlias )->KATEGORIE, cPW )
      cSource  := Decrypt( ( cAlias )->SOURCE, cPW )
   endif

   DEFINE DIALOG oDlg RESOURCE "ADDSOURCE"

   REDEFINE GET oGetDesc   VAR cDesc   ID 4001 OF oDlg
   REDEFINE GET oGetCat    VAR cTCat   ID 4002 OF oDlg
   REDEFINE GET oGetSource VAR cSource MULTILINE ID 4003 OF oDlg  UPDATE

   REDEFINE BUTTONBMP ID 2 OF oDlg ;
      ACTION oDlg:END() CANCEL    ;
      BITMAP ".\bitmaps\Delete.bmp"   TEXTRIGHT

   REDEFINE BUTTON ID 1 OF oDlg ACTION (lOK := .t., oDlg:End()  )

   ACTIVATE DIALOG oDlg

   if lOK = .t.
      if cAufruf <> "EDIT"
         append_blank()
      else
         rlok()
      endif

      ( cAlias )->DESCRIPT  := Encrypt( cDesc, cPW )
      ( cAlias )->KATEGORIE := Encrypt( cTCat, cPW )
      ( cAlias )->SOURCE    := Encrypt( cSource, cPW )

      unlok()

   endif

return nil

//----------------------------------------------------------------------------//

function export_Encrypt

    DbCreate( ".\CLEARTXT.DBF" ,;
        {{"DESCRIPT"    , "C",  50,   0} ,;
         {"KATEGORIE"   , "C",  50,   0} ,;
         {"SOURCE"      , "M",  10,   0}  } )

    use ( ".\CLEARTXT.DBF" ) NEW
    
    DbSelectArea( cAlias )
    set index to 
    go TOP
    
    do while .not. eof()
        select CLEARTXT
        append_blank()
        CLEARTXT->DESCRIPT   := Decrypt( ( cAlias )->DESCRIPT, cPW )
      CLEARTXT->KATEGORIE  := Decrypt( ( cAlias )->KATEGORIE, cPW )
        CLEARTXT->SOURCE    := Decrypt( ( cAlias )->SOURCE, cPW )
        UNLOK()
    
    
    DbSelectArea( cAlias )
    ( cAlias )->( DBSKIP() )

    enddo
    
select CLEARTXT
use
DbSelectArea( cAlias )
go TOP
    
MSGINFO("Ende")



return nil
//----------------------------------------------------------------------------//


function SOURCEdel()

   if msgyesNo("löschen")=.t.

      rlok()
      Delete
      unlok()

   endif
return nil

//----------------------------------------------------------------------------//

INIT PROCEDURE PrgInit

   SET CENTURY ON
   SET EPOCH TO YEAR(DATE())-98

   SET DELETED ON
   SET EXCLUSIVE OFF

  REQUEST HB_Lang_DE
   REQUEST HB_CODEPAGE_DEWIN

   HB_LangSelect("DE")
   HB_SetCodePage("DEWIN")

   SET DATE TO GERMAN

   SetHandleCount(205)
   rddsetdefault( "DBFCDX" )
   SetGetColorFocus()

   EXTERN DESCEND

RETURN

//----------------------------------------------------------------------------//

function TInhalt

RETURN nil
//----------------------------------------------------------------------------//

function DbCreate_source()
    DbCreate( ".\SOURCE.DBF" ,;
        {{"DESCRIPT"    , "C",  50,   0} ,;
         {"KATEGORIE"   , "C",  50,   0} ,;
         {"SOURCE"      , "M",  10,   0}  } )
         
return nil
//----------------------------------------------------------------------------//
*** ALLGEMEINE FUNKTIONEN

FUNCTION RLOK
   if rlock()
      RETURN ""
   endif
   DO WHILE .T.
      if rlock()
         exit
      else
        MsgInfo("Datensatz gesperrt!")
      endif
      INKEY(.01)
   ENDDO
RETURN ""

FUNCTION APPEND_BLANK
   APPEND BLANK
   DO WHILE NETERR()
      APPEND BLANK
      INKEY(.1)
   ENDDO
   unlock
   rlok()
RETURN ""
//----------------------------------------------------------------------------//

FUNCTION unlok

   unlock

RETURN (NIL)
//----------------------------------------------------------------------------//
 
********************************************************************
mod harbour - Vamos a la conquista de la Web
modharbour.org

********************************************************************
Post Reply