Hi, I am making a VB program, which uses DES encryption.
I manage to found a source code from planet-source-code on the DES encryption, but one things troubles me.
The output of the DES encryption keep varying each time i encrypt the same string with the same key. This looks weird.
I have a java API which does the DES encryption, and its output is always the same. I wonder, can I modify the VB DES encrytion algorithm to make it output string identical to that of the Java DES API provided the same string and key is provided to both the API.
Attached is the VB DES source code. I din write the code myself because I am simply not up to the standard. Please helps.
This also I found at planet source code, but it give you same result for same Pwd and text. Have a look.
...at present time, using mainly Net 4.0, Vs 2010
Special thanks to Lothar "the Great" Haensler, Chris Eastwood , dr_Michael, ClearCode, Iouri and
all the other wonderful people who made and make Codeguru a great place.
Come back soon, you Gurus.
I gave it a second look and noticed the one who developed used a loop to avoid some non printable chars. You know you can write non printable chars as long as you use binary files, thus the previous example can be optimized by avoiding the loop...
In any case, I found something on MSDN that may explain why you get different crypted text each time you run the code you provided. At end, I attach a new example, this time coming from Api-Guide that may work better than previous one...
'********************************
From MSDN:
Encrypting a Message
The following procedure describes steps to take to encrypt a message with the Base Cryptography Functions. To encrypt messages using PKCS #7 standards, see Low-Level Message Functions and Simplified Message Functions.
To encrypt a message
Generate a session key by using the CryptGenKey function.
Making this call generates a random key and returns a handle so
the key can be used to encrypt and decrypt data. The encryption
algorithm to use is also specified at this point. Because the
CryptoAPI does not permit applications to use public-key
algorithms to encrypt bulk data, specify a symmetric algorithm
such as RC2 or RC4 with the CryptGenKey call.
Alternatively, use the CryptDeriveKey function to transform a
password into a key suitable for encryption.
If an application needs to encrypt the message so that anyone
with a specified password can decrypt the data, use
CryptDeriveKey to transform the password into a key suitable for
encryption.
Note that, in this case, this function is called instead of the
CryptGenKey function and the subsequent CryptExportKey calls
are not needed.
[...]
Encrypt the data in the file with the CryptEncrypt function.
The CryptEncrypt function takes the session key that was
generated in the previous step and encrypts a buffer of data.
Note that as the data is encrypted, the data may be slightly
expanded by the encryption algorithm.
The application is responsible for remembering the length of the
encrypted data so the proper length can later be specified for the
CryptDecrypt function.
[...]
To allow the current user to decrypt the data in the future, the
CryptExportKey function is used to save the decryption key in an
encrypted form (a key BLOB) that can only be decrypted with the
user's private key.
This function requires the user's key exchange public key for this
purpose, which can be obtained by using the CryptGetUserKey
function.
The CryptExportKey function will return a key BLOB that must be
stored by the application for use in decrypting the file.
Note If the application has certificates (or public keys) for other users, it can permit other users to decrypt the file by performing CryptExportKey calls for each user who should receive access.
The returned key BLOBs must be stored by the application, as in
step 5.
Creating an Encrypted Message
[...]
To encrypt a message
Get a pointer to the plaintext message.
Generate a symmetric (session) key.
Using the symmetric key and specified encryption algorithm, encrypt the message data.
Open a certificate store.
Get the recipient's certificate.
Get the public key from the recipient's certificate.
Using the recipient's public key, encrypt the symmetric key.
Get the recipient's identifier from the recipient's certificate.
Include the following in the digitally enveloped message: the data encryption algorithm, the encrypted data, the encrypted symmetric key, and the recipient identifier.
...at present time, using mainly Net 4.0, Vs 2010
Special thanks to Lothar "the Great" Haensler, Chris Eastwood , dr_Michael, ClearCode, Iouri and
all the other wonderful people who made and make Codeguru a great place.
Come back soon, you Gurus.
hmm.......actually what in the code that determine the length of the output?
Let's say given
Key: "a secret key"
input text: "a secret"
will it ever encrypt to the string below:
(using base64 encoding on the encrypted result)
UixmGcafQfy8pjxlrNslkg==
This result is generate from a Java App, i need the VB DES to product the same result, else, the server on the other end will never understand what i send to them.....
Special thanks to Lothar "the Great" Haensler, Chris Eastwood , dr_Michael, ClearCode, Iouri and
all the other wonderful people who made and make Codeguru a great place.
Come back soon, you Gurus.
I have seen that thread a couple of time before i post my question
i think he/she din find the answer either
but one interesting thing, he or she is using the same thing as i do..the java DES........ and using his/her key and input, i can generate the same output which is identical to his/hers
and i can see, he/she is also trying to use VC or VB to write the java DES, so we can use it in our VB or VC program.....
* The Best Reasons to Target Windows 8
Learn some of the best reasons why you should seriously consider bringing your Android mobile development expertise to bear on the Windows 8 platform.
Reply With Quote
