|
Chilkat • HOME • .NET Core C# • Android™ • AutoIt • C • C# • C++ • Chilkat2-Python • CkPython • Classic ASP • DataFlex • Delphi ActiveX • Delphi DLL • Go • Java • Lianja • Mono C# • Node.js • Objective-C • PHP ActiveX • PHP Extension • Perl • PowerBuilder • PowerShell • PureBasic • Ruby • SQL Server • Swift 2 • Swift 3,4,5... • Tcl • Unicode C • Unicode C++ • VB.NET • VBScript • Visual Basic 6.0 • Visual FoxPro • Xojo Plugin
(C) Duplicate SQL Server ENCRYPTBYPASSPHRASESee more Encryption ExamplesDemonstrates how to duplicate SQL Server's ENCRYPTBYPASSPHRASE.
#include <C_CkStringBuilder.h> #include <C_CkCrypt2.h> #include <C_CkBinData.h> #include <C_CkPrng.h> void ChilkatSample(void) { const char *password; const char *encryptedHex_v1; const char *encryptedHex_v2; HCkStringBuilder sbEncHex; HCkCrypt2 crypt; BOOL v1; int ivLen; const char *hashAlg; const char *ivHex; HCkStringBuilder sbPassword; const char *pwd_hash; HCkStringBuilder sbKey; HCkBinData bd; const char *plainText; HCkCrypt2 encryptor; HCkPrng prng; int plainTextLen; HCkBinData bdData; HCkStringBuilder sbEnc; // This example requires the Chilkat API to have been previously unlocked. // See Global Unlock Sample for sample code. // For SQL Server 2008 - SQL Server 2016 we must use TripleDES with SHA1 // For SQL Server 2017 and later, use AES256 / SHA256. password = "tEst1234"; encryptedHex_v1 = "0x010000001E8E7DCDBD4061B951999E25D18445D2305474D2D71EEE98A241C755246F58AB"; // Here's an encrypted string using AES256/SHA256 encryptedHex_v2 = "0x02000000FFE880C0354780481E64EF25B6197A02E2A854A4BA9D8D9BDDFDAB27EB56537ABDA0B1D9C4D1050C91B313550DECF429"; sbEncHex = CkStringBuilder_Create(); CkStringBuilder_Append(sbEncHex,encryptedHex_v1); // If present, we don't want the leading "0x" if (CkStringBuilder_StartsWith(sbEncHex,"0x",FALSE) == TRUE) { CkStringBuilder_RemoveCharsAt(sbEncHex,0,2); } crypt = CkCrypt2_Create(); CkCrypt2_putEncodingMode(crypt,"hex"); // The encrypted hex string will begin with either 01000000 or 02000000 // version 1 is produced by SQL Server 2008 to SQL Server 2016, and we must use TripleDES with SHA1 // version 2 is for SQL Server 2017 and later, and uses AES256 / SHA256. v1 = CkStringBuilder_StartsWith(sbEncHex,"01",FALSE); ivLen = 0; if (v1 == TRUE) { CkCrypt2_putCryptAlgorithm(crypt,"3des"); CkCrypt2_putCipherMode(crypt,"cbc"); CkCrypt2_putKeyLength(crypt,168); ivLen = 8; hashAlg = "sha1"; } else { CkCrypt2_putCryptAlgorithm(crypt,"aes"); CkCrypt2_putCipherMode(crypt,"cbc"); CkCrypt2_putKeyLength(crypt,256); ivLen = 16; hashAlg = "sha256"; } // Remove the SQL Server version info (i.e. the "01000000") CkStringBuilder_RemoveCharsAt(sbEncHex,0,8); // Get the IV part of the sbEncHex, and also remove it from the StringBuilder. ivHex = CkStringBuilder_getRange(sbEncHex,0,ivLen * 2,TRUE); printf("IV = %s\n",ivHex); CkCrypt2_SetEncodedIV(crypt,ivHex,"hex"); sbPassword = CkStringBuilder_Create(); CkStringBuilder_Append(sbPassword,password); pwd_hash = CkStringBuilder_getHash(sbPassword,hashAlg,"hex","utf-16"); sbKey = CkStringBuilder_Create(); CkStringBuilder_Append(sbKey,pwd_hash); if (v1 == TRUE) { // For v1, we only want the 1st 16 bytes of the 20 byte hash. // (remember, the hex encoding uses 2 chars per byte, so we remove the last 8 chars) CkStringBuilder_Shorten(sbKey,8); } printf("crypt key: %s\n",CkStringBuilder_getAsString(sbKey)); CkCrypt2_SetEncodedKey(crypt,CkStringBuilder_getAsString(sbKey),"hex"); // Decrypt bd = CkBinData_Create(); CkBinData_AppendEncoded(bd,CkStringBuilder_getAsString(sbEncHex),"hex"); CkCrypt2_DecryptBd(crypt,bd); // The result is composed of a header of 8 bytes which we can discard. // The remainder is the decrypted text. // The header we are discarding is composed of: // Bytes 0-3: Magic number equal to 0DF0ADBA // Bytes 4-5: Number of integrity bytes, which is 0 unless an authenticator is used. We're assuming no authenticator is used. // Bytes 6-7: Number of plain-text bytes. We really don't need this because the CBC padding takes care of it. // Therefore, just return the data after the 1st 8 bytes. // Assuming the encrypted string was utf-8 text... CkBinData_RemoveChunk(bd,0,8); plainText = CkBinData_getString(bd,"utf-8"); printf("decrypted plain text: %s\n",plainText); // The output: // IV = 1E8E7DCDBD4061B9 // crypt key: 710B9C2E61ACCC9570D4112203BD9738 // decrypted plain text: Hello world. // ------------------------------------------------------------------------------------------ // To encrypt, do the reverse... // Let's do v1 with TripleDES with SHA1 encryptor = CkCrypt2_Create(); CkCrypt2_putEncodingMode(encryptor,"hex"); CkCrypt2_putCryptAlgorithm(encryptor,"3des"); CkCrypt2_putCipherMode(encryptor,"cbc"); CkCrypt2_putKeyLength(encryptor,168); // Generate a random 8-byte IV prng = CkPrng_Create(); ivHex = CkPrng_genRandom(prng,8,"hex"); CkCrypt2_SetEncodedIV(encryptor,ivHex,"hex"); // The binary password is generated the same as above. // We'll use the same password (and same binary password) CkCrypt2_SetEncodedKey(encryptor,CkStringBuilder_getAsString(sbKey),"hex"); plainTextLen = 8; plainText = "ABCD1234"; // Encrypt the header + the plain-text. bdData = CkBinData_Create(); CkBinData_AppendEncoded(bdData,"0DF0ADBA","hex"); CkBinData_AppendEncoded(bdData,"0000","hex"); CkBinData_AppendInt2(bdData,plainTextLen,TRUE); printf("header: %s\n",CkBinData_getEncoded(bdData,"hex")); CkBinData_AppendString(bdData,plainText,"utf-8"); CkCrypt2_EncryptBd(encryptor,bdData); // Compose the result.. sbEnc = CkStringBuilder_Create(); CkStringBuilder_Append(sbEnc,"0x01000000"); CkStringBuilder_Append(sbEnc,ivHex); CkStringBuilder_Append(sbEnc,CkBinData_getEncoded(bdData,"hex")); printf("result: %s\n",CkStringBuilder_getAsString(sbEnc)); CkStringBuilder_Dispose(sbEncHex); CkCrypt2_Dispose(crypt); CkStringBuilder_Dispose(sbPassword); CkStringBuilder_Dispose(sbKey); CkBinData_Dispose(bd); CkCrypt2_Dispose(encryptor); CkPrng_Dispose(prng); CkBinData_Dispose(bdData); CkStringBuilder_Dispose(sbEnc); } |
|||||||
© 2000-2024 Chilkat Software, Inc. All Rights Reserved.