|
Chilkat • HOME • Android™ • AutoIt • C • C# • C++ • Chilkat2-Python • CkPython • Classic ASP • DataFlex • Delphi DLL • Go • Java • Node.js • Objective-C • PHP Extension • Perl • PowerBuilder • PowerShell • PureBasic • Ruby • SQL Server • Swift • Tcl • Unicode C • Unicode C++ • VB.NET • VBScript • Visual Basic 6.0 • Visual FoxPro • Xojo Plugin
(Delphi ActiveX) Duplicate SQL Server ENCRYPTBYPASSPHRASESee more Encryption ExamplesDemonstrates how to duplicate SQL Server's ENCRYPTBYPASSPHRASE.
uses Winapi.Windows, Winapi.Messages, System.SysUtils, System.Variants, System.Classes, Vcl.Graphics, Vcl.Controls, Vcl.Forms, Vcl.Dialogs, Vcl.StdCtrls, Chilkat_TLB; ... procedure TForm1.Button1Click(Sender: TObject); var password: WideString; encryptedHex_v1: WideString; encryptedHex_v2: WideString; sbEncHex: TChilkatStringBuilder; crypt: TChilkatCrypt2; v1: Integer; ivLen: Integer; hashAlg: WideString; ivHex: WideString; sbPassword: TChilkatStringBuilder; pwd_hash: WideString; sbKey: TChilkatStringBuilder; bd: TChilkatBinData; plainText: WideString; encryptor: TChilkatCrypt2; prng: TChilkatPrng; plainTextLen: Integer; bdData: TChilkatBinData; sbEnc: TChilkatStringBuilder; begin // This example requires the Chilkat API to have been previously unlocked. // See Global Unlock Sample for sample code. // For SQL Server 2008 - SQL Server 2016 we must use TripleDES with SHA1 // For SQL Server 2017 and later, use AES256 / SHA256. password := 'tEst1234'; encryptedHex_v1 := '0x010000001E8E7DCDBD4061B951999E25D18445D2305474D2D71EEE98A241C755246F58AB'; // Here's an encrypted string using AES256/SHA256 encryptedHex_v2 := '0x02000000FFE880C0354780481E64EF25B6197A02E2A854A4BA9D8D9BDDFDAB27EB56537ABDA0B1D9C4D1050C91B313550DECF429'; sbEncHex := TChilkatStringBuilder.Create(Self); sbEncHex.Append(encryptedHex_v1); // If present, we don't want the leading "0x" if (sbEncHex.StartsWith('0x',0) = 1) then begin sbEncHex.RemoveCharsAt(0,2); end; crypt := TChilkatCrypt2.Create(Self); crypt.EncodingMode := 'hex'; // The encrypted hex string will begin with either 01000000 or 02000000 // version 1 is produced by SQL Server 2008 to SQL Server 2016, and we must use TripleDES with SHA1 // version 2 is for SQL Server 2017 and later, and uses AES256 / SHA256. v1 := sbEncHex.StartsWith('01',0); ivLen := 0; if (v1 = 1) then begin crypt.CryptAlgorithm := '3des'; crypt.CipherMode := 'cbc'; crypt.KeyLength := 168; ivLen := 8; hashAlg := 'sha1'; end else begin crypt.CryptAlgorithm := 'aes'; crypt.CipherMode := 'cbc'; crypt.KeyLength := 256; ivLen := 16; hashAlg := 'sha256'; end; // Remove the SQL Server version info (i.e. the "01000000") sbEncHex.RemoveCharsAt(0,8); // Get the IV part of the sbEncHex, and also remove it from the StringBuilder. ivHex := sbEncHex.GetRange(0,ivLen * 2,1); Memo1.Lines.Add('IV = ' + ivHex); crypt.SetEncodedIV(ivHex,'hex'); sbPassword := TChilkatStringBuilder.Create(Self); sbPassword.Append(password); pwd_hash := sbPassword.GetHash(hashAlg,'hex','utf-16'); sbKey := TChilkatStringBuilder.Create(Self); sbKey.Append(pwd_hash); if (v1 = 1) then begin // For v1, we only want the 1st 16 bytes of the 20 byte hash. // (remember, the hex encoding uses 2 chars per byte, so we remove the last 8 chars) sbKey.Shorten(8); end; Memo1.Lines.Add('crypt key: ' + sbKey.GetAsString()); crypt.SetEncodedKey(sbKey.GetAsString(),'hex'); // Decrypt bd := TChilkatBinData.Create(Self); bd.AppendEncoded(sbEncHex.GetAsString(),'hex'); crypt.DecryptBd(bd.ControlInterface); // The result is composed of a header of 8 bytes which we can discard. // The remainder is the decrypted text. // The header we are discarding is composed of: // Bytes 0-3: Magic number equal to 0DF0ADBA // Bytes 4-5: Number of integrity bytes, which is 0 unless an authenticator is used. We're assuming no authenticator is used. // Bytes 6-7: Number of plain-text bytes. We really don't need this because the CBC padding takes care of it. // Therefore, just return the data after the 1st 8 bytes. // Assuming the encrypted string was utf-8 text... bd.RemoveChunk(0,8); plainText := bd.GetString('utf-8'); Memo1.Lines.Add('decrypted plain text: ' + plainText); // The output: // IV = 1E8E7DCDBD4061B9 // crypt key: 710B9C2E61ACCC9570D4112203BD9738 // decrypted plain text: Hello world. // ------------------------------------------------------------------------------------------ // To encrypt, do the reverse... // Let's do v1 with TripleDES with SHA1 encryptor := TChilkatCrypt2.Create(Self); encryptor.EncodingMode := 'hex'; encryptor.CryptAlgorithm := '3des'; encryptor.CipherMode := 'cbc'; encryptor.KeyLength := 168; // Generate a random 8-byte IV prng := TChilkatPrng.Create(Self); ivHex := prng.GenRandom(8,'hex'); encryptor.SetEncodedIV(ivHex,'hex'); // The binary password is generated the same as above. // We'll use the same password (and same binary password) encryptor.SetEncodedKey(sbKey.GetAsString(),'hex'); plainTextLen := 8; plainText := 'ABCD1234'; // Encrypt the header + the plain-text. bdData := TChilkatBinData.Create(Self); bdData.AppendEncoded('0DF0ADBA','hex'); bdData.AppendEncoded('0000','hex'); bdData.AppendInt2(plainTextLen,1); Memo1.Lines.Add('header: ' + bdData.GetEncoded('hex')); bdData.AppendString(plainText,'utf-8'); encryptor.EncryptBd(bdData.ControlInterface); // Compose the result.. sbEnc := TChilkatStringBuilder.Create(Self); sbEnc.Append('0x01000000'); sbEnc.Append(ivHex); sbEnc.Append(bdData.GetEncoded('hex')); Memo1.Lines.Add('result: ' + sbEnc.GetAsString()); end; |
||||
© 2000-2025 Chilkat Software, Inc. All Rights Reserved.