Chilkat HOME .NET Core C# Android™ AutoIt C C# C++ Chilkat2-Python CkPython Classic ASP DataFlex Delphi ActiveX Delphi DLL Go Java Lianja Mono C# Node.js Objective-C PHP ActiveX PHP Extension Perl PowerBuilder PowerShell PureBasic Ruby SQL Server Swift 2 Swift 3,4,5... Tcl Unicode C Unicode C++ VB.NET VBScript Visual Basic 6.0 Visual FoxPro Xojo Plugin
(Unicode C++) Duplicate SQL Server ENCRYPTBYPASSPHRASESee more Encryption ExamplesDemonstrates how to duplicate SQL Server's ENCRYPTBYPASSPHRASE.
#include <CkStringBuilderW.h> #include <CkCrypt2W.h> #include <CkBinDataW.h> #include <CkPrngW.h> void ChilkatSample(void) { // This example requires the Chilkat API to have been previously unlocked. // See Global Unlock Sample for sample code. // For SQL Server 2008 - SQL Server 2016 we must use TripleDES with SHA1 // For SQL Server 2017 and later, use AES256 / SHA256. const wchar_t *password = L"tEst1234"; const wchar_t *encryptedHex_v1 = L"0x010000001E8E7DCDBD4061B951999E25D18445D2305474D2D71EEE98A241C755246F58AB"; // Here's an encrypted string using AES256/SHA256 const wchar_t *encryptedHex_v2 = L"0x02000000FFE880C0354780481E64EF25B6197A02E2A854A4BA9D8D9BDDFDAB27EB56537ABDA0B1D9C4D1050C91B313550DECF429"; CkStringBuilderW sbEncHex; sbEncHex.Append(encryptedHex_v1); // If present, we don't want the leading "0x" if (sbEncHex.StartsWith(L"0x",false) == true) { sbEncHex.RemoveCharsAt(0,2); } CkCrypt2W crypt; crypt.put_EncodingMode(L"hex"); // The encrypted hex string will begin with either 01000000 or 02000000 // version 1 is produced by SQL Server 2008 to SQL Server 2016, and we must use TripleDES with SHA1 // version 2 is for SQL Server 2017 and later, and uses AES256 / SHA256. bool v1 = sbEncHex.StartsWith(L"01",false); int ivLen = 0; const wchar_t *hashAlg = 0; if (v1 == true) { crypt.put_CryptAlgorithm(L"3des"); crypt.put_CipherMode(L"cbc"); crypt.put_KeyLength(168); ivLen = 8; hashAlg = L"sha1"; } else { crypt.put_CryptAlgorithm(L"aes"); crypt.put_CipherMode(L"cbc"); crypt.put_KeyLength(256); ivLen = 16; hashAlg = L"sha256"; } // Remove the SQL Server version info (i.e. the "01000000") sbEncHex.RemoveCharsAt(0,8); // Get the IV part of the sbEncHex, and also remove it from the StringBuilder. const wchar_t *ivHex = sbEncHex.getRange(0,ivLen * 2,true); wprintf(L"IV = %s\n",ivHex); crypt.SetEncodedIV(ivHex,L"hex"); CkStringBuilderW sbPassword; sbPassword.Append(password); const wchar_t *pwd_hash = sbPassword.getHash(hashAlg,L"hex",L"utf-16"); CkStringBuilderW sbKey; sbKey.Append(pwd_hash); if (v1 == true) { // For v1, we only want the 1st 16 bytes of the 20 byte hash. // (remember, the hex encoding uses 2 chars per byte, so we remove the last 8 chars) sbKey.Shorten(8); } wprintf(L"crypt key: %s\n",sbKey.getAsString()); crypt.SetEncodedKey(sbKey.getAsString(),L"hex"); // Decrypt CkBinDataW bd; bd.AppendEncoded(sbEncHex.getAsString(),L"hex"); crypt.DecryptBd(bd); // The result is composed of a header of 8 bytes which we can discard. // The remainder is the decrypted text. // The header we are discarding is composed of: // Bytes 0-3: Magic number equal to 0DF0ADBA // Bytes 4-5: Number of integrity bytes, which is 0 unless an authenticator is used. We're assuming no authenticator is used. // Bytes 6-7: Number of plain-text bytes. We really don't need this because the CBC padding takes care of it. // Therefore, just return the data after the 1st 8 bytes. // Assuming the encrypted string was utf-8 text... bd.RemoveChunk(0,8); const wchar_t *plainText = bd.getString(L"utf-8"); wprintf(L"decrypted plain text: %s\n",plainText); // The output: // IV = 1E8E7DCDBD4061B9 // crypt key: 710B9C2E61ACCC9570D4112203BD9738 // decrypted plain text: Hello world. // ------------------------------------------------------------------------------------------ // To encrypt, do the reverse... // Let's do v1 with TripleDES with SHA1 CkCrypt2W encryptor; encryptor.put_EncodingMode(L"hex"); encryptor.put_CryptAlgorithm(L"3des"); encryptor.put_CipherMode(L"cbc"); encryptor.put_KeyLength(168); // Generate a random 8-byte IV CkPrngW prng; ivHex = prng.genRandom(8,L"hex"); encryptor.SetEncodedIV(ivHex,L"hex"); // The binary password is generated the same as above. // We'll use the same password (and same binary password) encryptor.SetEncodedKey(sbKey.getAsString(),L"hex"); int plainTextLen = 8; plainText = L"ABCD1234"; // Encrypt the header + the plain-text. CkBinDataW bdData; bdData.AppendEncoded(L"0DF0ADBA",L"hex"); bdData.AppendEncoded(L"0000",L"hex"); bdData.AppendInt2(plainTextLen,true); wprintf(L"header: %s\n",bdData.getEncoded(L"hex")); bdData.AppendString(plainText,L"utf-8"); encryptor.EncryptBd(bdData); // Compose the result.. CkStringBuilderW sbEnc; sbEnc.Append(L"0x01000000"); sbEnc.Append(ivHex); sbEnc.Append(bdData.getEncoded(L"hex")); wprintf(L"result: %s\n",sbEnc.getAsString()); } |
© 2000-2024 Chilkat Software, Inc. All Rights Reserved.