Link to home
Start Free TrialLog in
Avatar of lfgmartins
lfgmartins

asked on

SHA1 Crypting

Hi,
I've a users (login) table that has passwords. I want to encrypt it.
I heard of SHA1 digest? They said it's very secure?
My objective is to encrypt/decrypt the passwords in the table and use them.
Does anyone has idea on how to do this? What steps should I follow?
Thanks,
Luis
Avatar of Biblin
Biblin

Download DCPcrypt from

http://www.cityinthesky.co.uk/cryptography.html

It has plenty of functions for encrypting and decryption information using various methods, including SHA1
ASKER CERTIFIED SOLUTION
Avatar of rbohac
rbohac

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
I recommend 'Delphi Encryption Compendium'
there are also included examples
the ciphers use a hashmanager to additionaly hash the keys
Thank you
Avatar of lfgmartins

ASKER

I thank you!
Excellent answer. Now I've all that it takes. I just need to apply it to my database.
Regards, Luis
Also a hint..  Case does not matter on the Hash, so when doing a comparison I like to always change the case on both variables just to be sure...

If UpperCase(Password1) = UpperCase(Password2) then ...
Hi rbohac,
How can Iwith the code you gave me: 1. Record the encrypt password 2. Produce the hash? What for do I need it? 3. Then how can I decrypt it?
I don't need to record in a file so that's why I don't understand the example you gave me. Explain me in what vars are record the hash, password enrypted, decrypted.
I've made the following code:
procedure TftbUtilizador.HashString(s: string; var Digest: TSHA1Digest);
var
  Context: TSHA1Context;               // record to store intermediate data
begin
  SHA1Init(Context);                   // initialize the data record
  SHA1Update(Context,@S[1],Length(S)); // update the data record with the string
  SHA1Final(Context,Digest);           // produce the final hash
end;


procedure TftbUtilizador.edsenhaExit(Sender: TObject);
var
  KeyData: TTwofishData;         // the initialized key data
  Digest: TSHA1Digest;
  IV: array[0..15] of byte;      // the initialization vector needed for
                                 //chaining modes
  Buffer: array[0..8191] of byte;
  i, j, n: integer;
  Key: string;
  NumRead, NumWritten: Integer;
begin
  Key:= edsenha.Text; //you wrote the password in edit2
  HashString(Key,Digest);

  for j:= 1 to (i div 16) do        // 16 is the blocksize of Twofish
                                      // so process in 16 byte blocks
    TwofishEncryptCBC(KeyData,@Buffer[(j-1)*Sizeof(IV)],     //encrypt!
                      @Buffer[(j-1)*Sizeof(IV)]);

    if (i mod 16)<> 0 then        // encrypt the last bytes that don't
                                  // fit in to a full block
    begin
      Move(KeyData.LastBlock,IV,Sizeof(IV));
      TwofishEncryptCBC(KeyData,@IV,@IV);    // encrypt the full block
                              // again (so that it is encrypted twice)
      for j:= 1 to (i mod 16) do
        // xor this encrypted block with the short block
        Buffer[(i and not 15)+j]:= Buffer[(i and not 15)+j] xor IV[j];
      end;

      dxEdit1.Text:= buffer;   // buffer = texto encriptado

end;

Thanks, Luis
I created to procedures for myself to do somthing like you are doing.. feel free to use them.

SAH is a one way encryption algorithm. You can't decrypt it. What you have to do is store the password as the encrypted hash. Then when you want to check it, encrypt what the user types in and compare it against the hash that you stored.


{ Procedure Added by Ray }
procedure SHA1EncryptStr(Var Str:String);
var
  Digest: TSHA1Digest;
  s:String;
  i:Integer;
begin
  _hashstring(Str,Digest);
  s:='';
    for i:= 0 to (Sizeof(Digest)-1) do
      s:= s+IntToHex(Digest[i],2);
  Str := S;
end;

{ Procedure Added by Ray }
function SHA1EncryptBuffer(Buf:Pointer; Size:Integer):String;
var
  Digest: TSHA1Digest;
  s:String;
  i:Integer;
  Context: TSHA1Context;               // record to store intermediate
// data
begin
  SHA1Init(Context);                   // initialize the data record
  SHA1Update(Context,Buf,Size);        // update the data record with
                                       // the string
  SHA1Final(Context,Digest);           // produce the final hash

  s:='';
    for i:= 0 to (Sizeof(Digest)-1) do
      s:= s+IntToHex(Digest[i],2);
  Result := S;
end;
What are you recording (storing) the saved password to? A file, A database, ...?
Thanks rbohac, I'll use it :)
Then I'll record the encrypted password in a field in the database.

I just have a question what for do I use the hash? Should I record it? Will I use it later?

Thanks, Luis
Encrypted password = hash.. its the same thing
ok thanks a lot
What for do you use the SHA1EncryptBuffer?
Luis
and how can I decrypt the password later?
Luis
As I have stated twice now.. YOU CAN'T DECRYPT IT. It is a one way encryption algorithm
Example use

Var StoredPassword,EnteredPassword:String:
begin

StoredPassword := SHA1EncryptStr('mypassword');  //or you can load the password from an external data source

EnteredPassword := (InputBox('Password','Whats Your Password',''));

if UpperCase(StoredPassword) = UpperCase(EnteredPassword) then
  Showmessage('Passwords Match')
  else
  ShowMessage('Passwords Do Not Match');
end;