lfgmartins
asked on
SHA1 Crypting
Hi,
I've a users (login) table that has passwords. I want to encrypt it.
I heard of SHA1 digest? They said it's very secure?
My objective is to encrypt/decrypt the passwords in the table and use them.
Does anyone has idea on how to do this? What steps should I follow?
Thanks,
Luis
I've a users (login) table that has passwords. I want to encrypt it.
I heard of SHA1 digest? They said it's very secure?
My objective is to encrypt/decrypt the passwords in the table and use them.
Does anyone has idea on how to do this? What steps should I follow?
Thanks,
Luis
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
I recommend 'Delphi Encryption Compendium'
there are also included examples
the ciphers use a hashmanager to additionaly hash the keys
there are also included examples
the ciphers use a hashmanager to additionaly hash the keys
Thank you
ASKER
I thank you!
Excellent answer. Now I've all that it takes. I just need to apply it to my database.
Regards, Luis
Excellent answer. Now I've all that it takes. I just need to apply it to my database.
Regards, Luis
Also a hint.. Case does not matter on the Hash, so when doing a comparison I like to always change the case on both variables just to be sure...
If UpperCase(Password1) = UpperCase(Password2) then ...
If UpperCase(Password1) = UpperCase(Password2) then ...
ASKER
Hi rbohac,
How can Iwith the code you gave me: 1. Record the encrypt password 2. Produce the hash? What for do I need it? 3. Then how can I decrypt it?
I don't need to record in a file so that's why I don't understand the example you gave me. Explain me in what vars are record the hash, password enrypted, decrypted.
I've made the following code:
procedure TftbUtilizador.HashString( s: string; var Digest: TSHA1Digest);
var
Context: TSHA1Context; // record to store intermediate data
begin
SHA1Init(Context); // initialize the data record
SHA1Update(Context,@S[1],L ength(S)); // update the data record with the string
SHA1Final(Context,Digest); // produce the final hash
end;
procedure TftbUtilizador.edsenhaExit (Sender: TObject);
var
KeyData: TTwofishData; // the initialized key data
Digest: TSHA1Digest;
IV: array[0..15] of byte; // the initialization vector needed for
//chaining modes
Buffer: array[0..8191] of byte;
i, j, n: integer;
Key: string;
NumRead, NumWritten: Integer;
begin
Key:= edsenha.Text; //you wrote the password in edit2
HashString(Key,Digest);
for j:= 1 to (i div 16) do // 16 is the blocksize of Twofish
// so process in 16 byte blocks
TwofishEncryptCBC(KeyData, @Buffer[(j -1)*Sizeof (IV)], //encrypt!
@Buffer[(j-1)*Sizeof(IV)]) ;
if (i mod 16)<> 0 then // encrypt the last bytes that don't
// fit in to a full block
begin
Move(KeyData.LastBlock,IV, Sizeof(IV) );
TwofishEncryptCBC(KeyData, @IV,@IV); // encrypt the full block
// again (so that it is encrypted twice)
for j:= 1 to (i mod 16) do
// xor this encrypted block with the short block
Buffer[(i and not 15)+j]:= Buffer[(i and not 15)+j] xor IV[j];
end;
dxEdit1.Text:= buffer; // buffer = texto encriptado
end;
Thanks, Luis
How can Iwith the code you gave me: 1. Record the encrypt password 2. Produce the hash? What for do I need it? 3. Then how can I decrypt it?
I don't need to record in a file so that's why I don't understand the example you gave me. Explain me in what vars are record the hash, password enrypted, decrypted.
I've made the following code:
procedure TftbUtilizador.HashString(
var
Context: TSHA1Context; // record to store intermediate data
begin
SHA1Init(Context); // initialize the data record
SHA1Update(Context,@S[1],L
SHA1Final(Context,Digest);
end;
procedure TftbUtilizador.edsenhaExit
var
KeyData: TTwofishData; // the initialized key data
Digest: TSHA1Digest;
IV: array[0..15] of byte; // the initialization vector needed for
//chaining modes
Buffer: array[0..8191] of byte;
i, j, n: integer;
Key: string;
NumRead, NumWritten: Integer;
begin
Key:= edsenha.Text; //you wrote the password in edit2
HashString(Key,Digest);
for j:= 1 to (i div 16) do // 16 is the blocksize of Twofish
// so process in 16 byte blocks
TwofishEncryptCBC(KeyData,
@Buffer[(j-1)*Sizeof(IV)])
if (i mod 16)<> 0 then // encrypt the last bytes that don't
// fit in to a full block
begin
Move(KeyData.LastBlock,IV,
TwofishEncryptCBC(KeyData,
// again (so that it is encrypted twice)
for j:= 1 to (i mod 16) do
// xor this encrypted block with the short block
Buffer[(i and not 15)+j]:= Buffer[(i and not 15)+j] xor IV[j];
end;
dxEdit1.Text:= buffer; // buffer = texto encriptado
end;
Thanks, Luis
I created to procedures for myself to do somthing like you are doing.. feel free to use them.
SAH is a one way encryption algorithm. You can't decrypt it. What you have to do is store the password as the encrypted hash. Then when you want to check it, encrypt what the user types in and compare it against the hash that you stored.
{ Procedure Added by Ray }
procedure SHA1EncryptStr(Var Str:String);
var
Digest: TSHA1Digest;
s:String;
i:Integer;
begin
_hashstring(Str,Digest);
s:='';
for i:= 0 to (Sizeof(Digest)-1) do
s:= s+IntToHex(Digest[i],2);
Str := S;
end;
{ Procedure Added by Ray }
function SHA1EncryptBuffer(Buf:Poin ter; Size:Integer):String;
var
Digest: TSHA1Digest;
s:String;
i:Integer;
Context: TSHA1Context; // record to store intermediate
// data
begin
SHA1Init(Context); // initialize the data record
SHA1Update(Context,Buf,Siz e); // update the data record with
// the string
SHA1Final(Context,Digest); // produce the final hash
s:='';
for i:= 0 to (Sizeof(Digest)-1) do
s:= s+IntToHex(Digest[i],2);
Result := S;
end;
SAH is a one way encryption algorithm. You can't decrypt it. What you have to do is store the password as the encrypted hash. Then when you want to check it, encrypt what the user types in and compare it against the hash that you stored.
{ Procedure Added by Ray }
procedure SHA1EncryptStr(Var Str:String);
var
Digest: TSHA1Digest;
s:String;
i:Integer;
begin
_hashstring(Str,Digest);
s:='';
for i:= 0 to (Sizeof(Digest)-1) do
s:= s+IntToHex(Digest[i],2);
Str := S;
end;
{ Procedure Added by Ray }
function SHA1EncryptBuffer(Buf:Poin
var
Digest: TSHA1Digest;
s:String;
i:Integer;
Context: TSHA1Context; // record to store intermediate
// data
begin
SHA1Init(Context); // initialize the data record
SHA1Update(Context,Buf,Siz
// the string
SHA1Final(Context,Digest);
s:='';
for i:= 0 to (Sizeof(Digest)-1) do
s:= s+IntToHex(Digest[i],2);
Result := S;
end;
What are you recording (storing) the saved password to? A file, A database, ...?
ASKER
Thanks rbohac, I'll use it :)
Then I'll record the encrypted password in a field in the database.
I just have a question what for do I use the hash? Should I record it? Will I use it later?
Thanks, Luis
Then I'll record the encrypted password in a field in the database.
I just have a question what for do I use the hash? Should I record it? Will I use it later?
Thanks, Luis
Encrypted password = hash.. its the same thing
ASKER
ok thanks a lot
ASKER
What for do you use the SHA1EncryptBuffer?
Luis
Luis
ASKER
and how can I decrypt the password later?
Luis
Luis
As I have stated twice now.. YOU CAN'T DECRYPT IT. It is a one way encryption algorithm
Example use
Var StoredPassword,EnteredPass word:Strin g:
begin
StoredPassword := SHA1EncryptStr('mypassword '); //or you can load the password from an external data source
EnteredPassword := (InputBox('Password','What s Your Password',''));
if UpperCase(StoredPassword) = UpperCase(EnteredPassword) then
Showmessage('Passwords Match')
else
ShowMessage('Passwords Do Not Match');
end;
Var StoredPassword,EnteredPass
begin
StoredPassword := SHA1EncryptStr('mypassword
EnteredPassword := (InputBox('Password','What
if UpperCase(StoredPassword) = UpperCase(EnteredPassword)
Showmessage('Passwords Match')
else
ShowMessage('Passwords Do Not Match');
end;
http://www.cityinthesky.co.uk/cryptography.html
It has plenty of functions for encrypting and decryption information using various methods, including SHA1