Solved

when does a byte not equal a byte...

Posted on 2011-09-29
11
329 Views
Last Modified: 2012-05-12
I have the code block in my application.
my application has been running for years.
the code works, EXCEPT (as I discovered today) when the code being encrypted/decrypted is 7 characters long and contains a 'y'.  in that case, the 'y' is changed to an '8', so the strings don't match.
as in 'maybeso' will not work, but 'maybenot' does.

Talk about wonky.
any ideas?
Current code is in Delphi 2010, running in windows 64 bit.

function EncryptStr(aStr : string) : string;
var
  i : integer;
  aString : string;
  aResult : string;
begin
   result := '';
   aString := aStr;
   for i := 1 to Length(aString) do
      aresult := aResult + ConnieEncrypt(aString[i], Length(aString));
   result := aResult;
end;
function ConnieEncrypt(aStr : char; aBit : integer) : char;
begin
   result := chr(byte(ord(aStr)) + aBit);
end;
function ConnieDecrypt(aStr : char; aBit : integer) : char;
begin
   result := Chr(byte(ord(aStr)) - aBit);
end;
function DecryptStr(aStr : string) : string;
var
  i : integer;
  aString : string;
  aResult : string;
begin
   result := '';
   aString := aStr;
   for i := 1 to length(aString) do
      aresult := aResult + ConnieDecrypt(aString[i],length(aString));
   result := aResult;
end;

Open in new window

0
Comment
Question by:ccMcBride
  • 5
  • 4
  • 2
11 Comments
 
LVL 25

Expert Comment

by:epasquier
ID: 36816669
that is not such a good idea to do that like that, you have too little control of how is managed the overlap of byte values to Char valid range. All the more if UNICODE Chars are concerned, like in your case.

a) do you need UNICODE chars or plain ANSI (ASCII) ?
b) will it be OK if you have #0 values in your string ?
function EncryptStr(aStr : ANSIString; Shift:Integer=0) : ANSIString;
var
 i:integer;
begin
 if Shift=0 Then Shift:=Length(aStr);
 for i:=1 to Length(aStr) do aStr[i]:=ANSIChar((Byte(aStr[i])+Shift) And $FF));
 Result:=aStr;
end;


function DecryptStr(aStr : ANSIString; Shift:Integer=0) : ANSIString;
begin
 if Shift>0 Then Shift:=-Shift;
 if Shift=0 Then Shift:=-Length(aStr);
 Result:=EncryptStr(aStr,Shift);
end;

Open in new window

0
 

Author Comment

by:ccMcBride
ID: 36816756
it's used daily, but lightly.
I think I hit something bizarre in my project that I can't find, because my test app, which uses the exact  same function from the exact same field, is working fine with the exact same values.

It's just a plain text field.  Don't need anything special about it - other than it be encrypted when stored to the database.

0
 
LVL 100

Expert Comment

by:mlmcc
ID: 36816860
Is this to compare passwords?

How is the password stored?
I assume encrypted.

WHy not just encrypt and compare the encrypted strings.

ANother would be to just append a blank to the end if it  characters and encrypt that.

mlmcc
0
Live: Real-Time Solutions, Start Here

Receive instant 1:1 support from technology experts, using our real-time conversation and whiteboard interface. Your first 5 minutes are always free.

 
LVL 25

Expert Comment

by:epasquier
ID: 36816885
'y' + 7 goes directly to #128 and therefore is subject to UNICODE translation. That is why I asked if you needed UNICODE strings.
I suspect you'll have also problems with 'z' in a 6 char string
like 'zorro!'
can you try ?
0
 

Author Comment

by:ccMcBride
ID: 36816921
It is.
and the encrypted strings are stored in the database.
As I said, been in place for over a decade.

here is what is happening:
in my 'big' app, maybeso encrypts to :
'th?ilzv'
in my test app, it encrypts to :
th¿ilzv

only difference I can see is the components (and to remove that as a 'factor', I added code to store the text from the component into a string in my big app), and get same bad result.

0
 

Author Comment

by:ccMcBride
ID: 36816946
epasquier is correct.
zorro works. zzzzzz does not.
returns 9.
so, how do I fix that?
0
 
LVL 25

Expert Comment

by:epasquier
ID: 36817009
here is the result of Crypting / Decrypting with 'maybeso'

Encrypt :
109
97
121
98
101
115
111
> th¿ilzv
116
104
128
105
108
122
118
< maybeso
109
97
121
98
101
115
111

Open in new window


As you can see the encrypted string gives 'th¿ilzv' , 6 characters only. When I decrypt it immediately, eveuthing is ok. I suspect of course the y that transforms to #128, which is probably interpreted in UNICODE strings as a NUL character. If you use it that string a bit between encrypt and decrypt, it might be that this char is lost.
Here what it would give to decrypt 'thilzv' without the mysterious char : 'nbcftp' .
0
 
LVL 25

Expert Comment

by:epasquier
ID: 36817021
you should save the encrypted string as an array of byte. That is the only way to be sure that your DB will not convert anything when storing. And that no unwanted or uncontrolled translation occurs in Delphi  either.
0
 
LVL 25

Accepted Solution

by:
epasquier earned 500 total points
ID: 36817044
or, again, use my functions (small type error, a ')' is too much in EncryptStr.

I tested, work fine with 'maybeso', and will surely be good enough to a very week encryption such as this

maybeso <==> th€ilzv

Open in new window

function EncryptStr(aStr : ANSIString; Shift:Integer=0) : ANSIString;
var
 i:integer;
begin
 if Shift=0 Then Shift:=Length(aStr);
 for i:=1 to Length(aStr) do aStr[i]:=ANSIChar((Byte(aStr[i])+Shift) And $FF);
 Result:=aStr;
end;


function DecryptStr(aStr : ANSIString; Shift:Integer=0) : ANSIString;
begin
 if Shift>0 Then Shift:=-Shift;
 if Shift=0 Then Shift:=-Length(aStr);
 Result:=EncryptStr(aStr,Shift);
end;

Open in new window

0
 
LVL 100

Expert Comment

by:mlmcc
ID: 36817070
May also have trouble with
x's in an 8 character word, w's in a 9 character word, etc

mlmcc
0
 

Author Closing Comment

by:ccMcBride
ID: 36817343
Awesome.  even works with existing passwords.
I know it's 'weak', but in this particular case, has to work on an unencrypted database without showing up in search screens, reports, and the like.
0

Featured Post

Live: Real-Time Solutions, Start Here

Receive instant 1:1 support from technology experts, using our real-time conversation and whiteboard interface. Your first 5 minutes are always free.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Delphi: how to send PJL commands to printer 3 97
How to call a form that is in a DLL  from an application? 13 70
Delphi 2 59
TEMBEDDEDWB how can i change its user agent ? 8 58
Objective: - This article will help user in how to convert their numeric value become words. How to use 1. You can copy this code in your Unit as function 2. than you can perform your function by type this code The Code   (CODE) The Im…
In my programming career I have only very rarely run into situations where operator overloading would be of any use in my work.  Normally those situations involved math with either overly large numbers (hundreds of thousands of digits or accuracy re…
This Micro Tutorial will teach you how to censor certain areas of your screen. The example in this video will show a little boy's face being blurred. This will be demonstrated using Adobe Premiere Pro CS6.
Migrating to Microsoft Office 365 is becoming increasingly popular for organizations both large and small. If you have made the leap to Microsoft’s cloud platform, you know that you will need to create a corporate email signature for your Office 365…

813 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

18 Experts available now in Live!

Get 1:1 Help Now