VFPEncryption

The free vfpencryption.fll has been updated. Changes include:

	Converted the vfpencryption project to Visual Studio 2005 (VC++ 8.0)
	Added an RC4 Stream Cipher
	Fixed a bug in the Hash() function that would truncate hashes if NULLs were returned anywhere in the message digest

The RC4 stream cipher that has been added is very useful in encrypting/decrypting fields in a table. Because it is a stream cipher, the resulting ciphertext (encrypted data) is the same length as the plaintext. Unlike a block cipher (which comprises all of the other ciphers that vfpencryption.fll provides), a stream cipher does not pad the results with extra characters. This means that RC4 can be used to encrypt and decrypt a field with a simple Replace command. No additional machinations are required. In any event, give it a try and see what you think.

Special thanks to Tomás Cané out of Santiago, Chile for the heads up regarding the bug in the Hash() function that was causing certain message digests (hash codes) to be truncated. This bug has been fixed.

Here is the link for the latest version of the vfpencryption.fll

Download the Latest Version of the VFP Encryption FLL (57 KB approx.)

I've also decided to offer a download of Microsoft's redistributable installer for the VC++ 8.0 runtimes to ease the problems some were encountering during deployment of the FLL. If you "SET LIBRARY TO vfpencryption.fll" in Visual FoxPro and get an error saying that the FLL is invalid, then you (or your client) don't have the required C runtimes installed. The installer available at the link below will solve this problem.

Download the Microsoft's installer for the VC++ 8.0 runtimes (2.5 MB approx.)

I hope that the documentation I am providing below is clear to everyone. If there is something further that I could do in order to make this FLL more useful or understandable, please let me know. I will be putting together some Visual FoxPro samples of use for this FLL in the near future to be included as a separate download.

vfpencryption.fll Documentation...

Function ENCRYPT()

Signature: Encrypt(cStringtoEncrypt, cSecretKey[, nEncryptionType[, nEncryptionMode]])

Parameters:

cStringtoEncrypt - A plain text string that you want to have encrypted, such as "Hello World!"

cSecretKey - A plain text string that is the Key you want used during encryption, such as "My_SeCrEt_KeY".
Please note that keys may need to be of a particular length for certain types of encryption. Refer below for more information.

nEncryptionType - There are currently 5 types of encryption available. The value of this parameter determines that type of encryption used and how long your Secret Key should be. A single character in Visual FoxPro is equal to 1 byte or 8 bits. So an encryption algorithm requiring a 128-bit key would need a Secret Key of 16 characters (16 x 8 = 128).

   0 = AES128 (requires a 16 character Key)
   1 = AES192 (requires a 24 character Key)
   2 = AES256 (requires a 32 character Key) *Default
   4 = Blowfish (requires a 56 character Key)
   8 = TEA (requires a 16 character Key)
   1024 = RC4 (Key can be any length)

nEncryptionMode - There are three different modes available for the each of the encryption types listed above. They include: Electronic Code Book (ECB), Cipher Block Chaining (CBC) and Cipher Feedback Block (CFB). The nEncryptionMode parameter does not apply to RC4 encryption (nEncryptionType = 1024).

   0 = ECB *Default
   1 = CBC
   2 = CFB

Return Value:

Character data type - the encrypted form of cStringtoEncrypt.

Remarks:

When saving the return value of Encrypt() function to a field in a table, remember that Visual FoxPro will append blanks to the end of the string in order to fill the character field to its designated length. This can cause problems when decrypting the data as the spaces will be considered part of the encrypted string. To work around this, I suggest placing a single CHR(0) at the end of the encrypted string when saving it to the table. Then when decrypting the data just the portion prior to the CHR(0) can be sent into the Decrypt() function. This does not apply when using RC4 encryption (nEncryptionType = 1024).

Function DECRYPT()

Signature: Decrypt(cEncryptString, cSecretKey[, nDecryptionType[, nDecryptionMode]])

Parameters:

cEncryptedString - A string that has been encrypted using the Encrypt() function.

cSecretKey - A plain text string that is the same Key that you used when you encrypted the data using the Encrypt function, such as "My_SeCrEt_KeY".
Please note that keys may need to be of a particular length for certain types of decryption. Refer below for more information.

nDecryptionType - There are currently 5 types of decryption available and they correspond to the same ones available in Encrypt(). A single character in Visual FoxPro is equal to 1 byte or 8 bits. So an decryption algorithm requiring a 128-bit key would need a Secret Key of 16 characters (16 x 8 = 128).

   0 = AES128 (requires a 16 character Key)
   1 = AES192 (requires a 24 character Key)
   2 = AES256 (requires a 32 character Key) *Default
   4 = Blowfish (requires a 56 character Key)
   8 = TEA (requires a 16 character Key)
   1024 = RC4 (Key can be any length)

nDecryptionMode - There are three different modes available for the each of the encryption types listed above. They include: Electronic Code Book (ECB), Cipher Block Chaining (CBC) and Cipher Feedback Block (CFB). The nDecryptionMode parameter does not apply to RC4 decryption (nDecryptionType = 1024).

   0 = ECB *Default
   1 = CBC
   2 = CFB

Return Value:

Character data type - the decrypted form of cEncryptedString followed by a variable number of CHR(0)s. See Remarks below for further clarification

Remarks:

IMPORTANT: Decryption is done on blocks of memory, so when the decrypt function returns the encrypted string it will be followed by a variable number of CHR(0)s unless the decrypted string just happens to end at exactly the same location as the last block decrypted. These extraneous CHR(0)'s can be removed using a number of Visual FoxPro functions, such as STRTRAN(), CHRTRAN(), or a combination of LEFT() and AT(). This does not apply when using RC4 decryption (nDecryptionType = 1024).

Function ENCRYPTFILE()

Signature: EncryptFile(cFiletoEncrypt, cDestinationFile, cSecretKey[, nEncryptionType[, nEncryptionMode]])

Parameters:

cFiletoEncrypt - A plain text string that is the fullpath to the file you wish to be encrypted, such as "C:\SensitiveInfo.doc"

cDestinationFile - A plain text string that is the fullpath to an encrypted file you wish to have created on disk, such as "C:\EncryptedInfo.doc". If this file doesn't exist then it will be created for you.

nEncryptionMode - There are three different modes available for the each of the encryption types listed above. They include: Electronic Code Book (ECB), Cipher Block Chaining (CBC) and Cipher Feedback Block (CFB). This does not apply when using RC4 encryption (nEncryptionType = 1024).

   0 = ECB *Default
   1 = CBC
   2 = CFB

Return Value:

None

Remarks:

Currently the cFiletoEncrypt and cDestinationFile parameters cannot point to the same file. This may be revised in a future version. But for safety sake, this function requires that the original file be left untouched.

Function DECRYPTFILE()

Signature: DecryptFile(cEncryptedFile, cDestinationFile, cSecretKey[, nDecryptionType[, nDecryptionMode]])

Parameters:

cEncyptedFile - A plain text string that is the fullpath to the file you wish to be decrypted, such as "C:\EncryptedInfo.doc"

cDestinationFile - A plain text string that is the fullpath to a decrypted file you wish to have created on disk, such as "C:\SensitiveInfo.doc". If this file doesn't exist then it will be created for you.

nDecryptionMode - There are three different modes available for the each of the encryption types listed above. They include: Electronic Code Book (ECB), Cipher Block Chaining (CBC) and Cipher Feedback Block (CFB). This does not apply when using RC4 decryption (nDecryptionType = 1024).

   0 = ECB *Default
   1 = CBC
   2 = CFB

Return Value:

None

Remarks:

As with EncryptFile(), the cFiletoEncrypt and cDestinationFile parameters cannot point to the same file.

Function HASH()

Signature: Hash(cStringtoHash[, nHashType])

Parameters:

cStringtoHash - A plain text string you wish to have hashed

nHashType - The type of hash function to generate. There are currently 7 different hash functions supported

1 = SHA1 (a.k.a SHA160)
2 = SHA256
3 = SHA384
4 = SHA512 *Default
5 = MD5
6 = RIPEMD128
7 = RIPEMD256

Return Value:

Binary Character Data - the hash for cStringtoHash.

Remarks:

The hash is returned as a series of binary characters. However, it is more common to see hashes in a hexBinary format. This can be accomplished in Visual FoxPro by taking the return of the Hash() function and sending it in as a parameter to the STRCONV() function. For example:

?STRCONV(Hash("Some String"), 15) && hexBinary Hash

Function HASHFILE()

Signature: HashFile(cFileName[, nHashType])

Parameters:

cFileName - The fullpath and name of an existing file you wish to generate a message digest for

nHashType - The type of hash function to generate. There are currently 7 different hash functions supported

1 = SHA1 (a.k.a SHA160)
2 = SHA256
3 = SHA384
4 = SHA512 *Default
5 = MD5
6 = RIPEMD128
7 = RIPEMD256

Return Value:

Binary Character Data - the hash for cFileName.

Remarks:

The hash is returned as a series of binary characters. However, it is more common to see hashes in a hexBinary format. This can be accomplished in Visual FoxPro by taking the return of the HashFile() function and sending it in as a parameter to the STRCONV() function. For example:

?STRCONV(HashFile("C:\MyFile.txt"), 15) && hexBinary Hash