473,320 Members | 2,080 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

Join Bytes to post your question to a community of 473,320 software developers and data experts.

How to "protect" a menu option with a password?

sueb
379 256MB
I'm planning to place a new function on my Switchboard, and I'd like this choice to require a password in order to get into it. What's the best way to do this? (Or, more accurately, any way to accomplish the goal of not having to create separate-but-almost-equal front end copies!)
Jan 18 '11 #1

✓ answered by ADezii

In line with what Rabbit stated in Post #4, here is some Code that will perform exactly as you requested:
Expand|Select|Wrap|Line Numbers
  1. Public Function fOpenForm()
  2. Dim strMsg As String
  3. Dim strResponse As String
  4. Const conPASSWORD As String = "ZeBrA"
  5.  
  6. strMsg = "A Password is required in order to Open the YaDa-YaDa Form." & _
  7.           vbCrLf & vbCrLf & "Enter the Password in the space provided below, " & _
  8.          "being advised that the Password is Case Sensitive."
  9.  
  10. strResponse = InputBox$(strMsg, "Password Prompt")
  11.  
  12. If strResponse = "" Then Exit Function      'Cancel or OK with no entry
  13.  
  14. 'Look for an 'exact match' to ZeBrA (Case Sensitive)
  15. If StrComp(conPASSWORD, strResponse, vbBinaryCompare) = 0 Then
  16.   'Open Form here
  17. Else
  18.   MsgBox "The Password you entered (" & strResponse & ") is not correct!", _
  19.           vbCritical, "Incorrect Password"
  20.             Err.Clear
  21. End If
  22. End Function
P.S. - You can definitely add another layer of Security in order to Protect your Code and Project, by:
  1. In any Code Window:
    1. Tools ==> 'Project Name' & Properties
    2. Protection Tab ==> Select lock project for viewing
    3. Enter Password and Confirm same
  2. DO NOT FORGET THE PASSWORD YOU USED TO LOCK YOUR CODE!
  3. Any questions, we are here.
  4. You can also download the Attachment to see how it all works.

26 3430
Rabbit
12,516 Expert Mod 8TB
Any way to do it would be to use an InputBox in the function to ask for a password and then comparing the input to the password. This is extremely insecure though. As anyone with some Access knowledge can just look in the code for the password or bypass it. Making the database an MDE or ACCDE would make it a lot more secure but anytime you store the password with the client is a security hole. You could, instead, compare password hashes.

Regardless of how much you protect this function, if they have access to the data directly, they can backwards engineer whatever your password protected function is doing.
Jan 18 '11 #2
sueb
379 256MB
I am blessed with users that are both cooperative and fairly unsophisticated. I just want to help guide them down the right path, and this new function is something that only a few of them need to worry about.

I just need some specifics on how I would add this kind of thing to a particular option in my Access Switchboard.
Jan 18 '11 #3
Rabbit
12,516 Expert Mod 8TB
You wouldn't put it in the switchboard per se. You would put it in the function that the switchboard is calling.
Jan 18 '11 #4
ADezii
8,834 Expert 8TB
In line with what Rabbit stated in Post #4, here is some Code that will perform exactly as you requested:
Expand|Select|Wrap|Line Numbers
  1. Public Function fOpenForm()
  2. Dim strMsg As String
  3. Dim strResponse As String
  4. Const conPASSWORD As String = "ZeBrA"
  5.  
  6. strMsg = "A Password is required in order to Open the YaDa-YaDa Form." & _
  7.           vbCrLf & vbCrLf & "Enter the Password in the space provided below, " & _
  8.          "being advised that the Password is Case Sensitive."
  9.  
  10. strResponse = InputBox$(strMsg, "Password Prompt")
  11.  
  12. If strResponse = "" Then Exit Function      'Cancel or OK with no entry
  13.  
  14. 'Look for an 'exact match' to ZeBrA (Case Sensitive)
  15. If StrComp(conPASSWORD, strResponse, vbBinaryCompare) = 0 Then
  16.   'Open Form here
  17. Else
  18.   MsgBox "The Password you entered (" & strResponse & ") is not correct!", _
  19.           vbCritical, "Incorrect Password"
  20.             Err.Clear
  21. End If
  22. End Function
P.S. - You can definitely add another layer of Security in order to Protect your Code and Project, by:
  1. In any Code Window:
    1. Tools ==> 'Project Name' & Properties
    2. Protection Tab ==> Select lock project for viewing
    3. Enter Password and Confirm same
  2. DO NOT FORGET THE PASSWORD YOU USED TO LOCK YOUR CODE!
  3. Any questions, we are here.
  4. You can also download the Attachment to see how it all works.
Attached Files
File Type: zip Password.zip (29.1 KB, 161 views)
Jan 18 '11 #5
sueb
379 256MB
As always, ADezii, your answer is beautifully complete and clear--thanks!

(in fact, I'm tempted to call the new function the "ADezii YaDa-YaDa Module". it has a certain ring.)
Jan 19 '11 #6
ADezii
8,834 Expert 8TB
(in fact, I'm tempted to call the new function the "ADezii YaDa-YaDa Module". it has a certain ring.)
It does have a certain ring, that YaDa-YaDa! (LOL).

BTW, how did you make out with Locking your Code? Personally, I find it a very useful tool, and no one, to the best of my knowledge, has ever gotten to any Code and modified it.
Jan 19 '11 #7
Rabbit
12,516 Expert Mod 8TB
Locking the code will prevent easy editing of the code but I am still able to open the database in notepad and find the password that way. Should use a hash instead if that's a concern.
Jan 19 '11 #8
sueb
379 256MB
ADezii, I haven't put in the code-locking password yet, but I was wondering: if I expand this function at all, I'm going to want it to have its own little switchboard. I'm going to post a separate question: "How do I call a switchboard from within a code module?"
Jan 19 '11 #9
ADezii
8,834 Expert 8TB
Your advice is, of course, the optimal solution. I was simply going by what the OP stated in Post #3, namely:
I am blessed with users that are both cooperative and fairly unsophisticated. I just want to help guide them down the right path, and this new function is something that only a few of them need to worry about.
  1. As far as viewing the DB by External Editors, couldn't the Database be Encrypted if that is a concern?
  2. Can you kindly demonstrate the use of the 'Hash' Technique for Password Security. I would be interested in seeing it, as I'm sure sueb would also. Thanks.
Jan 19 '11 #10
sueb
379 256MB
Yes, I, too, would like to see the higher security solution. It's not inconceivable that in the future my database may have a wider (and less reliable) user base.
Jan 19 '11 #11
Rabbit
12,516 Expert Mod 8TB
Yes, you could encrypt it. Or you could create a compiled version of the database by converting it to an MDE or ACCDE depending on what version of Access you have.

There are many hashing algorithms but I will show you the SHA2 256-bit algorithm as I have that handy. It takes a string, hashes it, and returns the result as a 32 item array containing the hashed value. This code was written for VBScript but is probably directly translatable into VBA.
Expand|Select|Wrap|Line Numbers
  1. Function SHA(ByVal sMessage)
  2.     Dim i, result(32), temp(8), fraccubeprimes, hashValues
  3.     Dim done512, index512, words(64), index32, mask(4)
  4.     Dim s0, s1, t1, t2, maj, ch
  5.  
  6.     mask(0) = 4294967296
  7.     mask(1) = 16777216
  8.     mask(2) = 65536
  9.     mask(3) = 256
  10.  
  11.     hashValues = Array( _
  12.         1779033703, 3144134277, 1013904242, 2773480762, _
  13.         1359893119, 2600822924, 528734635, 1541459225)
  14.  
  15.     fraccubeprimes = Array( _
  16.         1116352408, 1899447441, 3049323471, 3921009573, 961987163, 1508970993, 2453635748, 2870763221, _
  17.         3624381080, 310598401, 607225278, 1426881987, 1925078388, 2162078206, 2614888103, 3248222580, _
  18.         3835390401, 4022224774, 264347078, 604807628, 770255983, 1249150122, 1555081692, 1996064986, _
  19.         2554220882, 2821834349, 2952996808, 3210313671, 3336571891, 3584528711, 113926993, 338241895, _
  20.         666307205, 773529912, 1294757372, 1396182291, 1695183700, 1986661051, 2177026350, 2456956037, _
  21.         2730485921, 2820302411, 3259730800, 3345764771, 3516065817, 3600352804, 4094571909, 275423344, _
  22.         430227734, 506948616, 659060556, 883997877, 958139571, 1322822218, 1537002063, 1747873779, _
  23.         1955562222, 2024104815, 2227730452, 2361852424, 2428436474, 2756734187, 3204031479, 3329325298)
  24.  
  25.     sMessage = sMessage & Chr(128)
  26.     done512 = False
  27.     index512 = 0
  28.  
  29.     If (Len(sMessage) Mod 64) <> 0 Then
  30.         For i = (Len(sMessage) Mod 64) To 63
  31.             sMessage = sMessage & Chr(0)
  32.         Next
  33.     End If
  34.  
  35.     Do Until done512
  36.         For i = 0 To 15
  37.             words(i) = CDbl( "&h" & _
  38.                 Right("0" & Hex(Asc(Mid(sMessage, i*4 + 1, 1))), 2) & _
  39.                 Right("0" & Hex(Asc(Mid(sMessage, i*4 + 2, 1))), 2) & _
  40.                 Right("0" & Hex(Asc(Mid(sMessage, i*4 + 3, 1))), 2) & _
  41.                 Right("0" & Hex(Asc(Mid(sMessage, i*4 + 4, 1))), 2))
  42.         Next
  43.  
  44.         For i = 16 To 63
  45.             s0 = largeXor(largeXor(rightRotate(words(i-15), 7, 32), rightRotate(words(i-15), 18, 32), 32), Int(words(i-15) / 8), 32)
  46.             s1 = largeXor(largeXor(rightRotate(words(i-2), 17, 32), rightRotate(words(i-2), 19, 32), 32), Int(words(i-2) / 1024), 32)
  47.             words(i) = words(i-16) + s0 + words(i-7) + s1
  48.         Next
  49.  
  50.         For i = 0 To 7
  51.             temp(i) = hashValues(i)
  52.         Next
  53.  
  54.         For i = 0 To 63
  55.             s0 = largeXor(largeXor(rightRotate(temp(0), 2, 32), rightRotate(temp(0), 13, 32), 32), rightRotate(temp(0), 22, 32), 32)
  56.             maj = largeXor(largeXor(largeAnd(temp(0), temp(1), 32), largeAnd(temp(0), temp(2), 32), 32), largeAnd(temp(1), temp(2), 32), 32)
  57.             t2 = s0 + maj
  58.             s1 = largeXor(largeXor(rightRotate(temp(4), 6, 32), rightRotate(temp(4), 11, 32), 32), rightRotate(temp(4), 25, 32), 32)
  59.             ch = largeXor(largeAnd(temp(4), temp(5), 32), largeAnd(largeNot(temp(4), 32), temp(6), 32), 32)
  60.             t1 = temp(7) + s1 + ch + fraccubeprimes(i) + words(i)
  61.  
  62.             temp(7) = temp(6)
  63.             temp(6) = temp(5)
  64.             temp(5) = temp(4)
  65.             temp(4) = temp(3) + t1
  66.             temp(3) = temp(2)
  67.             temp(2) = temp(1)
  68.             temp(1) = temp(0)
  69.             temp(0) = t1 + t2
  70.         Next
  71.  
  72.         For i = 0 To 7
  73.             hashValues(i) = Int(((hashValues(i) + temp(i)) / 4294967295 - Int((hashValues(i) + temp(i)) / 4294967295)) * 4294967295)
  74.         Next
  75.  
  76.         If (index512 + 1) * 64 >= Len(sMessage) Then done512 = True
  77.         index512 = index512 + 1
  78.     Loop
  79.  
  80.     For i = 0 To 31
  81.         result(i) = Int((hashValues(i\4) / mask(i Mod 4) - Int(hashValues(i\4) / mask(i Mod 4))) * 256)
  82.     Next
  83.  
  84.     SHA = result
  85. End Function
For this to work, it has to use 32-bit unsigned integers but seeing as how that is not available as a datatype in VBA, we have to use doubles instead. However, the XOR, AND, and NOT operators will overflow when using doubles. In addition to that, there is no bit shift operators or functions in VBA. So I had to create those.
Expand|Select|Wrap|Line Numbers
  1. Function rightRotate(value, amount, totalBits)
  2.     'To leftRotate, make amount = totalBits - amount
  3.     Dim i
  4.     rightRotate = 0
  5.  
  6.     For i = 0 To (totalBits - 1)
  7.         If i >= amount Then
  8.             rightRotate = rightRotate + (int((value / (2 ^ (i + 1)) - int(value / (2 ^ (i + 1)))) * 2)) * 2 ^ (i - amount)
  9.         Else
  10.             rightRotate = rightRotate + (int((value / (2 ^ (i + 1)) - int(value / (2 ^ (i + 1)))) * 2)) * 2 ^ (totalBits - amount + i)
  11.         End If
  12.     Next
  13. End Function
  14.  
  15. Function largeXor(value, xorValue, totalBits)
  16.     Dim i, a, b
  17.     largeXor = 0
  18.  
  19.     For i = 0 To (totalBits - 1)
  20.         a = (int((value / (2 ^ (i + 1)) - int(value / (2 ^ (i + 1)))) * 2))
  21.         b = (int((xorValue / (2 ^ (i + 1)) - int(xorValue / (2 ^ (i + 1)))) * 2))
  22.         If a <> b Then
  23.             largeXor = largeXor + 2 ^ i
  24.         End If
  25.     Next
  26. End Function
  27.  
  28. Function largeNot(value, totalBits)
  29.     Dim i, a
  30.     largeNot = 0
  31.  
  32.     For i = 0 To (totalBits - 1)
  33.         a = int((value / (2 ^ (i + 1)) - int(value / (2 ^ (i + 1)))) * 2)
  34.         If a = 0 Then
  35.             largeNot = largeNot + 2 ^ i
  36.         End If
  37.     Next
  38. End Function
  39.  
  40. Function largeAnd(value, andValue, totalBits)
  41.     Dim i, a, b
  42.     largeAnd = 0
  43.  
  44.     For i = 0 To (totalBits - 1)
  45.         a = int((value / (2 ^ (i + 1)) - int(value / (2 ^ (i + 1)))) * 2)
  46.         b = (int((andValue / (2 ^ (i + 1)) - int(andValue / (2 ^ (i + 1)))) * 2))
  47.         If a = 1 And b = 1 Then
  48.             largeAnd = largeAnd + 2 ^ i
  49.         End If
  50.     Next
  51. End Function
So instead of coding in a password. What you do is precalculate the hash of the password. When they enter in the password, you hash their input and compare it to the hash that you have stored. This way, even if they know what the result of the hash is, they do not know the original password that created the hash. It would be infeasible for them to calculate a password that would result in the same hash.
Jan 19 '11 #12
ADezii
8,834 Expert 8TB
  1. Thanks Rabbit. I really haven't had time to take a long look at the Code, bot something immediately pops right up and stares at me. Why are all 23 Variables in the 3 Functions implicitly Declared as Variants? I can understand hashValues and fraccubesprimes since they are used in conjunction with Array(). Just seems very strange.
  2. Does this take into account Case-Sensitivity?
  3. What is the typical mechanism for storing the pre-calculated Hash Value?
Jan 19 '11 #13
Rabbit
12,516 Expert Mod 8TB
1) Everything is implicitly a variant because this was written for VBScript and everything is a variant in VBScript. You can not define the type when declaring a variable.

2) Yes, this is case sensitive because it is using the ASCII numeric value in the calculations.

3) Normally you just store the hash "as is." Now, when it is done like this, it is insecure because someone can just change the hash value being compared to a hash they themselves calculate. However, when you lock the code in a project, any attempt to change it using outside editors will lock up the entire database. Access must use it's own hash check using the modified date attribute of the file, otherwise it would not be able to know that it was modified outside of the database. Because of this, they can see the hash value, but they can not change it and they can not feasibly calculate the password used to generate the hash.

On a side note, this is how linux based utilities reset Windows passwords. They overwrite the hash value that is stored with the user account. If security is an issue, what you should do is encrypt all the files of that user using the password. That way, even if they overwrite the hash and log in as that user, they can not view the files because they don't have the password to decrypt the data.

Hashes are often used in internet communication to authenticate messages. The sender will hash the original data and send it along with the encrypted data. The receiver will then decrypt the data and recalculate the hash from the unencrypted data. If the hashes match, then he is assured that the data was received as intended. If you were to send just the encrypted data, someone could conceivably intercept the message, flip a bit in the message, and pass it along. The receiver would never know the message was changed.

EDIT: I just realized encrypting the database doesn't work because you would have to give the user the password to decrypt it if they are going to use the database. And if they had that, they can resave the database as an unencrypted version and find the password using an outside editor. You would have to use a compiled version. Or you would have to lock the code and compare hashes. Or both.
Jan 19 '11 #14
ADezii
8,834 Expert 8TB
Thanks Rabbit for a Crash Course on 'Hashing'.
Jan 20 '11 #15
Rabbit
12,516 Expert Mod 8TB
No problem. If you're seeing the SHA2 algorithm for the first time, it's probably confusing as to what it's doing. But here's an extremely simple hash algorithm so you can see the essence of a hash.

Expand|Select|Wrap|Line Numbers
  1. Function SimpleHash(strMessage As String) As Byte
  2.      Dim i As Integer
  3.  
  4.      SimpleHash = 0
  5.      For i = 1 To Len(strMessage)
  6.           SimpleHash = SimpleHash Xor Asc(Mid(strMessage, i, 1))
  7.      Next
  8. End Function
This is an 8-bit hash. In essence, what a hash algorithm does is take data of any length and does mathematical transformations on it and returns a fixed length result. A change to the original data will result in a different hash of the same length. This is basically what the SHA2 algorithm does except it's a longer length and uses much more complex mathematical transformations.
Jan 20 '11 #16
ADezii
8,834 Expert 8TB
Hello Rabbit. I was tinkering with your very interesting SHA() Function and found that it generates a Type Mismatch Error on the last line of the Function where it is assigned its Value, namely:
Expand|Select|Wrap|Line Numbers
  1. SHA = result
In the Declarations, result(32) is a Variant Array consisting of 32 Elements numbered 0 thru 31. If you assign the return Value of the Function equal to any Element of the result() Array, it will return the proper Value, as in:
Expand|Select|Wrap|Line Numbers
  1. SHA = result(7)
  2. SHA = result(22)
  3. SHA = result(19)
I would like to add this Functionality to my Code DB, but have to get through this hurdle. I am probably missing something very simple, but for now just can't figure out what the problem is. Any ideas?
Jan 20 '11 #17
Rabbit
12,516 Expert Mod 8TB
Probably has something to do with the conversion from VBScript to VBA. I'll port it and take a look.
Jan 20 '11 #18
ADezii
8,834 Expert 8TB
Prior to the Function terminating, result() is populated with 32 1-Byte Values as indicated in the Code below and the Sample Output. It would appear to me that some kind of Operation would have to be performed on these Byte Values, and the result assigned to the Function. Puzzling...
Expand|Select|Wrap|Line Numbers
  1. For i = 0 To 31 
  2.         result(i) = Int((hashValues(i\4) / mask(i Mod 4) - Int(hashValues(i\4) / mask(i Mod 4))) * 256) 
  3.     Next 
  4.  
  5.     SHA = result 
Expand|Select|Wrap|Line Numbers
  1. 85 
  2. 119 
  3. 251 
  4. 236 
  5. 125 
  6. 254 
  7. 150 
  8. 150 
  9. 247 
  10. 183 
  11. 191 
  12. 103 
  13. 251 
  14. 242 
  15. 186 
  16. 246 
  17. 191 
  18. 93 
  19. 122 
  20. 72 
  21. 126 
  22. 166 
  23. 149 
  24. 67 
  25. 201 
  26. 176 
  27. 29 
  28. 103 
  29. 103 
  30. 26 
  31. 221 
Jan 20 '11 #19
Rabbit
12,516 Expert Mod 8TB
Odd, the code worked for me without me having to change anything. What version of Access are you using? I'm using Access 2007.

Normally, the final step before it is displayed to the user is to convert the bytes to a hexadecimal format. So that what the user sees is along the lines of
0C 70 58 FA 4C 79 89 18 21 84 BE 45 9D 9A EB F4 11 B8 26 D4 6E 34 67 69 60 F4 C2 21 5E D5 ED F8

But when it is being used behind the scenes, where the user does not need to see the actual hash, there is no need for the extra conversion step.

The reason Hexadecimal is used for display instead of characters is because hashes don't always result in printable characters.
Jan 20 '11 #20
ADezii
8,834 Expert 8TB
What version of Access are you using? I'm using Access 2007.
Access 2003
the final step before it is displayed to the user is to convert the bytes to a hexadecimal format.
Now I am really confused!(LOL). If I converted the 32 1-Byte Values in result(), concatenated them with a Space Delimiter, then assigned this String to the return Value of SHA(), would this represent a True Hash Value, as depicted below?
Expand|Select|Wrap|Line Numbers
  1. 'Code intentionally omitted
  2. For i = 0 To 31
  3.         result(i) = Int((hashValues(i \ 4) / mask(i Mod 4) - Int(hashValues(i \ 4) / mask(i Mod 4))) * 256)
  4.         'Debug.Print result(i)
  5.     Next
  6.  
  7.     Dim bytCtr As Byte
  8.     Dim strBuild As String
  9.  
  10.     For bytCtr = 0 To 31
  11.       strBuild = strBuild & Hex$(result(bytCtr)) & " "
  12.     Next
  13.  
  14.     'SHA = result
  15.      SHA = Trim(strBuild)
  16. 'Code intentionally omitted
  17.  
Debug.Print SHA("Help") produces
Expand|Select|Wrap|Line Numbers
  1. CF 36 68 6E 8B 8C 2D 56 BD F0 A5 38 A5 57 81 D4 FC E0 1B 99 5C 49 6B 7F 37 7F 69 C3 F1 12 23 5B
P.S. - I still cannot see how you are getting valid Results in any Version of Access, since you are attempting to assign the return Value of SHA() to an Array of 1-Byte Values. I know I said this before, but Puzzling... If you figure this out, kindly let me know. Thanks Rabbit.
Jan 20 '11 #21
Rabbit
12,516 Expert Mod 8TB
I attached a test database. You wouldn't change what the SHA function returns. However, you may format what the function returns differently depending on what you're doing. If I was going to display it, I would take the returned array and loop through and do the conversion at that point. But if I was going to store it, I would loop through and write the values as binary into a file.

As far as what constitutes a "true" hash value. As long as how it's represented can be converted back into it's numerical representation is fine.

It doesn't matter if I want to show the value 42 as the hexadecimal 2A, binary 00101010, or the character !. They are all equivalent.
Attached Files
File Type: zip SHATest.zip (33.4 KB, 131 views)
Jan 20 '11 #22
ADezii
8,834 Expert 8TB
@Rabbit - Thanks for sharing your expertise and for being so patient in this matter. It is greatly appreciated. I actually created a simple GUI for generating both 8 and 32 Bit Hash Values that I will share with you. In actual implementations, I would probably store the Hash Values as a Space Delimited, Hex String, in the System Registry, but I'm really not sure on this. Thanks again, it was truly a learning experience. Now, I only have to hope that NeoPa does not holler at me for getting Off-Topic! (LOL).
Attached Files
File Type: zip Hash.zip (39.6 KB, 127 views)
Jan 20 '11 #23
Rabbit
12,516 Expert Mod 8TB
I don't know that I would ever use an 8-bit hash lol. It was more for demonstration. An 8-bit hash is too easy to break. Also, the SHA2 algorithm I posted is a 256-bit hash, not a 32-bit.

I got around to validating my output and it turns out that my code was a little off. Here's the corrected version. I validated the output against official SHA2 hashes. It's just a couple of changes. I forgot to do a 2^32 mod when I was adding numbers and I forgot to append the message size to the end of the message.

Expand|Select|Wrap|Line Numbers
  1. Function SHA(ByVal sMessage)
  2.     Dim i, result(32), temp(8) As Double, fraccubeprimes, hashValues
  3.     Dim done512, index512, words(64) As Double, index32, mask(4)
  4.     Dim s0, s1, t1, t2, maj, ch, strLen
  5.  
  6.     mask(0) = 4294967296#
  7.     mask(1) = 16777216
  8.     mask(2) = 65536
  9.     mask(3) = 256
  10.  
  11.     hashValues = Array( _
  12.         1779033703, 3144134277#, 1013904242, 2773480762#, _
  13.         1359893119, 2600822924#, 528734635, 1541459225)
  14.  
  15.     fraccubeprimes = Array( _
  16.         1116352408, 1899447441, 3049323471#, 3921009573#, 961987163, 1508970993, 2453635748#, 2870763221#, _
  17.         3624381080#, 310598401, 607225278, 1426881987, 1925078388, 2162078206#, 2614888103#, 3248222580#, _
  18.         3835390401#, 4022224774#, 264347078, 604807628, 770255983, 1249150122, 1555081692, 1996064986, _
  19.         2554220882#, 2821834349#, 2952996808#, 3210313671#, 3336571891#, 3584528711#, 113926993, 338241895, _
  20.         666307205, 773529912, 1294757372, 1396182291, 1695183700, 1986661051, 2177026350#, 2456956037#, _
  21.         2730485921#, 2820302411#, 3259730800#, 3345764771#, 3516065817#, 3600352804#, 4094571909#, 275423344, _
  22.         430227734, 506948616, 659060556, 883997877, 958139571, 1322822218, 1537002063, 1747873779, _
  23.         1955562222, 2024104815, 2227730452#, 2361852424#, 2428436474#, 2756734187#, 3204031479#, 3329325298#)
  24.  
  25.     sMessage = Nz(sMessage, "")
  26.     strLen = Len(sMessage) * 8
  27.     sMessage = sMessage & Chr(128)
  28.     done512 = False
  29.     index512 = 0
  30.  
  31.     If (Len(sMessage) Mod 60) <> 0 Then
  32.         For i = (Len(sMessage) Mod 60) To 59
  33.             sMessage = sMessage & Chr(0)
  34.         Next
  35.     End If
  36.  
  37.     sMessage = sMessage & Chr(Int((strLen / mask(0) - Int(strLen / mask(0))) * 256))
  38.     sMessage = sMessage & Chr(Int((strLen / mask(1) - Int(strLen / mask(1))) * 256))
  39.     sMessage = sMessage & Chr(Int((strLen / mask(2) - Int(strLen / mask(2))) * 256))
  40.     sMessage = sMessage & Chr(Int((strLen / mask(3) - Int(strLen / mask(3))) * 256))
  41.  
  42.     Do Until done512
  43.         For i = 0 To 15
  44.             words(i) = Asc(Mid(sMessage, i * 4 + 1, 1)) * mask(1) + Asc(Mid(sMessage, i * 4 + 2, 1)) * mask(2) + Asc(Mid(sMessage, i * 4 + 3, 1)) * mask(3) + Asc(Mid(sMessage, i * 4 + 4, 1))
  45.         Next
  46.  
  47.         For i = 16 To 63
  48.             s0 = largeXor(largeXor(rightRotate(words(i - 15), 7, 32), rightRotate(words(i - 15), 18, 32), 32), Int(words(i - 15) / 8), 32)
  49.             s1 = largeXor(largeXor(rightRotate(words(i - 2), 17, 32), rightRotate(words(i - 2), 19, 32), 32), Int(words(i - 2) / 1024), 32)
  50.             words(i) = Mod32Bit(words(i - 16) + s0 + words(i - 7) + s1)
  51.         Next
  52.  
  53.         For i = 0 To 7
  54.             temp(i) = hashValues(i)
  55.         Next
  56.  
  57.         For i = 0 To 63
  58.             s0 = largeXor(largeXor(rightRotate(temp(0), 2, 32), rightRotate(temp(0), 13, 32), 32), rightRotate(temp(0), 22, 32), 32)
  59.             maj = largeXor(largeXor(largeAnd(temp(0), temp(1), 32), largeAnd(temp(0), temp(2), 32), 32), largeAnd(temp(1), temp(2), 32), 32)
  60.             t2 = Mod32Bit(s0 + maj)
  61.             s1 = largeXor(largeXor(rightRotate(temp(4), 6, 32), rightRotate(temp(4), 11, 32), 32), rightRotate(temp(4), 25, 32), 32)
  62.             ch = largeXor(largeAnd(temp(4), temp(5), 32), largeAnd(largeNot(temp(4), 32), temp(6), 32), 32)
  63.             t1 = Mod32Bit(temp(7) + s1 + ch + fraccubeprimes(i) + words(i))
  64.  
  65.             temp(7) = temp(6)
  66.             temp(6) = temp(5)
  67.             temp(5) = temp(4)
  68.             temp(4) = Mod32Bit(temp(3) + t1)
  69.             temp(3) = temp(2)
  70.             temp(2) = temp(1)
  71.             temp(1) = temp(0)
  72.             temp(0) = Mod32Bit(t1 + t2)
  73.         Next
  74.  
  75.         For i = 0 To 7
  76.             hashValues(i) = Mod32Bit(hashValues(i) + temp(i))
  77.         Next
  78.  
  79.         If (index512 + 1) * 64 >= Len(sMessage) Then done512 = True
  80.         index512 = index512 + 1
  81.     Loop
  82.  
  83.     For i = 0 To 31
  84.         result(i) = Int((hashValues(i \ 4) / mask(i Mod 4) - Int(hashValues(i \ 4) / mask(i Mod 4))) * 256)
  85.     Next
  86.  
  87.     SHA = result
  88. End Function
And there is one additional supporting function.
Expand|Select|Wrap|Line Numbers
  1. Function Mod32Bit(value)
  2.     Mod32Bit = Int((value / 4294967296# - Int(value / 4294967296#)) * 4294967296#)
  3. End Function
Jan 20 '11 #24
ADezii
8,834 Expert 8TB
Also, the SHA2 algorithm I posted is a 256-bit hash, not a 32-bit.
My head was thinking 32 Bytes (256 Bits), but my fingers typed 32 Bits, dangerous mistake! (LOL). Thanks for setting me straight.
Jan 20 '11 #25
Rabbit
12,516 Expert Mod 8TB
Are we off topic? It's all in line with passwords isn't it? lol
Jan 20 '11 #26
sueb
379 256MB
If the opinion of the OP counts at all, I don't think it's off-topic! I've been following the discussion with real interest.
Jan 20 '11 #27

Sign in to post your reply or Sign up for a free account.

Similar topics

6
by: Al Dykes | last post by:
I've just grabbed a PHP book and can deal with the syntax and now I need to decide to learn specific packages and features. Define "framework". What are the major framework flavors ? Under...
5
by: Jeremy Langworthy | last post by:
Hi I have two "totals" inputs whose values are dynamically calculated. For obvious reasons I don't want users to be able to edit the information in these. However, I do want this total passed to...
99
by: Jim Hubbard | last post by:
It seems that Microsoft not only does not need the classic Visual Basic developer army (the largest army of developers the world has ever seen), but now they don't need ANY Windows developer at a...
5
by: John Oliver | last post by:
I'd like the email produced by FormMail to show a specific From: address rather than postmaster@server.host.name Googling isn't helping me... not sure what to look for :-( -- * John Oliver ...
34
by: John Harrison | last post by:
An odd confession; an odd request; but here's the tale.... My company has a few PC systems which we have used for about 7 years and not updated - we've "made do", and besides, "if it ain't...
5
by: Paul Sullivan | last post by:
We are a state agency that views protected medical information via our intranet. The screens even have privacy shields. Alarmingly, uses can "Print" and "Save As" which destroys the protection of...
6
by: Tom Kaminski [MVP] | last post by:
I can do this in ASP, but not sure how to handle in ASP.NET: How To Use the ADODB.Stream Object to Send Binary Files to the Browser through ASP http://support.microsoft.com/?kbid=276488 Do I...
7
by: Randy | last post by:
I hope somebody can make a hero out of me before tomorrow! Let's say I have a web page with a couple of textboxes, checkboxes, radio buttons, etc. User fills in some data, clicks submit, and off it...
94
by: Samuel R. Neff | last post by:
When is it appropriate to use "volatile" keyword? The docs simply state: " The volatile modifier is usually used for a field that is accessed by multiple threads without using the lock...
0
by: ryjfgjl | last post by:
ExcelToDatabase: batch import excel into database automatically...
0
by: Vimpel783 | last post by:
Hello! Guys, I found this code on the Internet, but I need to modify it a little. It works well, the problem is this: Data is sent from only one cell, in this case B5, but it is necessary that data...
0
by: jfyes | last post by:
As a hardware engineer, after seeing that CEIWEI recently released a new tool for Modbus RTU Over TCP/UDP filtering and monitoring, I actively went to its official website to take a look. It turned...
1
by: CloudSolutions | last post by:
Introduction: For many beginners and individual users, requiring a credit card and email registration may pose a barrier when starting to use cloud servers. However, some cloud server providers now...
1
by: Defcon1945 | last post by:
I'm trying to learn Python using Pycharm but import shutil doesn't work
1
by: Shællîpôpï 09 | last post by:
If u are using a keypad phone, how do u turn on JavaScript, to access features like WhatsApp, Facebook, Instagram....
0
by: af34tf | last post by:
Hi Guys, I have a domain whose name is BytesLimited.com, and I want to sell it. Does anyone know about platforms that allow me to list my domain in auction for free. Thank you
0
by: Faith0G | last post by:
I am starting a new it consulting business and it's been a while since I setup a new website. Is wordpress still the best web based software for hosting a 5 page website? The webpages will be...
0
isladogs
by: isladogs | last post by:
The next Access Europe User Group meeting will be on Wednesday 3 Apr 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM). In this session, we are pleased to welcome former...

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.