473,574 Members | 5,352 Online
Bytes | Software Development & Data Engineering Community
+ Post

Home Posts Topics Members FAQ

Converting AES Algorithm to work on strings

2 New Member
Moderator: Split off from https://bytes.com/topic/access/insig...m-vba-vbscript


I am desperately searching for a routine to AES encrypt a password that is submitted in an access form as a string and then I will use DAO to write it to a linked SQL table. I have tried over and over to convert the example you gave but am totally lost and its nowhere close to working. I have been looking for a solution for over a year. Any help would be greatly appreciated.
Jun 8 '18 #1
4 3056
NeoPa
32,564 Recognized Expert Moderator MVP
I don't have code for AES but there is some for the RC4 algorithm that Rabbit also posted (RC4 Encryption Algorithm for VBA and VBScript).
Jun 9 '18 #2
Rabbit
12,516 Recognized Expert Moderator MVP
Before you decide to encrypt a password, I would say that the standard practice with passwords is to store a hash.
Jun 10 '18 #3
YukonJJR
2 New Member
I am sorry, I am probably using the wrong terminology.

We currently have two databases that use SQL server as a backend. We have a web based front end that is very user 'Not Friendly'. We also have an Access front end that is connected to the same DB. The web based (.NET) stores passwords in the backend in the format, rnIsAJU2Gu80bH5 1pNrgovB+FiS8fd ONtu6n5FBwMKc= (this represents the user password - default123).

We are not trying to create Fort Knox. I simply want to make sure the real passwords are not visible anywhere if someone should happen to gain access to the tables. Typically other IT staff.

We want to be able to create the same passwords that would be generated in the web base front end through the Access front end so we can use the same passwords for both applications. We have tons more information that we collect on the Access end and it is far easier to create new users there with the exception of creating an encrypted pw. Currently the users have two passwords. One for the web front end that is encrypted and one for the Access front end that is not. I want to get rid of the non-encrypted Access password on only have one for both. I am told the web front end uses AES encryption and we have enough knowhow to get the 'encryption key' out of the .NET code. (Im sure I didn't use the right terminology, HASH, Key, etc.).

I simply want to convert the desired password such as the default123 to the example given and be able to store it in the same fashion the web front end is already doing. I will also convert the password entered at login and compare it to the stored value to allow or disallow access to the system.

I hope this is a better explanation of what I am trying to do. I have a pretty good grasp on basic VBA and can usually decipher what is going on in the code but I wasn't able to convert your example to something I could use. I actually got it to take a variable and return an encrypted string at the end but I still have no idea where the (key or HASH or whatever it is call should go).

All help is greatly appreciated!!
Jun 11 '18 #4
Rabbit
12,516 Recognized Expert Moderator MVP
Before you go the path of modifying the code to spit out a string, you should make sure you're both using the same version of the algorithm.

The code in the linked article is for the 256-bit version of AES in CBC or EBC mode. There is no salt/nonce/IV incorporated.

Security Disclaimer: Refrain from storing passwords, encrypted or not. It should be stored as a hash with a salt. If you must store a password in encrypted format, then you should use a salt.

Once you have confirmed that both of you are using the same version of the algorithm. Then to modify it to spit out a string, you will need to rewrite all references to files and file writing to work on string variables.

Also, it looks like the output from the web version is further encoded in Base-64. You will need to create your own version of that as that's not part of AES.
Jun 12 '18 #5

Sign in to post your reply or Sign up for a free account.

Similar topics

11
2928
by: Laurent Therond | last post by:
Maybe you have a minute to clarify the following matter... Consider: --- from cStringIO import StringIO def bencode_rec(x, b): t = type(x)
3
1244
by: pw | last post by:
Hello, How can I typecast a date generated from VARCHAR fields into a date field ie: UPDATE inventory SET date_field = vc_year||'-'||vc_month||'-'||vc_day;
7
4586
by: Paul K | last post by:
I'm writing a small component that needs to be as fast as possible. The component needs to convert a string to decimal during the course of it's processing. However, I need to test the string first to make sure it is numeric. Using the is keyword doesn't work (strings cannot be cast as decimal so false is always returned) and catching an...
113
12261
by: Bonj | last post by:
I was in need of an encryption algorithm to the following requirements: 1) Must be capable of encrypting strings to a byte array, and decyrpting back again to the same string 2) Must have the same algorithm work with strings that may or may not be unicode 3) Number of bytes back must either be <= number of _TCHARs in * sizeof(_TCHAR), or the...
2
1073
by: Bernie Yaeger | last post by:
I'm using the following function (I'm displaying the guts of it only) to convert a datatable to an excel spreadsheet: For Each mrow In dt.Rows rowindex += 1 colindex = 0 For Each col In dt.Columns colindex += 1 objws.Cells(rowindex, colindex) = mrow(col.ColumnName).ToString() Next
10
2940
by: robin | last post by:
hi, i'm doing some udp stuff and receive strings of the form '0.870000 0.250000 0.790000;\n' what i'd need though is a list of the form i got to the part to obtain a string '0.870000 0.250000 0.790000' but i can't find a way to convert this into a list. i tried eval() but this gives me the following error: Traceback (most recent call...
4
1548
by: fatboySudsy | last post by:
hi there, I have been struggling for a while with a client/server program. I have to authenticate in order to log on correctly. I have managed to get most things sorted, asking for username ( which is an integer ) and also and customer ID (also an int), storing them into an array and then sending the data over to my server. However when if I...
3
2388
by: nvx | last post by:
Hi, I'm looking for a simple way to convert a Double to a String exactly the .ToString() does, except these two differences: - the number of decimals is given (rounding is applied if necessary), and - trailing zeroes are kept. This means I need it to be converted using the scientific notation if the number is greater than a certain value...
4
1813
by: josha13 | last post by:
I am very new to C++ and I am trying to figure out how to convert a number to a string (even in the simplest case such as #include <iostream> #include <sstream> using namespace std; int main () { int a; a = 1; b = 2;
1
1406
by: harmanjeet | last post by:
hello friends, I want to read a Bitmap file in C language and produce the binary equivalent of it in the form of 0's and 1's. Can you please help me in writing a code for this. If you can spare some time please help me out.
0
7826
marktang
by: marktang | last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However, people are often confused as to whether an ONU can Work As a Router. In this blog post, we’ll explore What is ONU, What Is Router, ONU & Router’s main...
0
7741
by: Hystou | last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can effortlessly switch the default language on Windows 10 without reinstalling. I'll walk you through it. First, let's disable language...
0
8259
jinu1996
by: jinu1996 | last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven tapestry of website design and digital marketing. It's not merely about having a website; it's about crafting an immersive digital experience that...
1
7838
by: Hystou | last post by:
Overview: Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows Update option using the Control Panel or Settings app; it automatically checks for updates and installs any it finds, whether you like it or not. For...
0
8126
tracyyun
by: tracyyun | last post by:
Dear forum friends, With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each protocol has its own unique characteristics and advantages, but as a user who is planning to build a smart home system, I am a bit confused by the...
0
6491
agi2029
by: agi2029 | last post by:
Let's talk about the concept of autonomous AI software engineers and no-code agents. These AIs are designed to manage the entire lifecycle of a software development project—planning, coding, testing, and deployment—without human intervention. Imagine an AI that can take a project description, break it down, write the code, debug it, and then...
0
3763
by: TSSRALBI | last post by:
Hello I'm a network technician in training and I need your help. I am currently learning how to create and manage the different types of VPNs and I have a question about LAN-to-LAN VPNs. The last exercise I practiced was to create a LAN-to-LAN VPN between two Pfsense firewalls, by using IPSEC protocols. I succeeded, with both firewalls in...
0
3781
by: adsilva | last post by:
A Windows Forms form does not have the event Unload, like VB6. What one acts like?
1
2257
by: 6302768590 | last post by:
Hai team i want code for transfer the data from one system to another through IP address by using C# our system has to for every 5mins then we have to update the data what the data is updated we have to send another system

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.