RSA Public/Private Key Encryption in VFP 9.0  
Author Message
gigadude





PostPosted: Visual FoxPro General, RSA Public/Private Key Encryption in VFP 9.0 Top

Hi,
I need to be able to decrypt data pulled from a MySQL table encrypted with RSA public/private key encryption within a FoxPro application.  I am currently using the FoxPro Foundation Class known as _cryptapi as a wrapper to the CryptoAPI interface.  The problem I'm having is that I can't seem to figure out how to decrypt a RSA encrypted string of data.  I know that the _cryptapi class provided by Microsoft uses the Microsoft Base Cryptographic Service Provider which in itself uses RSA public key encryption algorithms, but for some reason I am having the hardest time finding the methods that support this in the _cryptapi foundation class.  I have found methods for symmetric block and stream ciphers but that isn't what i want. The documentation clearly states that RSA public key encryption and decryption can be done with this Foxpro Foundation Class.  If anyone has any insight on how to accomplish this, it would be greatly appreciated.

Thanks



Visual FoxPro2  
 
 
Mark.OSVATH





PostPosted: Visual FoxPro General, RSA Public/Private Key Encryption in VFP 9.0 Top

Did you know this article: http://doc.advisor.com/Articles.nsf/nl/12579


 
 
gigadude





PostPosted: Visual FoxPro General, RSA Public/Private Key Encryption in VFP 9.0 Top

That article is completely useless.  Obviously you didn't read what i wrote in the previous paragraph.


 
 
Alex Feldstein





PostPosted: Visual FoxPro General, RSA Public/Private Key Encryption in VFP 9.0 Top

Altough it is supposed to work with Public keys I was unsuccessful in my limited tries. I use the Windows Crypo API with Private Encryption as I have no need for public.

Unfortunately Microsoft kind of relegated the Win CryptoAPI (the Fox _crypt.vcx is just a wrapper to it), to the back burner. They do not plan to update or do much with it as it has been replaced and superseded by the cryptography classes in .NET

If you really need public key support you may be better served by subclassing the .NET classes into a COM object that you can tap into. or looking into a third party COM solution. If you can live with private keys, WinCrypt may work for you if you can jump over the hurdles of using different versions of Windows to Encrypt/Decrypt (but that's another story).

Sorry I cannot be of more help, as I have not done Public Key Encryption with it myself.


 
 
AndyKr





PostPosted: Visual FoxPro General, RSA Public/Private Key Encryption in VFP 9.0 Top

>> That article is completely useless.  Obviously you didn't read what i wrote in the previous paragraph

Please remember that everyone here is a volunteer and gives their time and knowledge freely to help others.

If you don't like the answers you get, then please feel free to go elsewhere for them but there's no call to be rude to someone who was only trying to help.



 
 
Rob Hershfield





PostPosted: Visual FoxPro General, RSA Public/Private Key Encryption in VFP 9.0 Top

Hi,

 

I'm experiencing a problem with _crypt.vcx where decryption sometimes fails on certain computers but not others.  Has anyone run into this and developed a solution

 

Thanks,

 

Rob



 
 
Alex Feldstein





PostPosted: Visual FoxPro General, RSA Public/Private Key Encryption in VFP 9.0 Top

Rob,

In my previous message I mentioned problems with encrypt/decrypt using Win CryptoAPI and said that was another story. This is it!

Due to the relaxing of US export restrictions, some time ago Microsoft changed the default algorithm from 40Bits to 128Bits. This way, unless you take action, an encryption done in one OS (say WinXP) does not work properly (decryption) in another OS (Windows 2000).

See details at:

http://fox.wikis.com/wc.dll Wiki~CryptoAPI

You might be better served by an alternative by Craig Boyd [MVP]:

http://www.sweetpotatosoftware.com/SPSBlog/PermaLink,guid,db662a8f-d47c-46c8-b0d2-a591c20d024b.aspx


 
 
Rob Hershfield





PostPosted: Visual FoxPro General, RSA Public/Private Key Encryption in VFP 9.0 Top

Alex,

Thanks for the quick and informative reply.  I actually encrypted the data myself on WinXP Pro using FoxPro 8 and rsaenh.dll and the decryption fails also on some (not all) WinXP Pro computers that also use FoxPro 8 and rsaenh,dll (save version dll too).

One thing that may be relevant is the computers had Fox 7 installed and then Fox 8 upgrade, so both versions are resident.

Does that sound symtomatic of the same 40 vs 128 bit issue

Thanks!

Rob



 
 
Rob Hershfield





PostPosted: Visual FoxPro General, RSA Public/Private Key Encryption in VFP 9.0 Top

I forgot to ask whether we can solve the problem by just ensuring all computers running the affected software have the same configuration - like the same version of some file(s).  Since they are all in-house computers our IT guys can control the config.

Thx,

Rob



 
 
Alex Feldstein





PostPosted: Visual FoxPro General, RSA Public/Private Key Encryption in VFP 9.0 Top

Rob,

Unfortunately I cannot give you a definite answer to your question. It technically should work if using same S and same version of rsaenh.dll

Having VFP7 or VFP8 should not make a difference as _crypt.vcx is just a wrapper to Win CryptoAPI.

I cannot explain why in some WinXP it works and not in some others as you say, all things being equal. MS has dropped development on CryptoAPI in favor of .Net crypto spaces.

I would consider changing the routines in VFP to Craig Boyd's FLL as mentioned above or else to another 3rd party solution for less headaches.


 
 
Rob Hershfield





PostPosted: Visual FoxPro General, RSA Public/Private Key Encryption in VFP 9.0 Top

Thanks - I'll try Craig's code.

Rob



 
 
Alex Feldstein





PostPosted: Visual FoxPro General, RSA Public/Private Key Encryption in VFP 9.0 Top

 
I forgot to ask whether we can solve the problem by just ensuring all computers running the affected software have the same configuration - like the same version of some file(s).  Since they are all in-house computers our IT guys can control the config.

That sounds reasonable.I did exactly that in-house a couple of years ago (when I was still using CryptoAPI. In fact we use one program to send encrypted daily transactional data to a client that way (both systems use a stand-alone utility I built in VFP 8.0 at the time, using Win2000 CryptoAPI in both ends). Works fine so no need to change it.


 
 
Mark.OSVATH





PostPosted: Visual FoxPro General, RSA Public/Private Key Encryption in VFP 9.0 Top

I had a little time to read MSDN docs about RSA public / private key pair, encrypting, CAPICOM, Certificates, EnvelopedData, PFX files. The sample is vbscript based, but we know that to port it into VFP not a challenge.

Ok, let's see it. I have a PFX file, what was created by CIPHER. Just to have something. I used this passphrase while creating the certificate: "a very secret passphrase of the private key".

I can load it this way:
set oCert = Createobject("CAPICOM.Certificate")
oCert.Load "D:\test\test.pfx", "a very secret passphrase of the private key", CAPICOM_KEY_STORAGE_USER_PROTECTED, CAPICOM_CURRENT_USER_KEY

This certificate has a public key, private key. To use it, the EnvelopedData look like usable. It's really simple. Grab an EnvelopedData object, write something into the content property, add recipipents to it and finally call the encrypt method. The object automatically generates a symmetric key, what will be used to encrypt the large amount of content. This key will be encrypted by the public key of recipients. The default settings of the EnvelopedData obejct can be configured to strengthen the encryption or whatever you want. A sample:

set oEnvelope = createobject("CAPICOM.EnvelopedData")
oEnvelope.Algorithm.Name= CAPICOM_ENCRYPTION_ALGORITHM_AES
oEnvelope.Algorithm.KeyLength=CAPICOM_ENCRYPTION_KEY_LENGTH_MAXIMUM
oEnvelope.Content="Here's some very important and confidental data"
oEnvelope.Recipients.Add oCert
sSecret=oEnvelope.Encrypt(CAPICOM_ENCODE_BASE64)

The format of message what we got this way is PKCS #7. To decrypt the message is a joke. Just call the decrypt method of the EnvelopedData object with only one parameter, like this:

Set EnvelopedData = CreateObject("CAPICOM.EnvelopedData")
EnvelopedData.Decrypt sSecret
wscript.echo "Decrypted text is: " & EnvelopedData.Content

Okay. Decryption method searches for the private key in the "My" certificate store at current user or the local machine. There's no way to setup a file for decryption.



 
 
BorisSlo





PostPosted: Visual FoxPro General, RSA Public/Private Key Encryption in VFP 9.0 Top

Hi!

Let's say, that i have to access a web service on some secure page (https)
wich also requires me, to have a personal digital certificate.

Can I load this certificate to visual foxpro and then submit it to that page.
I need this, first to register web service and then to use web services.

thanx you

 
 
yanyee





PostPosted: Visual FoxPro General, RSA Public/Private Key Encryption in VFP 9.0 Top

yeah u are rite ...

when u post your question dun expect forummers can solve 100 % your question.

We all here just share our knowledge and experience.