CryptoAPI_Demo
所属分类:加密解密
开发工具:Visual Basic
文件大小:121KB
下载次数:28
上传日期:2014-07-12 13:55:43
上 传 者:
sunshinebean
说明: vb6开发的各种加密算法集合及应用,方便学习
(collection of various encryption algorithms and applications developed vb6)
文件列表:
frmEncFiles.frx (1036, 2002-04-07)
frmEncStrings.frm (19644, 2002-04-07)
frmEncStrings.frx (778, 2002-04-07)
frmHash.frm (24617, 2002-04-07)
frmHash.frx (778, 2002-04-07)
frmMainMenu.frm (10791, 2002-12-15)
frmMainMenu.frx (778, 2002-12-15)
frmOptions.frm (14891, 2002-04-07)
frmOptions.frx (778, 2002-04-07)
frmRnd.frm (9829, 2002-12-15)
frmRnd.frx (1195, 2002-12-15)
frmTestPWD.frm (15640, 2002-04-07)
frmTestPWD.frx (778, 2002-04-07)
MSSCCPRJ.SCC (195, 2002-01-02)
PWD.mdb (126976, 2001-09-09)
Dll\basCommon.bas (48456, 2002-10-13)
Dll\basEnumWin.bas (9687, 2002-10-08)
Dll\clsCryptoAPI.cls (91373, 2002-10-11)
Dll\CryptKci.dll (61440, 2002-10-13)
Dll\CryptKci.exp (996, 2002-12-02)
Dll\CryptKci.lib (2616, 2002-12-02)
Dll\CryptKci.txt (8862, 2002-10-13)
Dll\CryptKci.vbp (996, 2002-10-13)
Dll\CryptKci.vbw (106, 2012-06-11)
Dll\History.txt (3389, 2002-10-13)
Dll\MSSCCPRJ.SCC (193, 2002-01-02)
Images\Find.bmp (246, 2001-09-09)
Images\LOCK.ICO (766, 2001-09-09)
Images\NOTE14.ICO (1078, 2001-09-09)
basADODB.bas (27853, 2002-04-07)
basCryptoProcs.bas (11341, 2002-04-07)
basEdit.bas (22442, 2002-04-07)
basMain.bas (21364, 2002-04-07)
Crypto_API.vbp (1580, 2002-12-15)
Crypto_API.vbw (742, 2012-06-11)
CryptoAPI_Demo.vbg (88, 2002-10-11)
CryptoAPI_Demo.vbw (757, 2001-09-09)
frmAddUser.frm (18664, 2002-04-07)
frmAddUser.frx (778, 2002-04-07)
... ...
CryptoAPI Demo v1.7
by Kenneth Ives kenaso@attbi.com
-----------------------------------------------------------------
Modification History:
09-SEP-2001 1.7 Fixed several bugs relating to using the enhanced
provider and block ciphers. Modified and tested
the demo program.
24-JUL-2001 1.6 Cleaned up some code and did a lot of documenting.
05-JUN-2001 1.5 Removed clsCryptoAPI.cls from demo program and created
a DLL.
20-JAN-2001 1.4 According to theory, whenever you leave a text box, the
lost focus event is supposed to fire. I came upon
multiple instances where it did not. This would happen
when I pressed the ENTER key while still inside the text
box and executing the command button. I decided to move
the lost focus logic to the validate event and added a
piece of code in the keypress event to force the
validate event to fire. I could had done the same with
the lost focus but I had already moved my code.
18-JAN-2001 1.3 The decoded file was be one byte larger than the
source. To fix this, subtract 1 from the file size
to accomodate the zero based array. Fix suggested
by Harbinder Gill hgill@altavista.net
Also found that when you use PUT to write a byte array
to a file, the last character is converted to a NULL.
To get around this quirk, I converted the decrypted data
to a text string and then PUT it in the output file.
See frmEncFiles(cmdChoice_Click)
10-JAN-2001 1.2 Converted data to byte array and then encrypt/decrypt
the data. For display purposes, I use a hex display
because if an encrypted character returned is a Null,
then I would end up with a null terminated string.
The text box control will not display anything after
the NULL character. Therefore, when I would read from
the text box to get the data to decrypt, I would not
have all the data. Thanks to Haakan Gustavsson
for pointing me in the right direction.
See frmEncStrings(cmdChoice_Click)
08 JAN 2001 1.1 For file and string testing, I have converted the
data and password to a byte array first.
30 DEC 2000 1.0 Wrote CryptoAPI demo program.
=============================================================================
CryptKci.dll
Copy the \DLL\CryptKci.dll to the system directory where all your
other DLL's are stored.
Windows 9x, ME \Windows\System
Windows NT4, 2000 \Winnt\System32
Now register the DLL so it will be recognized by the system.
Select the START button, RUN
for Windows 9x, ME type:
regsvr32 c:\windows\system\CryptKci.dll
for NT4, 2000 Type:
regsvr32 c:\winnt\system32\CryptKci.dll
In the VB IDE, to use this DLL, you must first reference it via
Projects, References on the toolbar menu. Scroll down the list
and place a checkmark next to CryptKci
=============================================================================
You will need the VB6 runtime files.
This is freeware. Since security is of the upmost these days,
a tool such as this should assist you in protecting your data.
This is well documented and should help you understand what is
happening. I have tried to give everyone credit on their code
snippet contributions. If you recognize something I missed, let
me know and I will update that portion with your name and email
address (I must have both).
To begin with, I used a lot of screens to demonstrate each function.
This is to better illustrate what is going on without getting lost in
performing multiple functions within a single form.
Next, I use a database for network security because the user would
never have access to the directory where this database is located.
Also, I doubt if they would recognize any of the data in it.
I use a fifteen charater salt value to combine with the password
and user name and then has it with either MD5 or SHA-1. The salt
and the hashed results are stored in the database.
For test purposes, I have entered one user into the database.
Name: JohnDoe
password: moneytree
Options: Case senitive for both entries
MD5 (Message Digest) hash algorithm
Default provider
***********
Salt Values by Terry Ritter
http://www.ciphersbyritter.com/NEWS6/SALT.HTM
A "salt" is a value used to modify a hash of a password.
Originally, user passwords were verified by direct comparison to a
file containing the correct passwords. Simply exposing that file thus
exposed some or all of the passwords on the system.
To avoid that, passwords were verified by computing a hash value from
the password and verifying that to the correct hash value stored in
the password file. The actual passwords, never being stored on the
system, were thus thought to be protected.
Unfortunately, obtaining the password file revealed hash values which
then could be compared to hash values for popular passwords, thus
revealing the password itself.
To avoid this, a salt value is hashed along with password, thus
changing the hash value and making a known-hash attack difficult.
**********
** Brief Overview ***************
Whenever a user logs onto a network, a server application is executed
from within the login script. This server application has the only
access to the database as far as the user is concerned. The user's
logon data is extracted from the workstation screen, manipulated and
applied to the database for verification. If the logon data is
authenticated, the user is allowed onto the network.
***********************************
This database is very limited as it is for demonstration purposes only.
One of the things you could add to your code is the number of tries a
user can make trying to remember their password. Add a couple of fields
to the database to deny the user access for 15 minutes before being
allowed to try again. In other words, set a flag field in the database
for a "1" or "0" and another field for the current timestamp. If the
user is locked out after three tries, a "1" is entered into the flag
field and the system timestamp in the other. Whenever the user attempts
a logon, first see if there is a "1" in the flag field. If so, then test
to see if 15 minutes have elaspsed since the "1" was entered. If 15
minutes or more have elapsed then enter a "0" in the flag field and NULL
in the timestamp field and continue processing.
Using this scenario is a definite thorn in the side of individuals trying
to gain unauthorized access to your system by way of brute force entry.
If you are using local security (the user's workstation), you can
apply these same principles for the Windows registry. See the "Hash Test"
and you will see where, in my opinion, a Message Digest (MDn) algorithm
was probably used for registry entries.
=============================================================================
Written by Kenneth Ives kenaso@attbi.com
All of my routines have been compiled with VB6 Service Pack 5.
There are several locations on the web to obtain these
runtime modules.
This software is FREEWARE. You may use it as you see fit for
your own projects but you may not re-sell the original or the
source code.
If there is anything in here that you want to use and I wrote
it, please give me credit. This is a way of saying "Thank you"
to another programmer.
No warranty expressed or implied is given as to the use of this
program. Use at your own risk.
If you have any suggestions or questions, I would be happy to
hear from you.
=============================================================================
近期下载者:
相关文件:
收藏者: