Published: Friday, November 05, 1999
Encyption with ASP, Part 2
In Part 1, we discussed how to create a Key. Now, we need to look at how to encrypt and decrypt a string using this key!
The following code accomplishes both of these tasks!
<%
<![CDATA[
'******************************
' Crypt.asp
'******************************
Dim g_Key
Const g_CryptThis = "Now is the time for all good men to come to the aid of their country."
Const g_KeyLocation = "c:\key.txt"
g_Key = mid(ReadKeyFromFile(g_KeyLocation),1,Len(g_CryptThis))
Response.Write "<p>ORIGINAL STRING: " & g_CryptThis & "<p>"
Response.Write "<p>KEY VALUE: " & g_Key & "<p>"
Response.Write "<p>ENCRYPTED CYPHERTEXT: " & EnCrypt(g_CryptThis) & "<p>"
Response.Write "<p>DECRYPTED CYPHERTEXT: " & DeCrypt(EnCrypt(g_CryptThis)) & "<p>"
Function EnCrypt(strCryptThis)
Dim strChar, iKeyChar, iStringChar, i
for i = 1 to Len(strCryptThis)
iKeyChar = Asc(mid(g_Key,i,1))
iStringChar = Asc(mid(strCryptThis,i,1))
' *** uncomment below to encrypt with addition,
' iCryptChar = iStringChar + iKeyChar
iCryptChar = iKeyChar Xor iStringChar
strEncrypted = strEncrypted & Chr(iCryptChar)
next
EnCrypt = strEncrypted
End Function
Function DeCrypt(strEncrypted)
Dim strChar, iKeyChar, iStringChar, i
for i = 1 to Len(strEncrypted)
iKeyChar = (Asc(mid(g_Key,i,1)))
iStringChar = Asc(mid(strEncrypted,i,1))
' *** uncomment below to decrypt with subtraction
' iDeCryptChar = iStringChar - iKeyChar
iDeCryptChar = iKeyChar Xor iStringChar
strDecrypted = strDecrypted & Chr(iDeCryptChar)
next
DeCrypt = strDecrypted
End Function
Function ReadKeyFromFile(strFileName)
Dim keyFile, fso, f
set fso = Server.CreateObject("Scripting.FileSystemObject")
set f = fso.GetFile(strFileName)
set ts = f.OpenAsTextStream(1, -2)
Do While not ts.AtEndOfStream
keyFile = keyFile & ts.ReadLine
Loop
ReadKeyFromFile = keyFile
End Function
]]>
%>
|
The first thing we do in the Crypt.asp page is get the key value from our key file. Once we have read the value in we will use the MID function to read only enough key to the same length as our plaintext string. Next we move to the EnCrypt Function. This function reads our key string and our plaintext string ONE character at a time. It then does a logical exclusion (Xor) between one key character and one plaintext character. The resulting character is the encrypted character. Congratulations! Youv'e just encrypted a string.
Now that we've encoded the string, how in the world will we decode it? Pretty simple, the DeCrypt' function is identical to the encrypt function, except you just need to feed in the encrypted cyphertext. The only reason I have included two functions for encryption and decryption, is two allow you to play with different encrypt/decrypt schemes. If you read the commented lines in each of the functions, they will allow you to encrypt/decrypt with addition and subtraction.
If you put your mind to it, you could easily modify the functions provided to read in entire files. This might be a slightly challenging if you are doing this to a binary file (you would need some integrity check so characters would not be out of range when converting back and forth to ASCII). Well, have fun with it and let me know what you come up with.
You will want to keep the generated key in a safe place on the server as well as not allowing any outside access to it.
By Julain Sitkewich
FOOTNOTE:
The Vernam Cipher was invented by none other than Gilbert Vernam (he was an AT&T engineer), in 1918. The ciphertext is generated by combining ASCII plaintext with a "one-time pad" or key. The key is combined with the plaintext stream by mod 2 (Xor), thus creating the encrypted cyphertext.
Xor operator:
Used to perform a logical exclusion on two expressions.
bitwise comparison:
A bit-by-bit comparison between identically positioned bits in two numeric expressions.
Attachments:
Download the source of Crypt.asp in text format
Download the source of KeyGeN.asp in text format
