Log In

Come Join Us!

Are you a
Computer / IT professional?
Join Tek-Tips Forums!
  • Talk With Other Members
  • Be Notified Of Responses
    To Your Posts
  • Keyword Search
  • One-Click Access To Your
    Favorite Forums
  • Automated Signatures
    On Your Posts
  • Best Of All, It's Free!
  • Students Click Here

*Tek-Tips's functionality depends on members receiving e-mail. By joining you are opting in to receive e-mail.

Posting Guidelines

Promoting, selling, recruiting, coursework and thesis posting is forbidden.

Students Click Here

VfpEncryption71 - AES256: How to get pure hex like result

VfpEncryption71 - AES256: How to get pure hex like result

VfpEncryption71 - AES256: How to get pure hex like result

Hi Team!

I am trying to encrypt a password using VfpEncryption71 library.
Encryption type We need AES256.

Below is sample of what I am doing.

CODE -->

lcStr = 'mykey123456'
lcKey = 'BeY7nZ1HL5Sdl0POADQACw=='
Encrypt(lcStr, lcKey, 2, 1, 0, 24, 16)
* 2= Type AES256, 1= Mode ECB, 0=Padd null
* 24= length of key being used
* 16= Block size 
Then I get an encrypted key like below

CODE -->


But, the client documentation shows encrypted sample like

CODE -->


Whatever I try, I am not getting an encryption like the above.
How do we achieve that?

Thanks in advance

RE: VfpEncryption71 - AES256: How to get pure hex like result

Hi Rajesh,

in short there's so much wrong in your parameterization that it doesn't work.

There are lots of sets of test vectors to see, whether an encryption library gets the expected results from the algorithm used. The download of vfpencryption comes with source examples. Look into the directory "test-vectors". Go from there


If you're interested to see what's all wrong with your try:

What you want (biXhp3Ha1fgxVEp48zHrvVoXMStmxPuAPHo3TVz5lHU=) is base64, which is not hex or hexadecimal.
What you have as result of Encrypt (O4¨n)Ks ³â÷„ ) is binary. You get from binary to base64 with STRCONV(), see the help. But don't try just using STRCONV() on the result, as there are lots of further errors.

Maybe because you have that misconception you're also feeding in a wrong lcKey and overall a lot of wrong parameter values.

The Encrypt function of the VfpEncryption library asks for a specific key length when you use it for AES:

Read what the documentation says: https://www.sweetpotatosoftware.com/blog/index.php...

Quote (docs)

keys may need to be of a particular length for certain types of encryption

Quote (docs)

2 = Rijndael\AES 256 (requires a 32 character Key) *Default

There are some of your parameterization errors:

1. Your parameterization says you want to use AES 256 but a 24 character key. The algorithm determines the key length. And for AES356 you need a 32 character (32 bytes) key.

Your lcKey='BeY7nZ1HL5Sdl0POADQACw==' is 24 chars, and the characters used and the trailing with "==" tells me this is base64. And if you convert that back to a binary string, not only limited to letters and digits, this would become even shorter, a 16 byte key.

2. Your description is you want to encrypt a key. Well, to the Encrypt function it doesn't matter that lcStr='mykey1232456' is your key, to the AES256 encryption that is the message to encrypt and the key used to encrypt this message is lcKey and that's too short no matter if you take it as is or convert it back to a 16byte long binary key.

3. Your parameterization is mode 1 for CBC, your comment says you want ECB, but ECB is mode 0, not mode 1.

So just read the documentation and follow it correctly.

Encryption isn't a beginner topic if you still even struggle with understanding what binary, hexadecimal, bas64 are and then make it hard to wrap your head around what you need to provide as parameters by wanting to encrypt a key, which makes it easy to confuse message and key, it's just natural your first trials lead to errors.

You can also blame Craig S. Boyd for having a parameterization that suggests more freedom than you really have. You can't mix AES type and key length as you like, so actually only using encryption types 4 (Blowfish) and 1024 for RC4 would enable more freedom of choices in key lengths, the other modes determine what has to be the key length and so the nKeySize parameter has to be that and not what you want.

Bye, Olaf.

Olaf Doschke Software Engineering

RE: VfpEncryption71 - AES256: How to get pure hex like result

Thank you so much. As usual, there are so much to learn from in your suggestions!

a. Mentioning of 1 for mode was a mistake. In fact, we want ECB.
b. Writing 'key' in my string to be encrypted doesn't have any context. I just assumed a text.
What I am encrypting is a password. Difference of the string being encrypted and the key being used is obviously clear to me.

Let me go through your text thoroughly. Will get back soon.

Thanks a lot

RE: VfpEncryption71 - AES256: How to get pure hex like result

Hi team!

I am just continuing with this. Below is the code from the encryption library sample prg file

CODE -->

m.lcPlainText = STRCONV("6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411e5fbc1191a0a52eff69f2445df4f9b17ad2b417be66c3710",16)

*!* F.1.5 ECB-AES256.Encrypt
m.lcKey = "603deb1015ca71be2b73aef0857d77811f352c073b6108d72d9810a30914dff4"
m.lcCiphertext = "f3eed1bdb5d2a03c064b5a7e3db181f8591ccb10d410ed26dc5ba74a31362870b6ed21b99ca6f4f9f153e7b1beafed1d23304b7a39f9f3ff067d8d8f9e24ecc7"
?IIF(Encrypt(m.lcPlainText, STRCONV(m.lcKey,16), 2, 0, 0, 32, 16) == STRCONV(m.lcCiphertext,16), "PASSED!", "FAILED!")
*!* F.1.6 ECB-AES256.Decrypt
?IIF(Decrypt(STRCONV(m.lcCiphertext,16), STRCONV(m.lcKey,16), 2, 0, 0, 32, 16) == m.lcPlainText, "PASSED!", "FAILED!") 

Here (above sample code) the lcPlainText is decoded from a hexBinary string. If I have to encrypt my password, say 'myPass@123456', should I encode it into hexBinary first and then pass it to the Encrypt function by decoding it back into normal string (using STRCONV function) ?
Similary, the lcKey (the secret key) is also decoded from a hexBinary?
Are these conversions done to avoid any special characters issues?

Please advice.
Thanks in advance.

RE: VfpEncryption71 - AES256: How to get pure hex like result

In short:

Test suites work on very specific binary data that's easiest to specify and also verify in hexadecimal representation. For example to test an own implementation of an encryption algorithn or checking a library works as intended on your computer.

When the message you want to encrypt is composed of enterable characters (which overlaps with printable, readable) there is no need to go through hexadecimal.

And obviously, as a random password will not be part of a test suite you can check, your best check of getting back the same password from decrypt is simply to decrypt. But to encrypt a password, especially as entered by a user, you have to do nothing, you could directly Encrypt(Thisform.txtPassword.Value,...) and decrypt also gets back straight to that.

Bye, Olaf.

Olaf Doschke Software Engineering

Red Flag This Post

Please let us know here why this post is inappropriate. Reasons such as off-topic, duplicates, flames, illegal, vulgar, or students posting their homework.

Red Flag Submitted

Thank you for helping keep Tek-Tips Forums free from inappropriate posts.
The Tek-Tips staff will check this out and take appropriate action.

Reply To This Thread

Posting in the Tek-Tips forums is a member-only feature.

Click Here to join Tek-Tips and talk with other members! Already a Member? Login

Close Box

Join Tek-Tips® Today!

Join your peers on the Internet's largest technical computer professional community.
It's easy to join and it's free.

Here's Why Members Love Tek-Tips Forums:

Register now while it's still free!

Already a member? Close this window and log in.

Join Us             Close