Is there a fivewin function that encrypts dbf files by closing or interupting the fivewin program so that they can not be modified with an external program
FiveTech Support Forums
FiveWin / Harbour / xBase community
Board index FiveWin for Harbour/xHarbour encrypting dbf files
You can use FWH functions Encrypt() and Decrypt() so all info inside the DBF is encrypted.
field->myfield := Encrypt( "value", cPassword )
Note that when using Encrypt/Decrypt all fields must be character format.
FWH 18.05/xHarbour 1.2.3/BCC7/Windows 10
Using tables with no memo field I manage them in this way
I create a dbf encrypted in this way
#include "fivewin.ch"
#include "Dbinfo.ch"
FUNCTION MAIN
SELECT 0
USE t090
DBINFO( DBI_PASSWORD, "12345678" )
browse()
RETURN NILI create a dbf encrypted in this way
#include "DbStruct.ch"
#include "Dbinfo.ch"
FUNCTION MAIN( cFileIn, cFileOut, cCodice )
LOCAL aStruct := {}
// open file to read to obtain structure
USE &(cFileIn) ALIAS filein
aStruct := DBSTRUCT()
USE
// create encrypted file
DBCREATE( cFileOut, aStruct )
USE &(cFileOut) ALIAS fileout
DBINFO( DBI_PASSWORD, cCodice ) // cCodice = "12345678" in example
APPEND FROM &(cFileIn)
RETURN NILMarco Boschi
info@marcoboschi.it
info@marcoboschi.it
What includes are necessary to use encrypt() and decrypt() files please
Jds:
(x)Harbour supports three functions to handle encryption / decryption transparently:
1. Sx_DBFencrypt (cPassword) - encrypts all records in database file.
2. Sx_DBFdecrypt () - decrypts all records in database file.
3. Sx_SetPass (cPassword) - set / changes password to be used in the encryption functions.
With the above mentioned suggestions the database fields remains as you designed them (Date, Numerics, Memos, etc.).
The drawback with the Encrypt() and Decrypt() functions is that, as James pointed out correctly, all fields must be character.
Hope this helps.
So, if I understood it well, the user has to use a password to encrypt;
So it is not possible that by exiting the program all dbf files can be encrypted so that the user can not modify the dbf files with an external program
JDS,
Of course, it would not be secure if anyone can run the program without logging in. So each authorized user needs to login using a password. The actual password that encrypts/decrypts the databases is the same for all users. It can also be encrypted and stored in an external file. No users need to know what this password is. The admin should be able to change it periodically.
In the above system, the databases are encrypted all the time. The data is only decrypted when in RAM.
I can't see encrypting the databases after the last user exits--this would be slow, impractical, and not secure. The databases would all have to be decrypted and written back to disk while any user was using the program. During this time anyone could copy all the databases (decrypted) to another place. Also, after encrypting the databases all the decrypted copies would have to be securely erased. This system would not be secure at all.
Regards,
James
So, if I understood it well, the user has to use a password to encrypt;
Of course, it would not be secure if anyone can run the program without logging in. So each authorized user needs to login using a password. The actual password that encrypts/decrypts the databases is the same for all users. It can also be encrypted and stored in an external file. No users need to know what this password is. The admin should be able to change it periodically.
So it is not possible that by exiting the program all dbf files can be encrypted so that the user can not modify the dbf files with an external program
In the above system, the databases are encrypted all the time. The data is only decrypted when in RAM.
I can't see encrypting the databases after the last user exits--this would be slow, impractical, and not secure. The databases would all have to be decrypted and written back to disk while any user was using the program. During this time anyone could copy all the databases (decrypted) to another place. Also, after encrypting the databases all the decrypted copies would have to be securely erased. This system would not be secure at all.
Regards,
James
FWH 18.05/xHarbour 1.2.3/BCC7/Windows 10
Jds:
Steps on using encryption:
1. You encrypt all tables with a tool that uses the Sx_DBFencrypt (cPassword) function.
2. Your program has the password either hard coded or in an external dbf.
3. Make SURE if you hard coded it to not set it up as a literal, build it as a result of some sort of mathematical function.
4. This way it cannot be retrieved via a binary editor since the compiler cannot "resolve" or pre-process it at compile time.
5. This way DBF are ALWAYS ENCRYPTED.
Hope this helps. I've been using encryption since the old Clipper 5.2e/DOS days (SIx driver).
Hunter,
I assume this is an EXE? Where does one get the EXE or source?
It seems you could also write your own--just open each dbf, read each record, encrypt it and save. Seems simple enough.
Regards,
James
1. You encrypt all tables with a tool that uses the Sx_DBFencrypt (cPassword) function.
I assume this is an EXE? Where does one get the EXE or source?
It seems you could also write your own--just open each dbf, read each record, encrypt it and save. Seems simple enough.
Regards,
James
FWH 18.05/xHarbour 1.2.3/BCC7/Windows 10
James:
You just write a simple program to encrypt tables.
You just write a simple program to encrypt tables.
#include "Common.ch"
#include "FiveWin.ch"
PROCEDURE Main (cFileName, cPassWord)
DEFAULT cFileName TO ""
DEFAULT cPassword TO ""
IF ! EMPTY(cPassword)
IF FILE(cFileName)
USE (cFileName) VIA "DBFCDX" EXCLUSIVE
Sx_DBFencrypt (cPassword)
USE
MsgInfo("File: " + cFileName + " Encrypted")
ELSE
MsgInfo("File: " + cFileName + " NOT Found")
ELSE
MsgInfo ("Empty Passwords Not Allowed")
ENDIF
RETURNIs it possible to encrypt only some fields of a table .
For example, in a People dbf file, i only want to Encrypt Name and Adress .
Thanks
Jack,
Why?
Why not just encrypt everything? There is very little speed penalty. If security is an issue, why secure only some of the data?
Regards,
James
i only want to Encrypt Name and Adress
Why?
Why not just encrypt everything? There is very little speed penalty. If security is an issue, why secure only some of the data?
Regards,
James
FWH 18.05/xHarbour 1.2.3/BCC7/Windows 10
Hunter,
Thanks for the example code.
Do you have any ideas on how we could check to see if a file is already encrypted? I just thought it might be handy to prevent ever encrypting a file twice.
James
FWH 18.05/xHarbour 1.2.3/BCC7/Windows 10
I use the free ADS encryption. It encrypts the entire file.
Thanks,
Jeff Barnes
(FWH 16.11, xHarbour 1.2.3, Bcc730)
Jeff Barnes
(FWH 16.11, xHarbour 1.2.3, Bcc730)