SQL Server Forums
Profile | Register | Active Topics | Members | Search | Forum FAQ
 
Register Now and get your question answered!
Username:
Password:
Save Password
Forgot your Password?

 All Forums
 General SQL Server Forums
 Script Library
 RC4 Encryption - Decryption
 New Topic  Reply to Topic
 Printer Friendly
Next Page
Author Previous Topic Topic Next Topic
Page: of 2

SwePeso
Patron Saint of Lost Yaks

Sweden
30265 Posts

Posted - 12/12/2006 :  07:35:35  Show Profile  Visit SwePeso's Homepage  Reply with Quote
This function is used to initialize the seed for the RC4 algorithm
CREATE FUNCTION dbo.fnInitRc4
(
	@Pwd VARCHAR(256)
)
RETURNS @Box TABLE (i TINYINT, v TINYINT)
AS

BEGIN
	DECLARE	@Key TABLE (i TINYINT, v TINYINT)

	DECLARE	@Index SMALLINT,
		@PwdLen TINYINT

	SELECT	@Index = 0,
		@PwdLen = LEN(@Pwd)

	WHILE @Index <= 255
		BEGIN
			INSERT	@Key
				(
					i,
					v
				)
			VALUES	(
					@Index,
					 ASCII(SUBSTRING(@Pwd, @Index % @PwdLen + 1, 1))
				)

			INSERT	@Box
				(
					i,
					v
				)
			VALUES	(
					@Index,
					@Index
				)

			SELECT	@Index = @Index + 1
		END


	DECLARE	@t TINYINT,
		@b SMALLINT

	SELECT	@Index = 0,
		@b = 0

	WHILE @Index <= 255
		BEGIN
			SELECT		@b = (@b + b.v + k.v) % 256
			FROM		@Box AS b
			INNER JOIN	@Key AS k ON k.i = b.i
			WHERE		b.i = @Index

			SELECT	@t = v
			FROM	@Box
			WHERE	i = @Index

			UPDATE	b1
			SET	b1.v = (SELECT b2.v FROM @Box b2 WHERE b2.i = @b)
			FROM	@Box b1
			WHERE	b1.i = @Index

			UPDATE	@Box
			SET	v = @t
			WHERE	i = @b

			SELECT	@Index = @Index + 1
		END

	RETURN
END
ANd this function does the encrypt/decrypt part
CREATE FUNCTION dbo.fnEncDecRc4
(
	@Pwd VARCHAR(256),
	@Text VARCHAR(8000)
)
RETURNS	VARCHAR(8000)
AS

BEGIN
	DECLARE	@Box TABLE (i TINYINT, v TINYINT)

	INSERT	@Box
		(
			i,
			v
		)
	SELECT	i,
		v
	FROM	dbo.fnInitRc4(@Pwd)

	DECLARE	@Index SMALLINT,
		@i SMALLINT,
		@j SMALLINT,
		@t TINYINT,
		@k SMALLINT,
      		@CipherBy TINYINT,
      		@Cipher VARCHAR(8000)

	SELECT	@Index = 1,
		@i = 0,
		@j = 0,
		@Cipher = ''

	WHILE @Index <= DATALENGTH(@Text)
		BEGIN
			SELECT	@i = (@i + 1) % 256

			SELECT	@j = (@j + b.v) % 256
			FROM	@Box b
			WHERE	b.i = @i

			SELECT	@t = v
			FROM	@Box
			WHERE	i = @i

			UPDATE	b
			SET	b.v = (SELECT w.v FROM @Box w WHERE w.i = @j)
			FROM	@Box b
			WHERE	b.i = @i

			UPDATE	@Box
			SET	v = @t
			WHERE	i = @j

			SELECT	@k = v
			FROM	@Box
			WHERE	i = @i

			SELECT	@k = (@k + v) % 256
			FROM	@Box
			WHERE	i = @j

			SELECT	@k = v
			FROM	@Box
			WHERE	i = @k

			SELECT	@CipherBy = ASCII(SUBSTRING(@Text, @Index, 1)) ^ @k,
				@Cipher = @Cipher + CHAR(@CipherBy)

			SELECT	@Index = @Index  +1
      		END

	RETURN	@Cipher
END


Peter Larsson
Helsingborg, Sweden

harsh_athalye
Flowing Fount of Yak Knowledge

India
5581 Posts

Posted - 12/12/2006 :  07:56:42  Show Profile  Visit harsh_athalye's Homepage  Click to see harsh_athalye's MSN Messenger address  Send harsh_athalye a Yahoo! Message  Reply with Quote
Wonderful implementation, Peter!

Thanks for sharing.

Harsh Athalye
India.
"The IMPOSSIBLE is often UNTRIED"
Go to Top of Page

SwePeso
Patron Saint of Lost Yaks

Sweden
30265 Posts

Posted - 12/12/2006 :  07:59:31  Show Profile  Visit SwePeso's Homepage  Reply with Quote
Thanks.

I kept it in two parts, because then the EncDec can be rewritten to encrypt/decrypt a column with same password a lot faster, without having to call Init for each row.

As of now, any row could have different password.


Peter Larsson
Helsingborg, Sweden
Go to Top of Page

harsh_athalye
Flowing Fount of Yak Knowledge

India
5581 Posts

Posted - 12/12/2006 :  08:05:11  Show Profile  Visit harsh_athalye's Homepage  Click to see harsh_athalye's MSN Messenger address  Send harsh_athalye a Yahoo! Message  Reply with Quote
Have you timed it, Peter?
I think it will be good candidate for CLR-SP in SQL 2005.

Harsh Athalye
India.
"The IMPOSSIBLE is often UNTRIED"

Edited by - harsh_athalye on 12/12/2006 08:05:25
Go to Top of Page

SwePeso
Patron Saint of Lost Yaks

Sweden
30265 Posts

Posted - 12/12/2006 :  08:29:17  Show Profile  Visit SwePeso's Homepage  Reply with Quote
Haven't got time.

I am in a debate right now woth senile developer about requirements.
He wrote all requirements down on a paper and I did exactly what it said, but now he is so mad and angry with me I think he will burst any minute. Now he says he never wrote the requirements.


Peter Larsson
Helsingborg, Sweden
Go to Top of Page

Michael Valentine Jones
Yak DBA Kernel (pronounced Colonel)

USA
7020 Posts

Posted - 12/12/2006 :  08:48:27  Show Profile  Reply with Quote
I see you linked to this thread from Wikipedia
http://en.wikipedia.org/wiki/RC4





CODO ERGO SUM

Edited by - Michael Valentine Jones on 12/12/2006 08:49:02
Go to Top of Page

SwePeso
Patron Saint of Lost Yaks

Sweden
30265 Posts

Posted - 12/12/2006 :  09:32:06  Show Profile  Visit SwePeso's Homepage  Reply with Quote
Yes, I have learnt how to do it.
Thanks again Michael.


Peter Larsson
Helsingborg, Sweden
Go to Top of Page

afrika
Flowing Fount of Yak Knowledge

Nigeria
2706 Posts

Posted - 12/12/2006 :  09:39:03  Show Profile  Reply with Quote
Must say,

"Peso on fire"

Brilliant work
Go to Top of Page

Michael Valentine Jones
Yak DBA Kernel (pronounced Colonel)

USA
7020 Posts

Posted - 12/12/2006 :  09:43:55  Show Profile  Reply with Quote
quote:
Originally posted by Peso

Yes, I have learnt how to do it.
Thanks again Michael.


Peter Larsson
Helsingborg, Sweden



Are you going to start doing 50 posts/day in Wikipedia now?




CODO ERGO SUM
Go to Top of Page

madhivanan
Premature Yak Congratulator

India
22761 Posts

Posted - 12/12/2006 :  11:47:52  Show Profile  Send madhivanan a Yahoo! Message  Reply with Quote

<<
Are you going to start doing 50 posts/day in Wikipedia now?
>>

He will score a Century


Madhivanan

Failing to plan is Planning to fail
Go to Top of Page

avmreddy17
Posting Yak Master

180 Posts

Posted - 10/04/2007 :  13:06:44  Show Profile  Reply with Quote
Peso,

How to you decrypt using this function
fnEncDecRc4

Thanks
Go to Top of Page

SwePeso
Patron Saint of Lost Yaks

Sweden
30265 Posts

Posted - 10/04/2007 :  15:33:14  Show Profile  Visit SwePeso's Homepage  Reply with Quote
Same function, hence the name fnEncDecRc4.



E 12°55'05.25"
N 56°04'39.16"
Go to Top of Page

khautinh
Starting Member

10 Posts

Posted - 10/19/2007 :  19:32:18  Show Profile  Reply with Quote
Peso,
I am new in these type of encrypt and decrypt. How can I use the same function to decrypt the text please? Would you more specific please.

I tried

declare @test varchar(50)
select @test = 'password'
select dbo.fnEncDecRc4(@test, '2345')
print @test = ÍÆ ;

How can I use the same function to decrypt (ÍÆ ;)?

Thanks again.
Go to Top of Page

SwePeso
Patron Saint of Lost Yaks

Sweden
30265 Posts

Posted - 10/20/2007 :  03:23:12  Show Profile  Visit SwePeso's Homepage  Reply with Quote
select dbo.fnEncDecRc4(@test, 'ÍÆ ;')



E 12°55'05.25"
N 56°04'39.16"
Go to Top of Page

tkizer
Almighty SQL Goddess

USA
37134 Posts

Posted - 10/31/2007 :  18:21:00  Show Profile  Visit tkizer's Homepage  Reply with Quote
Peso, according to this thread, your function has an error: http://www.sqlteam.com/forums/topic.asp?TOPIC_ID=78552. Check out Helly's post. Not sure if it's valid or not, just wanted to give you a heads up since he posted it in the other thread rather than this one.

Tara Kizer
Microsoft MVP for Windows Server System - SQL Server
http://weblogs.sqlteam.com/tarad/
Go to Top of Page

SwePeso
Patron Saint of Lost Yaks

Sweden
30265 Posts

Posted - 11/01/2007 :  12:33:55  Show Profile  Visit SwePeso's Homepage  Reply with Quote
Thanks for the link. However I am not able to reproduce the alleged bug.
SELECT	dbo.fnEncDecRc4('Yek', (SELECT dbo.fnEncDecRc4('Yik', 'This is the secret message.')))	-- Fails
SELECT	dbo.fnEncDecRc4('Yek', (SELECT dbo.fnEncDecRc4('Yek', 'This is the secret message.')))	-- Works
SELECT	dbo.fnEncDecRc4('Yek', (SELECT dbo.fnEncDecRc4('Yak', 'This is the secret message.')))	-- Fails
See last example. I think that poster used two different passwords, and when decrypthing the encrypted text, he used wrong password and thus produced a string containing an ascii zero character, which seesm to be a string terminator in SQL Server.



E 12°55'05.25"
N 56°04'39.16"
Go to Top of Page

Ahmad Farid
Starting Member

7 Posts

Posted - 07/22/2008 :  11:11:55  Show Profile  Reply with Quote
Can anyone please show with a full example how to decrypt some text?
Thank you :)
Go to Top of Page

SwePeso
Patron Saint of Lost Yaks

Sweden
30265 Posts

Posted - 07/22/2008 :  12:56:13  Show Profile  Visit SwePeso's Homepage  Reply with Quote
The post just before your's show to to both encrypt and decrypt.



E 12°55'05.25"
N 56°04'39.16"
Go to Top of Page

Ahmad Farid
Starting Member

7 Posts

Posted - 07/27/2008 :  05:36:52  Show Profile  Reply with Quote
yeah I wasn't able to understand it well. Thank you Peso. But I have another question. Is it possible that I do the encryption through the .NET and the decryption through this SQL function?
Go to Top of Page

SwePeso
Patron Saint of Lost Yaks

Sweden
30265 Posts

Posted - 07/28/2008 :  03:32:24  Show Profile  Visit SwePeso's Homepage  Reply with Quote
Yes, there are a number of .NET RC4 encryption and decryption libraries.



E 12°55'05.25"
N 56°04'39.16"
Go to Top of Page

Ahmad Farid
Starting Member

7 Posts

Posted - 07/28/2008 :  05:13:28  Show Profile  Reply with Quote
I only found RC2, DES, TripleDES and some else but never found RC4. Can you please mention its full path of namespaces? Thank you.
Go to Top of Page
Page: of 2 Previous Topic Topic Next Topic  
Next Page
 New Topic  Reply to Topic
 Printer Friendly
Jump To:
SQL Server Forums © 2000-2009 SQLTeam Publishing, LLC Go To Top Of Page
This page was generated in 0.11 seconds. Powered By: Snitz Forums 2000