|
For a given object/data type TT:
TT var[2];
size_t sz = (char*)&var[1] - (char*)&var[0];
...cmk
Save the whales - collect the whole set
|
|
|
|
|
Hi All,
I wonder if somebody could point me in the direction of which encryption algorithm to use. My program is basically a SQL frontend storing and retrieving many strings within a database. I have now been asked to add security to the project in order to prevent other users from reading the database files.
My idea is to simply encrypt the strings before inserting them into the database. Here is where I am stuck, I need to be able to decrypt this data using one of two passwords, a user password, and a master password. This among other things now has to be finished by Monday.
Could somebody possibly name an algorithm which is capable of doing what I want, or possibly even point me towards a C++ example. Thankyou so much.
|
|
|
|
|
I'm also have the same problem, but I'm using a MySQL database with ODBC. So, I encrypted / decrypted the strings with no password at all, and I set up some restriction rules on the server side. I've used two different system DSN to access that database and it worked very well. Good luck!
|
|
|
|
|
If you want to be able to encrypt using either the "User" or "Master" password, but want to be able to decrypt data encrypted using the "User" password with either the "User" or "Master" passwords, but prevent decryption of "Master" encrypted data using the "User" password, I do not know of a specific encryption algorithm that allows this.
However, you may be able to do what you ask by encrypting the data with static static/internal passwords, and write a signature at the beginning of the data indicating if the "user" or "master" encrypted the data. You can then use application logic to determine of the "user" should be allowed to decrypt the data.
For example, you internally maintain two passwords: User-"ABC", Master-"123". Data is encrypted depending on who saved it, and is stored with a flag indicating if the "User" or "Master" encryption was used. At decryption time, you can read the flag, and determine if the current user is a "User" or "Master", and determine if you should decrypt the data or not. For example, a "User"-level user is trying to read two units of data from the database, one saved with the "User" password, one with "Master".
First, the data was saved with "User" is read back. The data's flag is checked (which is "User"), and the current user is allowed to decrypt it (because they are "User" or "Master"-level), so decrypt the data.
Now, the second set of data saved with "Master" is read back. The data flag is checked (which is "Master"), and the current user is not allowed to decrypt it (because they only have "User"-level access), so you raise an appropriate message.
A bit quick&dirty, but it might work for a Monday implementation... :/
The most important thing to do when working with encryption, IMHO, is to clearly specify exactly what you need encrypted, and to what extent, then approach possible solutions.
Peace!
-=- James If you think it costs a lot to do it right, just wait until you find out how much it costs to do it wrong! Avoid driving a vehicle taller than you and remember that Professional Driver on Closed Course does not mean your Dumb Ass on a Public Road! DeleteFXPFiles & CheckFavorites (Please rate this post!)
|
|
|
|
|
Quick and dirty sounds about right for this weekend. Though I think you missunderstood what I want.
The "master" would never be encrypting anything, it's sole purpose is for administrators to read the encrypted data or incase of lost passwords. Basicaly I need to be able to decrypt data using one of two passwords.
As a quick and dirty solution, I will allow the user to create a password and use this as the encryption key, I will then encypt this password using a master key and store it alongside the data. Using program logic, if the user password fails, try decrypting the users password instead and intern use that.
Hey it's already Friday night, and I want some beer tomorrow night
|
|
|
|
|
|
Thanks for the links, although after reading the mentioned articles I have found them to be unsuitable for this particular project for the following 2 reasons:
1) They do not support the use of 2 keys, which is really what I need.
2) The data block has to be formatted to a multiple of 8 bytes. Most of the strings I am dealing with are in the form of "101.89". I would first have to pad this, I know it's only 1 byte, but then in order to safley store it I would have to convert the encrypted string to a hex value. Now I have gone from 7 bytes to 17 bytes. If I do this for each of the 4000+ strings you can imagine the speed decrease and the final file size.
At the moment I am thinking of creating a hash of the users password, then using this hash as a one time pad. I know the security will not be of the highest level, but all I need is to prevent non-authorised users from reading the data.
|
|
|
|
|
Hi ,
Can anyone tell me how to create 2 column List Box with default fields and in the 2nd column with variables which can passed during runtime.
(1st column) (2nd column)
Property | Value
Location
Word count
Document count
File size
Last Updated
Created
Please tell how to declare the default values in the 1st column ??
Regards,
Parichay BP
|
|
|
|
|
A better option would be CListCtrl .
Nibu thomas
Software Developer
|
|
|
|
|
|
First, make sure that the control has the LBS_USETABSTOPS style. Second, when adding items to it, separate them with a '\t' character. Last, read MSDN article Q66240.
"Let us be thankful for the fools. But for them the rest of us could not succeed." - Mark Twain
"There is no death, only a change of worlds." - Native American Proverb
|
|
|
|
|
Hi
Please point out an article on Windows Socket Communication
thanx in advance
KK
|
|
|
|
|
|
Searching Code Project and MSDN will help. There are lots of them.
Nibu thomas
Software Developer
|
|
|
|
|
Have a look at MFC samples CHATTER and CHATSRV here[^] to learn the basics.
Hope this helps
--
Roger
It's supposed to be hard, otherwise anybody could do it!
|
|
|
|
|
|
Hi KrishnaKumar,
What are you really searching for? Socket communication in MFC?
- NS -
|
|
|
|
|
Can anyone give me an idea as how you create an MFC ActiveX control using the "MFC ActiveX ControlWizard". Can you provide me some code snippet for creating a very simple ActiveX control and in turn using it in other application(like Internet Explorer etc etc).
|
|
|
|
|
|
First get yourself an idea of what ActiveX controls are and how they work by browsing MSDN here[^].
Or have a look in the article section at CodeProject here[^].
Then you may be able to ask more specific questions.
Getting a piece of code won't do you any good if you don't know what to do with it.
Also, since ActiveX controls are COM objects, you should post further questions regarding this in the COM forum here[^].
--
Roger
It's supposed to be hard, otherwise anybody could do it!
|
|
|
|
|
|
Hi all,
i am writing a simulation for traffic systems.I want to know which view(cview,form view etc..,)is better suited for such type of application.
Thank u all.
HEllo
|
|
|
|
|
It depends on how you want your GUI to look and function.
How do you want your GUI to look and what functionality do you want in it?
I suspect I would create a dialog-based application, or perhaps use CFormView in a SDI application if I want doc/view support.
--
Roger
It's supposed to be hard, otherwise anybody could do it!
|
|
|
|
|
Hi,
I think dialog based application is better, because you can visually place the components ( controls ) directly to the main window.
- NS -
|
|
|
|
|
But how to create lines using drag and drop controls.
HEllo
|
|
|
|