# VBForums CodeBank > CodeBank - Visual Basic 6 and earlier >  vb6 - encryption function

## mogvonkupo

I don't know if it works with other versions...
it's a function to encrypt/decrypt a string using a key...
original is the string to encrypt, operator is wether you encrypt or decrypt, and clef is a 6 different letters string (it'll work with other characters as well or with twice the same letter but you'll lose the last charater(s) of the array)

here's the code, paste it in your projects, have fun^^


VB Code:
Public Function encription(original As String, operator As Boolean, clef As String)
    If Len(clef) = 6 Then
        Dim i, j, k As Long
        Dim a1, a2, b1, b2, temp, intdecrypt(0 To 35) As Byte
        Dim str, result, strdecrypt(0 To 5, 0 To 5) As String
         For i = 0 To 5
            intdecrypt(i) = Asc(Mid(LCase(clef), i + 1, 1))
        Next i
         temp = 97
         For i = 6 To 35
            Do Until intdecrypt(i) <> 0
                If Not (intdecrypt(0) = temp Or intdecrypt(1) = temp Or intdecrypt(2) = temp Or intdecrypt(3) = temp Or intdecrypt(4) = temp Or intdecrypt(5) = temp) Then intdecrypt(i) = temp
                temp = temp + 1
                If temp = 123 Then temp = 32
                If temp = 35 Then temp = 39
                If temp = 42 Then temp = 44
                If temp = 47 Then temp = 63
            Loop
        Next i
         For i = 0 To 5
            For j = 0 To 5
                strdecrypt(i, j) = Chr(intdecrypt((6 * i) + j))
            Next j
        Next i
         For i = 1 To Len(original)
            Select Case Asc(Mid(original, i, 1))
            Case 32 To 34, 39 To 41, 44 To 46, 63
                str = str & Mid(original, i, 1)
            Case 65 To 90
                str = str & Chr(Asc(Mid(original, i, 1)) + 32)
            Case 97 To 122
                str = str & Mid(original, i, 1)
            End Select
        Next i
         If Len(str) Mod 2 = 1 Then str = str & "q"
         For i = 1 To Len(str) Step 2
            For j = 0 To 5
                For k = 0 To 5
                    If Mid(str, i, 1) = strdecrypt(j, k) Then
                    a1 = j
                    a2 = k
                    End If
                Next k
            Next j
            For j = 0 To 5
                For k = 0 To 5
                    If Mid(str, i + 1, 1) = strdecrypt(j, k) Then
                    b1 = j
                    b2 = k
                    End If
                Next k
            Next j
                If operator = False Then
                    result = result & strdecrypt(a2, b1) & strdecrypt(b2, a1)
                Else
                    result = result & strdecrypt(b2, a1) & strdecrypt(a2, b1)
                End If
        Next i
         If Not result = "" Then
            If Mid(result, Len(result), 1) = "q" Then result = Left(result, Len(result) - 1)
        End If
         encription = result
    Else
        encription = "clef invalide"
    End If
End Function

it can probably be optimized, but i thinks it's working well this way...

one way to call this script would be:


VB Code:
MsgBox encription("hi guys", False, "abcdef")

hope you enjoy it
(i've also translated it in vbscript and am trying for other languages)

----------


## CodeBlock

Hi

When it comes to checking Passwords, it is not the issue of only encryption (though it is one part), but the neccessity to use a Key. Using One-way-Only encryption methods like MD5 or SHA1 (i prefer MD5), you can secure your data. This way if your original password is "test123" your MD5 result might be:

cc03e747a6afbbcbf8be7668acfebee5

Its so impossible to get the source string that made it: "cc03e747a6afbbcbf8be7668acfebee5" by anybody (thats y it is called one-way encryption, which has no decryption)

This raises a Question!

So, how do u check for your password??

Suppose, you have this MD5 encrypted password stored in your database (its better to store sensitive things in encrypted form). Ask the client to encrypt the password before sending over the Network. So the Server will check whether the stored "cc03e747a6afbbcbf8be7668acfebee5" and the incoming "cc03e747a6afbbcbf8be7668acfebee5" are the same. Since MD5 encryption is always the same in any OS, this will work.

If your password is stored unencrypted (that is as "test123" itself. RAW) in your database, follow this method:

The Server sends a key (any random generated string) to the client. The client then appends (or prepends or manipulates somehow) with the original password "test123" and then applies the encryption and sends it back. This way, the encryption is always different each time, even though the password is the same. In the meantime the server also does the same process of appending the key with the original password and keeps it ready with encryption for checking. An example might clear this more properly:

Original password in Server Database: "test123"
Server generates a random key: "hsozjr15sd86e"
Server Sends it to -> Client
Client receives "hsozjr15sd86e"
Client prompts for the password from user.
User Enters: "test123"
Client joins the password and the key: "test123hsozjr15sd86e"
The result is encrypted with MD5: "4a5f6722b66de40dffe0a3e2028bf6a6"
Client Sends the encrypted pass&key to server "4a5f6722b66de40dffe0a3e2028bf6a6"
Server does the same procedure (both have to match)
Server appends the key with password(from database): "test123hsozjr15sd86e"
Server makes MD5: "4a5f6722b66de40dffe0a3e2028bf6a6"
Server checks with the client data: "4a5f6722b66de40dffe0a3e2028bf6a6"="4a5f6722b66de40dffe0a3e2028bf6a6"
Server confirms, creates a Session and grants access!

For MD5 Encryption:
Download: vbCrypt.dll.zip [11.9 KB]

Copy it somewhere safe (probably system32 folder) Add this DLL in Projects->References.


VB Code:
Private Sub Form_Load()
    Dim ObjCrypt As New vbCrypt.EncryptionTools
        MsgBox ObjCrypt.MD5HashString("test123")
        'Results: CC03E747A6AFBBCBF8BE7668ACFEBEE5
End Sub

Download the Full vbCrypt File w/ Sample Projects(22.1 KB)

HTH
Neo

--
If your post is resolved, do not forget to edit your subject appended with "[RESOLVED]"

----------

