Free Encryption

  • jsleichty (7/25/2008)


    Has anyone used the xp_blowfish dll on SQL 2005? We just moved to a new server and we're getting error messages to the effect.

    Could not load the DLL C:\Program Files\Microsoft SQL Server\90\Tools\binn\Encryption DLL\xp_blowfishdecrypt.dll, or one of the DLLs it references. Reason: 193(C:\Program Files\Microsoft SQL Server\90\Tools\binn\Encryption DLL\xp_blowfishdecrypt.dll is not a valid Win32 application.).

    Hi js,

    You don't happen to be running it on a 64-bit server do you? The DLL was only compiled for 32 bit. The source code is available somewhere on SSC (sorry I don't have a current link), but you could d/l and compile for 64 bit if necessary. I usually recommend avoiding XPs on SQL 2005, since they are deprecated. In this instance SQL 2005 provides native T-SQL encryption functionality.

    Thanks

    Mike C

  • I am trying to decrypt data that was encrypted via PHP/mcrypt and stored in a MySQL database originally. We have a SQL Server that needs to process some of the data, and I am unable to decrypt any of the data using the blowfish decrypt xp.

    I can encrypt and decrypt fine on SQL Server, but am having difficulty with the data originating on the other system.

    Thanks

  • Ed Mays (10/6/2008)


    I am trying to decrypt data that was encrypted via PHP/mcrypt and stored in a MySQL database originally. We have a SQL Server that needs to process some of the data, and I am unable to decrypt any of the data using the blowfish decrypt xp.

    I can encrypt and decrypt fine on SQL Server, but am having difficulty with the data originating on the other system.

    Thanks

    Hi Ed,

    The data encrypted in PHP/mcrypt could have been encrypted with any number of options, and was probably encrypted with a different key. The options that affect the encryption/decryption process include:

    * Algorithm used

    * Key length (bits), content

    * Block mode

    * Initialization Vector (IV)/Salt length, content

    * Padding options

    If any one of these factors is different you can't decrypt the data. This particular tool wasn't really designed to decrypt data from external sources, but rather to demonstrate SQL 2000-specific encryption. You'll find the same issues on other platforms, like SQL 2005 or 2008 with built-in encryption. I would decrypt the data using PHP/mcrypt, and reencrypt on SQL Server rather than trying to directly decrypt the already PHP/mcrypt-encrypted data on SQL Server.

    Thanks

    Mike C

  • Hi Ed,

    The data encrypted in PHP/mcrypt could have been encrypted with any number of options, and was probably encrypted with a different key. The options that affect the encryption/decryption process include:

    * Algorithm used

    * Key length (bits), content

    * Block mode

    * Initialization Vector (IV)/Salt length, content

    * Padding options

    Mike C

    Am I correct that there's no way some of these options (i.e. initialization vector) are not configurable in this tool?

  • Ed Mays (10/6/2008)


    Hi Ed,

    The data encrypted in PHP/mcrypt could have been encrypted with any number of options, and was probably encrypted with a different key. The options that affect the encryption/decryption process include:

    * Algorithm used

    * Key length (bits), content

    * Block mode

    * Initialization Vector (IV)/Salt length, content

    * Padding options

    Mike C

    Am I correct that there's no way some of these options (i.e. initialization vector) are not configurable in this tool?

    With these sample XP's the only way to change most of these options is by modifying the C++ source code and recompiling. SQL 2005/2008 encryption won't be much help to you either since they choose random IVs and use preset block mode and padding options. Again, this sample code wasn't designed to decrypt data that was previously encrypted using other tools. You could probably force the issue by modifying the C++ source code to match the configuration you want, but it might be more trouble than it's worth.

    Mike C

  • HI All,

    I have same problem found in SQL Error Log in SQL 2005, last time is running daily successfully but only this few days I received error. Anyone can help me to find out what is the issue? Below is the error I found in error logs.

    2009-10-26 13:43:06.34 spid59 Error: 18002, Severity: 20, State: 1.

    2009-10-26 13:43:06.34 spid59 Exception happened when running extended stored procedure 'xp_makewebtask' in the library 'xpweb90.dll'. SQL Server is terminating process 59. Exception type: Win32 exception; Exception code: 0xc0000005.

    2009-10-26 13:44:00.22 spid141 Using 'dbghelp.dll' version '4.0.5'

    2009-10-26 13:44:00.23 spid141 ***Stack Dump being sent to V:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\LOG\SQLDump0340.txt

    2009-10-26 13:44:00.23 spid141 SqlDumpExceptionHandler: Process 141 generated fatal exception c0000005 EXCEPTION_ACCESS_VIOLATION. SQL Server is terminating this process.

    2009-10-26 13:44:00.23 spid141 * *******************************************************************************

    2009-10-26 13:44:00.23 spid141 *

    2009-10-26 13:44:00.23 spid141 * BEGIN STACK DUMP:

    2009-10-26 13:44:00.23 spid141 * 10/26/09 13:44:00 spid 141

    2009-10-26 13:44:00.23 spid141 *

    2009-10-26 13:44:00.23 spid141 *

    2009-10-26 13:44:00.23 spid141 * Exception Address = 000007FF7FC51D71 Module(msvcrt+0000000000051D71)

    2009-10-26 13:44:00.23 spid141 * Exception Code = c0000005 EXCEPTION_ACCESS_VIOLATION

    2009-10-26 13:44:00.23 spid141 * Access Violation occurred reading address 0000000000000000

    2009-10-26 13:44:00.23 spid141 * Input Buffer 86 bytes -

    2009-10-26 13:44:00.23 spid141 * EXEC dbo.prc_sendMailKillQueries

  • Ayie, that's a completely different set of stored procedures. I haven't seen the xp_makewebtask proc in a long time to be honest. Check your server settings and make sure it's installed. It looks like this thing is trying to send an email, you might want to check into the databasemail functionality in SQL 2005 instead.

  • HI Mike,

    Thanks for your reply,

    Last time is working fine, we are using blatmail external application to send a mail. but only this few days is having an error. everytime they sending mail with attach htm file is creating a dump file. can anyone help me for this error.

    Thanks

  • Will BlowFish or TwoFish work with image data ?? I downloaded the latest SQL toolkit and Tried running TwoFish after modifying it to handle image data converted to varbinary(max). The data came back as NULL, instead of encrypted. Either I did something wrong (very likely), or there's some limitation in the DLL for length, or there's some other problem I don't understand.

    --modified fn_encrypt_twofish in the hopes it will work with bigger data

    CREATE FUNCTION [dbo].[fn_encrypt_twofish_max] (@plaintext VARBINARY(max),

    @localkeyname VARCHAR(128),

    @password VARCHAR(128),

    @keybits INT)

    RETURNS VARBINARY(max)

    AS

    BEGIN

    DECLARE @masterkey VARBINARY(64)

    DECLARE @localkey VARBINARY(80)

    SELECT @masterkey = m.[Key], @localkey = l.[Key]

    FROM dbo.Local_Key_Vault l, dbo.Master_Key_Vault m

    WHERE l.[name] = @localkeyname

    AND l.[master_key_name] = m.[name]

    DECLARE @enctext VARBINARY(max)

    EXEC dbo.xp_encrypt_twofish @plaintext, @enctext OUTPUT, @password, @masterkey, @localkey, @keybits

    RETURN @enctext

    END

    and then ran

    -- Encrypt data

    UPDATE MyTable

    SET VoiceData = cast(master.dbo.fn_encrypt_twofish_max(VoiceData ,

    'Local Key 1', NULL, 32) AS VARBINARY(max))

    Thoughts ?

    TIA

  • On sql 2005 and later you should go with the built-in encryption functionality. Extended procs are deprecated since 2005 in favor of clr. The built-in functionality is also more efficient since it lives in t-sql. You're still restricted to 8000 bytes per encryption call by default though. There are a couple of ways around that limitation--you can encrypt lob data in 8000 byte chunks (requires you to write udf/sp) or do it in clr (I posted a blog about this a while ago, but you'll have to google it "encrypt lob data sql server" because I don't have the link handy. These xp's really were meant to provide encryption on sql 2000 only, and there are better alternatives on 2005 and 2008.

    Update - Here's the link to encrypting a BLOB in CLR: http://sqlblog.com/blogs/michael_coles/archive/2009/04/08/let-s-encrypt-a-blob.aspx

    Thanks

    Mike C

  • Thanks for the link. Is there any way to create a function within SQL ? I don't know anything about C#.

  • You can write a t-sql udf that chops your data into ~7800 byte chunks (symmetric encryption adds some bytes of overhead). Then concatenate the encrypted string back together. To decrypt do the opposite.

  • Mike C (4/5/2010)


    On sql 2005 and later you should go with the built-in encryption functionality. Extended procs are deprecated since 2005 in favor of clr. The built-in functionality is also more efficient since it lives in t-sql. You're still restricted to 8000 bytes per encryption call by default though. There are a couple of ways around that limitation--you can encrypt lob data in 8000 byte chunks (requires you to write udf/sp) or do it in clr (I posted a blog about this a while ago, but you'll have to google it "encrypt lob data sql server" because I don't have the link handy. These xp's really were meant to provide encryption on sql 2000 only, and there are better alternatives on 2005 and 2008.

    Update - Here's the link to encrypting a BLOB in CLR: http://sqlblog.com/blogs/michael_coles/archive/2009/04/08/let-s-encrypt-a-blob.aspx

    Thanks

    Mike C

    Hi Mike,

    Any chance that you could post the 64 bit versions of your 32 bit dlls? I know you've given the source code but I don't have a 64 bit development environment to compile it on. We're in the middle of moving to 64 bit SQL2008 and have used your blowfish udf on several columns of our data and the 32 bit dlls don't work.

    Thanks,

    Todd

  • Hi Mike,

    I'm trying to get the source for the SQL 2000 DBA Toolkit using http://www.sqlservercentral.com/products/mcoles/default.asp, so that I can recompile it for x64. I see that the link is dead. Has the code been moved to a different site or is it a URL mistake?

    Can anyone post the SQL 2000 DBAToolkit source (if you happen to have it)?

    Thanks,

    Philip

  • philip.manual (7/2/2010)


    Hi Mike,

    I'm trying to get the source for the SQL 2000 DBA Toolkit using http://www.sqlservercentral.com/products/mcoles/default.asp, so that I can recompile it for x64. I see that the link is dead. Has the code been moved to a different site or is it a URL mistake?

    Can anyone post the SQL 2000 DBAToolkit source (if you happen to have it)?

    Thanks,

    Philip

    I have the source but no ability to recompile to x64.

    This is the reply I got from Michael in July 2010.

    Hi Richard,

    Thanks for the kind words. I’m actually working on a SQL 2005/2008 CLR-based version that includes a lot of the same functionality, plus some. Other than the occasional request for source code for those who want to compile it on x64 I haven’t added any functionality to the SQL 2000 version – and probably won’t. If you’d like to tweak it specifically for SQL 2000 platform, I can send you the source code.

    Thanks

    Michael

    So. I have a 2MB zip file from Michael. I'm sure if you drop him an email, he'll be happy to send you the source.

    I have VC9 Express Edition. I don't think it can cross compile.

    If it can, I'd like someone to do a walkthrough with me. I use it to compile PHP. But I only follow a recipe (buildconf, config.nice, nmake - more or less). No GUI involved.

    Regards,

    Richard Quadling.

Viewing 15 posts - 121 through 135 (of 153 total)

You must be logged in to reply to this topic. Login to reply