{{tag>category:"OpenInsight 32-bit" author:"Keith Alvey" author:"Robert Catalano" author:"bob carten" author:"bshumsky" author:"Bob Carten"}}

[[https://www.revelation.com/the-works|Join The Works program to have access to the most current content, and to be able to ask questions and get answers from Revelation staff and the Revelation community]]


==== CRYPT32.dll (OpenInsight 32-bit) ====
=== At 29 JAN 2013 04:50:13AM Keith Alvey wrote: ===
 
 
<QUOTE>
Hi all,



Has anyone used Crypt32.dll to generate SHA256 level encrpyted data.



If so, can someone enlighten me as to the dll declarations required and any code examples would be gratefully received.



I am on the 9.3.2 software and have looked at the RTI_CRYPTO function, but this appears to not include any SHA256 level encryption.



TIA



Keith


</QUOTE>
----

=== At 29 JAN 2013 08:21AM Robert Catalano wrote:  ===

<QUOTE>Hi Keith,



Included in OpenInsight 9.3.2 is Data Encryption at Rest.  Please see the following document: [url=http://www.revelation.com/o4wtrs/KB_Articles/KB0290.htm]OpenInsight Data Encryption (RTIDER).[/url]



Robert Catalano | Revelation Software

Director of Sales

99 Kinderkamack Road |  First Floor | Westwood, NJ 07675 USA

V: +1 800.262.4747 | F: +1 201.722.9815

[email=rcatalano@revelation.com]rcatalano@revelation.com[/email] | [url=http://www.revelation.com]www.revelation.com[/url]

</QUOTE>

----

=== At 29 JAN 2013 10:43AM Keith Alvey wrote:  ===

<QUOTE>Hi Robert,



I dont believe RTIDER will use SHA 256 specifically at present. however, I have received an email from Bill C stating that he has received an update that includes this. I am waiting on this before going any further on this.



Thanks



Keith

</QUOTE>

----

=== At 29 JAN 2013 12:26PM bob carten wrote:  ===

<QUOTE>Hi Keith,



RTI_CRYPTO implements SHA_1, which is not SHA256. So, the update that I provided to Bill will not quite get you there.

I'll get you another example.







</QUOTE>

----

=== At 31 JAN 2013 02:53PM bob carten wrote:  ===

<QUOTE>Hi Keith,



We will add support for SHA256 to RTI_Crypto in a future release.

In the meantime, here is an example of how to implement it in your own application.

The trick is to employ the open source encryption libraries available at [url=https://code.google.com/p/crypto-js/]https://code.google.com/p/crypto-js/[/url] and activate them using the windows scripting host.  See the  RTI_SHA256_EXAMPLE below.



The crypto-js library has a raft of hashing and cipher functions, all of which can be implemented in OpenInsight using a variation on this example.




<code>
Function RTI_SHA256_EXAMPLE(method, param1,param2,param3)

/*

** SHA256 is considered secure as of 30Jan2013

** This example uses an open source ( BDS License) javascript library to implement SHA256 in OpenInsight.

** See code.google.com/p/crypto-js

**

** Download the latest crypto-js.vxxx.zip

** Unzip it

** Open the Rollups folder

** Open the SHA256.js file using notepad

** Create an insert named RTI_CRYPTOJS_SHA256_EXAMPLE_JS

** Line 1 is compile insert RTI_CRYPTOJS_SHA256_EXAMPLE_

** paste the contents of the SHA256.js file into the insert, then save it.

** copy, paste and compile this program

**

** usage:  hexEncodedHash = RTI_SHA256_Example('hex_sha256', plainTextValue)

*/



Declare Function repository



$Insert Logical

Equ crlf$ To \0D0A\



common /rti_SHA256_example_com/ oScript,bInitialized, oCrypto

if assigned(bInitialized) else bInitialized = ''

If bInitialized = 1 Else

	Gosub Init

End



If Assigned(method) Else method = ''

retval = ''

Begin Case

	Case method _eqc 'hex_sha256'

		s = If Assigned(param1) Then param1 Else ''

		status = ( s # '' )

		If status then

			* use the crypt object to do the work

			* It returns another object of type WordArray

			wordArray = OleCallMethod( oCrypto, 'SHA256', s)

			status = ( olestatus() eq 0 )

		End

		If status then

			* Use the stringify method of the wordArray.

			* It emits a hex-encoded version of the hash

			hexString = OleCallMEthod(wordArray, 'toString')

			status = ( olestatus() eq 0 )

		End

		If status then

			transfer hexString To retval

		end

End Case



Return retval



Init:



* Create the host control, use a common variable so it will persist

oScript = OLECreateInstance("MSScriptControl.ScriptControl")

oScript->Language = "JScript"

codeObject = ''

oCrypto = ''



* Add the JavaScript Library obtained from google.code

work = Repository('ACCESS', 'SYSPROG*STPROCINS**RTI_CRYPTOJS_SHA256_EXAMPLE_JS')

status = ( work # '' )



If status then

	Swap crlf$ With @fm In work

	jsCode = Delete(work, 1, 0,0)

	Swap @fm With crlf$ In jscode

	

	x = oScript->AddCode( jsCode )

	status = ( olestatus() eq 0 )

End



* Extract the Crypto object so we can use it as its own full fledged OLE object

If status then

	codeObject = oScript->CodeObject

	oCrypto = OleGetProperty(codeObject, 'CryptoJS')

	status = ( olestatus() eq 0 )

End

bInitialized = status

return
</code>


</QUOTE>

----

=== At 31 JAN 2013 03:46PM bshumsky wrote:  ===

<QUOTE>
<QUOTE>Hi Robert,



I dont believe RTIDER will use SHA 256 specifically at present. however, I have received an email from Bill C stating that he has received an update that includes this. I am waiting on this before going any further on this.



Thanks



Keith</QUOTE>



Hi, Keith.  I'm wondering, if I may, what you're planning to use the SHA256 encryption for? Perhaps we can help discover if there's a different, less difficult (for you to implement) approach to take that will accomplish the same purpose?



Thanks,



- Bryan Shumsky

[url=http://www.revelation.com]Revelation Software, Inc.[/url]

</QUOTE>

----

=== At 01 FEB 2013 04:45AM Keith Alvey wrote:  ===

<QUOTE>Hi Brian



Thanks for the response.

Unfortunately we need to use SHA256 encryption as this is a requirement of a UK government department when sending certain personal data to them.



Keith

</QUOTE>

----

=== At 01 FEB 2013 05:21AM Keith Alvey wrote:  ===

<QUOTE>Hi Bob,



Many thanks for the coding suggestion, however in the initialise coding you refer to the addcode method 



Is this something that should automatically work within OI9.3.2, or is there something I need to do to make this work.

If the latter, can you give me some pointers please, if the former, then I am missing something somewhere ...

On testing

                x = oScript->AddCode(jsCode)

                Status   = (OleStatus() = 0)

OleStatus() returns -2147352567



I should add that this has been tested on both Windows XP and Windows 7 with the same results



Thanks



Keith



</QUOTE>

----

=== At 01 FEB 2013 08:05AM Keith Alvey wrote:  ===

<QUOTE>Hi Bob,



Further to previously ...



I have managed to get a stage further ... by using the source  version of the download from the website, http://crypto-js.googlecode.com/svn/tags/3.1.2/src/SHA256.js, and removing the starting and trailing parentheses I now get past the AddCode problem. When opened from the unzipped version the contents still appear to be compressed / unformatted.



However, I now fall down on the following section,

                CodeObject        = oScript->CodeObject

                oCrypto                = OleGetProperty(CodeObject, 'CryptoJS')

                Status                   = (OleStatus() = 0)



CodeObject is reported as <idispatch>, which seems reasonable, however the OleStatus() reports error code -2147352570



I have also tried using the pre-supplied insert 'SYSPROG*STPROCINS**RTI_HASHTABLE2_SCRIPT' and this generates the same error



I am guessing that there may be an issue with the ‘CryptoJS’ property ... ??

I have tried with some obvious variations on this but with no luck



Regards



Keith



</QUOTE>

----

=== At 01 FEB 2013 08:45AM Bob Carten wrote:  ===

<QUOTE>



Hi Keith,



The OLE error on addcode means that there is an error in the script.  I'm guessing that your insert is not  correct. I should be identical to the one shown below.  I put an RDK of my program and insert on google drive.  See [url=https://docs.google.com/file/d/0B32cDbLL-miwbkplcmNtWHYzYkU/edit?usp=sharing]RDK_SHA256_EXAMPLE_20130201[/url]



FWIW Addcode is a method on the windows scripting host, not OpenInsight. What I am doing here is embedding the windows scripting host in an OI program, then using it to expose javascript functions to OI as if they were basic+ programs.  This is a very powerful technique.  It means that all of the JavaScript libraries on Google code or other repositories are available to us.  In the case of encryption, using open source public libraries from google code means that an auditor should accept that the encryption is implemented correctly.






<code>


compile Insert RTI_CRYPTOJS_SHA256_EXAMPLE_JS

/*

CryptoJS v3.1.2

code.google.com/p/crypto-js

(c) 2009-2013 by Jeff Mott. All rights reserved.

code.google.com/p/crypto-js/wiki/License

*/

var CryptoJS=CryptoJS||function(h,s){var f={},t=f.lib={},g=function(){},j=t.Base={extend:function(a){g.prototype=this;var c=new g;a&&c.mixIn(a);c.hasOwnProperty("init")||(c.init=function(){c.$super.init.apply(this,arguments)});c.init.prototype=c;c.$super=this;return c},create:function(){var a=this.extend();a.init.apply(a,arguments);return a},init:function(){},mixIn:function(a){for(var c in a)a.hasOwnProperty(c)&&(this[c]=a[c]);a.hasOwnProperty("toString")&&(this.toString=a.toString)},clone:function(){return this.init.prototype.extend(this)}},

q=t.WordArray=j.extend({init:function(a,c){a=this.words=a||[];this.sigBytes=c!=s?c:4*a.length},toString:function(a){return(a||u).stringify(this)},concat:function(a){var c=this.words,d=a.words,b=this.sigBytes;a=a.sigBytes;this.clamp();if(b%4)for(var e=0;e<a;e++)c[b+e>>>2]|=(d[e>>>2]>>>24-8*(e%4)&255)<<24-8*((b+e)%4);else if(65535<d.length)for(e=0;e<a;e+=4)c[b+e>>>2]=d[e>>>2];else c.push.apply(c,d);this.sigBytes+=a;return this},clamp:function(){var a=this.words,c=this.sigBytes;a[c>>>2]&=4294967295<<

32-8*(c%4);a.length=h.ceil(c/4)},clone:function(){var a=j.clone.call(this);a.words=this.words.slice(0);return a},random:function(a){for(var c=[],d=0;d<a;d+=4)c.push(4294967296*h.random()|0);return new q.init(c,a)}}),v=f.enc={},u=v.Hex={stringify:function(a){var c=a.words;a=a.sigBytes;for(var d=[],b=0;b<a;b++){var e=c[b>>>2]>>>24-8*(b%4)&255;d.push((e>>>4).toString(16));d.push((e&15).toString(16))}return d.join("")},parse:function(a){for(var c=a.length,d=[],b=0;b<c;b+=2)d[b>>>3]|=parseInt(a.substr(b,

2),16)<<24-4*(b%8);return new q.init(d,c/2)}},k=v.Latin1={stringify:function(a){var c=a.words;a=a.sigBytes;for(var d=[],b=0;b<a;b++)d.push(String.fromCharCode(c[b>>>2]>>>24-8*(b%4)&255));return d.join("")},parse:function(a){for(var c=a.length,d=[],b=0;b<c;b++)d[b>>>2]|=(a.charCodeAt(b)&255)<<24-8*(b%4);return new q.init(d,c)}},l=v.Utf8={stringify:function(a){try{return decodeURIComponent(escape(k.stringify(a)))}catch(c){throw Error("Malformed UTF-8 data");}},parse:function(a){return k.parse(unescape(encodeURIComponent(a)))}},

x=t.BufferedBlockAlgorithm=j.extend({reset:function(){this._data=new q.init;this._nDataBytes=0},_append:function(a){"string"==typeof a&&(a=l.parse(a));this._data.concat(a);this._nDataBytes+=a.sigBytes},_process:function(a){var c=this._data,d=c.words,b=c.sigBytes,e=this.blockSize,f=b/(4*e),f=a?h.ceil(f):h.max((f|0)-this._minBufferSize,0);a=f*e;b=h.min(4*a,b);if(a){for(var m=0;m<a;m+=e)this._doProcessBlock(d,m);m=d.splice(0,a);c.sigBytes-=b}return new q.init(m,b)},clone:function(){var a=j.clone.call(this);

a._data=this._data.clone();return a},_minBufferSize:0});t.Hasher=x.extend({cfg:j.extend(),init:function(a){this.cfg=this.cfg.extend(a);this.reset()},reset:function(){x.reset.call(this);this._doReset()},update:function(a){this._append(a);this._process();return this},finalize:function(a){a&&this._append(a);return this._doFinalize()},blockSize:16,_createHelper:function(a){return function(c,d){return(new a.init(d)).finalize(c)}},_createHmacHelper:function(a){return function(c,d){return(new w.HMAC.init(a,

d)).finalize(c)}}});var w=f.algo={};return f}(Math);

(function(h){for(var s=CryptoJS,f=s.lib,t=f.WordArray,g=f.Hasher,f=s.algo,j=[],q=[],v=function(a){return 4294967296*(a-(a|0))|0},u=2,k=0;64>k;){var l;a:{l=u;for(var x=h.sqrt(l),w=2;w<=x;w++)if(!(l%w)){l=!1;break a}l=!0}l&&(8>k&&(j[k]=v(h.pow(u,0.5))),q[k]=v(h.pow(u,1/3)),k++);u++}var a=[],f=f.SHA256=g.extend({_doReset:function(){this._hash=new t.init(j.slice(0))},_doProcessBlock:function(c,d){for(var b=this._hash.words,e=b[0],f=b[1],m=b[2],h=b[3],p=b[4],j=b[5],k=b[6],l=b[7],n=0;64>n;n++){if(16>n)a[n]=

c[d+n]|0;else{var r=a[n-15],g=a[n-2];a[n]=((r<<25|r>>>7)^(r<<14|r>>>18)^r>>>3)+a[n-7]+((g<<15|g>>>17)^(g<<13|g>>>19)^g>>>10)+a[n-16]}r=l+((p<<26|p>>>6)^(p<<21|p>>>11)^(p<<7|p>>>25))+(p&j^~p&k)+q[n]+a[n];g=((e<<30|e>>>2)^(e<<19|e>>>13)^(e<<10|e>>>22))+(e&f^e&m^f&m);l=k;k=j;j=p;p=h+r|0;h=m;m=f;f=e;e=r+g|0}b[0]=b[0]+e|0;b[1]=b[1]+f|0;b[2]=b[2]+m|0;b[3]=b[3]+h|0;b[4]=b[4]+p|0;b[5]=b[5]+j|0;b[6]=b[6]+k|0;b[7]=b[7]+l|0},_doFinalize:function(){var a=this._data,d=a.words,b=8*this._nDataBytes,e=8*a.sigBytes;

d[e>>>5]|=128<<24-e%32;d[(e+64>>>9<<4)+14]=h.floor(b/4294967296);d[(e+64>>>9<<4)+15]=b;a.sigBytes=4*d.length;this._process();return this._hash},clone:function(){var a=g.clone.call(this);a._hash=this._hash.clone();return a}});s.SHA256=g._createHelper(f);s.HmacSHA256=g._createHmacHelper(f)})(Math);


</code>






</QUOTE>

----

=== At 01 FEB 2013 10:10AM Keith Alvey wrote:  ===

<QUOTE>Hi Bob



Thanks very much for your help.

I have now got it working.  I think it may have been a glitch in copying some of the code around.



Regards

Keith

</QUOTE>


[[https://www.revelation.com/revweb/oecgi4p.php/O4W_HANDOFF?DESTN=O4W_RUN_FORM&INQID=WORKS_READ&SUMMARY=1&KEY=FE759F85A94DFABAB3C407C6C|View this thread on the Works forum...]]