I use Delphi 10.4 community edition and Firebird embedded database.
The problem: I usually store the login passwords in an 'user' table encrypted. This is the algorithm I usually use (I know it is not the hardest to crack but this software only for myself so who bothers?)
function Titkositas(Jelszo: string; Code: LongInt): string;
var
Ciklus: Byte;
begin
RandSeed := Code;
Result := '';
for Ciklus := 1 to Length(Jelszo) do
Result := Result + Chr(Ord(Jelszo[Ciklus]) xor Random(256));
end;
Once it was encrypted I stored it in the table.
procedure TFrmadmin2.BitBtn5Click(Sender: TObject);
var
s, s2, m, t, dt, most: string;
begin
s := '';
s2 := '';
m := '';
t := ''; dt:=''; most:='';
if trim(edit3.Text) = trim(edit4.Text) then
begin
if ((edit1.text <> '') and (edit2.text <> '') and (edit3.text <> '') and (edit4.text <> '')) then
begin
if (not TDM1.MenuTrans.InTransaction) then
TDM1.MenuTrans.StartTransaction;
try
with insertuser do
begin
prepare;
begin
ParamByName('NEV').asString := trim(edit1.Text);
ParamByName('LOGIN').asString := trim(edit2.Text);
ParamByName('PASSWD').asString := Titkositas(trim(edit4.text), 123456); //this is it!!!
listbox1.items.add(Titkositas(trim(edit4.text), 123456));
ParamByName('JOG').AsInteger := strtoint(trim(edit5.Text));
dt:=DateTimeToStr(now);
ParamByname('DATUM').Asstring :=dt;
execproc;
if TDM1.MenuTrans.InTransaction then TDM1.MenuTrans.CommitRetaining;
....
So, it worked perfectly in the past, but now I noticed that the encryption does not function properly (or something else). I have not got a clue what the problem could be: So this should be the password after encryption: a÷~D 2¥
But it is stored in the table: a÷~D 2Y
Can you see the slight difference? It means when I try to log in it does not work because the password I know was changed through the storing process. I thought it could be because of the character set of the Firebird db I registered. I changed it to Unicode, ISO-1, default but nothing was changed.
I double checked the above code so I printed out the encrypted password in a showmessage which showed proper result and then debugged it from row to row and when it was executed then it still showed the right encrypted characters but then when I checked in the table it was slightly different.
Has anyone got an idea what the problem could be?
XOR-ed string is not a string anymore. It is an array of bytes. You cannot handle it as a string, store as string, etc because for strings the range of valid codes is limited and strings transformations between charsets may be irreversible.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.