The CodeBurst Library for WebSiphon provides strong encryption support for WebSiphon scripts. The software uses the Blowfish algoritm from Counterpane Systems and is available in a U.S. Domestic version and an export version (64-bit keys) for outside the U.S.
Additionally MD5 and SHA1 hash functions were added to version 2.
Uses the RSA
Data Security, Inc. MD5 Message-Digest Algorithm
Uses SHA-1 code that is Copyright © The Internet Society (2001). All Rights
Reserved.
You are permitted to test the demo version of the software for 30 days.
The demo provides a fully functional 8-bit key package and provides hashes of up to 8 character strings with MD5 and SHA1.
In addition to the demo using only 8-bit keys, it does not support CBC mode. If you use the CBC routines, the demo will still use ECB mode.
If you pass the decode routines a string that was not created by the matching encode routine (with the proper key and CBC values) you will get an error. You can use the routine to create highly "tamper-resistant" hidden CGI arguments, URLs, database records, and cookies because the encrypted data also contains a CRC hash to protect the integrity of the data.
Drag and drop the library file into your (Builtin) folder in your Libraries folder within your WebSiphon Data folder and restart WebSiphon.
The encode routines accept a WebSiphon string and return a URL safe string representing the encoded string.
The library provides Blowfish in both ECB and CBC modes with the following four routines:
res = CodeBurstEncode(keyString, dataString, htmlSafe);
res = CodeBurstDecode(keyString, dataString);
res = CodeBurstEncodeCBC(keyString, dataString, int1, int2, htmlSafe);
res = CodeBurstDecodeCBC(keyString, dataString, int1, int2);
res = CodeBurstMD5(dataString);
res = CodeBurstSHA1(dataString);
In CBC mode you provide two integers that are used as initial values for the 8-byte chain value (again, the demo's CBC routines actually use ECB).
For either type of encode routines, provide either 1 or 0 as the htmlSafe argument. When set to 1, the string, a base64 encoded string, will have all "+" characters replaced with "." so the string can be used in URLs without the "+" being interpretted or changed to a space, as may happen when used in some situations. The decode routine automatically handles htmlSafe and "unsafe" strings properly.
The result returned by both the encrypt, decrypt, MD5 and SHA1 routines is a list:
[0, "string"]
and for CBC mode
[0, "string", int1, int2]
The first value is the error code (0 indicates success) and any other value indicates an error, either low memory, or in the case of decode, a wrong key, or a corrupt encrypted string. The second value is the encrypted or decrypted string — base64 encoded so that you can use the value of the string safely. The last two values (CBC only) are integers, reflecting the ending chain values.
Remember that the demo version only uses the FIRST character of your key string, which restricts you to 8-bit keys.
The demo, although functional is not very secure. Downloading WebSTAR, WebSiphon, and this library would enable someone to easily break the 8-bit encryption, by trying all 256 keys.
ECB or Electronic Codebook means that each time Blowfish sees the same 8 bytes, they encode the same way. With CBC or Cipher Block Chaining, a set of 8-bytes are computed during encryption and are XORed with the resulting code blocks. This results in repeated 8-byte blocks are encrypting differently. Using CBC also means you have to have both the decryption key and the original CBC values to decrypt your data.
The CodeBurst Library for WebSiphon is $99US per server and may be purchased online at: digitalstore.com.
CodeBurst is a trademark of Dantowitz Consulting & Research, Inc.