banr_bklrx.gificon_bw_about.gif (884 bytes)banr_homex_ico.gif (1035 bytes)banr_howbuyx_ico.gif (1114 bytes)banr_descfrx_ico.gif (1119 bytes)banr_hascfrx_ico.gif (1223 bytes)

crypt_tools4swdev.gif (2298 bytes)
Example Project: VB Triple-DES File Encryption Utility
using the TDEScipher 32-bit DLL

Download Example Project | View Source Code Listing (Partial)
(see notes before downloading)

tdesutilr1.gif (9922 bytes)
tdeskeys.gif (3456 bytes) Description: This example project illustrates how to use the TDEScipher/DLL in the Visual Basic development environment. TDESutil employs TDEScipher/DLL to build a file encryption utility that supports both DES and TDEA (Triple-DES) modes of encryption.
   The application first presents the user with a form (see above) to select a file. Once the file is selected, the application determines if the user-selected file is encrypted, or not encrypted. If not encrypted, the "DES Encrypt" and "TDEA Encrypt" buttons are enabled as shown above. If the file is encrypted, only the "Decrypt" button is enabled.
   Following user selection of one of the "action" buttons, the application then presents the Key Input Form (see left). If the file was Triple-DES encrypted, or if the user selected the "TDEA Encrypt" button the form is presented with all key inputs enabled as shown in the figure to the left. If the user-selected file was DES-encrypted, or if the user selected the "DES Encrypt" button then the Key 2 and Key 3 inputs are disabled.
   User selection of the "Okay" button on the Key Input form causes the selected operation to commence. The file is encrypted or decrypted using the mode and key(s) input by the user.

TDESutil creates a file header which is prepended to each file during the encryption process. This 128 byte header contains data that allows TDESutil to later identify the file as an encrypted file, and also determine what mode of encryption was used. The file header concept illustrated in TDESutil can easily be extended to add a variety of additional features; e.g.:

  1. A hash of the key value(s) can be stored in the header to confirm that the correct value has been entered by the user prior to decrypting a file. This avoids "file mangling" resulting from decrypting the file with the incorrect key value(s).
  2. In some cases it is desirable to hide the original file name of the un-encrypted file. The original file name can be stored in the header as an encrypted string using the same key value(s) used to encrypt the file. The encrypted file may then be assigned a meaningless, random file name. The original file name may then be restored when the file is decrypted.
  3. Digital signatures, time stamps, host names and other forms of authentication and identification can be added to the header to identify the file's author, when the file was created or modified, the PC on which the file was created, etc.
  4. Key escrow features can be implemented using a file header... A "master key" is created by the administrator. The user-defined key value(s) are then encrypted with this master key, and stored in the header. This feature allows the administrator to decrypt files encrypted by any user in the event they forget their key, leave the company, etc.

HASHcipher could also be employed in TDESutil to replace the Key Input Form with a more user-friendly interface for providing key input. Rather than requiring the user to input hexadecimal strings for key values, he could instead simply be prompted to supply a password or passphrase that could be hashed to yield the required key value(s).

See the Tech Support page for more details and sample code.
Sub FileEncrypt() Code:

Sub FileEncrypt()
'
' This module encrypts the selected file using either
'  DES or TDEA as selected by the user on frmMain
'
Dim OutFile As Integer
Dim count As Long
Dim loopcount As Long
Dim Total As Double
Dim Percentage As Long
Dim InBuff() As Byte
Dim FileHeader As EncryptHeader
Dim outfilename As String
Dim extension As String
'
Total = 0 ' Total number of bytes processed
'
' Open the input file
'
FileNum = FreeFile
Open filename For Binary As FileNum
OutFile = FreeFile
Randomize
'
' Generate a random number file extension (0-999)
'
extension = Str(Int(Rnd * 1000))
'
' Create the output file name
'
outfilename = "enc$$." & LTrim(extension)
'
' Open the output file
'
Open outfilename For Binary As OutFile
'
' Determine the number of whole buffers that are in
' the file = number of loops
'
loopcount = LOF(FileNum) \ BUFF_SIZE%
frmGauge.Caption = "Encrypting "
frmGauge!Label1.Caption = "0%"
frmGauge.Refresh
processing = True
'
' Disable the main form controls
'
Call DisableMain '--> disable frmMain
'
' Show the Gauge form
'
frmGauge.Left = frmMain.Left + 50
frmGauge.Top = frmMain.Top + 50
frmGauge.Show
'
' Create the file header
'
Call InitHeader(FileHeader)
'
' Output the file header
'
Put #OutFile, , FileHeader
'
' Set the TDEScipher/DLL properties based on user's selection
'
DESstatus = DESReset(DEScontext)
DESstatus = DESSetBlocksize(DEScontext, 8)
DESstatus = DESSetCipherKey(DEScontext, keybytes(0))
If HDRENCTYPE = 1 Then '--> user selected DES
  strEncType = "DES"
  DESstatus = DESSetCipherMode(DEScontext, MODE_ECB) ' Use ECB Mode
Else '--> user selected TDEA
  strEncType = "TDEA"
  DESstatus = DESSetCipherMode(DEScontext, MODE_TECB)
  DESstatus = DESSetCipherKey2(DEScontext, key2bytes(0))
  DESstatus = DESSetCipherKey3(DEScontext, key3bytes(0))
End If
If loopcount > 0 Then
'
' At least one whole buffer to process
'
  ReDim InBuff(0 To BUFF_SIZE - 1)
  For count = 1 To loopcount
'
' Read a buffer of data from input file
'
      Get #FileNum, , InBuff
'
' Encrypt the buffer
'
      DESstatus = DESEncrypt(DEScontext, InBuff(0), InBuff(0), BUFF_SIZE)
'
' Update the number of bytes processed
'
      Total = Total + BUFF_SIZE%
      If Not processing Then
        GoTo GetOut '--> user selected "Cancel" from Gauge form
      End If
'
' Update the gauge
'
    Percentage = Total * 100 / LOF(FileNum)
    frmGauge!Label1.Caption = Percentage & "%"
    frmGauge.Refresh
'
' Output the encrypted buffer
'
    Put #OutFile, , InBuff
    If Not processing Then
      GoTo GetOut
    End If
  Next count
End If
'
' Determine how many eight-byte blocks are left in input file
'
count = LOF(FileNum) Mod BUFF_SIZE%
count = count \ 8
count = count * 8
If count > 0 Then
'
' There is at least one eight-byte block in input file, so...
' Read a buffer from the input file
'
  ReDim InBuff(0 To count - 1)
  Get #FileNum, , InBuff
'
' Encrypt buffer
'
  DESstatus = DESEncrypt(DEScontext, InBuff(0), InBuff(0), count)
  If Not processing Then
    GoTo GetOut
  End If
  Total = Total + count
  Percentage = Total * 100 / LOF(FileNum)
  frmGauge!Label1.Caption = Percentage & "%"
  frmGauge.Refresh
'
' Output the buffer
'
  Put #OutFile, , InBuff
  If Not processing Then
    GoTo GetOut
  End If
End If
'
' If there are any remaining bytes in input file, handle them as follows:
'
count = LOF(FileNum) Mod 8
If count > 0 Then
'
' There is at least one byte left, so read the remaining byte(s)
'
  ReDim InBuff(0 To count - 1)
  Get #FileNum, , InBuff
'
' Set the TDEScipher/DLL Properties to allow single 
' byte input blocks (use CFB or TCFB mode)
  DESstatus = DESSetCipherKey(DEScontext, keybytes(0))
  If HDRENCTYPE = 1 Then
    DESstatus = DESSetCipherMode(DEScontext, MODE_CFB) 
  Else
    DESstatus = DESSetCipherMode(DEScontext, MODE_TCFB)
    DESstatus = DESSetCipherKey2(DEScontext, key2bytes(0))
    DESstatus = DESSetCipherKey3(DEScontext, key3bytes(0))
  End If
'
' The same value as used for the key is used here for
' simplicity - you must use different values for the key and
' initialization vector
'
  DESstatus = DESSetInitVector(DEScontext, keybytes(0))
  DESstatus = DESSetBlocksize(DEScontext, 1)
'
' Encrypt the buffer
'
  DESstatus = DESEncrypt(DEScontext, InBuff(0), InBuff(0), count)
  If Not processing Then
    GoTo GetOut
  End If
  Total = Total + count
  Percentage = Total * 100 / LOF(FileNum)
  frmGauge!Label1.Caption = Percentage & "%"
  frmGauge.Refresh
'
' Output the encrypted buffer
'
  Put #OutFile, , InBuff
End If
GetOut:
Close FileNum
Close OutFile
Call EnableMain
If processing Then
'
' Replace the original file with the encrypted file, and ...
' set the frmMain controls to the appropriate values
'
  FileCopy outfilename, filename
  frmMain!btnDecrypt.Enabled = True
  frmMain!btnEncrypt.Enabled = False
  frmMain!btnTDEncrypt.Enabled = False
  fileencrypted = True
  Beep
Else
  frmMain!btnDecrypt.Enabled = False
  frmMain!btnTDEncrypt.Enabled = True
  frmMain!btnEncrypt.Enabled = True
End If
'
' Delete the output file
'
Kill outfilename
frmGauge!Label1.Caption = ""
processing = False
'
' Outa' here
'
Unload frmGauge
Exit Sub
End Sub

Notes:
1) Due to export restrictions this project DOES NOT contain a copy of the TDEScipher/DLL. It will not run unless TDEScipher/DLL is present in the correct location (e.g. winnt/system32). The sample code can be viewed using either VB5, or a text editor such as Notepad.
2) This project is not "production quality" code, but intended only to illustrate use of the TDEScipher control in the Visual Basic development environment. You are free to use this sample project for any legal purpose provided you have a valid developer's license for TDEScipher/DLL. Bokler Software Corp. does not warrant, nor do we support this sample project.

Copyright ©, 1995-2001 Bokler Software Corp. All rights reserved. DEScipher, TDEScipher and HASHcipher are trademarks of Bokler Software Corp. The "animated_cipher.gif" is copyrighted by Bokler Software Corp. Microsoft, Windows, Visual Basic, Visual C++ and ActiveX are trademarks of Microsoft Corp.