Jump to content
View in the app

A better way to browse. Learn more.
FMForums.com

A full-screen app on your home screen with push notifications, badges and more.

To install this app on iOS and iPadOS
  1. Tap the Share icon in Safari
  2. Scroll the menu and tap Add to Home Screen.
  3. Tap Add in the top-right corner.
To install this app on Android
  1. Tap the 3-dot menu (⋮) in the top-right corner of the browser.
  2. Tap Add to Home screen or Install app.
  3. Confirm by tapping Install.

ENC AND DEC

Dr.Gopala krishnam raju AMBATI
in Calculation Engine (Define Fields)

Featured Replies

i could decrypt a filed plz help me where am i going wrong

 

made text field with text and enc and dec fields but using function both fileds are not same ???

ENC-DEC.fmp12

47 minutes ago, Dr.Gopala krishnam raju AMBATI said:

where am i going wrong

Can you explain what the purpose of this exercise is? There are several reasons why your attempt fails (order of operations, data types) but it would be better to understand WHAT is being attempted here, before getting to HOW.

  • Author
25 minutes ago, comment said:

Can you explain what the purpose of this exercise is? There are several reasons why your attempt fails (order of operations, data types) but it would be better to understand WHAT is being attempted here, before getting to HOW.

actually, my solution has perfect registration with serial but I am having the issue of a very big client request code in order to simplify it I am trying to use various hashes to encrypt and decrypt, encryption I got the desired result but when reverse engineering to create my own keygen I am getting stuck at decrypting the hashes hope I am clear having very tough times since 12 hrs :(

29 minutes ago, Ocean West said:

Try this..

ENC-DEC.fmp12.zip 69.28 kB · 1 download

 

tweaked version is it fine ?

ENC-DEC-NOI-KEY.fmp12

Edited by Dr.Gopala krishnam raju AMBATI
none

Your example your key was simply "md5" it would be better to use an actual random key "63386D57697A5942376E5170537242344158336675316E49536376744934753334634C"

The key should not be stored in the calculation engine in plain text - at the very least it should be referenced as a custom function.

Otherwise it's like putting a password on a sticky note to the safe - should someone hack the file or have access to the file.

Ideally the key should not be stored in the file at all and in some cases a requirement for software validation and certifications.

You could stop an encrypted file on the server and on startup of the solution it could go read that file off the server and store the that in memory or at runtime each time you need to encrypt or decrypt.

Personally I would make encryption and decryption part of a scripted operation and not in the schema.

 

 

  • Author
1 hour ago, Ocean West said:

Your example your key was simply "md5" it would be better to use an actual random key "63386D57697A5942376E5170537242344158336675316E49536376744934753334634C"

The key should not be stored in the calculation engine in plain text - at the very least it should be referenced as a custom function.

Otherwise it's like putting a password on a sticky note to the safe - should someone hack the file or have access to the file.

Ideally the key should not be stored in the file at all and in some cases a requirement for software validation and certifications.

You could stop an encrypted file on the server and on startup of the solution it could go read that file off the server and store the that in memory or at runtime each time you need to encrypt or decrypt.

Personally I would make encryption and decryption part of a scripted operation and not in the schema.

 

 

yup got it tx bro:) 

but in the file, I uploaded first why encrypt decrypt functions not working as I thought ???

I'm with @comment on this. What are you trying to do? You can HexDecode the 'ENCRYPTED DIGEST' field, but not put another CryptDigest on it. So I'm not sure what you are trying to do.

Reverse engineering an MD5 hash typically requires a hash table. Which you aren't creating. By their nature, it's not intended to be able to reverse engineer a hash. 

  • Author

This is the final code for a client which is developed for the serial request

Quote
Quote

Final code field is called - "ALL 64" UjA5UVFVeEJJRXRTU1ZOSVRrRk5JRkpCU2xVPQ0KDQpRVTFDUVZSSg0KDQpOemN3TWprMk5URXdNZz09DQoNCk1URXZNalV2TVRrNE1nPT0NCg0KWVM1bmEzSXVjbXRuUUdsamJHOTFaQzVqYjIwPQ0KDQpRMFF3UWpJeVF6SXdNRVF3UXpCRU1VSTRPVGhFTmtVeE4wTTNOelZCTWpZPQ0KDQpVMGxOUWxVeVEwOU4NCg==

 

 

 

I am trying to make it simpler with a new field called 

all64-digest-encrypted = HexEncode ( CryptDigest ( ALL 64 ; "MD5") )

i am getting this code 

ACAADCCFF00E20ED976E9D370773423A

which i am happy with encrypted code

i am stuck at decrytping 

HexEncode ( CryptDigest ( ALL 64 ; "MD5") )  someone plz tell how to hexdecode above code

all64-digest-decrypted = ????????

 

Edited by Dr.Gopala krishnam raju AMBATI
none

I don't believe you can decode the CryptDigest part. It's how hashes work. They are typically a one-way process.

  • Author
58 minutes ago, Josh Ormond said:

I don't believe you can decode the CryptDigest part. It's how hashes work. They are typically a one-way process.

Then what's the purpose of crypt digest function??? When it can't be decoded???

Security. One common use, store a password as a hash ( not MD5 anymore, its not secure enough ). When someone signs into a site, or file, or whatever, you hash what they typed in the same way as the stored password value. If they match, you let them in. If not, they didn't type the right password.

There are ways to reverse engineer an MD5 hash, but is isn't typically done, especially in FileMaker. It's typically not worth the effort.

It would be good for you to look at the difference between encryption and hashing and encryption.

Here are some brief explanations ( others may clarify as needed )

  • encoding - transforming data into another format, typically publicly available so it's easy to reverse engineer or decode it.
  • encryption - transforming data into another format, so only authorized parties can view and decode the data.
  • hashing - a one-way transformation that can't be reverse engineered, ideally. Newer hashing algorithms are much better for this. Don't rely on MD5 for secure storage of data.
  • Author
30 minutes ago, Josh Ormond said:

It would be good for you to look at the difference between encryption and hashing and encryption.

 

I was just trying to make my client code smaller with crypt digest, sad I couldn't decode it can I get any suggestion to make client code small by any other way below is the client code 

UjA5UVFVeEJJRXRTU1ZOSVRrRk5JRkpCU2xVPQ0KDQpRVTFDUVZSSg0KDQpOemN3TWprMk5URXdNZz09DQoNCk1URXZNalV2TVRrNE1nPT0NCg0KWVM1bmEzSXVjbXRuUUdsamJHOTFaQzVqYjIwPQ0KDQpRMFF3UWpJeVF6SXdNRVF3UXpCRU1VSTRPVGhFTmtVeE4wTTNOelZCTWpZPQ0KDQpVMGxOUWxVeVEwOU4NCg==

plz 

Edited by Dr.Gopala krishnam raju AMBATI

The way to make a string smaller is to compress it. Filemaker has no compressing functions, and I doubt applying a compressing algorithm to your "client code" would make it any shorter. Compressing algorithms work by removing redundancy - and there will not be much redundancy in such a short message that does not contain any character runs. 

Take for example:

Original text: 

GOPALA KRISHNAM RAJUAMBATI770296510211/25/1982a.gkr.rkg@icloud.comCD0B22C200D0C0D1B898D6E17C775A26SIMBU2COM

Length: 107 characters.

 

Original text compressed using gzip and encoded to base64 (otherwise the result would be a file): 

H4sIAK/kV1wAAwXBUQqDMAwA0P+dwhPUJNCm/Vuajlld59B5gOFAhhNB2P333rV/yE2qbshjc5dSDdJOUqI8MzNQcBaBEGuyNQZPL7OshznW5fyZv/vvbeZ90wSRSAkggULC6INP7oKszFbIjbnEibQvpz/OdpUjbAAAAA==

Length: 168 characters.

 

  • Author
51 minutes ago, comment said:

  


GOPALA KRISHNAM RAJUAMBATI770296510211/25/1982a.gkr.rkg@icloud.comCD0B22C200D0C0D1B898D6E17C775A26SIMBU2COM

 

 

OH MY GOD  

tx for decoding I am more alert now @comment @cheers

Edited by Dr.Gopala krishnam raju AMBATI

I don't understand the purpose of this file. 

Earlier you were asked what your goal is. Eventually you said it was "to make client code smaller". This has nothing to do with security.

If you now have a different goal, please state it. What your file does makes no sense to me. As I said, we need to know what you are trying to accomplish before we can advise you how to do it.

 

  • Author
25 minutes ago, comment said:

I don't understand the purpose of this file. 

Earlier you were asked what your goal is. Eventually you said it was "to make client code smaller". This has nothing to do with security.

If you now have a different goal, please state it. What your file does makes no sense to me. As I said, we need to know what you are trying to accomplish before we can advise you how to do it.

 

NO PURPOSE JUST A REFERENCE for me and others 

Edited by Dr.Gopala krishnam raju AMBATI

  • Author
On 2/4/2019 at 12:57 PM, comment said:

The way to make a string smaller is to compress it. Filemaker has no compressing functions, and I doubt applying a compressing algorithm to your "client code" would make it any shorter. Compressing algorithms work by removing redundancy - and there will not be much redundancy in such a short message that does not contain any character runs. 

Take for example:

Original text: 


GOPALA KRISHNAM RAJUAMBATI770296510211/25/1982a.gkr.rkg@icloud.comCD0B22C200D0C0D1B898D6E17C775A26SIMBU2COM

Length: 107 characters.

 

Original text compressed using gzip and encoded to base64 (otherwise the result would be a file): 


H4sIAK/kV1wAAwXBUQqDMAwA0P+dwhPUJNCm/Vuajlld59B5gOFAhhNB2P333rV/yE2qbshjc5dSDdJOUqI8MzNQcBaBEGuyNQZPL7OshznW5fyZv/vvbeZ90wSRSAkggULC6INP7oKszFbIjbnEibQvpz/OdpUjbAAAAA==

Length: 168 characters.

 

FA4FF51313D39E41D41BE0E28CE032F2 finally coded to 32 characters :)

 

 

plz help me how to decode this step

 

HexEncode ( CryptAuthCode ( $$RAW DATA; "sha512"; $$KEY ) )

Edited by Dr.Gopala krishnam raju AMBATI

I think you're doing something wrong. The CryptAuthCode() computes a message authentication code. The length of the resulting code is constant, and does not depend on the length of the message. When using the SHA512 algorithm, the length of the code after encoding to Base64 should be 128. If you're getting 32, then your algorithm is probably MD5 or MDC2, not SHA512. Or perhaps your $$KEY variable is empty?

Needless to say, a message authentication code is not the message, does not contain the message, and cannot be converted back to the message.
https://en.wikipedia.org/wiki/HMAC

 

 

 

Edited by comment

    • Like 1
    • Author

    $$key has value 

     

    so HexEncode ( CryptAuthCode ( $$RAW DATA; "sha512"; $$KEY ) ) cant be decoded right ???

    Right.

    • Author
    30 minutes ago, comment said:

    Right.

    thanks mam for clarification

    I hope you know I'm not the Queen ...

    • Haha 2

    Create an account or sign in to comment

    https://fmforums.com/topic/104007-enc-and-dec/
    Go to topic listing

    Important Information

    By using this site, you agree to our Terms of Use.

    I accept

    Configure browser push notifications
    Chrome (Android)
    1. Tap the lock icon next to the address bar.
    2. Tap Permissions → Notifications.
    3. Adjust your preference.
    Chrome (Desktop)
    1. Click the padlock icon in the address bar.
    2. Select Site settings.
    3. Find Notifications and adjust your preference.