Problem with L8 vs L9 Blowfish Encryption

classic Classic list List threaded Threaded
11 messages Options
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Problem with L8 vs L9 Blowfish Encryption

Marc Pinnell-3
Hello all,

Working on updating a really old site from L8.5 to L9 and having trouble with data that was previously encrypted with blowfish. Having way too much hair pulling I have found (at least I think I have) that blowfish encryption is not the same in L8 and L9. Help!

This code:
        encode_base64(encrypt_blowfish('soccer', -seed='abcdefg123456'))

Produces:

L8.6 >> OWM3NmM4Y2JkMGY1ZTViOQ==

L9.2 >> jbuFhF3V

Any suggestions?

====================
Marc Pinnell
Director of Web Services
[hidden email]
www.shasta.com                                    
833 Mistletoe Lane, Suite A1
Redding, CA  96002
530-224-6866  Ext. 100
530-224-2035 Fax


#############################################################

This message is sent to you because you are subscribed to
  the mailing list Lasso [hidden email]
Official list archives available at http://www.lassotalk.com
To unsubscribe, E-mail to: <[hidden email]>
Send administrative queries to  <[hidden email]>
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: Problem with L8 vs L9 Blowfish Encryption

stevepiercy
I removed encode_base64 from the equation.  I confirm your
results, except each time I run encrypt_blowfish on L8, I get a
different result.  Also L8 returns a string, whereas L9 returns
a bytes.

Unless someone has a better idea, you'll have to decrypt on L8,
then encrypt it on L9.

--steve


On 7/4/16 at 11:55 AM, [hidden email] (Marc
Pinnell) pronounced:

>Hello all,
>
>Working on updating a really old site from L8.5 to L9 and
>having trouble with data that was previously encrypted with
>blowfish. Having way too much hair pulling I have found (at
>least I think I have) that blowfish encryption is not the same
>in L8 and L9. Help!
>
>This code:
>encode_base64(encrypt_blowfish('soccer', -seed='abcdefg123456'))
>
>Produces:
>
>L8.6 >> OWM3NmM4Y2JkMGY1ZTViOQ==
>
>L9.2 >> jbuFhF3V
>
>Any suggestions?
>
>====================
>Marc Pinnell
>Director of Web Services
>[hidden email]
>www.shasta.com                                     833
>Mistletoe Lane, Suite A1
>Redding, CA  96002
>530-224-6866  Ext. 100
>530-224-2035 Fax
>
>
>#############################################################
>
>This message is sent to you because you are subscribed to
>the mailing list Lasso [hidden email]
>Official list archives available at http://www.lassotalk.com
>To unsubscribe, E-mail to: <[hidden email]>
>Send administrative queries to  <[hidden email]>

-- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- --
Steve Piercy              Website Builder              Soquel, CA
<[hidden email]>               <http://www.stevepiercy.com/>


#############################################################

This message is sent to you because you are subscribed to
  the mailing list Lasso [hidden email]
Official list archives available at http://www.lassotalk.com
To unsubscribe, E-mail to: <[hidden email]>
Send administrative queries to  <[hidden email]>
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: Problem with L8 vs L9 Blowfish Encryption

Marc Pinnell-3
Bummer. Thanks for checking me on this.

So, write a script to decrypt in L8 and save back to DB. Then write a script to read from db, encrypt and write it back. Joy, extra work!

Marc


On Jul 4, 2016, at 1:24 PM, Steve Piercy - Website Builder <[hidden email]> wrote:

> I removed encode_base64 from the equation.  I confirm your results, except each time I run encrypt_blowfish on L8, I get a different result.  Also L8 returns a string, whereas L9 returns a bytes.
>
> Unless someone has a better idea, you'll have to decrypt on L8, then encrypt it on L9.
>
> --steve
>
>
> On 7/4/16 at 11:55 AM, [hidden email] (Marc Pinnell) pronounced:
>
>> Hello all,
>>
>> Working on updating a really old site from L8.5 to L9 and having trouble with data that was previously encrypted with blowfish. Having way too much hair pulling I have found (at least I think I have) that blowfish encryption is not the same in L8 and L9. Help!
>>
>> This code:
>> encode_base64(encrypt_blowfish('soccer', -seed='abcdefg123456'))
>>
>> Produces:
>>
>> L8.6 >> OWM3NmM4Y2JkMGY1ZTViOQ==
>>
>> L9.2 >> jbuFhF3V
>>
>> Any suggestions?
>>
>> ====================
>> Marc Pinnell
>> Director of Web Services
>> [hidden email]
>> www.shasta.com                                     833 Mistletoe Lane, Suite A1
>> Redding, CA  96002
>> 530-224-6866  Ext. 100
>> 530-224-2035 Fax
>>
>>
>> #############################################################
>>
>> This message is sent to you because you are subscribed to
>> the mailing list Lasso [hidden email]
>> Official list archives available at http://www.lassotalk.com
>> To unsubscribe, E-mail to: <[hidden email]>
>> Send administrative queries to  <[hidden email]>
>
> -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- --
> Steve Piercy              Website Builder              Soquel, CA
> <[hidden email]>               <http://www.stevepiercy.com/>
>
>
> #############################################################
>
> This message is sent to you because you are subscribed to
> the mailing list Lasso [hidden email]
> Official list archives available at http://www.lassotalk.com
> To unsubscribe, E-mail to: <[hidden email]>
> Send administrative queries to  <[hidden email]>


====================
Marc Pinnell
Director of Web Services
[hidden email]
www.shasta.com                                    
833 Mistletoe Lane, Suite A1
Redding, CA  96002
530-224-6866  Ext. 100
530-224-2035 Fax


#############################################################

This message is sent to you because you are subscribed to
  the mailing list Lasso [hidden email]
Official list archives available at http://www.lassotalk.com
To unsubscribe, E-mail to: <[hidden email]>
Send administrative queries to  <[hidden email]>
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: Problem with L8 vs L9 Blowfish Encryption

Da'oud Rashid
Hi Marc,

You can decrypt (using decrypt_blowfish in 8.5) and then encrypt with encrypt_blowfish2 to ensure compatibility between Lasso 8.5 and 9. I had to do this a while ago, so can confirm that it works.

The following tags work for me and produce results that can be encrypted using lasso 8.5 and decrypted using Lasso 9 (or vice versa):

-----------------
Lasso 8.5
-----------------

Define_Tag: 'encrypt_bfb64',
        -Required='text',
        -Optional='key',
        -Optional='passes',
        -description = 'Encrypt with blowfish and base64'
;
        If(!#text);
                Return(String);
        /If;

        If:!(Local_Defined:'passes');
                Local:'passes' = 10;
        /If;

        local('out' = String(#text));
       
        If:(Local_Defined:'key');
                Local:'seed' = #key;
        Else;
                local:'seed' = ‘<<your_very_long_default_seed>>';
        /If;

        Loop(#passes);
                #out = Encode_Base64(Encrypt_Blowfish2(-seed = #seed, Encode_Base64(#out)));
        /Loop;

        Return(String(#out));
/Define_Tag;

Define_Tag:'decrypt_bfb64',
        -Required = 'text',
        -Optional = 'key',
        -Optional = 'passes',
        -description = ‘Decrypt with blowfish and base64'
;
        If(!#text);
                Return(String);
        /If;
       
        If:!(Local_Defined:'passes');
                Local:'passes' = 10;
        /If;

        local('out' = String(#text));

        If:(local_defined:'key');
                local:'seed' = #key;
        Else;
                local:'seed' = ‘<<your_very_long_default_seed>>';
        /If;

        Loop(#passes);
                #out = Decode_Base64(Decrypt_Blowfish2(-seed = #seed, Decode_Base64(#out)));
        /Loop;

        Return(String(#out));
/Define_Tag;

-----------------
Lasso 9
-----------------

define encrypt_bfb64(text::any, -key::string = string, -passes::integer = 10) => {
        // Encrypt with blowfish and base64

        If(!#text) => {
                Return(String)
        }
       
        Local(out = #text->ascopy)

        If(#key) => {
                Local(seed =#key)
        Else
                Local(seed = ‘<<your_very_long_default_seed>>')
        }

        Loop(#passes) => {
                #out = Encode_Base64(Encrypt_Blowfish(-seed = #seed, Encode_Base64(#out)))
        }

        Return(#out->asString)
}

define decrypt_bfb64(text::any, -key::string = string, -passes::integer = 10) => {
        // Decrypt with blowfish and base64

        If(!#text) => {
                Return(String)
        }
       
        Local(out = #text->ascopy)

        If(#key) => {
                Local(seed = #key)
        Else
                Local(seed = ‘<<your_very_long_default_seed>>)
        }

        Loop(#passes) => {
                #out = Decode_Base64(Decrypt_Blowfish(-seed = #seed, Decode_Base64(#out)))
        }

        Return(#out->asString)
}

Note that there’s some extra stuff in there to deal with empty strings. In addition, you may not want use several passes of encryption/decryption for each string (in that case, set passes to 1). I also started base64 encoding the input string for the tags above…I don’t remember whether this was because encrypt_blowfish2 was choking on certain strings or whether I wanted to add a bit of additional robustness. In any case, the above should work.

If you do decide to use several passes for encryption/decryption (and if you’re using MySQL or similar), ensure that you convert your database fields to MEDIUMTEXT or LONGTEXT (or equivalent) to ensure that the encrypted strings aren’t truncated.

Hope this helps!

Kind regards,
Da'oud

> On Jul 4, 2016, at 9:28 PM, Marc Pinnell <[hidden email]> wrote:
>
> Bummer. Thanks for checking me on this.
>
> So, write a script to decrypt in L8 and save back to DB. Then write a script to read from db, encrypt and write it back. Joy, extra work!
>
> Marc
>
>
> On Jul 4, 2016, at 1:24 PM, Steve Piercy - Website Builder <[hidden email]> wrote:
>
>> I removed encode_base64 from the equation.  I confirm your results, except each time I run encrypt_blowfish on L8, I get a different result.  Also L8 returns a string, whereas L9 returns a bytes.
>>
>> Unless someone has a better idea, you'll have to decrypt on L8, then encrypt it on L9.
>>
>> --steve
>>
>>
>> On 7/4/16 at 11:55 AM, [hidden email] (Marc Pinnell) pronounced:
>>
>>> Hello all,
>>>
>>> Working on updating a really old site from L8.5 to L9 and having trouble with data that was previously encrypted with blowfish. Having way too much hair pulling I have found (at least I think I have) that blowfish encryption is not the same in L8 and L9. Help!
>>>
>>> This code:
>>> encode_base64(encrypt_blowfish('soccer', -seed='abcdefg123456'))
>>>
>>> Produces:
>>>
>>> L8.6 >> OWM3NmM4Y2JkMGY1ZTViOQ==
>>>
>>> L9.2 >> jbuFhF3V
>>>
>>> Any suggestions?
>>>
>>> ====================
>>> Marc Pinnell
>>> Director of Web Services
>>> [hidden email]
>>> www.shasta.com                                     833 Mistletoe Lane, Suite A1
>>> Redding, CA  96002
>>> 530-224-6866  Ext. 100
>>> 530-224-2035 Fax
>>>
>>>
>>> #############################################################
>>>
>>> This message is sent to you because you are subscribed to
>>> the mailing list Lasso [hidden email]
>>> Official list archives available at http://www.lassotalk.com
>>> To unsubscribe, E-mail to: <[hidden email]>
>>> Send administrative queries to  <[hidden email]>
>>
>> -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- --
>> Steve Piercy              Website Builder              Soquel, CA
>> <[hidden email]>               <http://www.stevepiercy.com/>
>>
>>
>> #############################################################
>>
>> This message is sent to you because you are subscribed to
>> the mailing list Lasso [hidden email]
>> Official list archives available at http://www.lassotalk.com
>> To unsubscribe, E-mail to: <[hidden email]>
>> Send administrative queries to  <[hidden email]>
>
>
> ====================
> Marc Pinnell
> Director of Web Services
> [hidden email]
> www.shasta.com                                    
> 833 Mistletoe Lane, Suite A1
> Redding, CA  96002
> 530-224-6866  Ext. 100
> 530-224-2035 Fax
>
>
> #############################################################
>
> This message is sent to you because you are subscribed to
>  the mailing list Lasso [hidden email]
> Official list archives available at http://www.lassotalk.com
> To unsubscribe, E-mail to: <[hidden email]>
> Send administrative queries to  <[hidden email]>


#############################################################

This message is sent to you because you are subscribed to
  the mailing list Lasso [hidden email]
Official list archives available at http://www.lassotalk.com
To unsubscribe, E-mail to: <[hidden email]>
Send administrative queries to  <[hidden email]>
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: Problem with L8 vs L9 Blowfish Encryption

Johan Solve
In reply to this post by Marc Pinnell-3
blowfish in LP9 corresponds to blowfish2 in LP8.

2016-07-04 22:28 GMT+02:00 Marc Pinnell <[hidden email]>:

> Bummer. Thanks for checking me on this.
>
> So, write a script to decrypt in L8 and save back to DB. Then write a
> script to read from db, encrypt and write it back. Joy, extra work!
>
> Marc
>
>
> On Jul 4, 2016, at 1:24 PM, Steve Piercy - Website Builder
> <[hidden email]> wrote:
>
> > I removed encode_base64 from the equation.  I confirm your results,
> except each time I run encrypt_blowfish on L8, I get a different result.
> Also L8 returns a string, whereas L9 returns a bytes.
> >
> > Unless someone has a better idea, you'll have to decrypt on L8, then
> encrypt it on L9.
> >
> > --steve
> >
> >
> > On 7/4/16 at 11:55 AM, [hidden email] (Marc Pinnell)
> pronounced:
> >
> >> Hello all,
> >>
> >> Working on updating a really old site from L8.5 to L9 and having
> trouble with data that was previously encrypted with blowfish. Having way
> too much hair pulling I have found (at least I think I have) that blowfish
> encryption is not the same in L8 and L9. Help!
> >>
> >> This code:
> >> encode_base64(encrypt_blowfish('soccer', -seed='abcdefg123456'))
> >>
> >> Produces:
> >>
> >> L8.6 >> OWM3NmM4Y2JkMGY1ZTViOQ==
> >>
> >> L9.2 >> jbuFhF3V
> >>
> >> Any suggestions?
> >>
> >> ====================
> >> Marc Pinnell
> >> Director of Web Services
> >> [hidden email]
> >> www.shasta.com                                     833 Mistletoe Lane,
> Suite A1
> >> Redding, CA  96002
> >> 530-224-6866  Ext. 100
> >> 530-224-2035 Fax
> >>
> >>
> >> #############################################################
> >>
> >> This message is sent to you because you are subscribed to
> >> the mailing list Lasso [hidden email]
> >> Official list archives available at http://www.lassotalk.com
> >> To unsubscribe, E-mail to: <[hidden email]>
> >> Send administrative queries to  <[hidden email]>
> >
> > -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- --
> > Steve Piercy              Website Builder              Soquel, CA
> > <[hidden email]>               <http://www.stevepiercy.com/>
> >
> >
> > #############################################################
> >
> > This message is sent to you because you are subscribed to
> > the mailing list Lasso [hidden email]
> > Official list archives available at http://www.lassotalk.com
> > To unsubscribe, E-mail to: <[hidden email]>
> > Send administrative queries to  <[hidden email]>
>
>
> ====================
> Marc Pinnell
> Director of Web Services
> [hidden email]
> www.shasta.com
> 833 Mistletoe Lane, Suite A1
> Redding, CA  96002
> 530-224-6866  Ext. 100
> 530-224-2035 Fax
>
>
> #############################################################
>
> This message is sent to you because you are subscribed to
>   the mailing list Lasso [hidden email]
> Official list archives available at http://www.lassotalk.com
> To unsubscribe, E-mail to: <[hidden email]>
> Send administrative queries to  <[hidden email]>
>



--
Mvh
Johan Sölve
____________________________________
Montania System AB
Halmstad   Stockholm
http://www.montania.se

Johan Sölve
Mobil +46 709-51 55 70
[hidden email]

Kristinebergsvägen 17, S-302 41 Halmstad, Sweden
Telefon +46 35-136800 |  Fax +46 35-136801

#############################################################

This message is sent to you because you are subscribed to
  the mailing list Lasso [hidden email]
Official list archives available at http://www.lassotalk.com
To unsubscribe, E-mail to: <[hidden email]>
Send administrative queries to  <[hidden email]>
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: Problem with L8 vs L9 Blowfish Encryption

Marc Pinnell-3
Well that would explain it then. Working on a plan now to decrypt L8/encrypt L9.

marc


On Jul 4, 2016, at 2:14 PM, Johan Solve <[hidden email]> wrote:

> blowfish in LP9 corresponds to blowfish2 in LP8.
>
> 2016-07-04 22:28 GMT+02:00 Marc Pinnell <[hidden email]>:
>
>> Bummer. Thanks for checking me on this.
>>
>> So, write a script to decrypt in L8 and save back to DB. Then write a
>> script to read from db, encrypt and write it back. Joy, extra work!
>>
>> Marc
>>
>>
>> On Jul 4, 2016, at 1:24 PM, Steve Piercy - Website Builder
>> <[hidden email]> wrote:
>>
>>> I removed encode_base64 from the equation.  I confirm your results,
>> except each time I run encrypt_blowfish on L8, I get a different result.
>> Also L8 returns a string, whereas L9 returns a bytes.
>>>
>>> Unless someone has a better idea, you'll have to decrypt on L8, then
>> encrypt it on L9.
>>>
>>> --steve
>>>
>>>
>>> On 7/4/16 at 11:55 AM, [hidden email] (Marc Pinnell)
>> pronounced:
>>>
>>>> Hello all,
>>>>
>>>> Working on updating a really old site from L8.5 to L9 and having
>> trouble with data that was previously encrypted with blowfish. Having way
>> too much hair pulling I have found (at least I think I have) that blowfish
>> encryption is not the same in L8 and L9. Help!
>>>>
>>>> This code:
>>>> encode_base64(encrypt_blowfish('soccer', -seed='abcdefg123456'))
>>>>
>>>> Produces:
>>>>
>>>> L8.6 >> OWM3NmM4Y2JkMGY1ZTViOQ==
>>>>
>>>> L9.2 >> jbuFhF3V
>>>>
>>>> Any suggestions?
>>>>
>>>> ====================
>>>> Marc Pinnell
>>>> Director of Web Services
>>>> [hidden email]
>>>> www.shasta.com                                     833 Mistletoe Lane,
>> Suite A1
>>>> Redding, CA  96002
>>>> 530-224-6866  Ext. 100
>>>> 530-224-2035 Fax
>>>>
>>>>
>>>> #############################################################
>>>>
>>>> This message is sent to you because you are subscribed to
>>>> the mailing list Lasso [hidden email]
>>>> Official list archives available at http://www.lassotalk.com
>>>> To unsubscribe, E-mail to: <[hidden email]>
>>>> Send administrative queries to  <[hidden email]>
>>>
>>> -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- --
>>> Steve Piercy              Website Builder              Soquel, CA
>>> <[hidden email]>               <http://www.stevepiercy.com/>
>>>
>>>
>>> #############################################################
>>>
>>> This message is sent to you because you are subscribed to
>>> the mailing list Lasso [hidden email]
>>> Official list archives available at http://www.lassotalk.com
>>> To unsubscribe, E-mail to: <[hidden email]>
>>> Send administrative queries to  <[hidden email]>
>>
>>
>> ====================
>> Marc Pinnell
>> Director of Web Services
>> [hidden email]
>> www.shasta.com
>> 833 Mistletoe Lane, Suite A1
>> Redding, CA  96002
>> 530-224-6866  Ext. 100
>> 530-224-2035 Fax
>>
>>
>> #############################################################
>>
>> This message is sent to you because you are subscribed to
>>  the mailing list Lasso [hidden email]
>> Official list archives available at http://www.lassotalk.com
>> To unsubscribe, E-mail to: <[hidden email]>
>> Send administrative queries to  <[hidden email]>
>>
>
>
>
> --
> Mvh
> Johan Sölve
> ____________________________________
> Montania System AB
> Halmstad   Stockholm
> http://www.montania.se
>
> Johan Sölve
> Mobil +46 709-51 55 70
> [hidden email]
>
> Kristinebergsvägen 17, S-302 41 Halmstad, Sweden
> Telefon +46 35-136800 |  Fax +46 35-136801
>
> #############################################################
>
> This message is sent to you because you are subscribed to
>  the mailing list Lasso [hidden email]
> Official list archives available at http://www.lassotalk.com
> To unsubscribe, E-mail to: <[hidden email]>
> Send administrative queries to  <[hidden email]>


====================
Marc Pinnell
Director of Web Services
[hidden email]
www.shasta.com                                    
833 Mistletoe Lane, Suite A1
Redding, CA  96002
530-224-6866  Ext. 100
530-224-2035 Fax


#############################################################

This message is sent to you because you are subscribed to
  the mailing list Lasso [hidden email]
Official list archives available at http://www.lassotalk.com
To unsubscribe, E-mail to: <[hidden email]>
Send administrative queries to  <[hidden email]>
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: Problem with L8 vs L9 Blowfish Encryption

Marc Pinnell-3
In reply to this post by Da'oud Rashid
Interesting! Thanks for sending it over. I don't have to have compatibility going forward, just a way to read existing data. Looks like I will have to write something in L8 to convert the info first.

marc


On Jul 4, 2016, at 2:12 PM, Da'oud Rashid <[hidden email]> wrote:

> Hi Marc,
>
> You can decrypt (using decrypt_blowfish in 8.5) and then encrypt with encrypt_blowfish2 to ensure compatibility between Lasso 8.5 and 9. I had to do this a while ago, so can confirm that it works.
>
> The following tags work for me and produce results that can be encrypted using lasso 8.5 and decrypted using Lasso 9 (or vice versa):
>
> -----------------
> Lasso 8.5
> -----------------
>
> Define_Tag: 'encrypt_bfb64',
> -Required='text',
> -Optional='key',
> -Optional='passes',
> -description = 'Encrypt with blowfish and base64'
> ;
> If(!#text);
> Return(String);
> /If;
>
> If:!(Local_Defined:'passes');
> Local:'passes' = 10;
> /If;
>
> local('out' = String(#text));
>
> If:(Local_Defined:'key');
> Local:'seed' = #key;
> Else;
> local:'seed' = ‘<<your_very_long_default_seed>>';
> /If;
>
> Loop(#passes);
> #out = Encode_Base64(Encrypt_Blowfish2(-seed = #seed, Encode_Base64(#out)));
> /Loop;
>
> Return(String(#out));
> /Define_Tag;
>
> Define_Tag:'decrypt_bfb64',
> -Required = 'text',
> -Optional = 'key',
> -Optional = 'passes',
> -description = ‘Decrypt with blowfish and base64'
> ;
> If(!#text);
> Return(String);
> /If;
>
> If:!(Local_Defined:'passes');
> Local:'passes' = 10;
> /If;
>
> local('out' = String(#text));
>
> If:(local_defined:'key');
> local:'seed' = #key;
> Else;
> local:'seed' = ‘<<your_very_long_default_seed>>';
> /If;
>
> Loop(#passes);
> #out = Decode_Base64(Decrypt_Blowfish2(-seed = #seed, Decode_Base64(#out)));
> /Loop;
>
> Return(String(#out));
> /Define_Tag;
>
> -----------------
> Lasso 9
> -----------------
>
> define encrypt_bfb64(text::any, -key::string = string, -passes::integer = 10) => {
> // Encrypt with blowfish and base64
>
> If(!#text) => {
> Return(String)
> }
>
> Local(out = #text->ascopy)
>
> If(#key) => {
> Local(seed =#key)
> Else
> Local(seed = ‘<<your_very_long_default_seed>>')
> }
>
> Loop(#passes) => {
> #out = Encode_Base64(Encrypt_Blowfish(-seed = #seed, Encode_Base64(#out)))
> }
>
> Return(#out->asString)
> }
>
> define decrypt_bfb64(text::any, -key::string = string, -passes::integer = 10) => {
> // Decrypt with blowfish and base64
>
> If(!#text) => {
> Return(String)
> }
>
> Local(out = #text->ascopy)
>
> If(#key) => {
> Local(seed = #key)
> Else
> Local(seed = ‘<<your_very_long_default_seed>>)
> }
>
> Loop(#passes) => {
> #out = Decode_Base64(Decrypt_Blowfish(-seed = #seed, Decode_Base64(#out)))
> }
>
> Return(#out->asString)
> }
>
> Note that there’s some extra stuff in there to deal with empty strings. In addition, you may not want use several passes of encryption/decryption for each string (in that case, set passes to 1). I also started base64 encoding the input string for the tags above…I don’t remember whether this was because encrypt_blowfish2 was choking on certain strings or whether I wanted to add a bit of additional robustness. In any case, the above should work.
>
> If you do decide to use several passes for encryption/decryption (and if you’re using MySQL or similar), ensure that you convert your database fields to MEDIUMTEXT or LONGTEXT (or equivalent) to ensure that the encrypted strings aren’t truncated.
>
> Hope this helps!
>
> Kind regards,
> Da'oud
>
>> On Jul 4, 2016, at 9:28 PM, Marc Pinnell <[hidden email]> wrote:
>>
>> Bummer. Thanks for checking me on this.
>>
>> So, write a script to decrypt in L8 and save back to DB. Then write a script to read from db, encrypt and write it back. Joy, extra work!
>>
>> Marc
>>
>>
>> On Jul 4, 2016, at 1:24 PM, Steve Piercy - Website Builder <[hidden email]> wrote:
>>
>>> I removed encode_base64 from the equation.  I confirm your results, except each time I run encrypt_blowfish on L8, I get a different result.  Also L8 returns a string, whereas L9 returns a bytes.
>>>
>>> Unless someone has a better idea, you'll have to decrypt on L8, then encrypt it on L9.
>>>
>>> --steve
>>>
>>>
>>> On 7/4/16 at 11:55 AM, [hidden email] (Marc Pinnell) pronounced:
>>>
>>>> Hello all,
>>>>
>>>> Working on updating a really old site from L8.5 to L9 and having trouble with data that was previously encrypted with blowfish. Having way too much hair pulling I have found (at least I think I have) that blowfish encryption is not the same in L8 and L9. Help!
>>>>
>>>> This code:
>>>> encode_base64(encrypt_blowfish('soccer', -seed='abcdefg123456'))
>>>>
>>>> Produces:
>>>>
>>>> L8.6 >> OWM3NmM4Y2JkMGY1ZTViOQ==
>>>>
>>>> L9.2 >> jbuFhF3V
>>>>
>>>> Any suggestions?
>>>>
>>>> ====================
>>>> Marc Pinnell
>>>> Director of Web Services
>>>> [hidden email]
>>>> www.shasta.com                                     833 Mistletoe Lane, Suite A1
>>>> Redding, CA  96002
>>>> 530-224-6866  Ext. 100
>>>> 530-224-2035 Fax
>>>>
>>>>
>>>> #############################################################
>>>>
>>>> This message is sent to you because you are subscribed to
>>>> the mailing list Lasso [hidden email]
>>>> Official list archives available at http://www.lassotalk.com
>>>> To unsubscribe, E-mail to: <[hidden email]>
>>>> Send administrative queries to  <[hidden email]>
>>>
>>> -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- --
>>> Steve Piercy              Website Builder              Soquel, CA
>>> <[hidden email]>               <http://www.stevepiercy.com/>
>>>
>>>
>>> #############################################################
>>>
>>> This message is sent to you because you are subscribed to
>>> the mailing list Lasso [hidden email]
>>> Official list archives available at http://www.lassotalk.com
>>> To unsubscribe, E-mail to: <[hidden email]>
>>> Send administrative queries to  <[hidden email]>
>>
>>
>> ====================
>> Marc Pinnell
>> Director of Web Services
>> [hidden email]
>> www.shasta.com                                    
>> 833 Mistletoe Lane, Suite A1
>> Redding, CA  96002
>> 530-224-6866  Ext. 100
>> 530-224-2035 Fax
>>
>>
>> #############################################################
>>
>> This message is sent to you because you are subscribed to
>> the mailing list Lasso [hidden email]
>> Official list archives available at http://www.lassotalk.com
>> To unsubscribe, E-mail to: <[hidden email]>
>> Send administrative queries to  <[hidden email]>
>
>
> #############################################################
>
> This message is sent to you because you are subscribed to
>  the mailing list Lasso [hidden email]
> Official list archives available at http://www.lassotalk.com
> To unsubscribe, E-mail to: <[hidden email]>
> Send administrative queries to  <[hidden email]>


====================
Marc Pinnell
Director of Web Services
[hidden email]
www.shasta.com                                    
833 Mistletoe Lane, Suite A1
Redding, CA  96002
530-224-6866  Ext. 100
530-224-2035 Fax


#############################################################

This message is sent to you because you are subscribed to
  the mailing list Lasso [hidden email]
Official list archives available at http://www.lassotalk.com
To unsubscribe, E-mail to: <[hidden email]>
Send administrative queries to  <[hidden email]>
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: Problem with L8 vs L9 Blowfish Encryption

stevepiercy
In reply to this post by Da'oud Rashid
A couple of remarks.

Never roll your own encryption, unless you are an encryption
expect.  I don't know that -passes yields any benefit because I
don't know how Lasso 8 or 9 implement blowfish.

See
http://lassoguide.com/operations/encryption.html?highlight=null%20character#encrypt_blowfish 
and the note about null characters.  That might explain the
choking to which Da'oud alluded.

I don't know whether Lasso 9 uses a successor to blowfish, but I
hope it does.
https://en.wikipedia.org/wiki/Blowfish_(cipher)#Weakness_and_successors

If I were to use an en/decrypt method in Lasso, I would look
into cipher_encrypt and cipher_decrypt.  There might be an issue
depending on what your system supports, so check via cipher_list.

Soon, Bil will post something to set us straight.  ;)

--steve


On 7/4/16 at 10:12 PM, [hidden email] (Da'oud Rashid) pronounced:

>Hi Marc,
>
>You can decrypt (using decrypt_blowfish in 8.5) and then
>encrypt with encrypt_blowfish2 to ensure compatibility between
>Lasso 8.5 and 9. I had to do this a while ago, so can confirm
>that it works.
>
>The following tags work for me and produce results that can be
>encrypted using lasso 8.5 and decrypted using Lasso 9 (or vice versa):
>
>-----------------
>Lasso 8.5
>-----------------
>
>Define_Tag: 'encrypt_bfb64',
>-Required='text',
>-Optional='key',
>-Optional='passes',
>-description = 'Encrypt with blowfish and base64'
>;
>If(!#text);
>Return(String);
>/If;
>
>If:!(Local_Defined:'passes');
>Local:'passes' = 10;
>/If;
>
>local('out' = String(#text));
>
>If:(Local_Defined:'key');
>Local:'seed' = #key;
>Else;
>local:'seed' = ‘<<your_very_long_default_seed>>';
>/If;
>
>Loop(#passes);
>#out = Encode_Base64(Encrypt_Blowfish2(-seed = #seed, Encode_Base64(#out)));
>/Loop;
>
>Return(String(#out));
>/Define_Tag;
>
>Define_Tag:'decrypt_bfb64',
>-Required = 'text',
>-Optional = 'key',
>-Optional = 'passes',
>-description = ‘Decrypt with blowfish and base64'
>;
>If(!#text);
>Return(String);
>/If;
>
>If:!(Local_Defined:'passes');
>Local:'passes' = 10;
>/If;
>
>local('out' = String(#text));
>
>If:(local_defined:'key');
>local:'seed' = #key;
>Else;
>local:'seed' = ‘<<your_very_long_default_seed>>';
>/If;
>
>Loop(#passes);
>#out = Decode_Base64(Decrypt_Blowfish2(-seed = #seed, Decode_Base64(#out)));
>/Loop;
>
>Return(String(#out));
>/Define_Tag;
>
>-----------------
>Lasso 9
>-----------------
>
>define encrypt_bfb64(text::any, -key::string = string, -passes::integer = 10) => {
>// Encrypt with blowfish and base64
>
>If(!#text) => {
>Return(String)
>}
>
>Local(out = #text->ascopy)
>
>If(#key) => {
>Local(seed =#key)
>Else
>Local(seed = ‘<<your_very_long_default_seed>>')
>}
>
>Loop(#passes) => {
>#out = Encode_Base64(Encrypt_Blowfish(-seed = #seed, Encode_Base64(#out)))
>}
>
>Return(#out->asString)
>}
>
>define decrypt_bfb64(text::any, -key::string = string, -passes::integer = 10) => {
>// Decrypt with blowfish and base64
>
>If(!#text) => {
>Return(String)
>}
>
>Local(out = #text->ascopy)
>
>If(#key) => {
>Local(seed = #key)
>Else
>Local(seed = ‘<<your_very_long_default_seed>>)
>}
>
>Loop(#passes) => {
>#out = Decode_Base64(Decrypt_Blowfish(-seed = #seed, Decode_Base64(#out)))
>}
>
>Return(#out->asString)
>}
>
>Note that there’s some extra stuff in there to deal with
>empty strings. In addition, you may not want use several passes
>of encryption/decryption for each string (in that case, set
>passes to 1). I also started base64 encoding the input string
>for the tags above…I don’t remember whether this was
>because encrypt_blowfish2 was choking on certain strings or
>whether I wanted to add a bit of additional robustness. In any
>case, the above should work.
>
>If you do decide to use several passes for
>encryption/decryption (and if you’re using MySQL or similar),
>ensure that you convert your database fields to MEDIUMTEXT or
>LONGTEXT (or equivalent) to ensure that the encrypted strings
>aren’t truncated.
>
>Hope this helps!
>
>Kind regards,
>Da'oud
>
>>On Jul 4, 2016, at 9:28 PM, Marc Pinnell <[hidden email]> wrote:
>>
>>Bummer. Thanks for checking me on this.
>>
>>So, write a script to decrypt in L8 and save back to DB. Then write a script to read from
>db, encrypt and write it back. Joy, extra work!
>>
>>Marc
>>
>>
>>On Jul 4, 2016, at 1:24 PM, Steve Piercy - Website Builder <[hidden email]> wrote:
>>
>>> I removed encode_base64 from the equation.  I confirm your results, except each time I
>run encrypt_blowfish on L8, I get a different result.  Also L8
>returns a string, whereas L9 returns a bytes.
>>>   Unless someone has a better idea, you'll have to decrypt
>>>on L8, then encrypt it on L9.
>>>   --steve
>>>    On 7/4/16 at 11:55 AM, [hidden email] (Marc
>>>Pinnell) pronounced:
>>>
>>>> Hello all,
>>>>   Working on updating a really old site from L8.5 to L9 and
>>>>having trouble with data that
>was previously encrypted with blowfish. Having way too much
>hair pulling I have found (at least I think I have) that
>blowfish encryption is not the same in L8 and L9. Help!
>>>>   This code:
>>>> encode_base64(encrypt_blowfish('soccer', -seed='abcdefg123456'))
>>>>   Produces:
>>>>   L8.6 >> OWM3NmM4Y2JkMGY1ZTViOQ==
>>>>   L9.2 >> jbuFhF3V
>>>>   Any suggestions?
>>>>   ====================
>>>> Marc Pinnell
>>>> Director of Web Services
>>>> [hidden email]
>>>> www.shasta.com                                     833 Mistletoe Lane, Suite A1
>>>> Redding, CA  96002
>>>> 530-224-6866  Ext. 100
>>>> 530-224-2035 Fax
>>>>    #############################################################
>>>>   This message is sent to you because you are subscribed to
>>>> the mailing list Lasso [hidden email]
>>>> Official list archives available at http://www.lassotalk.com
>>>> To unsubscribe, E-mail to: <[hidden email]>
>>>> Send administrative queries to  <[hidden email]>
>>>   -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- --
>>>-- -- --
>>> Steve Piercy              Website Builder              Soquel, CA
>>> <[hidden email]>               <http://www.stevepiercy.com/>
>>>    #############################################################
>>>   This message is sent to you because you are subscribed to
>>> the mailing list Lasso [hidden email]
>>> Official list archives available at http://www.lassotalk.com
>>> To unsubscribe, E-mail to: <[hidden email]>
>>> Send administrative queries to  <[hidden email]>
>>
>>
>>====================
>>Marc Pinnell
>>Director of Web Services
>>[hidden email]
>>www.shasta.com                                     833
>>Mistletoe Lane, Suite A1
>>Redding, CA  96002
>>530-224-6866  Ext. 100
>>530-224-2035 Fax
>>
>>
>>#############################################################
>>
>>This message is sent to you because you are subscribed to
>>the mailing list Lasso [hidden email]
>>Official list archives available at http://www.lassotalk.com
>>To unsubscribe, E-mail to: <[hidden email]>
>>Send administrative queries to  <[hidden email]>
>
>
>#############################################################
>
>This message is sent to you because you are subscribed to
>the mailing list Lasso [hidden email]
>Official list archives available at http://www.lassotalk.com
>To unsubscribe, E-mail to: <[hidden email]>
>Send administrative queries to  <[hidden email]>

-- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- --
Steve Piercy              Website Builder              Soquel, CA
<[hidden email]>               <http://www.stevepiercy.com/>


#############################################################

This message is sent to you because you are subscribed to
  the mailing list Lasso [hidden email]
Official list archives available at http://www.lassotalk.com
To unsubscribe, E-mail to: <[hidden email]>
Send administrative queries to  <[hidden email]>
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: Problem with L8 vs L9 Blowfish Encryption

Marc Pinnell-3
The more I think about it, since I can't carry forward the existing system, I am leaning toward a change in workflow to eliminate the blowfish stuff entirely. It is old and weak (as I understand it).

marc


On Jul 4, 2016, at 2:41 PM, Steve Piercy - Website Builder <[hidden email]> wrote:

> A couple of remarks.
>
> Never roll your own encryption, unless you are an encryption expect.  I don't know that -passes yields any benefit because I don't know how Lasso 8 or 9 implement blowfish.
>
> See http://lassoguide.com/operations/encryption.html?highlight=null%20character#encrypt_blowfish and the note about null characters.  That might explain the choking to which Da'oud alluded.
>
> I don't know whether Lasso 9 uses a successor to blowfish, but I hope it does.
> https://en.wikipedia.org/wiki/Blowfish_(cipher)#Weakness_and_successors
>
> If I were to use an en/decrypt method in Lasso, I would look into cipher_encrypt and cipher_decrypt.  There might be an issue depending on what your system supports, so check via cipher_list.
>
> Soon, Bil will post something to set us straight.  ;)
>
> --steve
>
>
> On 7/4/16 at 10:12 PM, [hidden email] (Da'oud Rashid) pronounced:
>
>> Hi Marc,
>>
>> You can decrypt (using decrypt_blowfish in 8.5) and then encrypt with encrypt_blowfish2 to ensure compatibility between Lasso 8.5 and 9. I had to do this a while ago, so can confirm that it works.
>>
>> The following tags work for me and produce results that can be encrypted using lasso 8.5 and decrypted using Lasso 9 (or vice versa):
>>
>> -----------------
>> Lasso 8.5
>> -----------------
>>
>> Define_Tag: 'encrypt_bfb64',
>> -Required='text',
>> -Optional='key',
>> -Optional='passes',
>> -description = 'Encrypt with blowfish and base64'
>> ;
>> If(!#text);
>> Return(String);
>> /If;
>>
>> If:!(Local_Defined:'passes');
>> Local:'passes' = 10;
>> /If;
>>
>> local('out' = String(#text));
>>
>> If:(Local_Defined:'key');
>> Local:'seed' = #key;
>> Else;
>> local:'seed' = ‘<<your_very_long_default_seed>>';
>> /If;
>>
>> Loop(#passes);
>> #out = Encode_Base64(Encrypt_Blowfish2(-seed = #seed, Encode_Base64(#out)));
>> /Loop;
>>
>> Return(String(#out));
>> /Define_Tag;
>>
>> Define_Tag:'decrypt_bfb64',
>> -Required = 'text',
>> -Optional = 'key',
>> -Optional = 'passes',
>> -description = ‘Decrypt with blowfish and base64'
>> ;
>> If(!#text);
>> Return(String);
>> /If;
>>
>> If:!(Local_Defined:'passes');
>> Local:'passes' = 10;
>> /If;
>>
>> local('out' = String(#text));
>>
>> If:(local_defined:'key');
>> local:'seed' = #key;
>> Else;
>> local:'seed' = ‘<<your_very_long_default_seed>>';
>> /If;
>>
>> Loop(#passes);
>> #out = Decode_Base64(Decrypt_Blowfish2(-seed = #seed, Decode_Base64(#out)));
>> /Loop;
>>
>> Return(String(#out));
>> /Define_Tag;
>>
>> -----------------
>> Lasso 9
>> -----------------
>>
>> define encrypt_bfb64(text::any, -key::string = string, -passes::integer = 10) => {
>> // Encrypt with blowfish and base64
>>
>> If(!#text) => {
>> Return(String)
>> }
>>
>> Local(out = #text->ascopy)
>>
>> If(#key) => {
>> Local(seed =#key)
>> Else
>> Local(seed = ‘<<your_very_long_default_seed>>')
>> }
>>
>> Loop(#passes) => {
>> #out = Encode_Base64(Encrypt_Blowfish(-seed = #seed, Encode_Base64(#out)))
>> }
>>
>> Return(#out->asString)
>> }
>>
>> define decrypt_bfb64(text::any, -key::string = string, -passes::integer = 10) => {
>> // Decrypt with blowfish and base64
>>
>> If(!#text) => {
>> Return(String)
>> }
>>
>> Local(out = #text->ascopy)
>>
>> If(#key) => {
>> Local(seed = #key)
>> Else
>> Local(seed = ‘<<your_very_long_default_seed>>)
>> }
>>
>> Loop(#passes) => {
>> #out = Decode_Base64(Decrypt_Blowfish(-seed = #seed, Decode_Base64(#out)))
>> }
>>
>> Return(#out->asString)
>> }
>>
>> Note that there’s some extra stuff in there to deal with empty strings. In addition, you may not want use several passes of encryption/decryption for each string (in that case, set passes to 1). I also started base64 encoding the input string for the tags above…I don’t remember whether this was because encrypt_blowfish2 was choking on certain strings or whether I wanted to add a bit of additional robustness. In any case, the above should work.
>>
>> If you do decide to use several passes for encryption/decryption (and if you’re using MySQL or similar), ensure that you convert your database fields to MEDIUMTEXT or LONGTEXT (or equivalent) to ensure that the encrypted strings aren’t truncated.
>>
>> Hope this helps!
>>
>> Kind regards,
>> Da'oud
>>
>>> On Jul 4, 2016, at 9:28 PM, Marc Pinnell <[hidden email]> wrote:
>>>
>>> Bummer. Thanks for checking me on this.
>>>
>>> So, write a script to decrypt in L8 and save back to DB. Then write a script to read from
>> db, encrypt and write it back. Joy, extra work!
>>>
>>> Marc
>>>
>>>
>>> On Jul 4, 2016, at 1:24 PM, Steve Piercy - Website Builder <[hidden email]> wrote:
>>>
>>>> I removed encode_base64 from the equation.  I confirm your results, except each time I
>> run encrypt_blowfish on L8, I get a different result.  Also L8 returns a string, whereas L9 returns a bytes.
>>>>  Unless someone has a better idea, you'll have to decrypt on L8, then encrypt it on L9.
>>>>  --steve
>>>>   On 7/4/16 at 11:55 AM, [hidden email] (Marc Pinnell) pronounced:
>>>>
>>>>> Hello all,
>>>>>  Working on updating a really old site from L8.5 to L9 and having trouble with data that
>> was previously encrypted with blowfish. Having way too much hair pulling I have found (at least I think I have) that blowfish encryption is not the same in L8 and L9. Help!
>>>>>  This code:
>>>>> encode_base64(encrypt_blowfish('soccer', -seed='abcdefg123456'))
>>>>>  Produces:
>>>>>  L8.6 >> OWM3NmM4Y2JkMGY1ZTViOQ==
>>>>>  L9.2 >> jbuFhF3V
>>>>>  Any suggestions?
>>>>>  ====================
>>>>> Marc Pinnell
>>>>> Director of Web Services
>>>>> [hidden email]
>>>>> www.shasta.com                                     833 Mistletoe Lane, Suite A1
>>>>> Redding, CA  96002
>>>>> 530-224-6866  Ext. 100
>>>>> 530-224-2035 Fax
>>>>>   #############################################################
>>>>>  This message is sent to you because you are subscribed to
>>>>> the mailing list Lasso [hidden email]
>>>>> Official list archives available at http://www.lassotalk.com
>>>>> To unsubscribe, E-mail to: <[hidden email]>
>>>>> Send administrative queries to  <[hidden email]>
>>>>  -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- --
>>>> Steve Piercy              Website Builder              Soquel, CA
>>>> <[hidden email]>               <http://www.stevepiercy.com/>
>>>>   #############################################################
>>>>  This message is sent to you because you are subscribed to
>>>> the mailing list Lasso [hidden email]
>>>> Official list archives available at http://www.lassotalk.com
>>>> To unsubscribe, E-mail to: <[hidden email]>
>>>> Send administrative queries to  <[hidden email]>
>>>
>>>
>>> ====================
>>> Marc Pinnell
>>> Director of Web Services
>>> [hidden email]
>>> www.shasta.com                                     833 Mistletoe Lane, Suite A1
>>> Redding, CA  96002
>>> 530-224-6866  Ext. 100
>>> 530-224-2035 Fax
>>>
>>>
>>> #############################################################
>>>
>>> This message is sent to you because you are subscribed to
>>> the mailing list Lasso [hidden email]
>>> Official list archives available at http://www.lassotalk.com
>>> To unsubscribe, E-mail to: <[hidden email]>
>>> Send administrative queries to  <[hidden email]>
>>
>>
>> #############################################################
>>
>> This message is sent to you because you are subscribed to
>> the mailing list Lasso [hidden email]
>> Official list archives available at http://www.lassotalk.com
>> To unsubscribe, E-mail to: <[hidden email]>
>> Send administrative queries to  <[hidden email]>
>
> -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- --
> Steve Piercy              Website Builder              Soquel, CA
> <[hidden email]>               <http://www.stevepiercy.com/>
>
>
> #############################################################
>
> This message is sent to you because you are subscribed to
> the mailing list Lasso [hidden email]
> Official list archives available at http://www.lassotalk.com
> To unsubscribe, E-mail to: <[hidden email]>
> Send administrative queries to  <[hidden email]>


====================
Marc Pinnell
Director of Web Services
[hidden email]
www.shasta.com                                    
833 Mistletoe Lane, Suite A1
Redding, CA  96002
530-224-6866  Ext. 100
530-224-2035 Fax


#############################################################

This message is sent to you because you are subscribed to
  the mailing list Lasso [hidden email]
Official list archives available at http://www.lassotalk.com
To unsubscribe, E-mail to: <[hidden email]>
Send administrative queries to  <[hidden email]>
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: Problem with L8 vs L9 Blowfish Encryption

stevepiercy
If en/decrypt_blowfish2 in L8 and en/decrypt_blowfish in L9
implement TwoFish (the successor to blowfish), then you should
be OK.  Lasso docs and change notes omit this detail.  When I
can't tell, I go for modern and trusted libraries.

Do you really need to encrypt the data in the first place?  And,
if so, should you be storing that data on your server, i.e., is
it PCI or HIPAA data?

--steve


On 7/4/16 at 2:44 PM, [hidden email] (Marc
Pinnell) pronounced:

>The more I think about it, since I can't carry forward the
>existing system, I am leaning toward a change in workflow to
>eliminate the blowfish stuff entirely. It is old and weak (as I
>understand it).
>
>marc
>
>
>On Jul 4, 2016, at 2:41 PM, Steve Piercy - Website Builder <[hidden email]> wrote:
>
>>A couple of remarks.
>>
>>Never roll your own encryption, unless you are an encryption expect.  I don't know that
>-passes yields any benefit because I don't know how Lasso 8 or 9 implement blowfish.
>>
>>See
>http://lassoguide.com/operations/encryption.html?highlight=null%20character#
>encrypt_blowfish and the note about null characters.  That
>might explain the choking to which Da'oud alluded.
>>
>>I don't know whether Lasso 9 uses a successor to blowfish, but I hope it does.
>>https://en.wikipedia.org/wiki/Blowfish_(cipher)#Weakness_and_successors
>>
>>If I were to use an en/decrypt method in Lasso, I would look into cipher_encrypt and
>cipher_decrypt.  There might be an issue depending on what your
>system supports, so check via cipher_list.
>>
>>Soon, Bil will post something to set us straight.  ;)
>>
>>--steve
>>
>>
>>On 7/4/16 at 10:12 PM, [hidden email] (Da'oud Rashid) pronounced:
>>
>>> Hi Marc,
>>>   You can decrypt (using decrypt_blowfish in 8.5) and then
>>>encrypt with encrypt_blowfish2
>to ensure compatibility between Lasso 8.5 and 9. I had to do
>this a while ago, so can confirm that it works.
>>>   The following tags work for me and produce results that
>>>can be encrypted using lasso
>8.5 and decrypted using Lasso 9 (or vice versa):
>>>   -----------------
>>> Lasso 8.5
>>> -----------------
>>>   Define_Tag: 'encrypt_bfb64',
>>> -Required='text',
>>> -Optional='key',
>>> -Optional='passes',
>>> -description = 'Encrypt with blowfish and base64'
>>> ;
>>> If(!#text);
>>> Return(String);
>>> /If;
>>>   If:!(Local_Defined:'passes');
>>> Local:'passes' = 10;
>>> /If;
>>>   local('out' = String(#text));
>>>   If:(Local_Defined:'key');
>>> Local:'seed' = #key;
>>> Else;
>>> local:'seed' = ‘<<your_very_long_default_seed>>';
>>> /If;
>>>   Loop(#passes);
>>> #out = Encode_Base64(Encrypt_Blowfish2(-seed = #seed, Encode_Base64(#out)));
>>> /Loop;
>>>   Return(String(#out));
>>> /Define_Tag;
>>>   Define_Tag:'decrypt_bfb64',
>>> -Required = 'text',
>>> -Optional = 'key',
>>> -Optional = 'passes',
>>> -description = ‘Decrypt with blowfish and base64'
>>> ;
>>> If(!#text);
>>> Return(String);
>>> /If;
>>>   If:!(Local_Defined:'passes');
>>> Local:'passes' = 10;
>>> /If;
>>>   local('out' = String(#text));
>>>   If:(local_defined:'key');
>>> local:'seed' = #key;
>>> Else;
>>> local:'seed' = ‘<<your_very_long_default_seed>>';
>>> /If;
>>>   Loop(#passes);
>>> #out = Decode_Base64(Decrypt_Blowfish2(-seed = #seed, Decode_Base64(#out)));
>>> /Loop;
>>>   Return(String(#out));
>>> /Define_Tag;
>>>   -----------------
>>> Lasso 9
>>> -----------------
>>>   define encrypt_bfb64(text::any, -key::string = string,
>>>-passes::integer = 10) => {
>>> // Encrypt with blowfish and base64
>>>   If(!#text) => {
>>> Return(String)
>>> }
>>>   Local(out = #text->ascopy)
>>>   If(#key) => {
>>> Local(seed =#key)
>>> Else
>>> Local(seed = ‘<<your_very_long_default_seed>>')
>>> }
>>>   Loop(#passes) => {
>>> #out = Encode_Base64(Encrypt_Blowfish(-seed = #seed, Encode_Base64(#out)))
>>> }
>>>   Return(#out->asString)
>>> }
>>>   define decrypt_bfb64(text::any, -key::string = string,
>>>-passes::integer = 10) => {
>>> // Decrypt with blowfish and base64
>>>   If(!#text) => {
>>> Return(String)
>>> }
>>>   Local(out = #text->ascopy)
>>>   If(#key) => {
>>> Local(seed = #key)
>>> Else
>>> Local(seed = ‘<<your_very_long_default_seed>>)
>>> }
>>>   Loop(#passes) => {
>>> #out = Decode_Base64(Decrypt_Blowfish(-seed = #seed, Decode_Base64(#out)))
>>> }
>>>   Return(#out->asString)
>>> }
>>>   Note that there’s some extra stuff in there to deal with
>>>empty strings. In addition,
>you may not want use several passes of encryption/decryption
>for each string (in that case, set passes to 1). I also started
>base64 encoding the input string for the tags above…I don’t
>remember whether this was because encrypt_blowfish2 was choking
>on certain strings or whether I wanted to add a bit of
>additional robustness. In any case, the above should work.
>>>   If you do decide to use several passes for
>>>encryption/decryption (and if you’re using
>MySQL or similar), ensure that you convert your database fields
>to MEDIUMTEXT or LONGTEXT (or equivalent) to ensure that the
>encrypted strings aren’t truncated.
>>>   Hope this helps!
>>>   Kind regards,
>>> Da'oud
>>>
>>>> On Jul 4, 2016, at 9:28 PM, Marc Pinnell <[hidden email]> wrote:
>>>>   Bummer. Thanks for checking me on this.
>>>>   So, write a script to decrypt in L8 and save back to DB.
>>>>Then write a script to read
>from
>>> db, encrypt and write it back. Joy, extra work!
>>>>   Marc
>>>>    On Jul 4, 2016, at 1:24 PM, Steve Piercy - Website
>>>>Builder <[hidden email]>
>wrote:
>>>>
>>>>> I removed encode_base64 from the equation.  I confirm your results, except each time
>I
>>> run encrypt_blowfish on L8, I get a different result.  Also L8 returns a string,
>whereas L9 returns a bytes.
>>>>>  Unless someone has a better idea, you'll have to decrypt on L8, then encrypt it on
>L9.
>>>>>  --steve
>>>>>   On 7/4/16 at 11:55 AM, [hidden email] (Marc Pinnell) pronounced:
>>>>>
>>>>>> Hello all,
>>>>>>  Working on updating a really old site from L8.5 to L9 and having trouble with data
>that
>>> was previously encrypted with blowfish. Having way too much hair pulling I have found
>(at least I think I have) that blowfish encryption is not the same in L8 and L9. Help!
>>>>>>  This code:
>>>>>> encode_base64(encrypt_blowfish('soccer', -seed='abcdefg123456'))
>>>>>>  Produces:
>>>>>>  L8.6 >> OWM3NmM4Y2JkMGY1ZTViOQ==
>>>>>>  L9.2 >> jbuFhF3V
>>>>>>  Any suggestions?
>>>>>>  ====================
>>>>>> Marc Pinnell
>>>>>> Director of Web Services
>>>>>> [hidden email]
>>>>>> www.shasta.com                                     833 Mistletoe Lane, Suite A1
>>>>>> Redding, CA  96002
>>>>>> 530-224-6866  Ext. 100
>>>>>> 530-224-2035 Fax
>>>>>>   #############################################################
>>>>>>  This message is sent to you because you are subscribed to
>>>>>> the mailing list Lasso [hidden email]
>>>>>> Official list archives available at http://www.lassotalk.com
>>>>>> To unsubscribe, E-mail to: <[hidden email]>
>>>>>> Send administrative queries to  <[hidden email]>
>>>>>  -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- --
>>>>> Steve Piercy              Website Builder              Soquel, CA
>>>>> <[hidden email]>               <http://www.stevepiercy.com/>
>>>>>   #############################################################
>>>>>  This message is sent to you because you are subscribed to
>>>>> the mailing list Lasso [hidden email]
>>>>> Official list archives available at http://www.lassotalk.com
>>>>> To unsubscribe, E-mail to: <[hidden email]>
>>>>> Send administrative queries to  <[hidden email]>
>>>>    ====================
>>>> Marc Pinnell
>>>> Director of Web Services
>>>> [hidden email]
>>>> www.shasta.com                                     833 Mistletoe Lane, Suite A1
>>>> Redding, CA  96002
>>>> 530-224-6866  Ext. 100
>>>> 530-224-2035 Fax
>>>>    #############################################################
>>>>   This message is sent to you because you are subscribed to
>>>> the mailing list Lasso [hidden email]
>>>> Official list archives available at http://www.lassotalk.com
>>>> To unsubscribe, E-mail to: <[hidden email]>
>>>> Send administrative queries to  <[hidden email]>
>>>    #############################################################
>>>   This message is sent to you because you are subscribed to
>>> the mailing list Lasso [hidden email]
>>> Official list archives available at http://www.lassotalk.com
>>> To unsubscribe, E-mail to: <[hidden email]>
>>> Send administrative queries to  <[hidden email]>
>>
>>-- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- --
>>Steve Piercy              Website Builder              Soquel, CA
>><[hidden email]>               <http://www.stevepiercy.com/>
>>
>>
>>#############################################################
>>
>>This message is sent to you because you are subscribed to
>>the mailing list Lasso [hidden email]
>>Official list archives available at http://www.lassotalk.com
>>To unsubscribe, E-mail to: <[hidden email]>
>>Send administrative queries to  <[hidden email]>
>
>
>====================
>Marc Pinnell
>Director of Web Services
>[hidden email]
>www.shasta.com                                     833
>Mistletoe Lane, Suite A1
>Redding, CA  96002
>530-224-6866  Ext. 100
>530-224-2035 Fax
>
>
>#############################################################
>
>This message is sent to you because you are subscribed to
>the mailing list Lasso [hidden email]
>Official list archives available at http://www.lassotalk.com
>To unsubscribe, E-mail to: <[hidden email]>
>Send administrative queries to  <[hidden email]>

-- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- --
Steve Piercy              Website Builder              Soquel, CA
<[hidden email]>               <http://www.stevepiercy.com/>


#############################################################

This message is sent to you because you are subscribed to
  the mailing list Lasso [hidden email]
Official list archives available at http://www.lassotalk.com
To unsubscribe, E-mail to: <[hidden email]>
Send administrative queries to  <[hidden email]>
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: Problem with L8 vs L9 Blowfish Encryption

Marc Vos-3
In reply to this post by Da'oud Rashid
Yep, converting to blowfish2 first and modifying my L8 pages to use blowfish2 is the way. I have done this too when moving some sites from L8 to L9.

- -
Marc


On 04-07-2016 23:12, "Da'oud Rashid" <[hidden email] on behalf of [hidden email]> wrote:

       Hi Marc,

       You can decrypt (using decrypt_blowfish in 8.5) and then encrypt with encrypt_blowfish2 to ensure compatibility between Lasso 8.5 and 9. I had to do this a while ago, so can confirm that it works.





#############################################################

This message is sent to you because you are subscribed to
  the mailing list Lasso [hidden email]
Official list archives available at http://www.lassotalk.com
To unsubscribe, E-mail to: <[hidden email]>
Send administrative queries to  <[hidden email]>
Loading...