jugador Posted August 24, 2022 Share Posted August 24, 2022 (edited) #AutoIt3Wrapper_AU3Check_Parameters=-w 3 -w 4 -w 5 -w 6 -d #include <Constants.au3> #include <CryptoNG.au3> __ExampleA() Func __ExampleA() Local $xEncryptedMessage = 'eiUj3S9BgJDcRylhHExLMRRjmsxXj1nwB1HzaN8fp9nrduDyGriduqbjh452imKr' Local $Key = '93wj660t8fok9jws' Local $IV = 'r0yy7e67p49ee4d7' $xEncryptedMessage = _CryptoNG_CryptStringToBinary($xEncryptedMessage, $CNG_CRYPT_STRING_BASE64) ConsoleWrite("$xEncryptedMessage: "& @tab & $xEncryptedMessage & @CRLF) $Key = StringToBinary($Key) ConsoleWrite("$Key: " & @tab & @tab & @tab & $Key & @CRLF) $IV = StringToBinary($IV) ConsoleWrite("$IV: " & @tab & @tab & @tab & $IV & @CRLF) Local $sDecryptedMessage = _CryptoNG_AES_CBC_DecryptData($xEncryptedMessage, $Key, $IV) If @error Then Exit ConsoleWrite("DECRYPT ERROR: " & _CryptoNG_LastErrorMessage()) ConsoleWrite("$sDecryptedMessage: " & @tab & $sDecryptedMessage & @CRLF) EndFunc @TheXman thanks Edited August 24, 2022 by jugador TheXman 1 Link to comment Share on other sites More sharing options...
TheXman Posted August 24, 2022 Author Share Posted August 24, 2022 (edited) My test script was very similar to yours. 🙂 As you can see below, the key & IV can be any data type as long as it has the correct length and value. That is why the variables, in the UDF definition, are prefixed with "$v", meaning variable. Function definition: ; Name ..........: _CryptoNG_AES_CBC_DecryptData ; Description ...: Decrypt data using AES with CBC block chaining. ; Syntax ........: _CryptoNG_DecryptData($xData, $vEncryptionKey, $vIV = Default, $sProvider = Default) ; Parameters ....: $xData Binary data to be decrypted. ; $vEncryptionKey Secret/Password used to encrypt text. Must be correct size for encryption algorithm. ; $vIV [optional] A 128 bit (16 byte) initialization vector. Default is 0x000102030405060708090A0B0C0D0E0F ; $sProvider [optional] A string specifying the desired algorithm provider. Default is Microsoft Primitive Provider. Test script: #AutoIt3Wrapper_AU3Check_Parameters=-w 3 -w 4 -w 5 -w 6 -d #include <Constants.au3> #include <CryptoNG.au3> aes_cbc_decrypt_with_iv_example() Func aes_cbc_decrypt_with_iv_example() Const $ALG_ID = "AES CBC" Const $BASE64_MSG = "eiUj3S9BgJDcRylhHExLMRRjmsxXj1nwB1HzaN8fp9nrduDyGriduqbjh452imKr" Const $KEY = "93wj660t8fok9jws" Const $IV = "r0yy7e67p49ee4d7" Local $xEncryptedMessage = Binary("") Local $sDecryptedMessage = "" ;Convert Base64 string to binary $xEncryptedMessage = _CryptoNG_CryptStringToBinary($BASE64_MSG, $CNG_CRYPT_STRING_BASE64) If @error Then Exit ConsoleWrite("StringToBinary Error: " & _CryptoNG_LastErrorMessage() & @CRLF) ;Decrypt encrypted message $sDecryptedMessage = _CryptoNG_AES_CBC_DecryptData($xEncryptedMessage, $KEY, $IV) If @error Then Exit ConsoleWrite("DecryptData Error: " & _CryptoNG_LastErrorMessage() & @CRLF) ;Display results ConsoleWrite(StringFormat("%s Encrypted Message (Base64) = %s", $ALG_ID, $BASE64_MSG) & @CRLF) ConsoleWrite(StringFormat("%s Encrypted Message (Binary) = %s", $ALG_ID, $xEncryptedMessage) & @CRLF) ConsoleWrite(StringFormat("%s Encryption Key = %s", $ALG_ID, $KEY) & @CRLF) ConsoleWrite(StringFormat("%s Initialization Vector = %s", $ALG_ID, $IV) & @CRLF) ConsoleWrite(StringFormat("%s Decrypted Message = %s", $ALG_ID, $sDecryptedMessage) & @CRLF) EndFunc Output AES CBC Encrypted Message (Base64) = eiUj3S9BgJDcRylhHExLMRRjmsxXj1nwB1HzaN8fp9nrduDyGriduqbjh452imKr AES CBC Encrypted Message (Binary) = 0x7A2523DD2F418090DC4729611C4C4B3114639ACC578F59F00751F368DF1FA7D9EB76E0F21AB89DBAA6E3878E768A62AB AES CBC Encryption Key = 93wj660t8fok9jws AES CBC Initialization Vector = r0yy7e67p49ee4d7 AES CBC Decrypted Message = {"Color": "Blue", "Type": "Deep Blue"} Edited August 24, 2022 by TheXman jugador 1 CryptoNG UDF: Cryptography API: Next Gen jq UDF: Powerful and Flexible JSON Processor | jqPlayground: An Interactive JSON Processor Xml2Json UDF: Transform XML to JSON | HttpApi UDF: HTTP Server API | Roku Remote: Example Script About Me How To Ask Good Questions On Technical And Scientific Forums (Detailed) | How to Ask Good Technical Questions (Brief) "Any fool can know. The point is to understand." -Albert Einstein "If you think you're a big fish, it's probably because you only swim in small ponds." ~TheXman Link to comment Share on other sites More sharing options...
Popular Post TheXman Posted September 12, 2022 Author Popular Post Share Posted September 12, 2022 (edited) What's New in Version v1.9.5 (and v1.9.6) - Added 2 new algorithm-specific functions. _CryptoNG_AES_GCM_EncryptData _CryptoNG_AES_GCM_DecryptData Added an AES GCM example to the examples file. Added AES GCM functions to the Help File. Optimized some internal functions Updated the supplied calltips and userudfs files. Misc function header corrections/modifications v1.9.6 _CryptoNG_AES_GCM_DecryptData Added an explicit Authorization Tag length validation. ( @error = 8 ) Updated the function's help file entry to reflect the new @error (8). Slightly modified the AES GCM encrypt/decrypt example to make the return values from the encryption, which is an array, more explicit and easier to understand. Edited September 18, 2022 by TheXman Musashi, argumentum, jugador and 2 others 2 3 CryptoNG UDF: Cryptography API: Next Gen jq UDF: Powerful and Flexible JSON Processor | jqPlayground: An Interactive JSON Processor Xml2Json UDF: Transform XML to JSON | HttpApi UDF: HTTP Server API | Roku Remote: Example Script About Me How To Ask Good Questions On Technical And Scientific Forums (Detailed) | How to Ask Good Technical Questions (Brief) "Any fool can know. The point is to understand." -Albert Einstein "If you think you're a big fish, it's probably because you only swim in small ponds." ~TheXman Link to comment Share on other sites More sharing options...
littlebigman Posted March 1, 2023 Share Posted March 1, 2023 (edited) Hello, I happened on this thread while checking if someone had already written a secure notepad, where data is saved in an encrypted file. AES sounds like a good option if the file can also be decrypted using third-party tools. Is a CryptoNG-based notepad available? Thank you. Edited March 1, 2023 by littlebigman Link to comment Share on other sites More sharing options...
TheXman Posted March 1, 2023 Author Share Posted March 1, 2023 (edited) This topic is for question, comments, or concerns related to the CryptoNG UDF itself, not general questions about cryptography. 5 hours ago, littlebigman said: AES sounds like a good option if the file can also be decrypted using third-party tools. Any data that is encrypted using AES should be able to be decrypted by any other tool that can decrypt AES-encrypted data, as long as that tool can decrypt data using the same AES algorithm (CBC, ECB, GCM, etc.) and is provided the correct decryption information. 5 hours ago, littlebigman said: Is a CryptoNG-based notepad available? I'm sure there are plenty of secure notepad-like apps out there (like LockNote). I'm sure some of them may use AES as their encryption method. Am I aware of any that use this CryptoNG UDF or whether they use any of Microsoft's bcrypt (CryptoNG) functions? No. Edited March 1, 2023 by TheXman CryptoNG UDF: Cryptography API: Next Gen jq UDF: Powerful and Flexible JSON Processor | jqPlayground: An Interactive JSON Processor Xml2Json UDF: Transform XML to JSON | HttpApi UDF: HTTP Server API | Roku Remote: Example Script About Me How To Ask Good Questions On Technical And Scientific Forums (Detailed) | How to Ask Good Technical Questions (Brief) "Any fool can know. The point is to understand." -Albert Einstein "If you think you're a big fish, it's probably because you only swim in small ponds." ~TheXman Link to comment Share on other sites More sharing options...
littlebigman Posted March 1, 2023 Share Posted March 1, 2023 Thank you. Link to comment Share on other sites More sharing options...
n3wbie Posted June 1, 2023 Share Posted June 1, 2023 (edited) I'm totally new to the world of cryptography and trying to understand crypto function. i hope no one gets offended with question. I have a code in java which may b i mentioned earlier and it works with pbkdf2 hashing now m trying to generate the same through autoit but not successful. currently using chrome to run the js code and get output from chromedriver udf I m sharing both of my codes here for reference Java code var l ='Encrypted string' var n = 'Secret password' var e = CryptoJS.lib.WordArray.random(16) var t = CryptoJS.lib.WordArray.random(16) var a = CryptoJS.PBKDF2(n, t, { keySize: 8, iterations: 1e3, hasher: CryptoJS.algo.SHA256 }); var getEncryptedString = e + t + CryptoJS.AES.encrypt(l, a, { iv: e, padding: CryptoJS.pad.Pkcs7, mode: CryptoJS.mode.CBC }) e = CryptoJS.enc.Hex.parse(l.substr(0, 32)), t = CryptoJS.enc.Hex.parse(l.substr(32, 32)), a = l.substring(64), i = CryptoJS.PBKDF2(n, t, { keySize: 8, iterations: 1e3, hasher: CryptoJS.algo.SHA256 }); var getDecryptedData2 = CryptoJS.AES.decrypt(a, i, { iv: e, padding: CryptoJS.pad.Pkcs7, mode: CryptoJS.mode.CBC }).toString(CryptoJS.enc.Utf8) document.write(getDecryptedData2); Autoit Code which i m trying to write #include <Constants.au3> #include "..\CryptoNG.au3" $xEncryptedMessage = FileRead('XXXPP4437X_2022-23_AIS_31052023.json') $SECRET = 'password' $SECRET_SALT = 'b334e9ac14a46ae7073e40c3a232e881'; I M putting this manually because i m not aware of usage of salt ;Create a hashed encryption key from text-based password/salt $vEncryptKey = _CryptoNG_PBKDF2($SECRET, $SECRET_SALT, 1000, $CNG_KEY_BIT_LENGTH_AES_256, $CNG_BCRYPT_SHA256_ALGORITHM) If @error Then write_to_log("ERROR: " & _CryptoNG_LastErrorMessage() & @CRLF) Exit 1 EndIf ;~ MsgBox(0, 0, $vEncryptKey) ;~ $vEncryptKey=StringRight($vEncryptKey,64) ;~ ClipPut($vEncryptKey) ;~ MsgBox(0,0,$xEncryptedMessage) ;Decrypt encrypted message $sDecryptedMessage = _CryptoNG_AES_CBC_DecryptData($xEncryptedMessage, $vEncryptKey,10) MsgBox(0, 0, $sDecryptedMessage) If @error Then write_to_log("ERROR: " & _CryptoNG_LastErrorMessage() & @CRLF) Exit 1 EndIf encrypted data and password may be provided if required on dm Edited June 1, 2023 by n3wbie Link to comment Share on other sites More sharing options...
TheXman Posted June 1, 2023 Author Share Posted June 1, 2023 (edited) 11 hours ago, n3wbie said: I'm totally new to the world of cryptography I thought you were totally new to crypto a year ago when you posted basically the same script? Since you didn't ask a question, I can only assume that you would like for me to "help you" by creating an AutoIt example that does the same as your JavaScript example. The example script below is an accurate port of your JavaScript to AutoIt, using CryptoNG. expandcollapse popup#AutoIt3Wrapper_AU3Check_Parameters=-w 3 -w 4 -w 5 -w 6 -d #include <Constants.au3> #include <CryptoNG\CryptoNG.au3> ;<== Change path as needed n3wbie_example() Func n3wbie_example() ;String Vars Local $sMessage = "Encrypted string", _ $sPassword = "Secret password", _ $sDecryptedMessage = "" ;Binary Vars Local $xIV = _CryptoNG_GenerateRandom($CNG_BCRYPT_RNG_ALGORITHM, 16), _ $xSalt = _CryptoNG_GenerateRandom($CNG_BCRYPT_RNG_ALGORITHM, 16), _ $xEncryptionKey = _CryptoNG_PBKDF2($sPassword, $xSalt, 1000, $CNG_KEY_BIT_LENGTH_AES_256, $CNG_BCRYPT_SHA256_ALGORITHM), _ $xDecryptionKey = Binary(""), _ $xEncryptedMessage = Binary(""), _ $xFullEncryptedString = Binary("") ;Get encrypted message $xEncryptedMessage = _CryptoNG_AES_CBC_EncryptData($sMessage, $xEncryptionKey, $xIV) If @error Then Exit MsgBox($MB_ICONERROR, "_CryptoNG_AES_CBC_EncryptData Error", _CryptoNG_LastErrorMessage()) ;Prepend IV and Salt to encrypted message to create the full binary "encrypted string" $xFullEncryptedString = $xIV & $xSalt & $xEncryptedMessage ;Parse IV, Salt & Encrypted Message from full binary encrypted string in order to decrypt the message $xIV = BinaryMid($xFullEncryptedString, 1, 16) $xSalt = BinaryMid($xFullEncryptedString, 17, 16) $xEncryptedMessage = BinaryMid($xFullEncryptedString, 33) ;Generate decryption key using parsed values $xDecryptionKey = _CryptoNG_PBKDF2($sPassword, $xSalt, 1000, $CNG_KEY_BIT_LENGTH_AES_256, $CNG_BCRYPT_SHA256_ALGORITHM) ;Decrypt message using values parsed from full encrypted string $sDecryptedMessage = _CryptoNG_AES_CBC_DecryptData($xEncryptedMessage, $xDecryptionKey, $xIV) If @error Then Exit MsgBox($MB_ICONERROR, "_CryptoNG_AES_CBC_DecryptData Error", _CryptoNG_LastErrorMessage()) ;Display values ConsoleWrite("Message: " & $sMessage & @CRLF) ConsoleWrite(@CRLF) ConsoleWrite("Password: " & $sPassword & @CRLF) ConsoleWrite("IV: " & $xIV & @CRLF) ConsoleWrite("PBKDF2 Salt: " & $xSalt & @CRLF) ConsoleWrite("Generated Encryption Key: " & $xEncryptionKey & @CRLF) ConsoleWrite(@CRLF) ConsoleWrite("Encrypted Message: " & $xEncryptedMessage & @CRLF) ConsoleWrite("Full Encrypted String: " & $xFullEncryptedString & @CRLF) ConsoleWrite(@CRLF) ConsoleWrite("Generated decryption key: " & $xDecryptionKey & @CRLF) ConsoleWrite(@CRLF) ConsoleWrite("Decrypted Message: " & $sDecryptedMessage & @CRLF) EndFunc Console output: (A new encryption key is generated each time you run the script, so most values will be different than below.) Message: Encrypted string Password: Secret password IV: 0x8750BA05ED7BAE8E388456511813D208 PBKDF2 Salt: 0x96FBE67B0BAB75CE7E80DA8FFFE2AEB2 Generated Encryption Key: 0xC5FA70FF15D3C4193BDEA881DB8F34453015BD517174E96A2A24EF70A96FA984 Encrypted Message: 0x2262B52072EB0F8C966EDF4F8939F8D0DF984E0A2313726D79A46C23649A74BA Full Encrypted String: 0x8750BA05ED7BAE8E388456511813D20896FBE67B0BAB75CE7E80DA8FFFE2AEB22262B52072EB0F8C966EDF4F8939F8D0DF984E0A2313726D79A46C23649A74BA Generated decryption key: 0xC5FA70FF15D3C4193BDEA881DB8F34453015BD517174E96A2A24EF70A96FA984 Decrypted Message: Encrypted string Edited June 1, 2023 by TheXman n3wbie, jugador and Musashi 3 CryptoNG UDF: Cryptography API: Next Gen jq UDF: Powerful and Flexible JSON Processor | jqPlayground: An Interactive JSON Processor Xml2Json UDF: Transform XML to JSON | HttpApi UDF: HTTP Server API | Roku Remote: Example Script About Me How To Ask Good Questions On Technical And Scientific Forums (Detailed) | How to Ask Good Technical Questions (Brief) "Any fool can know. The point is to understand." -Albert Einstein "If you think you're a big fish, it's probably because you only swim in small ponds." ~TheXman Link to comment Share on other sites More sharing options...
kpdozer Posted June 2, 2023 Share Posted June 2, 2023 Using rsa_public_private_key_encrypt_decrypt_data_example(), I tried to encrypt a slightly longer message and failed. Are there any restrictions on the length of the message? CryptoNG UDF v1.9.7 ERROR: An invalid parameter was passed to a service or function. ERROR: Invalid parameter - Data cannot be blank. Func rsa_public_private_key_encrypt_decrypt_data_example() Const $ALG_ID = $CNG_BCRYPT_RSA_ALGORITHM, _ $MESSAGE = "UfKRlDC2TOEf1LKXz9SrX9T5MN3zag+moyAHzMKA9bQRx0yKITzpLWkuTrS4t3M3UfKRlDC2TOEf1LKXz9SrX9T5MN3zag+moyAHzMKA9bQRx0yKITzpLWkuTrS4t3M3UfKRlDC2TOEf1LKXz9SrX9T5MN3zag+moyAHzMKA9bQRx0yKITzpLWkuTrS4t3M3UfKRlDC2TOEf1LKXz9SrX9T5MN3zag+moyAHzMKA9bQRx0yKITzpLWkuTrS4t3M3", _ $PUBLIC_KEY_FILE = "example_rsa_publickey.blob", _ $PRIVATE_KEY_FILE = "example_rsa_privatekey.blob" Link to comment Share on other sites More sharing options...
n3wbie Posted June 2, 2023 Share Posted June 2, 2023 Yes m still stuck here itself even after a year. Actually this are months when i get such type of data which i need to decrypt and hence again.I tried learning more on cryptography but i feel its not my cup of tea.Although i have tried working with the snippet which you provided and i m very thankful for the same.Although i m still not able to get the results that i m expecting. it would be generous of you if you could please provide your high expertise to this matter to decrypt the same. I m hereby sharing the script that i have modified for getting it worked with mine. I request your goodself @TheXman if u please allow me to share the data and password in private to work with thanks for help in advance Link to comment Share on other sites More sharing options...
TheXman Posted June 2, 2023 Author Share Posted June 2, 2023 (edited) 20 hours ago, kpdozer said: Are there any restrictions on the length of the message? There are no length limitations written in the CryptoNG functions themselves. @kpdozer The following link provides a very good explanation of the maximum length of a PKCS1 padded message. Internally, the CryptoNG RSA functions use PKCS1 for the padding algorithm. The link also describes how RSA encryption/decryption is generally used by technologies like SSL, S/MIME, and OpenPGP, when encrypting much larger data and streams. As a general rule for the max RSA message size using PKSC1 padding, it is the size of the key (modulus) - 11 bytes of overhead. So for a 2048-bit key, that would be 256 bytes - 11 bytes = 245 bytes. If you want to be able to encrypt/decrypt a 256 byte message, like the one in your script, then I would create and use a public/private key pair of at least 3072 bits, which would give you a max of 384 - 11 = 373. Edited June 3, 2023 by TheXman CryptoNG UDF: Cryptography API: Next Gen jq UDF: Powerful and Flexible JSON Processor | jqPlayground: An Interactive JSON Processor Xml2Json UDF: Transform XML to JSON | HttpApi UDF: HTTP Server API | Roku Remote: Example Script About Me How To Ask Good Questions On Technical And Scientific Forums (Detailed) | How to Ask Good Technical Questions (Brief) "Any fool can know. The point is to understand." -Albert Einstein "If you think you're a big fish, it's probably because you only swim in small ponds." ~TheXman Link to comment Share on other sites More sharing options...
TheXman Posted June 2, 2023 Author Share Posted June 2, 2023 (edited) On 6/2/2023 at 12:03 PM, n3wbie said: Although i have tried working with the snippet which you provided and i m very thankful for the same.Although i m still not able to get the results that i m expecting....it would be generous of you if you could please provide your high expertise to this matter to decrypt the same. @n3wbie You're welcome. You have expressed yourself a little differently than in your DM. I can't help but to think you are going a bit overboard and being a bit facetious. A simple "thanks" would've been more than enough. The encryption/decryption algorithms that you provided in your example script above are a bit different than the ones used in some of the JavaScript snippets that you DM'd me. As I mentioned in the DM, my intentions are to help people learn and/or understand AutoIt-related and IT-related subject matter in order for them to be able to accomplish their goals on their own, it is not to provide full solutions. If you are interested in getting a better understanding of what's involved so you can do it yourself, I'm always willing to try and help. If you are just looking for solutions or if the subject matter is beyond your capabilities, then I suggest you hire someone to port the code for you or maybe you can find someone else in the forum to provide you what you're looking for. The main differences between the example script that I originally provided and the one needed to decrypt the data that you DM'd me, are how the IV, Salt, and Encrypted Message are parsed from the data in the file. The IV is created from the 1st 32 characters of the file, converted from its hex string representation to its binary form, which will yield the 128-bit (16-byte) binary value. The Salt is created from the next 32 characters, converted the same way as the IV. Lastly, the encrypted message/JSON is created from the remaining characters, which need to be decoded from base64 back to binary before decryption. If you have a problem implementing the changes that I outlined, feel free to ask for additional help. Edited June 3, 2023 by TheXman n3wbie 1 CryptoNG UDF: Cryptography API: Next Gen jq UDF: Powerful and Flexible JSON Processor | jqPlayground: An Interactive JSON Processor Xml2Json UDF: Transform XML to JSON | HttpApi UDF: HTTP Server API | Roku Remote: Example Script About Me How To Ask Good Questions On Technical And Scientific Forums (Detailed) | How to Ask Good Technical Questions (Brief) "Any fool can know. The point is to understand." -Albert Einstein "If you think you're a big fish, it's probably because you only swim in small ponds." ~TheXman Link to comment Share on other sites More sharing options...
TheXman Posted June 2, 2023 Author Share Posted June 2, 2023 @kpdozer & @n3wbie I have updated my original responses with more information. n3wbie and kpdozer 2 CryptoNG UDF: Cryptography API: Next Gen jq UDF: Powerful and Flexible JSON Processor | jqPlayground: An Interactive JSON Processor Xml2Json UDF: Transform XML to JSON | HttpApi UDF: HTTP Server API | Roku Remote: Example Script About Me How To Ask Good Questions On Technical And Scientific Forums (Detailed) | How to Ask Good Technical Questions (Brief) "Any fool can know. The point is to understand." -Albert Einstein "If you think you're a big fish, it's probably because you only swim in small ponds." ~TheXman Link to comment Share on other sites More sharing options...
n3wbie Posted June 5, 2023 Share Posted June 5, 2023 On 6/2/2023 at 8:11 PM, TheXman said: @n3wbie The main differences between the example script that I originally provided and the one needed to decrypt the data that you DM'd me, are how the IV, Salt, and Encrypted Message are parsed from the data in the file. The IV is created from the 1st 32 characters of the file, converted from its hex string representation to its binary form, which will yield the 128-bit (16-byte) binary value. The Salt is created from the next 32 characters, converted the same way as the IV. Lastly, the encrypted message/JSON is created from the remaining characters, which need to be decoded from base64 back to binary before decryption. If you have a problem implementing the changes that I outlined, feel free to ask for additional help. Thanks First of all $xIV = StringMid($data, 1, 32) $stringxiv = _HexToString($xIV) $stringxiv1 = Binary($stringxiv) $xSalt = StringMid($data, 32, 32) $stringxsalt = _HexToString($xSalt) $stringxsalt1 = Binary($stringxsalt) $xEncryptedMessage = StringMid($data, 33) $binarydata = _Base64Decode($xEncryptedMessage) this way? I m still missing something. Link to comment Share on other sites More sharing options...
TheXman Posted June 5, 2023 Author Share Posted June 5, 2023 (edited) You're welcome. I see a few issues with your revised snippet. The goal is to take the the 1st 32 characters of the encrypted string and the next 32 characters, that look like "8601da..." and convert them to binary, then decode the remaining base64 string to binary. There are multiple ways to do it. One way is to use a CryptoNG function that is made for converting strings to binary. You can read about it in the CryptoNG Help File under "Function Reference -> Misc / Helper Functions". You will see that the function can convert several different string formats to binary (including several different formats of HEX and even BASE64 strings). There are also examples using the function and its inverse function, in the provided examples file. You can compare your script to what I actually used and see where your issues are. First, the second StringMid() is not capturing the 2nd 32 characters. If the first 32 characters are (1,32), then the next 32 characters would be (33, 32). Which means the remaining characters would start at character 65. Here is how I parsed the values from the encrypted string: ;Parse IV, Salt & Encrypted Message from encrypted string $xIV = _CryptoNG_CryptStringToBinary(StringMid($sEncryptedString, 1, 32), $CNG_CRYPT_STRING_HEX) $xSalt = _CryptoNG_CryptStringToBinary(StringMid($sEncryptedString, 33, 32), $CNG_CRYPT_STRING_HEX) $xEncryptedMessage = _CryptoNG_CryptStringToBinary(StringMid($sEncryptedString, 65), $CNG_CRYPT_STRING_BASE64) Edited June 6, 2023 by TheXman n3wbie 1 CryptoNG UDF: Cryptography API: Next Gen jq UDF: Powerful and Flexible JSON Processor | jqPlayground: An Interactive JSON Processor Xml2Json UDF: Transform XML to JSON | HttpApi UDF: HTTP Server API | Roku Remote: Example Script About Me How To Ask Good Questions On Technical And Scientific Forums (Detailed) | How to Ask Good Technical Questions (Brief) "Any fool can know. The point is to understand." -Albert Einstein "If you think you're a big fish, it's probably because you only swim in small ponds." ~TheXman Link to comment Share on other sites More sharing options...
n3wbie Posted June 6, 2023 Share Posted June 6, 2023 (edited) 19 hours ago, TheXman said: You're welcome. I see a few issues with your revised snippet, but you are close. The goal is to take the the 1st 32 characters of the encrypted string and the next 32 characters, that look like "8601da..." and convert that to binary. There are multiple ways to do it. One way is to use a CryptoNG function that is made for converting strings to binary. You can read about it in the CryptoNG Help File under "Function Reference -> Misc / Helper Functions". You will see that the function can convert several different string formats to binary (including several different formats of HEX and even BASE64 strings). There are also examples using the function and its inverse function, in the provided examples file. You can compare your script to what I actually used and see where your issues are. First, the second StringMid() is not capturing the 2nd 32 characters. If the first 32 characters are (1,32), then the next 32 characters would be (33, 32). Which means the remaining characters would start at character 65. Here is how I parsed the values from the encrypted string: ;Parse IV, Salt & Encrypted Message from encrypted string $xIV = _CryptoNG_CryptStringToBinary(StringMid($sEncryptedString, 1,32), $CNG_CRYPT_STRING_HEX) $xSalt = _CryptoNG_CryptStringToBinary(StringMid($sEncryptedString, 33,32), $CNG_CRYPT_STRING_HEX) $xEncryptedMessage = _CryptoNG_CryptStringToBinary(StringMid($sEncryptedString, 65 ), $CNG_CRYPT_STRING_BASE64) first of all thank you for your expertise. I m still struggling with my code. i feel apart from 33 and 65 i have messed up with base 64 as well. Can you please help me with some documentation on how and what cryptography is and how it works.Basically all the parts like what is CBC ECM IV salt.I have been reading this for a while but dont understand what the actual use and more than that why in particular even after changing iv in certain cases different strings still give same result. if i summarise I wish to understand logic and also the terms used herein. I do understand salt is just added to password and iv is initialization vector but still dont understand WHY and HOW. So if you have some precise explanation document i would be more than happy to read it myself so that i dont come out dumb headed next time i need to learn cryptography. Also i had the same issue where i wanted some cross platform crypto functions. I feel its high time i learn it properly. . Edited June 6, 2023 by n3wbie mistake Link to comment Share on other sites More sharing options...
TheXman Posted June 6, 2023 Author Share Posted June 6, 2023 (edited) 51 minutes ago, n3wbie said: Can you please help me with some documentation on how and what cryptography is and how it works. Sorry, but no. This is an AutoIt Forum, not a Cryptography forum. I can appreciate that you want to learn more about cryptography, but remedial instruction on the subject or advice on how to get a better understanding of cryptography is outside the scope of this forum. I'm happy to try to help you overcome technical obstacles or answer detailed, specific questions that are AutoIt-related. But unfortunately, you need to do your own research and the critical thinking necessary to get yourself to a point where you can ask those detailed, specific questions. Furthermore, I have no idea on what types of technical media (videos, articles, whitepapers, books, etc.) help you best absorb new information. Good luck on your journey to get a better understanding of cryptography. Edited June 6, 2023 by TheXman n3wbie 1 CryptoNG UDF: Cryptography API: Next Gen jq UDF: Powerful and Flexible JSON Processor | jqPlayground: An Interactive JSON Processor Xml2Json UDF: Transform XML to JSON | HttpApi UDF: HTTP Server API | Roku Remote: Example Script About Me How To Ask Good Questions On Technical And Scientific Forums (Detailed) | How to Ask Good Technical Questions (Brief) "Any fool can know. The point is to understand." -Albert Einstein "If you think you're a big fish, it's probably because you only swim in small ponds." ~TheXman Link to comment Share on other sites More sharing options...
spudw2k Posted June 6, 2023 Share Posted June 6, 2023 @n3wbie Here is some reading material for you which might be helpful. https://en.wikipedia.org/wiki/Block_cipher_mode_of_operation https://en.wikipedia.org/wiki/Salt_(cryptography) n3wbie 1 Spoiler Things I've Made: Always On Top Tool ◊ AU History ◊ Deck of Cards ◊ HideIt ◊ ICU ◊ Icon Freezer ◊ Ipod Ejector ◊ Junos Configuration Explorer ◊ Link Downloader ◊ MD5 Folder Enumerator ◊ PassGen ◊ Ping Tool ◊ Quick NIC ◊ Read OCR ◊ RemoteIT ◊ SchTasksGui ◊ SpyCam ◊ System Scan Report Tool ◊ System UpTime ◊ Transparency Machine ◊ VMWare ESX Builder Misc Code Snippets: ADODB Example ◊ CheckHover ◊ Detect SafeMode ◊ DynEnumArray ◊ GetNetStatData ◊ HashArray ◊ IsBetweenDates ◊ Local Admins ◊ Make Choice ◊ Recursive File List ◊ Remove Sizebox Style ◊ Retrieve PNPDeviceID ◊ Retrieve SysListView32 Contents ◊ Set IE Homepage ◊ Tickle Expired Password ◊ Transpose Array Projects: Drive Space Usage GUI ◊ LEDkIT ◊ Plasma_kIt ◊ Scan Engine Builder ◊ SpeeDBurner ◊ SubnetCalc Cool Stuff: AutoItObject UDF ◊ Extract Icon From Proc ◊ GuiCtrlFontRotate ◊ Hex Edit Funcs ◊ Run binary ◊ Service_UDF Link to comment Share on other sites More sharing options...
n3wbie Posted June 7, 2023 Share Posted June 7, 2023 17 hours ago, TheXman said: Sorry, but no. This is an AutoIt Forum, not a Cryptography forum. I can appreciate that you want to learn more about cryptography, but remedial instruction on the subject or advice on how to get a better understanding of cryptography is outside the scope of this forum. I'm happy to try to help you overcome technical obstacles or answer detailed, specific questions that are AutoIt-related. But unfortunately, you need to do your own research and the critical thinking necessary to get yourself to a point where you can ask those detailed, specific questions. Furthermore, I have no idea on what types of technical media (videos, articles, whitepapers, books, etc.) help you best absorb new information. Good luck on your journey to get a better understanding of cryptography. Thank you soo much.I will try to go through the udf itself. it might help me understand bit and pieces. 8 hours ago, spudw2k said: Here is some reading material for you which might be helpful. https://en.wikipedia.org/wiki/Block_cipher_mode_of_operation https://en.wikipedia.org/wiki/Salt_(cryptography) Thanks brother. I will go through the same. Link to comment Share on other sites More sharing options...
TheXman Posted June 7, 2023 Author Share Posted June 7, 2023 (edited) On 6/6/2023 at 12:47 PM, n3wbie said: I m still struggling with my code. i feel apart from 33 and 65 i have messed up with base 64 as well. With the original example that I provided, the detailed description of the differences between that original example and what's actually needed to decrypt the file that you DM'd me, and the 3 lines showing exactly how I parsed the information needed to decrypt your file, if you still aren't able to decrypt that file, then you obviously aren't using my examples and the information that I provided. You must be doing your own thing. If you are still having a problem decrypting that file, and you still want to be able to decrypt the file, then you need to show the script that you are using and ask for help identifying why it is not producing the expected results. Showing little snippets of your script is not very helpful in trying to determine why the whole script is not producing the correct results. Edited June 8, 2023 by TheXman CryptoNG UDF: Cryptography API: Next Gen jq UDF: Powerful and Flexible JSON Processor | jqPlayground: An Interactive JSON Processor Xml2Json UDF: Transform XML to JSON | HttpApi UDF: HTTP Server API | Roku Remote: Example Script About Me How To Ask Good Questions On Technical And Scientific Forums (Detailed) | How to Ask Good Technical Questions (Brief) "Any fool can know. The point is to understand." -Albert Einstein "If you think you're a big fish, it's probably because you only swim in small ponds." ~TheXman Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now