Jump to content

CryptoNG UDF - Cryptography API: Next Gen


TheXman
 Share

Recommended Posts

18 hours ago, TheXman said:

With the original example that I provided, the detailed description of the differences between that original example and what's actually needed to decrypt the file that you DM'd me, and the 3 lines showing exactly how I parsed the information needed to decrypt your file, if you still aren't able to decrypt that file, then you obviously aren't using my examples and the information that I provided.  You must be doing your own thing.  If you are still having a problem decrypting that file, and you still want to be able to decrypt the file, then you need to show the script that you are using and ask for help identifying why it is not producing the expected results.  Showing little snippets of your script is not very helpful in trying to determine why the whole script is not producing the correct results.

Sorry for the confusion.

The Code that you provided is working flawlessly...

the code snippet that i provided earlier still has problem after 33 and 65 changes in particular

the functions of cryptoNG are Working flawlessly and I m able to decrypt the file successfully.

Thanks once again for the help ,also for explaining and supporting ;and sorry for the trouble that i created ...

Link to comment
Share on other sites

You're welcome. 

I'm glad that you were able to develop a working decryption script for your JSON files.  :graduated:

Link to comment
Share on other sites

7 minutes ago, TheXman said:

You're welcome. 

I'm glad that you were able to develop a working decryption script for your JSON files.  :graduated:

I'm also satisfied that i could do it.

also due to better understanding of autoit rather than javascript. I could also make the port of the same code for PHP

Here Goes the code

<?php
$data=file_get_contents('abc.json')
$xiv=substr($data,0,32);
$xsalt=substr($data,32,32);
$data64=substr($data,64);
$data65=base64_encode($data64);
$xiv=hex2bin($xiv);
$xsalt1=hex2bin($xsalt);
$derivedkey = openssl_pbkdf2($sPassword, $xsalt1, 32, 1000, 'sha256');
$decodeddata= openssl_decrypt($data64,'aes-256-cbc',$derivedkey,OPENSSL_ZERO_PADDING ,$xiv)
return $decodeddata
  ?>

Much thanks @TheXman

Link to comment
Share on other sites

  • 1 month later...

A detailed description of the RSA functions can be found in the help file that is included with the UDF (CryptoNG Help.chm).  Look in the "Asymmetric Encryption/Decryption Functions" section under the "Function Reference".   Also, there are examples of how to implement those functions in the included examples file (CryptoNG_Examples.au3).  In that examples file, there is an example of how to create a public/private key pair (create_legacy_rsa_key_pair_example) and there is an example of how to implement the RSA encryption and decryption functions using the generated key pair (rsa_public_private_key_encrypt_decrypt_data_example).

6 hours ago, z75885446 said:

Please tell me how this rsa encryption implements public key to decrypt encrypted content.

The public key is not used to decrypt encrypted content.  The public key is used to encrypt data.  The private key is used to decrypt data.

Edited by TheXman
Link to comment
Share on other sites

11 hours ago, TheXman said:

The public key is not used to decrypt encrypted content.  The public key is used to encrypt data.  The private key is used to decrypt data.

Unless you are verifying signed data.  In that case the sender encrypts with their private key, and the recipient uses the sender's public key to decrypt. ;)

Link to comment
Share on other sites

Signing and signature verification are totally different subjects than encryption and decryption.  Neither I nor the poster mentioned anything about signing or signature verification. ;)

Thanks for your input though.

Edited by TheXman
Link to comment
Share on other sites

Excuse me, does anyone know how to do this? I don't think private key encryption is safe for clients. It is easy to analyze the public key information through the private key. The receiver uses the sender's public key to decrypt. That's exactly what I want to know,

Link to comment
Share on other sites

It appears that you want to know about RSA cryptography in general, not about anything specific to the CryptoNG UDF.  Learning about Cryptography is not the purpose of this topic.  This topic is for questions, comments, or concerns related to the UDF itself.  If you want to learn about cryptography, then go read a book or find some articles on the web.

Link to comment
Share on other sites

What's New in Version v2.0.0

  • Added new RSA signing functions:
    • CryptoNG_RSA_SignHash
    • CryptoNG_RSA_VerifySignature
  • Updated the supplied CryptoNG calltips and userudfs files to include the new RSA Signing and Signature Verification functions.
     
  • Added RSA Signing and Signature Verification examples to the CryptoNG examples file.
     
  • Added RSA Signing and Signature Verification functions to the CryptoNG UDF help file.
     
  • Added a few new constants
     
  • Misc function header corrections & modifications
Link to comment
Share on other sites

Yes, you were the 1000th download!

I think it's pretty awesome that the author of the CodeScannerCrypter Bundle, which is one of the most prolific implementers of the CryptoNG UDF that I know of, was the one to actually help me achieve that milestone.

Thanks @RTFC!

:thumbsup:

 

Edited by TheXman
Link to comment
Share on other sites

What's New in Version v2.1.0

  • Added new ECDSA signing functions:
    • CryptoNG_ECDSA_CreateKeyPair
    • CryptoNG_ECDSA_SignHash
    • CryptoNG_ECDSA_VerifySignature
       
  • Added ECDSA Signing and Signature Verification examples to the CryptoNG examples file.
    • create_ecdsa_key_pair_example()
    • ecdsa_sign_and_verify_example()
       
  • Updated the supplied CryptoNG calltips and userudfs files to include the new ECDSA Signing and Signature Verification functions.
     
  • Added the new ECDSA Signing and Signature Verification functions to the CryptoNG UDF Help File.
     
  • Added new constants to support ECDSA signing functions.
     
  • Misc function header corrections & modifications.
     
  • Misc Help File corrections & modifications.
     
  • Moved the version history log from the UDF to an external file (Version History.txt).
Link to comment
Share on other sites

  • 1 year later...

The Func __CryptoNG_IsKeyBitLengthValid($hAlgorithmProvider, $vEncryptionKey) have some issue,

When I execute example it is fail and I'm found the issue is  $tKeyLengthsStruct.dwIncrement = 0,

Suggestion modify  to     ElseIf Mod($iEncryptKeyBitLength, $tKeyLengthsStruct.dwIncrement) <> 0 and $tKeyLengthsStruct.dwIncrement <> 0 Then. ,

Link to comment
Share on other sites

@konya Please provide a small example script that shows that it is not working correctly.

$tKeyLengthsStruct.dwIncrement should never be 0.  If the increment field is 0, then you probably had an earlier error that you did not catch, like an invalid algorithm provider handle.  An example script will help me see whether there's a bug or whether your script had an error (which includes not having adequate error checking).

Edited by TheXman
Link to comment
Share on other sites

@konya Thanks for posting the example. 

I was wrong, there is one condition where the increment field should be 0.  That's when the key can only be one length, like for DES and 3DES.  :doh:  For 3DES, the key length can only be 192 bits (24 bytes).  So you were right about the Mod function being the issue.  It should not have tried to execute the Mod() function with a divisor of zero (the increment field).  Very nice catch!  :)

I will make the appropriate modification and post the updated later today.

Thank you for bring the issue to my attention.

Edited by TheXman
Link to comment
Share on other sites

What's New in Version v2.2.0

Released September 27, 2024

  • Fixed a bug in the internal function __CryptoNG_IsKeyBitLengthValid() where it was possible for some valid key lengths to be reported as invalid. This would only occur for the few encryption algorithms that can only have 1 key length, like 3DES.  Thanks @konya for reporting the bug.
     
  • Removed the trailing CRLF from _CryptoNG_CryptBinaryToString() results.  By default, the Win32 API (CryptBinaryToStringW) appends a CRLF to all results.
     
  • Replaced all references to GCM "Authorization" tag to the correct name,  "Authentication" tag.  This was purely a documentation issue in the help file and function headers.
Edited by TheXman
Link to comment
Share on other sites

  • 1 month later...

Share my good idea, manual create key to file or return binary data,

use key from memory no need to read files.

 

;tagRSAPUBKEY
Global Const $tagRSAPUBKEY = _
                "align 1;" & _
                "char magic[4];" & _
                "uint bitlen;" & _
                "uint PubExpLength;" & _
                "uint ModulusLength;" & _
                "uint PLength;" & _
                "uint QLength;" & _
                "byte PubExp[3];" & _
                "byte Modulus[1];"

Global Const $tagRSAPRIVATEKEY = _
                "align 1;" & _
                "char magic[4];" & _
                "uint bitlen;" & _
                "uint PubExpLength;" & _
                "uint ModulusLength;" & _
                "uint PLength;" & _
                "uint QLength;" & _
                "byte PubExp[3];" & _
                "byte Modulus[1];" & _
                "byte P[1];" & _
                "byte q[1];"
;RSAPUBKEY


Func Read_to_Blob($key_path,$tag = "Public")
Local $hFile = FileOpen($key_path,$FO_BINARY)
Local $blob_b = FileRead($hFile)
FileClose($hFile)
Local $blob_handle = DllStructCreate("byte a["&BinaryLen($blob_b)&"];")
$blob_handle.a = $blob_b
if $tag = "Public" Then
Local $blob_data = DllStructCreate($tagRSAPUBKEY,DllStructGetPtr($blob_handle))
Local $tagRSAPUBKEY2 = StringReplace($tagRSAPUBKEY,"Modulus[1]","Modulus["&$blob_data.bitlen/8&"]")
$blob_data = DllStructCreate($tagRSAPUBKEY2,DllStructGetPtr($blob_handle))
_WinAPI_DisplayStruct($blob_data,$tagRSAPUBKEY2)
Else
Local $blob_data = DllStructCreate($tagRSAPRIVATEKEY,DllStructGetPtr($blob_handle))
Local $tagRSAPRIVATEKEY2 = StringReplace($tagRSAPRIVATEKEY,"Modulus[1]","Modulus["&$blob_data.bitlen/8&"]")
$tagRSAPRIVATEKEY2 = StringReplace($tagRSAPRIVATEKEY2,"p[1]","p["&$blob_data.bitlen/8/2&"]")
$tagRSAPRIVATEKEY2 = StringReplace($tagRSAPRIVATEKEY2,"q[1]","q["&$blob_data.bitlen/8/2&"]")
$blob_data = DllStructCreate($tagRSAPRIVATEKEY2,DllStructGetPtr($blob_handle))
_WinAPI_DisplayStruct($blob_data,$tagRSAPRIVATEKEY2)
EndIf
Return $blob_handle.a
EndFunc


Func Create_to_Blob($key_path,$tag = "Public" , $bitlen = 2048, $e = 65537, $Modulus = 0x0, $p = 0x0, $q = 0x0 ,$write_or_binary = 1)
if $tag = "Public" Then
Local $tagRSAPUBKEY2 = StringReplace($tagRSAPUBKEY,"Modulus[1]","Modulus["&$bitlen/8&"]")
Local $blob_data = DllStructCreate($tagRSAPUBKEY2)
$blob_data.magic = "RSA1"
$blob_data.bitlen = $bitlen
$blob_data.PubExpLength = 3
$blob_data.ModulusLength = $blob_data.bitlen/8 
$blob_data.PLength = 0
$blob_data.QLength = 0 
$blob_data.PubExp = $e
$blob_data.Modulus = $Modulus
_WinAPI_DisplayStruct($blob_data,$tagRSAPUBKEY2)
Else
Local $tagRSAPRIVATEKEY2 = StringReplace($tagRSAPRIVATEKEY,"Modulus[1]","Modulus["&$bitlen/8&"]")
$tagRSAPRIVATEKEY2 = StringReplace($tagRSAPRIVATEKEY2,"p[1]","p["&$bitlen/8/2&"]")
$tagRSAPRIVATEKEY2 = StringReplace($tagRSAPRIVATEKEY2,"q[1]","q["&$bitlen/8/2&"]")
Local $blob_data = DllStructCreate($tagRSAPRIVATEKEY2)
$blob_data.magic = "RSA2"
$blob_data.bitlen = $bitlen
$blob_data.PubExpLength = 3
$blob_data.ModulusLength = $blob_data.bitlen/8
$blob_data.PLength = $blob_data.bitlen/8/2
$blob_data.QLength = $blob_data.bitlen/8/2
$blob_data.PubExp = $e
$blob_data.Modulus = $Modulus
_WinAPI_DisplayStruct($blob_data,$tagRSAPRIVATEKEY2)
EndIf

Local $blob_binary = DllStructCreate("byte a["&DllStructGetSize($blob_data)&"];",DllStructGetPtr($blob_data))
if $write_or_binary = 1 Then
$hFile = FileOpen($key_path,$FO_BINARY+$FO_OVERWRITE)
FileWrite($hFile,$blob_binary.a)
FileClose($hFile)
Else
Return $blob_binary.a
EndIf

EndFunc

 

Link to comment
Share on other sites

On 7/21/2023 at 12:41 PM, z75885446 said:

Excuse me, does anyone know how to do this? I don't think private key encryption is safe for clients. It is easy to analyze the public key information through the private key. The receiver uses the sender's public key to decrypt. That's exactly what I want to know,

Use _CryptoNG_RSA_EncryptData($Private_c , $Public_key, $CNG_BCRYPT_PAD_NONE ) it is can let public key decrypt.

 

Edited by konya
Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...