Jump to content

CryptoNG UDF - Cryptography API: Next Gen

TheXman

By TheXman
in AutoIt Example Scripts

 Share

Recommended Posts

TheXman Universalist

TheXman

Posted
  • Author
Posted (edited)
6 hours ago, konya said:

Use _CryptoNG_RSA_EncryptData($Private_c , $Public_key, $CNG_BCRYPT_PAD_NONE ) it is can let public key decrypt.

@konya

In practice, RSA encryption should ALWAYS use a padding scheme.  I'm pretty sure that Microsoft's CNG RSA encryption/decryption implementation, with no padding, will generate some sort of "invalid parameter" exception.  It needs to be PKCS1 or OAEP (at least this is true using the default Microsoft Primitive Provider).

Also, did you really mean to suggest that, using RSA encryption/decryption, an RSA public key can be used to both encrypt and decrypt a message?

Edited by TheXman

CryptoNG UDF: Cryptography API: Next Gen
jq UDF: Powerful and Flexible JSON Processor | jqPlayground: An Interactive JSON Processor
Xml2Json UDF: Transform XML to JSON | HttpApi UDF: HTTP Server API | Roku Remote: Example Script
About Me
How To Ask Good Questions On Technical And Scientific Forums (Detailed) | How to Ask Good Technical Questions (Brief)

"Any fool can know.  The point is to understand."  -Albert Einstein
"If you think you're a big fish, it's probably because you only swim in small ponds."  ~TheXman

  • Replies 146
  • Created
  • Last Reply

Top Posters In This Topic

Top Posters In This Topic

Popular Posts

TheXman
TheXman

Encryption / Decryption / Hashing / Signing Purpose Cryptography API: Next Generation (CNG) is Microsoft's long-term replacement for their CryptoAPI.  Microsoft's CNG is designed to be exten

TheXman
TheXman

What's New in Version v1.9.5 (and v1.9.6) - Added 2 new algorithm-specific functions. _CryptoNG_AES_GCM_EncryptData

TheXman
TheXman

A new version (v1.3.0) was just published to the Downloads section of the forum. Added _CryptoNG_GenerateRandom and supporting internal function. Added an example of how to implement the

Posted Images

konya Seeker

konya

Posted
Posted (edited)

@TheXman

When I use the default setting $CNG_BCRYPT_PAD_PKCS1 , public key decryption will return An invalid parameter was passed to a service of function,

but when setting $CNG_BCRYPT_PAD_NONE it is decryption success,result the same openssl_public_decrypt function and I don't know why PHP & openssl want support public key decryption private key ciphertext.

 

When I use other UDF like bignum ,verify result as below :

 

$m = "I like autoit"
$c = _BigNum_PowerMod($m, $d, $n) ;Private key encrypt

$m =  _BigNum_PowerMod($c, $e, $n) ;Public key decrypt

Result $m = "I like autoit"

or
 

$m = ""

$c = _BigNum_PowerMod($m, $e, $n) ;Public key encrypt

$m =  _BigNum_PowerMod($c, $d, $n) ;Private key decrypt

Result $m = "I like autoit"

It would be great if the _BigNum_PowerMod performance could be improved,it is need 10second provide the result.

 

 

Edited by konya
TheXman Universalist

TheXman

Posted
  • Author
Posted (edited)

@konya

Post a test script using CryptoNG, that I can run, that proves what you are saying is true.  I want to see the actual values that you are using and how you are using the CryptoNG functions..  For the record, the "Invalid Parameter" error can be caused by things other than just padding.  That is Microsoft's general error saying that one or more of the parameters passed to the API is invalid.

The RSA example that I provide with CryptoNG proves that the encryption and decryption functions work correctly.  If you are using the code that you posted earlier that manually creates RSA key blobs, then that may be the problem.  Show me an example that uses valid RSA keys.  You can create them with CryptoNG or any other tool that generates valid RSA-formatted key blobs.

If you haven't yet, make sure you read the remarks in the CryptoNG help file under the function _CryptoNG_RSA_CreateKeyPair().  There are 2 types of RSA key formats that can be generated, the older legacy RSA keys and the newer RSA-formatted keys.  You need to understand the difference and make sure that you are using the correct format.

Edited by TheXman

CryptoNG UDF: Cryptography API: Next Gen
jq UDF: Powerful and Flexible JSON Processor | jqPlayground: An Interactive JSON Processor
Xml2Json UDF: Transform XML to JSON | HttpApi UDF: HTTP Server API | Roku Remote: Example Script
About Me
How To Ask Good Questions On Technical And Scientific Forums (Detailed) | How to Ask Good Technical Questions (Brief)

"Any fool can know.  The point is to understand."  -Albert Einstein
"If you think you're a big fish, it's probably because you only swim in small ponds."  ~TheXman

konya Seeker

konya

Posted
Posted (edited)

@TheXman

I use your example blob key make a sample,you can check.


  

$hex_c = Binary("0x598218CBE9826AAF525FA728DB78DCFE2A81F886FC2C35BD40A29662BCCA5FBB224814C1C97157DB619E19A6980BBC39510663B0289F49E8F7551C02F918D44119E7A41B669A31D4A9AB72AFA9531626D25767FE108822A8444318A3A2046ACD7CCE91B358FBEB9E643EFDD1A4688FED197188579AFD563CD1E184D21F837B685402BF633FF9B371F19EB466F2C8290683C447803E3D1CA0AFB516CC8FF1B333EACCB0D453E33886C0CAD933B9A198BC7A43C20651BA04935D73E1AA0503D6BE5574FB35D5FCCF62D5D68930332F3B8D568CDF1540F03E3A9C863704509AD973E12D05812FE4E425BD745B59DAF531F0E4B1D5D89E569C543FCFBF75BF1A70BA")


$m = _CryptoNG_RSA_EncryptData($hex_c , "example_rsa_publickey.blob", $CNG_BCRYPT_PAD_NONE, Default )
    If @error Then
        MsgBox(0,"",_CryptoNG_LastErrorMessage())
    Else
        $m = Hex($m)
        $search_zero = StringInStr($m,"FF00")
        MsgBox(0,"",BinaryToString("0x"&StringMid($m,$search_zero+4,StringLen($m)-$search_zero)))
    EndIf

 

Sample.JPG

Edited by konya
TheXman Universalist

TheXman

Posted
  • Author
Posted (edited)

@konya

The example RSA public/private key pair are 2048 bits.  The value that you are trying to encrypt is 256 bytes (2048 bits).  You cannot encrypt 2048 bits with a 2048 bit key, using PKCS1 padding.  That value is too large and it is the reason that you got an "Invalid Parameter" error when using padding.

This was discussed in a previous post HERE.

Edited by TheXman

CryptoNG UDF: Cryptography API: Next Gen
jq UDF: Powerful and Flexible JSON Processor | jqPlayground: An Interactive JSON Processor
Xml2Json UDF: Transform XML to JSON | HttpApi UDF: HTTP Server API | Roku Remote: Example Script
About Me
How To Ask Good Questions On Technical And Scientific Forums (Detailed) | How to Ask Good Technical Questions (Brief)

"Any fool can know.  The point is to understand."  -Albert Einstein
"If you think you're a big fish, it's probably because you only swim in small ponds."  ~TheXman

TheXman Universalist

TheXman

Posted
  • Author
Posted (edited)
11 hours ago, konya said:

It is can use private key encrypt and public key decrypt no issue.

That is backwards!  The public key is used to encrypt and the private key is used to decrypt.

Edited by TheXman

CryptoNG UDF: Cryptography API: Next Gen
jq UDF: Powerful and Flexible JSON Processor | jqPlayground: An Interactive JSON Processor
Xml2Json UDF: Transform XML to JSON | HttpApi UDF: HTTP Server API | Roku Remote: Example Script
About Me
How To Ask Good Questions On Technical And Scientific Forums (Detailed) | How to Ask Good Technical Questions (Brief)

"Any fool can know.  The point is to understand."  -Albert Einstein
"If you think you're a big fish, it's probably because you only swim in small ponds."  ~TheXman

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...