Crypto Suite

[SkinnyWhiteGuy]

Put BinaryToString() around your call to _rijndaelInvCipher(). That function returns a binary no matter what, so you have to add that to get a string back, if you know that it is a string.

[arcker]

ahh ok

works perfectly

really good work , thx for sharing this

edit :

tested with a text file of 56ko ... works perfectly too (for rjindael, i've just tested it)

excellent

Edited September 18, 2007 by arcker

[SkinnyWhiteGuy]

No problem. Just as an aside, your key could be more "unique" buy using 16 random Binary from 0 to F(15 in hex).

[Foy]

I'm not sure how I'm supposed to use this.

I'm new to autoIt, new to encryption, new new new. All I see is the au3 files, not how to use it, I tried MD5Hash.dll and it's use wasn't 100% clear either but at least he included some examples.

So can you tell me how to use these files?

lol ty.

<--- Newbie

[SkinnyWhiteGuy]

Well, MD5 isn't one of my creations, and I don't cover the DLL creations at all, but I'll try to help you out, if I can. Mainly, you use all these encryption functions just by calling which ever "encrypt" function you want, inputing the stuff to be encrypted as the "message", and using some other value as a "key". Now, that key can be static in the file, but that is considered "unsecure". It's best to ask for it everytime it's needed, to keep it from being extracted. To decrypt, use the corresponding "decrypt" function, with the key used to encrypt the message.

Now, as for functions like MD5, SHA1, and others, those are called hashing functions, and are "one way", meaning that you cannot undo what they do. Most hashes produce results the same length, no matter what kind of info you plug into them, so that lends itself better to data checking than data encryption. That's why you were told the other day to hash, save the hash, then whenever the data needed checking, hash the data to be checked, and then compare.

If you need more specific help with one of the algorithms I have posted here, post what you've tried, and I'll be glad to try to help you out more. I'll even try to help you a litle with MD5 if you want it, not that I'll be able to do very much specifically.

[sheck]

Awesome !!!

i was looking for BLOWFISH port to autoit.

Also I want IDEA port too. Has anybody done that yet ?

[miragez]

Merry Christmas to all... and SkinnyWhiteGuy

I very new to autoit and been reading the help manual provided together with autoit and relies on it heavily to get things done....

I some how came across this algorithms which I am very interested to understand how to use.

Here's some questions hope you will not mind.

1. I have a au3 script , I have included this " #Include <rijndael.au3> how do I start tell autoit to run functions from external script ?

2. Can u give me an example of a main script that is calling external script like rijndael.au3 the function in it to run on that main script ?

Thanks if you can help me out to sort this.....

[x42x4b]

@SkinnyWhiteGuy: great job! This is what I was looking for... Skinny |2U|_EZ

[Alcoholic]

Can someone provide a script of encrypting (decrypting) files (exe jpg mp3 etc)

with BlowFish & AES please.

[Oldschool]

@SkinnyWhiteGuy

Thank you bro! This is

[SxyfrG]

Hmm, i'm having some problems with encrypting and decrypting long string with DES and Triple DES :\

It seems about half the string is being stripped in encryption (i.e. 1000 character long string goes in, 700 character long one comes out and decrypts to about the first 500 characters of the original string)

Anyone care to shed some light?

*EDIT*

Used your StringToHex function and that helped with the output, but decrypting still isn't working properly for me :|

*SECOND EDIT*

Fixed the problem by doing this:

#include <Des_Opt.au3>
$key = "1212121212121212"
$e = Des($Key&$Key&$Key, "BLARG", 1)
$e = StringToBinary ( $e )
ConsoleWrite ( $e & @LF & @LF )
$d = Des($Key&$Key&$Key, BinaryToString($e), 0)
ConsoleWrite ( $d & @LF & @LF )

Edited May 1, 2008 by SxyfrG

[bmouth]

This is really nice, I'm new to encryption, and for some reason the functions _StringEncrypt returns an empty string.

Even the blowfish returns an empty string but rjindael works perfectly.

Maybe it's due to the regional encoding settings on my computer?

[DaProgrammer]

i have a very important question, where can i safely store the key ?

i am making a program that asks for a password but where can i store the key ? if i hardcode it then its not really secure is it ?

[SkinnyWhiteGuy]

bmouth: probably so, I haven't visited these functions in awhile, but that does sound like a likely culprit. Try changing the string you pass in to explicitly Unicode with Autoit's functions

DaProgrammer: ideally, you won't store the key. No matter how you stored it, as long as it's there, it's susceptible to attack. Beyond that, a separate file, on a removable key, would be better than hard coded.

[Mojo]

Thank you very much, Matthew, for those great pieces of code! I love it!!

One question though.. the hash function in your Rijndael.au3 is to be used to create a hash that will fit the required length as a key, right?

oh, I almost forgot...

Big thanks also to phkninja for providing useful information regarding Encryption in general!

I'm learning something new EVERY DAY, thanks to this great community here!

[anandchakru]

Hi, I tried rijndael.au3 as follows

$cryptPwd = "myPassword"
$plainText = "some crap data to be encrypted"
$cypher = _rijndaelCipher($cryptPwd, $plainText)
$recoveredPlainText = _rijndaelInvCipher($cryptPwd, $cypher)

Now, $recoveredPlainText has the Ascii values of my String, how do i convert it back to plain String values ? please help..

Edit: got the answer,

$cryptPwd = "myPassword"
$plainText = "some crap data to be encrypted"
$cypher = _rijndaelCipher($cryptPwd, $plainText)
$recoveredPlainText = BinaryToString(_rijndaelInvCipher($cryptPwd, $cypher))

Does the magic !!

Thanks,

`A

Edited February 7, 2009 by anandchakru

[jennico]

brilliant work ! 5 stars !

j.

Edited March 1, 2009 by jennico

[Fzarada]

It seems there's a big problem in the rijndael script! can anybody confirm?

Encrypting a string (over 16 chars) in CBC mode returns the same in ECB mode!. Decrypting in the other hand is OK

Here's an example:

#include "rijndael.au3"
  $plaintxt = "The quick brown fox jumps over the lazy dog     "
  $keyHex = "0x0123456789ABCDEF0123456789ABCDEF"
  $cipherCBC = _RijndaelCipher(BinaryToString($keyHex),$plaintxt,128,1)
  ConsoleWrite("Cipher text in CBC mode: " & $cipherCBC & @CRLF)oÝ÷ ÚØb±Êz·­º¹ìÓ8OEÛ®CÛÏ@ì9­:ô^:ð@ºÜOwÛoy]ÓO@ó½5
úì0Ð>ÁÜP{a9ßuï´ß]绡è=µãL!W¢¶ÈhºW[{LDà=n¹o=°

this code returns the original plain text.

Quick look at the rijndael script shows that actual plaintext block is never XORed with the precedent ciphered block as it should in CBC mode, instead it's XORed with a null variable $tempresult witch is never updated within the loop.

I thought the whole issue could be resolved by a quick typo fix, but it looks to me it far from that, a big chunk of the code has to be re-written

[SkinnyWhiteGuy]

Actually, it is a pretty quick fix. I'm surprised it didn't show up any where else in my tests, but it was totally my fault. The $tempresult you speak of, was being cleared off before it should have been. I was using it to store the previous results of encryption to use back in the next round, but I cleared it right after putting it's results into the $result variable. Just move the "$tempresult = ''" line to right after the call to Cipher() and everything clears up.

Btw, why are you converting all the binary values to Strings right before passing them into my functions? First thing my function does is check if message, key, or IV isn't a Binary, and converts it. Seems like that wastes time in your script.

I'll try to put together a new Zip file soon and upload it, so no one else will have to read all this just to get that working. Thanks Fzarada.

[Fzarada]

..And I'm surprised i missed your quick fix too

The reason I'm converting the parameters before pushing'em into the function is due to these 3 lines in your code:

If Not IsBinary($message) Then $message = StringToBinary($message)
    If Not IsBinary($key) Then $key = StringToBinary($key)
    If Not IsBinary($iv) Then $iv = StringToBinary($iv)oÝ÷ Øv«Ê+$wZºÇ¥zË,wÜ"V¥Á¬¬­ën®{4~ÚºÚ"µÍÌÍÚÙ^HH ][ÝÌLÍ
MÎPPÑQLÍ
MÎPPÑQ][ÝÂÙÐÞ
    ][ÝÉ][ÝËÐ[J    ÌÍÚÙ^JJoÝ÷ Û­r§¶êçÂ)eq«¬zØ^ì­¡·¢{Þ®×{"u쨺»®*m{hjëh×6$key = StringToBinary($key) ;$key = 0x3078303132333435363738383941424344454630313233343536373839

witch is not desirable.

Of course this can be resolved by using Binary() instead of StringToBinary(), but your code is so well put i just didn't wanna modify it

I'll be looking forward for more great crypto scripts from you SkinnyWhiteGuy.

Thank you.

Edited May 8, 2009 by Fzarada