Crypto Suite

[SkinnyWhiteGuy]

On the StringToBinary's I use, I was trying to leave it open for people to use plain text for keys, so you could use "acbdefghijklmnop" as a key, or specify your own key by using a Binary variable. It could be modified with a Regular Expression to check for your type of input, and convert appropriately, but I'll let someone else have fun with that.

[spudw2k]

I'm having difficulties using IVs. What am I doing wrong and why do I need to supply the IV to the decipher?

expandcollapse popup

#include <rijndael.au3>

$dat = "Here's my secret message."

;Method 1 - Fail
$enc = _rijndaelCipher(_SHA1("key"),$dat,160,1,_SHA1("This is an IV"))
$dec = _rijndaelInvCipher(_SHA1("key"),$enc,160,1,_SHA1("This is an IV"))
ConsoleWrite(BinaryToString($dec) & @CRLF & @CRLF)

;Method 2 - Fail
$enc = _rijndaelCipher(_SHA1("key"),$dat,160,2,_SHA1("This is an IV"))
$dec = _rijndaelInvCipher(_SHA1("key"),$enc,160,2,_SHA1("This is an IV"))
ConsoleWrite(BinaryToString($dec) & @CRLF & @CRLF)

;Method 3 - Success
$enc = _rijndaelCipher(_SHA1("key"),$dat,160,3,_SHA1("This is an IV"))
$dec = _rijndaelInvCipher(_SHA1("key"),$enc,160,3,_SHA1("This is an IV"))
ConsoleWrite(BinaryToString($dec) & @CRLF & @CRLF)

;Method 4 - Fail
$enc = _rijndaelCipher(_SHA1("key"),$dat,160,4,_SHA1("This is an IV"))
$dec = _rijndaelInvCipher(_SHA1("key"),$enc,160,4,_SHA1("This is an IV"))
ConsoleWrite(BinaryToString($dec) & @CRLF & @CRLF)

Func _SHA1($Data)
    Local $_SHA1Opcode = '0xC86800005356576A006A006A008D459850E829000000FF7514FF750CFF75088D459850E88A0000006A006A008D459850FF7510E8490000005F5E5BC9C210005589E5538B5D08836314008363180083635C00C70301234567C7430489ABCDEFC74308FEDCBA98C7430C76543210C74310F0E1D2C383636000836364005B5DC210005589E55657FF750CE8850200008B7D088B750C6A0559A58A47FF8647FC8847FF8A47FE8647FD8847FEE2EB5F5E5DC210005589E55356578B5D08837D10007502EB59837B60007506837B640074076A018F4364EB468B4D108B7D0CEB3449518A078B735C8844331CFF435C83431408837B1400750EFF4318837B180075056A018F4364837B5C40750653E813000000475985C97406837B640074C25F5E5B5DC21000C84801005356578B5D086A10598D51FF89D7C1E7020FB6443B1CC1E018898495BCFEFFFF0FB6443B1DC1E010098495BCFEFFFF0FB6443B1EC1E008098495BCFEFFFF0FB6443B1F098495BCFEFFFFE2BD6A105A83FA5073288B8495B0FEFFFF3384959CFEFFFF33849584FEFFFF3384957CFEFFFFD1C0898495BCFEFFFF42EBD38B4D088B318B59048B51088B790C8B41108985B8FEFFFF8365FC00837DFC147D3C89D131F921D931F989F0C1C00501C80385B8FEFFFF8B4DFC03848DBCFEFFFF059979825A5089BDB8FEFFFF89D789D8C1C01E89C289F35EFF45FCEBBE6A148F45FC837DFC287D3A89D931D131F989F0C1C00501C80385B8FEFFFF8B4DFC03848DBCFEFFFF05A1EBD96E5089BDB8FEFFFF89D789D8C1C01E89C289F35EFF45FCEBC06A288F45FC837DFC3C7D4689D821F85089D021F889D921D109C15809C189F0C1C00501C80385B8FEFFFF8B4DFC03848DBCFEFFFF05DCBC1B8F5089BDB8FEFFFF89D789D8C1C01E89C289F35EFF45FCEBB46A3C8F45FC837DFC507D3A89D931D131F989F0C1C00501C80385B8FEFFFF8B4DFC03848DBCFEFFFF05D6C162CA5089BDB8FEFFFF89D789D8C1C01E89C289F35EFF45FCEBC08B4D088B0101F089018B410401D88941048B410801D08941088B410C01F889410C8B41100385B8FEFFFF89411083615C005F5E5BC9C204005589E55356578B5D08837B6400740431C0EB14837B6000750B53E80F0000006A018F436031C0405F5E5B5DC204005589E553578B5D088B7B5C83FF37762EC6443B1C8047EB06C6443B1C004783FF4072F5897B5C53E8B6FDFFFF8B7B5CEB06C6443B1C004783FF3872F5EB13C6443B1C8047EB06C6443B1C004783FF3872F5897B5C8B4318C1E81825FF0000008843548B4318C1E81025FF0000008843558B4318C1E80825FF0000008843568B431825FF0000008843578B4314C1E81825FF0000008843588B4314C1E81025FF0000008843598B4314C1E80825FF00000088435A8B431425FF00000088435B53E81EFDFFFF5F5B5DC20400'
    Local $CodeBuffer = DllStructCreate("byte[" & BinaryLen($_SHA1Opcode) & "]")
    DllStructSetData($CodeBuffer, 1, $_SHA1Opcode)
    Local $Input = DllStructCreate("byte[" & BinaryLen($Data) & "]")
    DllStructSetData($Input, 1, $Data)
    Local $Digest = DllStructCreate("byte[20]")
    DllCall("user32.dll", "none", "CallWindowProc", "ptr", DllStructGetPtr($CodeBuffer),"ptr", DllStructGetPtr($Input),"int", BinaryLen($Data),"ptr", DllStructGetPtr($Digest),"int", 0)
    Local $Ret = DllStructGetData($Digest, 1)
    $Input = 0
    $Digest = 0
    $CodeBuffer = 0
    Return $Ret
EndFunc

edit: So far I can only get proper decryption using method 0, and 3 (with our without IVs).

Edited November 6, 2009 by spudw2k

[SkinnyWhiteGuy]

You have been using the IV's perfectly fine, it turns out I had an error in my function. Using my version of the file on my drive, I only had an error for mode 4, CTR mode. After reading through it again, turns out my inverse cipher function was off by one, which made things very wrong. I'm updating the first post in this thread with my newest file, so everything should work with it.

[spudw2k]

You have been using the IV's perfectly fine, it turns out I had an error in my function. Using my version of the file on my drive, I only had an error for mode 4, CTR mode. After reading through it again, turns out my inverse cipher function was off by one, which made things very wrong. I'm updating the first post in this thread with my newest file, so everything should work with it.

I am looking forward to testing your update(s). So I shouldn't have to supply the IV to the decipher? From what I understood, the IV acts as an offset...not as a key so the IV shouldn't be necessary to decrypt. Wards AES DLL version works this way.

edit:

Looks good, as far as decryption....but the IVs still don't work as expected. I shouldn't have to provide the IV to the decipher to get proper decryption. Hmmm..

Edited November 8, 2009 by spudw2k

[SkinnyWhiteGuy]

Well, according to Wikipedia,

The IV must be known to the recipient of the encrypted information to be able to decrypt it.

When I wrote all this, I added the IV option, so that each encryption option wouldn't produce the same results, given the same key/message. I think that's why IV's were added as modes of operation. Without the IV, the decryption wouldn't know how to change the key stream to get it to work (which was actually partly the problem before with CTR, my decryption method wasn't using the same counter as the encryption method).

[spudw2k]

Crazy, I wonder how Ward is doing it. I'll just have to ask him since I can't look at his code (ASM compiled DLL). Thanks for your help and great work btw.

[Splash]

Thanks for AES/rijndael UDF!!!

I was looking this for a long time.

[twitchyliquid64]

Any chance of adding Public Key Cryptography?

That woulds be sweeet or If you know of some C code that does it send it to me and I will try and convert it for you if you have no time.

But otherwise GREAT suite!

[intime69]

Very awesome work! Many thanks for sharing this!

The rijndael.au3 UDF did not come with an example so I tried the following:

Local $key = "8787878787878787"
Local $message = "Supercalifradialisticexpialidocious"
Local $ciphertext  = _rijndaelCipher($key, $message)
ConsoleWrite("AES Test Encrypted: " & $ciphertext)
Local $recovered_message = _rijndaelInvCipher($key, $ciphertext)
ConsoleWrite(@CRLF)
ConsoleWrite("AES Test Decrypted: " & $recovered_message)
ConsoleWrite(@CRLF)

The output is as follows:

AES Test Encrypted: 0x201580B42694B890AEF015FCAA5059793127BAFF464F3D8406A8B1ADF18D87FEEF5038F38DA3B450EFD5CCC0BBE4FBAE
AES Test Decrypted: 0x537570657263616C696672616469616C697374696365787069616C69646F63696F7573

Any reason why I am not getting 'Supercalifradialisticexpialidocious' as the decrypted text? I must be doing something wrong?

EDIT: Got it working. I simply forgot to convert the binary to a string:

ConsoleWrite("AES Test Decrypted: " & BinaryToString($recovered_message))

EDIT2: Quick question: Now that I have the encrypted text which will be used as an admin password, can I simply store it in an ini file so that my AutoIT application can decrypt it and compare it with the actual password? If the password matches, the admin can modify settings. Will the encrypted password be secure in the ini file? or should I save it to the registry? or do I need to do something further such as 'hashing'?

Thanks in advance for any recommendations,

Ian

P.S.; UDF's like these are simply amazing! It is beyond my comprehension how you guys can figure out all of this complex codding... Many thanks to SkinnyWhiteGuy for putting everything together for us. It is so much appreciated!

Edited April 12, 2011 by intime69

[titanfu]

great..

AES(CBC Mode) is working for me.

I can integrate it with asp.net.