PeterPE

Wow, that was super fast! Thanks for adding _CryptoNG_GenerateRandom !!

Great! And now that I think about it. I definitely not only consider this is as a feature request, but also as "security vulnerability report".

This does not seem correct. In fact the IV becomes part of the "message" and is not secret. "A random IV ensures that each message encrypts differently, such that seeing multiple messages encrypted with the same key doesn't give the attacker any more information than just seeing a single long message. In particular, it ensures that encrypting the same message twice yields two completely different ciphertexts, which is necessary in order for the encryption scheme to be semantically secure. " Here is an "non edge case" example. There is a file encryption function in your UDF. Let's say a user wants to encrypt a bunch of similar files (music, video, etc). Then using the same IV can leak information about the meta data of the file. If the files have a common prefix, then this will be leaked in the common prefix of the encrypted file. It is insecure to reuse an IV with AES-CBC. The need for an IV is not an edge case. The "venerable Ward UDF" for example adds an additional parameter IV, and the IV is returned together with the Ciphertext. The Default is a random IV. Func _AesEncrypt($Key, $Data, $Mode = $AES_CBC_MODE, $IV = Default) In any case, I am happy that you created this great UDF! And I am happy that you consider this as a feature request. And may I add another feature request? A function for random data would be nice too (something like BCryptGenRandom). Thanks again for your great work!

Thanks for your prompt response! Yes, that is basically the issue. The old API (used in crypt.au3) allows to pass an IV using KP_IV in a CryptSetKeyParam call. I don't know how to pass an IV to your function? I believe using a "hardcoded value" as IV is not a good choice. At least it should be possible to pass an IV to your function (my opinion is based on source https://crypto.stackexchange.com/questions/3965/what-is-the-main-difference-between-a-key-an-iv-and-a-nonce). Possible. When I tried it, it seemed the results were not the same because of different padding algorithms.

Hi, Thanks for that! It looks great. That must have been a lot of work!! Is it possible to encrypt data similar to the "Web Crypto Api"? In my specific case I am interested in AES CBC with PKCS7 padding. Here is an example https://cryptii.com/pipes/aes-encryption If it is possible, could you please post a code example (which uses the same result as the web example)? --- PS It is not possible with the functions in Crypt.au3 unfortunately.

There is a bug in AutoIt currently, so that ie.au3 actions like focus or click don't work in IE9 - unfortunately. But IE8 works.

I think this is because of the security feature Dale mentioned

Did you install IE9? If yes, there is a bug in AutoIt currently so that for example clicking or setting focus in IE9 doesn't work. But it works in IE8.

Did you try IE9? There is currently a bug in autoit so that quite a few IE9 DOM methods don't work (but it work in IE7 or IE8 or IE9 compatibility mode). We will have to wait for the next beta version to fix this. But don't hold your breath, this bug has been known for quite while now. Seems to be difficult to fix apparently.

Thanks (good job!) This is not really a workaround for me, the site doesn't work well with IE8 (no box shadow, or rounded corners, some other css3 doesn't work and so on). Hope the AutoIt devs will be able to fix/adapt the Com Interface soon (the click and focus methods work with everything else. VB and Javascript for example).

Yes, the bug still exists in 3.3.7.14 - and also for focus(). Here is a very small reproducer taken directly from the help file :-) #include <IE.au3> $oIE = _IE_Example("form") $oForm = _IEFormGetObjByName($oIE, "ExampleForm") Local $oInputFile = _IEFormElementGetObjByName($oForm, "fileExample") ; Assign input focus to the field and then send the text string _IEAction($oInputFile, "focus") Send("C:\myfile.txt")

Dale, found the link (didn't find anything with the keyword focus, but with click many :-) I guess we have to wait now for a fix

Yes, indeed same problem. Would you happen to have a link or so :-)

There is even an easier example in the help file :-) Unfortunately the code fails in IE9 (but not IE8).

I edited my OP to include an executable example to make it easier to reproduce this problem.

Thanks for your quick response. Yes, I did - as mentioned above in my post. And it works in IE8 (or IE9 in compatibility mode which emulates IE7/IE8). My question is how to make it work in IE9. This should be possible, unfortunately I couldn't figure it out (and I usually I am always able to figure it out :-)

I have some issues with setting the cursor in an input field with ie.au3. I tried everything and nothing worked. Here is an example that fails in IE9: #include <IE.au3> ; Create a browser window and navigate to hotmail $oIE = _IECreate("http://mail.yahoo.com") ; get pointers to the login form and username, password and signin fields Local $o_form = _IEFormGetObjByName($oIE, "login_form") Local $o_login = _IEFormElementGetObjByName($o_form, "login") Local $o_password = _IEFormElementGetObjByName($o_form, "passwd") Local $username = "your username here" Local $password = "your password here" ; Set field values and submit the form _IEFormElementSetValue($o_login, $username) _IEFormElementSetValue($o_password, $password) _IEAction($o_password, "focus") The above code works in IE8, but not in IE9. There is no error message either. So it looks like this is an IE9 bug? Or did the API change in IE9? I couldn't anything about this, though? Any ideas?

Does anybody know how to get the outerhtml with xpath?

Here is the answer: innerHTML could be used as second parameter.

Hi, I have a question regarding Xpath and ff.au3. I have tried a few examples and _FFXpath works pretty well. Now I am curious whether it is possible to get the HTML code instead of just the content. I mean would like to specify a path and then retrieve everything including the HTML tags. Is this possible with _FFXpath? PS thanks for ff.au3. It is really useful. You must have spent a lot of time on this :-)

Thanks, I will try. Regards, Peter

Thanks for the example. The problem with this is, that the modifiers are not taken into account. For example pressing u results into 4. But shift-u into U. There are many combinations of modifiers and keys. Any ideas how to solve this elegantly? Thanks, Peter

Hi all, is it possible to do this with AutoIt (my preferred language :-)? In autohotkey I could do this: #UseHook #6::; windows key + the '6' key toggles the fake numlock SetNumLockState, % (NumToggle := !NumToggle) ? "on" : "off" Gui, 99:+ToolWindow IfEqual, NumToggle, 0, Gui, 99:Destroy Else Gui, 99: Show, +NoActivate x-1 y-1, Dummy Fake Numpad SoundBeep, % 6+NumToggle "00", 25; audio cue for numlock return #IfWinExist, Dummy Fake Numpad ; note that for remaps like this, modifiers (ctrl, alt, shift) are ; taken into account automagically m::Numpad0 7::Numpad7 8::Numpad8 9::Numpad9 u::Numpad4 i::Numpad5 o::Numpad6 j::Numpad1 k::Numpad2 l::Numpad3 #IfWinExist, AutoIt doesn't have the '::' command, so I thought about Hotkeyset. But it seems to require a lot of code and in addition it seems that I need to specify all combination of modifier keys as well. Is there an easier way to do this? Is there anybody that tried this already? Many thanks for your help in advance! Peter