Jump to content
Sign in to follow this  
corvias

Possible crypt.au3 Bug?

Recommended Posts

corvias

So, I'm not sure if this is a problem in Crypt.au3, a limitation of Windows' implementation of AES, or a lack of knowledge on my part, but is appears that either _Crypt_EncryptFile or _Crypt_DecryptFile mangles .zip files that are over ~1MB. In the script below, if test.zip is more than a few megabytes, the resulting dec_test.zip will be unreadable. Zip programs can see files in the .zip, but will not be able to extract the data due to corruption. This doesn't seem to happen to other large files, but I've managed to corrupt other archive types, like .7z as well as installer executables, and .msi files.

This only seems to happen with the AES family of algorithms. RC4 works fine. I haven't tried others. Can anyone provide some insight as to what is happening?

I'm using ver. 3.3.6.1

(NOTE: I tried to post this on the Bug Tracker, but it seems to be down)

#Include <Crypt.au3>
$file2encrypt="test.zip"
$encryptedfile="test.zip.enc"
$decryptedfile="dec_test.zip"
$key="12345"
_Crypt_EncryptFile($file2encrypt , $encryptedfile, $key, $CALG_AES_256)
_Crypt_DecryptFile($encryptedfile , $decryptedfile, $key, $CALG_AES_256)

Share this post


Link to post
Share on other sites
monoceres

Doesn't look good.

Is the limit exactly at 1 MB (crypt.au3 reads in chunks of 1 MB)?

Is the corrupted file of the right filesize?

Does either _Crypt_EncryptFile or _Crypt_DecryptFile throw any error?


Broken link? PM me and I'll send you the file!

Share this post


Link to post
Share on other sites
corvias

Doesn't look good.

Is the limit exactly at 1 MB (crypt.au3 reads in chunks of 1 MB)?

Is the corrupted file of the right filesize?

Does either _Crypt_EncryptFile or _Crypt_DecryptFile throw any error?

The files come out to the same size. The limit is pretty close to ~1mb, though I didn't measure it. I'll add error msgs to the script and report back. brb

Share this post


Link to post
Share on other sites
corvias

Added quick error output to my little test script. No errors on encryption or decryption.

#Include <Crypt.au3>
$file2encrypt="test.zip"
$encryptedfile="test.zip.enc"
$decryptedfile="dec_test.zip"
$key="12345"
_Crypt_EncryptFile($file2encrypt , $encryptedfile, $key, $CALG_AES_128)
MsgBox(262208, "Done Encrypting", @error)
_Crypt_DecryptFile($encryptedfile , $decryptedfile, $key, $CALG_AES_128)
MsgBox(262208, "Done Decrypting", @error)

Share this post


Link to post
Share on other sites
V3000

From 5 May 2010 Until Now, Any iDea How To Fix iT :mellow:

Edited by V3000

Share this post


Link to post
Share on other sites
V3000

This Issue Appears If We Use [AES 128 192 256] And [DES] And [RC2] ; :mellow:

But It Work Very Well With [RC4] Only, I Tested With More Than 80 MB <= Work Fine, (MD5) Hash Comparison Matched With The Decrypted . :)

Share this post


Link to post
Share on other sites
Sirilius

I believe I found the fix for this problem and it's wonderfully simple. You have to make a very small change to the _Crypt_EncryptData function which is in the Crypt.au3 include file. If you look at that function you'll see the first DLLCall to CryptEncrypt is passing a "bool" of 1 where it should be passing the $fFinal parameter (like it does in the second DllCall).

So change the line in the _Crypt_EncryptData function from this:

$aRet = DllCall(__Crypt_DllHandle(), "bool", "CryptEncrypt", "ptr", $vCryptKey, "ptr", 0, "bool", 1, "dword", 0, "ptr", 0, _

To this:

$aRet = DllCall(__Crypt_DllHandle(), "bool", "CryptEncrypt", "ptr", $vCryptKey, "ptr", 0, "bool", $fFinal, "dword", 0, "ptr", 0, _

After making that change AES encryption (et al) should work correctly on files over 1 MB.

Share this post


Link to post
Share on other sites
KaFu

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  

×

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.