Jump to content

Encrypting INI Data


Recommended Posts

Hello, 

I am working on test script to try and understand how encryption/decryption works and how to implement it into programs. The desired outcome is to save encrypted data to an ini file and later decrypt and call that data to a program where it can be used as input.

I'm kind of stuck trying to figure why the code below  returns the decrypted data as "ÿÿÿÿ". I am sure I'm not doing it correctly.

#include <Crypt.au3>
#include <ButtonConstants.au3>
#include <EditConstants.au3>
#include <GUIConstantsEx.au3>
#include <WindowsConstants.au3>
#include <MsgBoxConstants.au3>

$AccEdit = GUICreate("Add Account", 268, 174, -1, -1)
$Username = GUICtrlCreateInput("Enter Username", 40, 56, 185, 21)
$Save = GUICtrlCreateButton("Save", 152, 128, 75, 25)
GUISetState(@SW_SHOW)


Global $key

While 1
    $nMsg = GUIGetMsg()
    Switch $nMsg
        Case $GUI_EVENT_CLOSE
            Exit
        Case $Save
            _Encrypt()
            _Decrypt()
            Exit
    EndSwitch
WEnd

Func _Encrypt()

    _Crypt_Startup()
    $data = $Username ;data to be encrypted
    Local $key = _Crypt_DeriveKey("alcove.panoply.sweden.link.gunk", $CALG_AES_256) ;encryption key
    Global $Encrypt = _Crypt_EncryptData($data, $key, $CALG_AES_256) ;credentials plus key
    ;Local $DeCrypt = BinaryToString(_Crypt_DecryptData($Encrypt, $key, $CALG_AES_256), 4) ;decrypted data
    FileWrite("cryptkey.txt", $key)
    IniWrite("data.ini", "Encrypted", "Username", $Encrypt)
    _Crypt_Shutdown()

EndFunc   

Func _Decrypt()

    _Crypt_Startup()
    $data = IniRead("data.ini", "Encrypted", "Username",  "")
    Local $key = FileRead("cryptkey.txt")
    Local $DeCrypt = BinaryToString(_Crypt_DecryptData($data, $key, $CALG_AES_256)) ;decrypted data
    IniWrite("data.ini", "Decrypted", "Username", $DeCrypt)
    _Crypt_Shutdown()

EndFunc

I've seen this topic of encrypting/decrypting data all over the forum but its mostly from years ago and this is as far as I have gotten with the help file and old posts.

Appreciate the help.

Edited by Daemante2018
Link to comment
Share on other sites

Hi!

It looks like you are saving binary data with IniWrite in your _Encrypt() function. I'd rather encoding it with hex or base64 to have an ini-safe data, or encrypting the whole ini file.

If you accept a 3rd-party lib, in my signature click "storage.au3", a UDF I made that does exactly this: saves settings and other data into ini files and encrypt them.

Edited by Jefrey

My stuff

Spoiler

My UDFs  _AuThread multithreading emulation for AutoIt · _ExtInputBox an inputbox with multiple inputs and more features · forceUTF8 fix strings encoding without knowing its original charset · JSONgen JSON generator · _TCPServer UDF multi-client and multi-task (run on background) event-based TCP server easy to do · _TCPClient_UDF multi-server and multi-task (runs on background) event-based TCP client easy to do · ParseURL and ParseStr functions ported from PHP · _CmdLine UDF easily parse command line parameters, keys or flags · AutoPHP Create documents (bills, incomes) from HTML by sending variables/arrays from AutoIt to PHP · (Un)Serialize Convert arrays and data into a storable string (PHP compatible) · RTTL Plays and exports to MP3 Nokia-format monophonic ringtones (for very old cellphones) · I18n library Simple and easy to use localization library · Scripting.Dictionary OOP and OOP-like approach · Buffer/stack limit arrays to N items by removing the last one once the limit is reached · NGBioAPI UDF to work with Nitgen fingerprint readers · Serial/Licensing system require license key based on unique machine ID from your users · HTTP a simple WinHTTP library that allows GET, POST and file uploads · Thread true AutoIt threads (under-dev) · RC4 RC4 encryption compatible with PHP and JS ·  storage.au3 localStorage and sessionStorage for AutoIt Classes _WKHtmlToX uses wkhtmlto* to convert HTML files and webpages into PDF or images (jpg, bmp, gif, png...) Snippets _Word_DocFindReplaceByLongText replace strings using Word UDF with strings longer than 255 characters (MSWord limit) rangeparser parser for printing-like pages interval (e.g.: "1,2,3-5") EnvParser parse strings/paths with environment variables and get full path GUICtrlStaticMarquee static text scrolling Random stuff Super Mario beep sound your ears will hurt

 

Link to comment
Share on other sites

If the result of your encryption is binary data, you can't use INI files to store it. They're limited to text, and usually only ASCII text unless you create them correctly. Better to just write it to the file, and then encrypt the whole file, as suggested above.

If I posted any code, assume that code was written using the latest release version unless stated otherwise. Also, if it doesn't work on XP I can't help with that because I don't have access to XP, and I'm not going to.
Give a programmer the correct code and he can do his work for a day. Teach a programmer to debug and he can do his work for a lifetime - by Chirag Gude
How to ask questions the smart way!

I hereby grant any person the right to use any code I post, that I am the original author of, on the autoitscript.com forums, unless I've specifically stated otherwise in the code or the thread post. If you do use my code all I ask, as a courtesy, is to make note of where you got it from.

Back up and restore Windows user files _Array.au3 - Modified array functions that include support for 2D arrays.  -  ColorChooser - An add-on for SciTE that pops up a color dialog so you can select and paste a color code into a script.  -  Customizable Splashscreen GUI w/Progress Bar - Create a custom "splash screen" GUI with a progress bar and custom label.  -  _FileGetProperty - Retrieve the properties of a file  -  SciTE Toolbar - A toolbar demo for use with the SciTE editor  -  GUIRegisterMsg demo - Demo script to show how to use the Windows messages to interact with controls and your GUI.  -   Latin Square password generator

Link to comment
Share on other sites

I haven't worked on this in a while, but I was looking into storing my credentials.  Maybe you can use the script as an example of how to do your own project?

It may, or may not have some flaws in it, but the basics are all there.

 

Edited by jdelaney
IEbyXPATH-Grab IE DOM objects by XPATH IEscriptRecord-Makings of an IE script recorder ExcelFromXML-Create Excel docs without excel installed GetAllWindowControls-Output all control data on a given window.
Link to comment
Share on other sites

6 hours ago, Jefrey said:

Hi!

It looks like you are saving binary data with IniWrite in your _Encrypt() function. I'd rather encoding it with hex or base64 to have an ini-safe data, or encrypting the whole ini file.

If you accept a 3rd-party lib, in my signature click "storage.au3", a UDF I made that does exactly this: saves settings and other data into ini files and encrypt them.

Encrypting the entire file would work better to be honest so I will try and find out more and take a look at your UDF @Jefrey; thank you.

3 hours ago, jdelaney said:

I haven't worked on this in a while, but I was looking into storing my credentials.  Maybe you can use the script as an example of how to do your own project?

It may, or may not have some flaws in it, but the basics are all there.

@jdelaney I did see mention of hashing but know nothing of it so I will take a look at example; thank you.

Edited by Daemante2018
Link to comment
Share on other sites

@Jefrey and @BrewManNH

I looked into _Crypt_EncryptFile/_Crypt_DecryptFile and that is much simpler and works fine. I should be able to figure out how to implement it.

#include <Crypt.au3>

_idEncrypt()
Func _idEncrypt()
    $key = FileRead("info.txt")
    _Crypt_EncryptFile("plaintext.ini", "encrypted.file", $key, $CALG_AES_256)
EndFunc
#include <Crypt.au3>

_idDecrypt()
Func _idDecrypt()
    $key = FileRead("info.txt")
    _Crypt_DecryptFile("encrypted.file", "decrypted.ini", $key, $CALG_AES_256)
EndFunc

The function below will create the key, but, where/how is a safe way to store it?

The same key will likely be used a number of times. I'm not trying to be DEF CON secure just doing my do diligence.

Obviously saving the "key" in the script is a not secure at all. Writing it to a file like below or writing to registry don't seem secure either.

#include <crypt.au3>

_Makekey()
Func _Makekey()
    _Crypt_Startup()
    $Info = @ComputerName & @UserName ;unique information for password
    $key = _Crypt_DeriveKey($Info, $CALG_AES_256) ;encryption key
    FileWrite("info.txt", $key) ;stored key
    _Crypt_DestroyKey($key)
    _Crypt_Shutdown()
EndFunc   ;==>_Makekey

 

Edited by Daemante2018
Link to comment
Share on other sites

Hello. :)

Here you go:

#include <Crypt.au3>

Local Const $sUserKey = "CryptPassword" ; Declare a password string to decrypt/encrypt the data.
Local $sData = "..upon a time there was a language without any standardized cryptographic functions. That language is no more." ; Data that will be encrypted.

Local $bEncrypted = _Crypt_EncryptData($sData, $sUserKey, $CALG_RC4) ; Encrypt the data using the generic password string.

MsgBox(0, "Crypted data", "BinaryToString"&@CRLF&BinaryToString($bEncrypted))
MsgBox(0, "Crypted data", "Nothing"&@CRLF&$bEncrypted)
MsgBox(0, "Crypted data", "StringToBinary"&@CRLF&StringToBinary($bEncrypted))

$bEncrypted = _Crypt_DecryptData($bEncrypted, $sUserKey, $CALG_RC4) ; Decrypt the data using the generic password string. The return value is a binary string.
MsgBox(0, "Decrypted data", "BinaryToString"&@CRLF&BinaryToString($bEncrypted)) ; Convert the binary string using BinaryToString to display the initial data we encrypted.
MsgBox(0, "Decrypted data", "Nothing"&@CRLF&$bEncrypted)
MsgBox(0, "Decrypted data", "StringToBinary"&@CRLF&StringToBinary($bEncrypted))

Cya

My video tutorials : ( In construction )  || My Discord : https://discord.gg/S9AnwHw

How to Ask Help ||  UIAutomation From Junkew || WebDriver From Danp2 || And Water's UDFs in the Quote

Spoiler

 Water's UDFs:
Active Directory (NEW 2018-10-19 - Version 1.4.10.0) - Download - General Help & Support - Example Scripts - Wiki
OutlookEX (2018-10-31 - Version 1.3.4.1) - Download - General Help & Support - Example Scripts - Wiki
ExcelChart (2017-07-21 - Version 0.4.0.1) - Download - General Help & Support - Example Scripts
PowerPoint (2017-06-06 - Version 0.0.5.0) - Download - General Help & Support
Excel - Example Scripts - Wiki
Word - Wiki
 
Tutorials:

ADO - Wiki

 

Link to comment
Share on other sites

Btw this prticular code show comon issue with the crypt decrypt macro. 

 

This is why i add these msgBox. 

 

So you can figure out how to use it and what there is to do and not to do. 

Edited by caramen

My video tutorials : ( In construction )  || My Discord : https://discord.gg/S9AnwHw

How to Ask Help ||  UIAutomation From Junkew || WebDriver From Danp2 || And Water's UDFs in the Quote

Spoiler

 Water's UDFs:
Active Directory (NEW 2018-10-19 - Version 1.4.10.0) - Download - General Help & Support - Example Scripts - Wiki
OutlookEX (2018-10-31 - Version 1.3.4.1) - Download - General Help & Support - Example Scripts - Wiki
ExcelChart (2017-07-21 - Version 0.4.0.1) - Download - General Help & Support - Example Scripts
PowerPoint (2017-06-06 - Version 0.0.5.0) - Download - General Help & Support
Excel - Example Scripts - Wiki
Word - Wiki
 
Tutorials:

ADO - Wiki

 

Link to comment
Share on other sites

20 hours ago, Daemante2018 said:

@Jefrey and @BrewManNH

I looked into _Crypt_EncryptFile/_Crypt_DecryptFile and that is much simpler and works fine. I should be able to figure out how to implement it.

#include <Crypt.au3>

_idEncrypt()
Func _idEncrypt()
    $key = FileRead("info.txt")
    _Crypt_EncryptFile("plaintext.ini", "encrypted.file", $key, $CALG_AES_256)
EndFunc
#include <Crypt.au3>

_idDecrypt()
Func _idDecrypt()
    $key = FileRead("info.txt")
    _Crypt_DecryptFile("encrypted.file", "decrypted.ini", $key, $CALG_AES_256)
EndFunc

The function below will create the key, but, where/how is a safe way to store it?

The same key will likely be used a number of times. I'm not trying to be DEF CON secure just doing my do diligence.

Obviously saving the "key" in the script is a not secure at all. Writing it to a file like below or writing to registry don't seem secure either.

#include <crypt.au3>

_Makekey()
Func _Makekey()
    _Crypt_Startup()
    $Info = @ComputerName & @UserName ;unique information for password
    $key = _Crypt_DeriveKey($Info, $CALG_AES_256) ;encryption key
    FileWrite("info.txt", $key) ;stored key
    _Crypt_DestroyKey($key)
    _Crypt_Shutdown()
EndFunc   ;==>_Makekey

 

Getting back to the topic of storing encryption keys, anyone have an opinion on a "safe" way/place? 

I would suspect that if you buried the file/registry then unless the person reverse engineered the code to find that location or knew where/what to look for then how would they find the key. Barring obvious naming/hiding places. But from what I've read on the forums,Autois is relatively easy to break.

Edited by Daemante2018
Link to comment
Share on other sites

I suppose the only safe way is to require user input for the password/key.  It's possible to decompile scripts, and see exactly where you are reading in the key from.

IEbyXPATH-Grab IE DOM objects by XPATH IEscriptRecord-Makings of an IE script recorder ExcelFromXML-Create Excel docs without excel installed GetAllWindowControls-Output all control data on a given window.
Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...