Jump to content

cant figure out how to encrypt/decrypt data


Recommended Posts

#include <Crypt.au3>
#include <WinAPIDiag.au3>
#include <MsgBoxConstants.au3>

Global $encrypt, $g_hKey
Global $secretkey = StringToBinary(_WinAPI_UniqueHardwareID($UHID_All)), $iAlgorithm = $CALG_RC4

_Crypt_Startup()
_Crypt_DestroyKey($g_hKey) ; Destroy the cryptographic key.
$g_hKey = _Crypt_DeriveKey($secretkey, $iAlgorithm)

$data = InputBox("Data to encrypt","Enter data to encrypt")

Local $dEncrypted = _Crypt_EncryptData($data, $g_hKey, $iAlgorithm) ; Encrypt the text with the cryptographic key.
Local $dDecrypted = _Crypt_DecryptData($dEncrypted, $g_hKey, $iAlgorithm) ; Decrypt the text with the new cryptographic key.
MsgBox(0,$dEncrypted, BinaryToString($dDecrypted))

_Crypt_Shutdown()



soo im trying to learn how to encrypt data, ive made a simple script to test stuff but i cant seem to get it to work.

when i run the code and input what i want to encrypt it gives me something new everytime when it should be the same result everytime

Link to post
Share on other sites
#include <Crypt.au3>
#include <WinAPIDiag.au3>
#include <MsgBoxConstants.au3>

Global $encrypt, $g_hKey
Global $secretkey = StringToBinary(_WinAPI_UniqueHardwareID($UHID_All)), $iAlgorithm = $CALG_RC4

_Crypt_Startup()
_Crypt_DestroyKey($g_hKey) ; Destroy the cryptographic key.
$g_hKey = _Crypt_DeriveKey($secretkey, $iAlgorithm)

$data = InputBox("Data to encrypt","Enter data to encrypt")

$e_data = _Crypt_EncryptData($data, $g_hKey, $CALG_USERKEY)
MsgBox(0,"Encrypted Data", $e_data)

$de_data = _Crypt_DecryptData($e_data, $g_hKey, $CALG_USERKEY)
MsgBox(0,"Decrypted Data", BinaryToString($de_data))

decided to take a new look at it and wiped the file, started over.  seems to work 

Link to post
Share on other sites

Just some advice. RC4 is not considered a secure encryption algorithm anymore.  If your goal is to use secure encryption, use AES (256 is best).

Link to post
Share on other sites
  • 5 weeks later...
On 4/6/2022 at 9:43 PM, spudw2k said:

Just some advice. RC4 is not considered a secure encryption algorithm anymore.  If your goal is to use secure encryption, use AES (256 is best).

any reason why my encrypted data changes everytime i restart my pc?

Link to post
Share on other sites
On 5/9/2022 at 7:31 PM, spudw2k said:

Do you have a reproducer script; one that shows how you are encrypting and decrypting the data?

i dont have a break out of the script im using it but all i changed was "$iAlgorithm = $CALG_RC4

i changed the key to aes as suggested and then started getting the result i said, so i changed it again to CALG_SHA_256

which i set as a global value at the top of the screen.

Link to post
Share on other sites
Posted (edited)
14 hours ago, Golbez said:

i dont have a break out of the script im using it but all i changed was "$iAlgorithm = $CALG_RC4

i changed the key to aes as suggested and then started getting the result i said, so i changed it again to CALG_SHA_256

which i set as a global value at the top of the screen.

SHA isn't and encryption algorithm.  SHA and MD# are hashing algorithms. 

In terms of encryption algorithms (working with the Crypt.au3 UDF), your options are RC2, RC4, DES, 3DES, AES 128, AES 192 and AES 256. *See the _Crypt_EncryptData function in the help file.

You would be best suited to use one of the AES encryption algorithms, 256 is the strongest out of them.

Edited by spudw2k
Link to post
Share on other sites
  • 2 weeks later...

For future thread viewers; after some PM exchanges with @Golbez, we settled on a working solution which uses $CALG_AES_256 and and $CALG_USERKEY in conjunction with the _Crypt_DeriveKey function.  

Here is an example.

#include <Crypt.au3>
#include <WinAPIDiag.au3>

Global $hardwareID = _WinAPI_UniqueHardwareID($UHID_All), $g_hKey

_Crypt_Startup()

$g_hKey = _Crypt_DeriveKey(StringToBinary($hardwareID), $CALG_AES_256)
$dEnc = _Crypt_EncryptData("Encrypted Secret", $g_hKey, $CALG_USERKEY)
$dDec = _Crypt_DecryptData($dEnc, $g_hKey, $CALG_USERKEY)
ConsoleWrite("Decrypted Data using key (" & $g_hKey & "): " & BinaryToString($dDec) & @CRLF & @CRLF)

_Crypt_Shutdown()

 

Link to post
Share on other sites

Warning!

The code sample above will work just fine as long as the plaintext is 7-bit ASCII. Unfortunately, AutoIt uses a subset of Unicode (UCS2) and if the plaintext contains Unicode characters which have no exact counterpart in the 0x80-0xFF range of your locale Windows ANSI charset, they will be "converted" to rubbish or ?.

So Alice first needs to convert the plaintext to binary using StringToBinary with option UTF8, encrypt and send the ciphertext to Bob. Bob will decrypt and use BinaryToString with option UTF8 to convert the result to a valid AutoIt string which will then be garanteed equal to the original plaintext.

Below, vd() is a variable dump function to illustrate what happens if conversion to/from UTF8 is not done:

vd(BinaryToString(StringToBinary("mémère 3€ Μεγάλο πρόβλημα  Большая проблема  大问题  बड़ी समस्या  مشكلة كبيرة")))
vd(BinaryToString(StringToBinary("mémère 3€ Μεγάλο πρόβλημα  Большая проблема  大问题  बड़ी समस्या  مشكلة كبيرة", $SB_UTF8), $SB_UTF8))

Result in Unicode console:

String (74)              'mémère 3€ ?e???? p??ß??µa  ??????? ????????  ???  ???? ??????  ????? ?????'

String (74)              'mémère 3€ Μεγάλο πρόβλημα  Большая проблема  大问题  बड़ी समस्या  مشكلة كبيرة'

 

This wonderful site allows debugging and testing regular expressions (many flavors available). An absolute must have in your bookmarks.
Another excellent RegExp tutorial. Don't forget downloading your copy of up-to-date pcretest.exe and pcregrep.exe here
RegExp tutorial: enough to get started
PCRE v8.33 regexp documentation latest available release and currently implemented in AutoIt beta.

SQLitespeed is another feature-rich premier SQLite manager (includes import/export). Well worth a try.
SQLite Expert (freeware Personal Edition or payware Pro version) is a very useful SQLite database manager.
An excellent eBook covering almost every aspect of SQLite3: a must-read for anyone doing serious work.
SQL tutorial (covers "generic" SQL, but most of it applies to SQLite as well)
A work-in-progress SQLite3 tutorial. Don't miss other LxyzTHW pages!
SQLite official website with full documentation (may be newer than the SQLite library that comes standard with AutoIt)

Link to post
Share on other sites

Last point: don't forget to remove the key from memory as soon as possible. Help says: The key needs to be destroyed with _Crypt_DestroyKey().

This wonderful site allows debugging and testing regular expressions (many flavors available). An absolute must have in your bookmarks.
Another excellent RegExp tutorial. Don't forget downloading your copy of up-to-date pcretest.exe and pcregrep.exe here
RegExp tutorial: enough to get started
PCRE v8.33 regexp documentation latest available release and currently implemented in AutoIt beta.

SQLitespeed is another feature-rich premier SQLite manager (includes import/export). Well worth a try.
SQLite Expert (freeware Personal Edition or payware Pro version) is a very useful SQLite database manager.
An excellent eBook covering almost every aspect of SQLite3: a must-read for anyone doing serious work.
SQL tutorial (covers "generic" SQL, but most of it applies to SQLite as well)
A work-in-progress SQLite3 tutorial. Don't miss other LxyzTHW pages!
SQLite official website with full documentation (may be newer than the SQLite library that comes standard with AutoIt)

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...