Advanced Encryption Standard (AES/Rijndael) UDF

[spudw2k]

Are you reading the file raw/binary?

[RogFleming]

Are you reading the file raw/binary?

The question puzzled me for a second, let me give you the total picture. I have a GUI which I ask the user to provide challenge/response questions for the user to fill in and will be presented with the questions in the future if the user forgets their password. The process of uploading/and downloading the challenge and response is using LDAP to a LDAP directory store. So based on your question, I guess the encrypted answer when it comes back from the LDAP query must be raw, which then I guessing I need to tell the program to change it to binary. I can do that and test it.

Func AES_Encrypt($userid,$data)
$bindata = Binary($data)
_FileWriteLog("\\10.240.52.109\Log\SSPP.log",$userid&" "&"Binary Input Data"&" : "&$bindata)
$Encrypted = _AesEncrypt("95A8EE8E89979B9EFDCBC6EB9797528D432DC26061553818EA635EC5D5A7727E", $bindata, "CBC")
_FileWriteLog("\\10.240.52.109\Log\SSPP.log",$userid&" "&"Encrypting Data"&" : "&$Encrypted)
AES_Decrypt($userid,$Encrypted)
Return $Encrypted
EndFunc

Func AES_Decrypt($userid,$data)
_FileWriteLog("\\10.240.52.109\Log\SSPP.log",$userid&" "&"Decrypted input"&" : "&$data)
$Decrypted = _AesDecrypt("95A8EE8E89979B9EFDCBC6EB9797528D432DC26061553818EA635EC5D5A7727E", $data, "CBC")
_FileWriteLog("\\10.240.52.109\Log\SSPP.log",$userid&" "&"Decrypted output1"&" : "&$Decrypted)
$Result = BinaryToString($Decrypted)
_FileWriteLog("\\10.240.52.109\Log\SSPP.log",$userid&" "&"Decrypted output2"&" : "&$Result)
Return $Result
EndFunc

[RogFleming]

Are you reading the file raw/binary?

To answer the question is the data is coming back RAW, if I try to change it binary the number changes. and the garbage data returns.

Func AES_Decrypt($userid,$data)
    $data = Binary($data) ;change to binary
    $bin = IsBinary($data) ; checks for binary data
    If $bin = 1 Then
    _FileWriteLog("\\10.240.52.109\Log\SSPP.log",$userid&" "&"data was binary"&" : "&$bin)
    $Decrypted = _AesDecrypt("95A8EE8E89979B9EFDCBC6EB9797528D432DC26061553818EA635EC5D5A7727E", $data)
    _FileWriteLog("\\10.240.52.109\Log\SSPP.log",$userid&" "&"Decrypted output1"&" : "&$Decrypted&" Binary Size:"&BinaryLen($Decrypted))
    $Result = BinaryToString($Decrypted)
    _FileWriteLog("\\10.240.52.109\Log\SSPP.log",$userid&" "&"Decrypted output2"&" : "&$Result)
    Return $Result
Else
    _FileWriteLog("\\10.240.52.109\Log\SSPP.log",$userid&" "&"no binary data was found"&" : "&$bin)
    EndIf
EndFunc

[RogFleming]

Are you reading the file raw/binary?

almost forgot the encrypted values are coming from an Array which is the output from the LDAP query.

Local $eArray1 = GetDirObj($userid,"question1","sn","userPassword")
Local $data1 = _ArrayToString($eArray1," ",8,8); The 8th element is the encrypted password
$decrypt_data1 = AES_Decrypt($userid,$data1)
            
Local $eArray2 = GetDirObj($userid,"question2","sn","userPassword")
ocal $data2 = _ArrayToString($eArray2," ",8,8)
$decrypt_data2 = AES_Decrypt($userid,$data2)
            
Local $eArray3 = GetDirObj($userid,"question3","sn","userPassword")
Local $data3 = _ArrayToString($eArray3," ",8,8)
$decrypt_data3 = AES_Decrypt($userid,$data3)

[wraithdu]

To correctly convert your retrieved password to binary, you need to prefix the string with 0x, ie

$data1 = Binary("0x" & $data1)

Example:

$data = "12345678"
; wrong
ConsoleWrite(Binary($data) & @CRLF)
; right
ConsoleWrite(Binary("0x" & $data) & @CRLF)

Edited December 10, 2009 by wraithdu

[RogFleming]

No good:

Local $eArray1 = GetDirObj($userid,"question1","sn","userPassword")
Local $data1 = _ArrayToString($eArray1," ",8,8)
Local $data1 = Binary("0x" & $data1) ; data1 from array looked like this '0xC32DF6F1D85E609E2C3B7871718955C7C443'
_FileWriteLog("\\10.240.52.109\Log\SSPP.log",$userid&" "&"Binary Input Data"&" : "&$data1)
$decrypt_data1 = AES_Decrypt($userid,$data1)
_FileWriteLog("\\10.240.52.109\Log\SSPP.log",$userid&" "&"Encrypted Binary Output Data"&" : "&$decrypt_data1)

Log file reports:

2009-12-10 15:48:43 : fleminr Users encrypted answer was retrieved from Directory. :  0xC32DF6F1D85E609E2C3B7871718955C7C443
2009-12-10 15:48:43 : fleminr Users encrypted answer was retrieved from Directory. :  0x9679D5119C239348A0C56A95F7A5C458BBE8
2009-12-10 15:48:43 : fleminr Users encrypted answer was retrieved from Directory. :  0x49F5392353DC01C540CCBDB966D394E30C03
2009-12-10 15:48:49 : fleminr Binary Input Data : 
2009-12-10 15:48:49 : fleminr data was binary : 
2009-12-10 15:48:49 : fleminr Decrypted output1 : 
2009-12-10 15:48:49 : fleminr Decrypted output2 : 
2009-12-10 15:48:49 : fleminr Encrypted Binary Output Data :

My guess is to trim the string value to remove 0x before the function you suggested?

[SkinnyWhiteGuy]

Are you receiving 3 encrypted responses? Or is the 1 response split up? You may not have all data needed.

[RogFleming]

I have the solution thanks for the help:

Func AES_Decrypt($userid,$data)
$Decrypted = _AesDecrypt("95A8EE8E89979B9EFDCBC6EB9797528D432DC26061553818EA635EC5D5A7727E", $data)
_FileWriteLog("\\10.240.52.109\Log\SSPP.log",$userid&" "&"Decrypted output1"&" : "&$Decrypted)
$Result = BinaryToString($Decrypted)
_FileWriteLog("\\10.240.52.109\Log\SSPP.log",$userid&" "&"Decrypted output2"&" : "&$Result)
Return $Result
EndFunc



Local $eArray1 = GetDirObj($userid,"question1","sn","userPassword")
Local $data1 = _ArrayToString($eArray1," ",8,8)
_FileWriteLog("\\10.240.52.109\Log\SSPP.log",$userid&" "&"Retrieved password data from array"&" : "&$data1)
Local $data2 = StringTrimLeft ( $data1, 3)
_FileWriteLog("\\10.240.52.109\Log\SSPP.log",$userid&" "&"String was trimed left 2 characters"&" : "&$data2)
Local $data3 = Binary("0x" & $data2)
_FileWriteLog("\\10.240.52.109\Log\SSPP.log",$userid&" "&"Binary Input Data"&" : "&$data3)
$decrypt_data1 = AES_Decrypt($userid,$data3)
_FileWriteLog("\\10.240.52.109\Log\SSPP.log",$userid&" "&"Encrypted Binary Output Data"&" : "&$decrypt_data1)

Logs

2009-12-10 16:02:23 : fleminr Users encrypted answer was retrieved from Directory. : 0xC32DF6F1D85E609E2C3B7871718955C7C443

2009-12-10 16:02:23 : fleminr Users encrypted answer was retrieved from Directory. : 0x9679D5119C239348A0C56A95F7A5C458BBE8

2009-12-10 16:02:24 : fleminr Users encrypted answer was retrieved from Directory. : 0x49F5392353DC01C540CCBDB966D394E30C03

2009-12-10 16:02:30 : fleminr Retrieved password data from array : 0xC32DF6F1D85E609E2C3B7871718955C7C443

2009-12-10 16:02:30 : fleminr String was trimed left 3 characters : C32DF6F1D85E609E2C3B7871718955C7C443

2009-12-10 16:02:30 : fleminr Binary Input Data : 0xC32DF6F1D85E609E2C3B7871718955C7C443

2009-12-10 16:02:30 : fleminr Decrypted output1 : 0x6131

2009-12-10 16:02:30 : fleminr Decrypted output2 : a1

2009-12-10 16:02:30 : fleminr Encrypted Binary Output Data : a1

My only question or the root issue was that the ArraytoString might have brought a white space in front of the data, which might have been why it was not seen as a binary value in the first place. I will test that right now.

[SkinnyWhiteGuy]

If so, StringTrimWhiteSpace($string, 3) could clean it up on both ends, before you call Binary.

[RogFleming]

2009-12-10 16:11:13 : fleminr Users encrypted answer was retrieved from Directory. : 0xC32DF6F1D85E609E2C3B7871718955C7C443

2009-12-10 16:11:13 : fleminr Users encrypted answer was retrieved from Directory. : 0x9679D5119C239348A0C56A95F7A5C458BBE8

2009-12-10 16:11:13 : fleminr Users encrypted answer was retrieved from Directory. : 0x49F5392353DC01C540CCBDB966D394E30C03

2009-12-10 16:11:20 : fleminr Retrieved password data from array : 0xC32DF6F1D85E609E2C3B7871718955C7C443

2009-12-10 16:11:20 : fleminr String was trimed left 1 characters : 0xC32DF6F1D85E609E2C3B7871718955C7C443

2009-12-10 16:11:20 : fleminr Decrypted output1 : 0x6131

2009-12-10 16:11:20 : fleminr Decrypted output2 : a1

2009-12-10 16:11:20 : fleminr Encrypted Binary Output Data : a1

yes the issue was that the function to get the value from the array caused the string to start with a white space.

corrected code:

Local $eArray1 = GetDirObj($userid,"question1","sn","userPassword")

Local $data1 = _ArrayToString($eArray1," ",8,8)

Local $data2 = StringTrimLeft ( $data1, 1)

$decrypt_data1 = AES_Decrypt($userid,$data2)

Anyone have any way around this issue?

[SkinnyWhiteGuy]

Looks like your using a Space to combine the data with _ArrayToString($eArray1, " ", 8, 8). Why not use blank, with no space?

[RogFleming]

Looks like your using a Space to combine the data with _ArrayToString($eArray1, " ", 8, 8). Why not use blank, with no space?

I did try "" but it did not work, I guess I could try "|"

[SkinnyWhiteGuy]

Wait... Why are you using ArrayToString like this? I don't use the Array includes, so I didn't realize what this did until just now.

Using 8, 8 on there just retrieves one element, the 8th. Why do that? Why not just use $eArray1[8]? That's the element you want, nothing else...

[RogFleming]

Looks like your using a Space to combine the data with _ArrayToString($eArray1, " ", 8, 8). Why not use blank, with no space?

that white space is still present even with "" or "|"

[RogFleming]

Wait... Why are you using ArrayToString like this? I don't use the Array includes, so I didn't realize what this did until just now.

Using 8, 8 on there just retrieves one element, the 8th. Why do that? Why not just use $eArray1[8]? That's the element you want, nothing else...

white space still cames from array

Local $data1 = $eArray1[8]

Looking at the array itself it appears all elements have a space in front of them.

[wraithdu]

I was just gonna say...the problem is your GetDirObj() function which is returning elements with white space, not the _ArrayToString() or direct array access.

[Baraoic]

Sorry to revive an old post but I wanted to play around with AES encryption and I could not get this script to work. When I try doing anything it causes autoit to crash. I was just trying to do

$Encrypted = _AesEncrypt("test", "test")
Msgbox(0,'',$Encrypted)

Edited May 16, 2010 by Onichan

[xeroTechnologiesLLC]

Oh man I'm so thankful I found this. This is truly amazing work. Our next project improvement was going to require encryption and decryption and, not having the confidence to even know where to begin, I'm EXTREMELY thankful you set this up for all of us. Amazing work.

Well done!

[Michahe]

Hello to all.

I use the AES-UDF from Ward for my AKryto-Tool, because my tool with the UDF also works under Win2k with AES.

But when i use the funktion:

_AesEncryptFile($password, $infile, $outfile, "CFB")

in x64-mode (compiled at x64 or start with "AutoIt3_x64.exe"), the _AesEncryptKey()-funktion abort in line 59 ("If $Ret[0] Then") because there is no array !?

It seems the AES-UDF does not work under x64-mode. Is there a chance to correct this ?

Thanks to all....

Micha

Here are the used UDFs and a testscript:TestAES.zip

Edited March 24, 2012 by Michahe

[BrewManNH]

Have you tried running it in 32bit mode instead of 64?