Password to string with AES 256

Started by erezpaz, January 15, 2018, 03:59:47 AM

Previous topic - Next topic

erezpaz

Hi

I am looking for way to encrypt password to string with AES 256. Found this topic : http://forum.winbatch.com/index.php?topic=1350.msg6318#msg6318
It look like it is not applicable for current OS such as Windows 10 or Windows 2016. Can you help convert it.

Thanks

JTaylor

You may have overlooked there were several different approaches and not just the CAPICOM.   The .NET approach should work.  Not sure if it will be as simple as the SHA256 but here is a link to a C# example for AES

    https://msdn.microsoft.com/en-us/library/system.security.cryptography.aesmanaged(v=vs.110).aspx


Jim

td

Deleted the original example because it wasn't very useful.   Hopefully, this one will be a little more so:

Code (winbatch) Select
;; Main
gosub procedures

; Load needed assemblies.
Initialize()

strPwd = '*topsecret*'

; Create a key and vector.
; ( A little byte shifting of random numbers would be a better
;   choice than plan text.)
; They must be the correct size for the encryption algoritm.
objEncode = ObjectClrNew('System.Text.ASCIIEncoding')
CryptKey = objEncode.GetBytes("ABCDEFGHIJKLMNOPQRSTUVWXYZ123456") ; Must be 32 bytes
CryptIV  = objEncode.GetBytes("ABCDEFGHIJKLMNOP") ; Must be 16 bytes.

; Test.
CryptText = EncryptString(strPwd, CryptKey, CryptIV)
PlainText = DecryptString ( CryptText, CryptKey, CryptIV )

; Did it work?
Message(strPwd, 'Decrypted password: ':PlainText)
exit

;; User defined procedure definitions
:procedures
;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
;; Script initialization
#DefineFunction Initialize()
   ;; Load assemblies.
   ObjectClrOption("useany", "System")
   ObjectClrOption("useany", "System.Core")
   ObjectClrOption("useany", "System.IO")
#EndFunction

;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
;; Encrypts a string
;;
;; _CryptText - text to encrypt
;; _Key       - secret key for encryption algoritm.
;; _IV        - Initialization vector
;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
#DefineFunction EncryptString ( _PlainText, _Key, _IV )

   ; Create a byte array of the text. This allows
   ; the Decrypte UDF to extract the text without
   ; the block padding also being included.
   objEncode = ObjectClrNew('System.Text.ASCIIEncoding')
   nLen   = StrLen(_PlainText)
   aBytes = objEncode.GetBytes(_PlainText)

   ;; Get an Aes class instance.
   objAes = ObjectClrNew('System.Security.Cryptography.AesManaged')

   ;; Set key and initialization vector.
   objAes.Key = _Key
   objAes.IV  = _IV;

   ;; Get an Encryption object using the supplied key and vector.
   objEncryptor = objAes.CreateEncryptor() ;objAes.Key, objAes.IV)

   ;; Get instances of the needed stream objects.
   nMode      = 1 ; 0 == enumCriptMode.Read ; 1 == enumCriptMode.Write
   WriteMode  = ObjectClrType('System.Security.Cryptography.CryptoStreamMode', nMode)
   objMStream = ObjectClrNew('System.IO.MemoryStream')
   objCStream = ObjectClrNew('System.Security.Cryptography.CryptoStream',objMStream,objEncryptor,WriteMode)
   objCStream.Write(aBytes, 0, nLen);
   objCStream.Close() ; Necessary to gain access to the encrypted string array.
   aEncrypted = objMStream.ToArray()
   objAes.Clear()

   ; Retun encrypted string as safearray of unsigend bytes (UI1).
   return aEncrypted
#EndFunction ; EncryptString

;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
;; Decrypts a string
;;
;; _CryptText - array of bytes to decrypt
;; _Key       - secret key for decryption algoritm.
;; _IV        - Initialization vector
;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
#DefineFunction DecryptString ( _CryptText, _Key, _IV )

   ;; Get an Aes class instance.
   objAes = ObjectClrNew('System.Security.Cryptography.AesManaged')

   ;; Set key and initialization vector.
   objAes.Key = _Key
   objAes.IV  = _IV;

   ;; Get an Decryption object using the supplied key and vector.
   objDecryptor = objAes.CreateDecryptor() ;objAes.Key, objAes.IV)

   ;; Get instances of the needed stream objects.
   nMode        = 0 ; 0 == enumCriptMode.Read ; 1 == enumCriptMode.Write
   Mode         = ObjectClrType('System.Security.Cryptography.CryptoStreamMode', nMode)
   objMStream   = ObjectClrNew('System.IO.MemoryStream', _CryptText)
   objCStream   = ObjectClrNew('System.Security.Cryptography.CryptoStream',objMStream,objDecryptor,Mode)
   objRStream   = ObjectClrNew('System.IO.StreamReader',objCStream)
   
   ; Get plan text string.
   strPlainText = objRStream.ReadToEnd()

   return strPlainText
#EndFunction ; DecryptString

return ; gosub procedures

"No one who sees a peregrine falcon fly can ever forget the beauty and thrill of that flight."
  - Dr. Tom Cade

td

Quote from: erezpaz on January 15, 2018, 03:59:47 AM

I am looking for way to encrypt password to string with AES 256. Found this topic : http://forum.winbatch.com/index.php?topic=1350.msg6318#msg6318
It look like it is not applicable for current OS such as Windows 10 or Windows 2016. Can you help convert it.


The dotNet example mentioned in the topic you reference should still work as it is not dependent on COM CAPICOM.  Or you can use the symmetrical encryption in the example above, of course.
"No one who sees a peregrine falcon fly can ever forget the beauty and thrill of that flight."
  - Dr. Tom Cade

erezpaz

Hi,

The code you gave here worked fine, thanks. How can i get the encrypted string and write it to txt file? The CryptText string is question mark such as this - ???????

Thanks

kdmoyers

The mind is everything; What you think, you become.

erezpaz

Hi,

I understand that the CryptText is an array. When trying to convert it to text file it work fine - 16 elements of 1 to 3 digits number. Then converting it back to array and pushing it to DecryptString function give me 
CLR: Type creation failed
Can you help?


CryptText = EncryptString(strPwd, CryptKey, CryptIV)

ss=""
nRmax1 = ArrInfo(CryptText,1)
for i = 0 to nRmax1-1 ;GUI
if ss == "" then
ss=strcat(CryptText[i])
else
ss=strcat(ss,"-",CryptText[i])
end if
next
message(CryptText[0],ss)

CryptText2 = ArrDimension(16)
List = itemcount(ss,"-")
for e = 1 to list
CryptText2[e-1] = itemextract(e,ss,"-")
next

PlainText = DecryptString ( CryptText2, CryptKey, CryptIV )


Thanks

td

That was bad variable naming on my part but at least you figured out that it was an array.   

The thing to remember about the encrypted text is that it is binary data.   It is not conventional ANSI text.  WinBatch offers several ways to read and write byte safearrays to and from a file.   But since we are working in the world of .Burgerflipper (dotNet), we might as well stay there.

Code (winbatch) Select
;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
;; Writes binary data to a file
;;
;; _File - full path of file to create or overwrite.
;; _Data - byte array (ARRAY|UI1) of binary data to
;;         write to file.
;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
#DefineFunction WriteBin(_File, _Data)

   Create = ObjectClrType('System.IO.FileMode', 2) ; Create
   Write = ObjectClrType('System.IO.FileAccess', 2) ;Write
   objFStream = ObjectClrNew('System.IO.FileStream',_File,Create,Write)
   objFStream.Write(_Data , 0, ArrInfo(_Data,1) )
   objFStream.Flush()
   objFStream.Dispose() ; Likely not necessary
   return 1
#EndFunction ; WriteBin

;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
;; Reads binary data from a file
;;
;; _File - full path of file to read from.
;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
#DefineFunction ReadBin(_File)
     
   Open = ObjectClrType('System.IO.FileMode', 3) ; Open
   Read = ObjectClrType('System.IO.FileAccess', 1) ; Read
   objFStream = ObjectClrNew('System.IO.FileStream',_File,Open,Read)
   objMStream = ObjectClrNew('System.IO.MemoryStream')
   objFStream.CopyTo(objMStream)
   aCrypt = objMstream.ToArray()
   objFStream.Dispose() ; Likely not necessary.
   objMstream.Dispose() ; Likely not necessary.

   return aCrypt
#EndFunction ; ReadBin
     
"No one who sees a peregrine falcon fly can ever forget the beauty and thrill of that flight."
  - Dr. Tom Cade

td

Another take on the ReadBin UDF.

Code (winbatch) Select
;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
;; Reads binary data from a file
;;
;; _File - full path of file to read from.
;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
#DefineFunction ReadBin2(_File)
     
   Open = ObjectClrType('System.IO.FileMode', 3) ; Open
   Read = ObjectClrType('System.IO.FileAccess', 1) ; Read
   objFStream = ObjectClrNew('System.IO.FileStream',_File,Open,Read)
   objBStream = ObjectClrNew('System.IO.BinaryReader', objFStream)
   aCrypt = objBStream.ReadBytes(FileSize(_File))
   objFStream.Dispose() ; Likely not necessary.
   objBStream.Dispose() ; Likely not necessary.

   return aCrypt
#EndFunction ; ReadBin2
"No one who sees a peregrine falcon fly can ever forget the beauty and thrill of that flight."
  - Dr. Tom Cade

erezpaz

Hi,

It work fine. I want to input the binary data i collected in to a simple text file with other parameters that will help me identify this encrypted string as a specific user password. Files such as ini file so i can pick it up later as a string, convert it to binary and use it in the code. Any idea how? Tried it with BinaryPeekStrW but had issues with it.

Thanks

td

There are many ways create your ini file in WinBatch.  The simplest would be to simply create a plain text file and encrypt the whole thing.  However, that approach may not be particularly secure.  But then I am not sure how secure any of this is.

Another approach would be to convert your array of bytes to a delimited list of text digits which you write to a file.  Then you read the item list of digits from the file, convert to an array and then convert the array into a "ui1|array" safe array.

The latter would look something like the following:
Code (winbatch) Select
IniWritePvt('Secret', 'bob', ArrayItemize(CryptText, ','), strFile)
aCrypt = Arrayize(IniReadPvt('Secret', 'bob', '', strFile), ',')
aCrypt = ObjectType('array|ui1', aCrypt)
"No one who sees a peregrine falcon fly can ever forget the beauty and thrill of that flight."
  - Dr. Tom Cade

erezpaz