View topic - encrypt AES decrypt PHP • AutoHotkey Community

View unanswered posts | View active topics

Board index » AutoHotkey » Support

All times are UTC [ DST ]

encrypt AES decrypt PHP

Page 1 of 2

[ 20 posts ]

Go to page 1, 2 Next

Print view | E-mail friend

Previous topic | Next topic

Author

Message

L-Cartinine

Post subject: encrypt AES decrypt PHP

Posted: December 8th, 2008, 10:11 pm

Joined: November 28th, 2007, 9:54 am
Posts: 69

I like to be able to encrypt text with a password using AES 256 and then be able to decrypt online from PHP. I like output in hex.

Encrypt and decrypt data with AES in pure PHP.
http://www.phpclasses.org/browse/package/4238.html

http://www.movable-type.co.uk/scripts/aes-php.html

Top

Slanter

Post subject: Re: encrypt AES decrypt PHP

Posted: December 8th, 2008, 11:13 pm

Joined: May 28th, 2008, 2:11 am
Posts: 739
Location: Minnesota, USA

L-Cartinine wrote:

And you're asking for..? I see no questions

_________________
Unless otherwise stated, all code is untested

(\__/) This is Bunny.
(='.'=) Cut, copy, and paste bunny onto your sig.
(")_(") Help Bunny gain World Domination.

Top

L-Cartinine

Post subject:

Posted: December 8th, 2008, 11:26 pm

Joined: November 28th, 2007, 9:54 am
Posts: 69

i need help putting the code for AES together and then be compatible with one of the many AES 256 in PHP. the first link i mentioned has a excellent complete conversion in PHP and is well documented. What i like is code i can encrypt text with a password in AHK and it encryption matches the base cipher encryption online exactly for a successful decryption ideally strong.

Code:

Password = AutoHotkey
Data = 12345678901234567
Len := StrLen(Data)
Buffer = %Data%0123456789abcdef ; allocate 16 byte more space

size := Crypt_AES(&Buffer, Len, Password, 256, 1)
MsgBox % "Plaintext size = " Len "`nCiphertext size = " size "`nCiphertext: " SubStr(Buffer,1,size)

size := Crypt_AES(&Buffer, size, Password, 256, 0)
MsgBox % "`Plaintext size = " size "`nPlaintext: " SubStr(Buffer,1,size)

Crypt_AES(pData, nSize, sPassword, SID = 256, bEncrypt = True) {
   CALG_AES_256 := 1 + CALG_AES_192 := 1 + CALG_AES_128 := 0x660E
   CALG_SHA1 := 1 + CALG_MD5 := 0x8003
   DllCall("advapi32\CryptAcquireContextA", "UintP", hProv, "Uint", 0, "str"
   , "Microsoft Enhanced RSA and AES Cryptographic Provider" . (A_OSVersion="WIN_XP" ? " (Prototype)" : ""), "Uint", 24, "Uint", 0)
   DllCall("advapi32\CryptCreateHash", "Uint", hProv, "Uint", CALG_SHA1, "Uint", 0, "Uint", 0, "UintP", hHash)
   DllCall("advapi32\CryptHashData", "Uint", hHash, "Uint", &sPassword, "Uint", StrLen(sPassword), "Uint", 0)
   DllCall("advapi32\CryptDeriveKey", "Uint", hProv, "Uint", CALG_AES_%SID%, "Uint", hHash, "Uint", SID<<16, "UintP", hKey)
   DllCall("advapi32\CryptDestroyHash", "Uint", hHash)
   If bEncrypt
      DllCall("advapi32\CryptEncrypt", "Uint", hKey, "Uint", 0, "Uint", True, "Uint", 0, "Uint", pData, "UintP", nSize, "Uint", nSize+16)
   Else  DllCall("advapi32\CryptDecrypt", "Uint", hKey, "Uint", 0, "Uint", True, "Uint", 0, "Uint", pData, "UintP", nSize)
   DllCall("advapi32\CryptDestroyKey", "Uint", hKey)
   DllCall("advapi32\CryptReleaseContext", "Uint", hProv, "Uint", 0)
   Return   nSize
}

Top

L-Cartinine

Post subject:

Posted: December 9th, 2008, 12:13 pm

Joined: November 28th, 2007, 9:54 am
Posts: 69

i will do it myself i just need help in matching the right base encoding output exactly in AHK to one in PHP. it seems alot have been modified to there own end. i think i ask too much for this forum but if anyone done it all before.

Top

L-Cartinine

Post subject:

Posted: December 15th, 2008, 10:11 pm

Joined: November 28th, 2007, 9:54 am
Posts: 69

ok now i done it.

Top

donv

Post subject: Any chance you could post your AHK Code?

Posted: December 19th, 2008, 5:16 pm

Joined: October 18th, 2008, 6:43 pm
Posts: 18

I am interested in implementing public/private key encryption using AHK.. May be really beneficial if i could see what you have completed. Thank you in advance.

_________________
-d

Top

Kai

Post subject: Re: Any chance you could post your AHK Code?

Posted: August 8th, 2009, 2:54 pm

Quote:

ok now i done it.

How?

I want to implement AES encrypt/decrypt on my AHK/PHP scripts.
Can someone help me, please?

I'm trying to do this for 1 week...

Last tried:

AHK Script:

Code:

sTextOriginl := "Nel mezzo del cammin di nostra vita"
sPassword  := "TestKey1"

SID := 256   
nSize := Text_AES(sTextEncrypt, &sTextOriginl, StrLen(sTextOriginl), sPassword, SID, True)   ; Encryption
sHex  := Hex4Bin(&sTextEncrypt, nSize)
MsgBox % sHex

nSize := Bin4Hex(sTextEncrypt, sHex)
Text_AES(sTextDecrypt, &sTextEncrypt, nSize, sPassword, SID, False)
MsgBox % sTextDecrypt

Return

Text_AES(ByRef sResult, pData, nSize, sPassword, SID = 256, bEncrypt = True)
{
   VarSetCapacity(sResult, bEncrypt ? nSize+16 : nSize)
   DllCall("RtlMoveMemory", "Uint", &sResult, "Uint", pData, "Uint", nSize)
   nSize := Crypt_AES(&sResult, nSize, sPassword, SID, bEncrypt)
   NumPut(0, sResult, nSize, "char"), VarSetCapacity(sResult,-1)
   Return   nSize
}

Hex4Bin(p, l)
{
   VarSetCapacity(h,l*2)
   o:=A_FormatInteger
   SetFormat, Integer, H
   Loop,   %l%
      h.=SubStr(*p++,-1)
   SetFormat, Integer, %o%
   StringReplace,   h, h, x, 0, All
   Return   h
}

Bin4Hex(ByRef b, h)
{
   VarSetCapacity(b,l:=StrLen(h)//2)
   Loop,   %l%
      NumPut("0x" . SubStr(h,2*A_Index-1,2),b,A_Index-1,"Uchar")
   NumPut(0,b,l,"Uchar"), VarSetCapacity(b,-1)
   Return   l
}


Crypt_AES(pData, nSize, sPassword, SID = 256, bEncrypt = True) {
   CALG_AES_256 := 1 + CALG_AES_192 := 1 + CALG_AES_128 := 0x660E
   CALG_SHA1 := 1 + CALG_MD5 := 0x8003
   DllCall("advapi32\CryptAcquireContextA", "UintP", hProv, "Uint", 0, "str"
   , "Microsoft Enhanced RSA and AES Cryptographic Provider" . (A_OSVersion="WIN_XP" ? " (Prototype)" : ""), "Uint", 24, "Uint", 0)
   DllCall("advapi32\CryptCreateHash", "Uint", hProv, "Uint", CALG_SHA1, "Uint", 0, "Uint", 0, "UintP", hHash)
   DllCall("advapi32\CryptHashData", "Uint", hHash, "Uint", &sPassword, "Uint", StrLen(sPassword), "Uint", 0)
   DllCall("advapi32\CryptDeriveKey", "Uint", hProv, "Uint", CALG_AES_%SID%, "Uint", hHash, "Uint", SID<<16, "UintP", hKey)
   DllCall("advapi32\CryptDestroyHash", "Uint", hHash)
   If bEncrypt
      DllCall("advapi32\CryptEncrypt", "Uint", hKey, "Uint", 0, "Uint", True, "Uint", 0, "Uint", pData, "UintP", nSize, "Uint", nSize+16)
   Else  DllCall("advapi32\CryptDecrypt", "Uint", hKey, "Uint", 0, "Uint", True, "Uint", 0, "Uint", pData, "UintP", nSize)
   DllCall("advapi32\CryptDestroyKey", "Uint", hKey)
   DllCall("advapi32\CryptReleaseContext", "Uint", hProv, "Uint", 0)
   Return   nSize
}

PHP Code: http://www.phpclasses.org/browse/package/4238.html

I modified this on AESCipher.class.php encrypt function:

Code:

return $this->_cipher->hexToString($output);

Code:

return $output;

in order to return hex.

PHP File:

Code:

include_once('./AES.class.php');
include_once('./AESCipher.class.php');
$password = 'TestKey1';
$input = 'Nel mezzo del cammin di nostra vita';
$Cipher = new AESCipher(AES::AES256);
print('input:  '.$input.'<br />');
print('key:    '.$password.'<br />');
$start = microtime(true);
$cryptext = $Cipher->encrypt($input, $password);

$end = microtime(true);
print('AESCipher Class encryption time (256bit): '.(($end - $start)*1000).'ms <br />');
print 'cryptext: '.$cryptext.'<br />';

Results are:
AHK:

Quote:

0d75715f66c4c8a45e98e640979c300c54df0e4427477fcf0e8c991febeefa4e34b0b85a556b70e6668161c6f2c5b7a1

PHP:

Quote:

input: Nel mezzo del cammin di nostra vita
key: TestKey1
AESCipher Class encryption time (256bit): 5.9909820556641ms
cryptext: 65adf1b899f929ceffa3e6768ca7d42eb8693951ef314d171246e51452a251a34defe64e9a0b9546d85d4a89b76a979e

Someone give me a solution! Thanks!

PS: sorry for my bad english.

Top

Sean

Post subject:

Posted: August 8th, 2009, 4:47 pm

Joined: February 12th, 2007, 7:54 am
Posts: 2462

You have to know what hash algorithm PHP is using to generate key. My code uses SHA1 for that.

Top

Kai

Post subject:

Posted: August 8th, 2009, 9:36 pm

Thanks for your answer.

Unfortunally, I thought that too and I tried to change in every hash algorithm how the script generate the key.
I saw that in your (awesome!) script you use SHA1, and I tried to modify this part on AESCipher.class.php:

Code:

    private function _generateKey($password) {
        switch ($this->_strenght) {
            case AES::AES256:
                return md5($password).md5($password.'1');
            case AES::AES192:
                return sha1($password);
            case AES::AES128:
            default:
                return md5($password);
        }
    }

with

Code:

    private function _generateKey($password) {
                return sha1($password);
    }

but results are different too

Top

Kai

Post subject:

Posted: August 8th, 2009, 10:27 pm

Joined: August 8th, 2009, 10:10 pm
Posts: 17

Okay I tried to display the hash key in this method:

AHK:

Code:

   DllCall("advapi32\CryptCreateHash", "Uint", hProv, "Uint", CALG_SHA1, "Uint", 0, "Uint", 0, "UintP", hHash)
   msgbox %hHash%

PHP:

Code:

    public function encrypt($content, $password) {
        $key = $this->_generateKey($password);
        $input = $this->_cipher->stringToHex($content);
        $output = '';
      echo "||<br>".$key."<br>||";
        $output .= $this->_cipher->encrypt($chunk, $key);
        return $output;
    }

and results are:
AHK:

Code:

10957736

PHP:

Code:

333a13e85b3215b79cdab7242b641e851d0ee677

DLL results isn't a SHA1 key, I think...
So I thought something is wrong on SHA1 parameters...
I searched on MSDN and I found the parameters:

Quote:

hProv [in]
A handle to a CSP created by a call to CryptAcquireContext.

Algid [in]
An ALG_ID value that identifies the hash algorithm to use.

Valid values for this parameter vary, depending on the CSP that is used. For a list of default algorithms, see Remarks.

hKey [in]
If the type of hash algorithm is a keyed hash, such as the Hash-Based Message Authentication Code (HMAC) or Message Authentication Code (MAC) algorithm, the key for the hash is passed in this parameter. For nonkeyed algorithms, this parameter must be set to zero.

For keyed algorithms, the key must be to a block cipher key, such as RC2, that has a cipher mode of Cipher Block Chaining (CBC).

dwFlags [in]
The following flag value is defined.

Value Meaning
CRYPT_SECRETDIGEST
0x00000001
This flag is not used.

phHash [out]
The address to which the function copies a handle to the new hash object. When you have finished using the hash object, release the handle by calling the CryptDestroyHash function.

Last parameter says that the function copies a handle, so that's not the sha1 key?

Last edited by Kai on August 9th, 2009, 4:23 am, edited 1 time in total.

Top

Sean

Post subject:

Posted: August 9th, 2009, 1:26 am

Joined: February 12th, 2007, 7:54 am
Posts: 2462

hHash is not the hash value, it's just an opaque handle. To obtain the actual hash value use CryptGetHashParam API. Anyway, MD5/SHA1 are not the only hash algorithms, so, you better ask the developers about it than simply doing trial-and-errors.

Top

Kai

Post subject:

Posted: August 9th, 2009, 1:33 am

Joined: August 8th, 2009, 10:10 pm
Posts: 17

Yes, I read that it isn't the hash value on MSDN, and I tried to get it with CryptGetHashParam but I get a blank string

. I tried to specify an hash value but it doesn't return the correct encrypted string.

Quote:

you better ask the developers about it than simply doing trial-and-errors.

You did it, didn't you?
http://www.autohotkey.com/forum/topic23719.html

Thanks again.

Top

Sean

Post subject:

Posted: August 9th, 2009, 1:42 am

Joined: February 12th, 2007, 7:54 am
Posts: 2462

Kai wrote:

You did it, didn't you?

I meant PHP developers.

Top

Kai

Post subject:

Posted: August 9th, 2009, 4:20 am

Joined: August 8th, 2009, 10:10 pm
Posts: 17

I got the sha1 with AHK and it's the same on php, but AES encrypted string still wrong...

Now I'm re-checking all php code...

Thanks for your help.

Top

Sean

Post subject:

Posted: August 9th, 2009, 1:55 pm

Joined: February 12th, 2007, 7:54 am
Posts: 2462

I now saw the linked page in the top post in this thread. Is that official implementation of AES in PHP? If so, I don't think you can make PHP and the AHK code used here compatible. Looks like you need the planned half-part of the codes which unfortunately has never been implemented in the script. You have to implement it yourself.

PHP seems to use its own key generation procedure. So, first translate that code into AHK. Then, to generate key handle with the data, use CryptImportKey instead of CryptDeriveKey currently used. BTW, even after that trouble, I can't guarantee to obtain the same result for both AHK and PHP. Maybe you have to translate the whole PHP's AES code into AHK.

Top

Page 1 of 2

[ 20 posts ]

Go to page 1, 2 Next

Board index » AutoHotkey » Support

All times are UTC [ DST ]

Who is online

Users browsing this forum: Bing [Bot], BrandonHotkey, JSLover, Yahoo [Bot] and 60 guests

You can post new topics in this forum
You can reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum