 |
AutoHotkey Community
Let's help each other out
|
| View previous topic :: View next topic |
| Author |
Message |
L-Cartinine
Joined: 28 Nov 2007
Posts: 69
|
|
| Back to top |
|
 |
Slanter
Joined: 28 May 2008
Posts: 739
Location: Minnesota, USA
|
 Posted: Mon Dec 08, 2008 10:13 pm Post subject: Re: encrypt AES decrypt PHP |
 |
|
And you're asking for..? I see no questions
_________________
Unless otherwise stated, all code is untested
(\__/) This is Bunny.
(='.'=) Cut, copy, and paste bunny onto your sig.
(")_(") Help Bunny gain World Domination. |
|
| Back to top |
|
|
L-Cartinine
Joined: 28 Nov 2007
Posts: 69
|
| Posted: Mon Dec 08, 2008 10:26 pm Post subject: |
|
|
i need help putting the code for AES together and then be compatible with one of the many AES 256 in PHP. the first link i mentioned has a excellent complete conversion in PHP and is well documented. What i like is code i can encrypt text with a password in AHK and it encryption matches the base cipher encryption online exactly for a successful decryption ideally strong.
| Code: |
Password = AutoHotkey
Data = 12345678901234567
Len := StrLen(Data)
Buffer = %Data%0123456789abcdef ; allocate 16 byte more space
size := Crypt_AES(&Buffer, Len, Password, 256, 1)
MsgBox % "Plaintext size = " Len "`nCiphertext size = " size "`nCiphertext: " SubStr(Buffer,1,size)
size := Crypt_AES(&Buffer, size, Password, 256, 0)
MsgBox % "`Plaintext size = " size "`nPlaintext: " SubStr(Buffer,1,size)
Crypt_AES(pData, nSize, sPassword, SID = 256, bEncrypt = True) {
CALG_AES_256 := 1 + CALG_AES_192 := 1 + CALG_AES_128 := 0x660E
CALG_SHA1 := 1 + CALG_MD5 := 0x8003
DllCall("advapi32\CryptAcquireContextA", "UintP", hProv, "Uint", 0, "str"
, "Microsoft Enhanced RSA and AES Cryptographic Provider" . (A_OSVersion="WIN_XP" ? " (Prototype)" : ""), "Uint", 24, "Uint", 0)
DllCall("advapi32\CryptCreateHash", "Uint", hProv, "Uint", CALG_SHA1, "Uint", 0, "Uint", 0, "UintP", hHash)
DllCall("advapi32\CryptHashData", "Uint", hHash, "Uint", &sPassword, "Uint", StrLen(sPassword), "Uint", 0)
DllCall("advapi32\CryptDeriveKey", "Uint", hProv, "Uint", CALG_AES_%SID%, "Uint", hHash, "Uint", SID<<16, "UintP", hKey)
DllCall("advapi32\CryptDestroyHash", "Uint", hHash)
If bEncrypt
DllCall("advapi32\CryptEncrypt", "Uint", hKey, "Uint", 0, "Uint", True, "Uint", 0, "Uint", pData, "UintP", nSize, "Uint", nSize+16)
Else DllCall("advapi32\CryptDecrypt", "Uint", hKey, "Uint", 0, "Uint", True, "Uint", 0, "Uint", pData, "UintP", nSize)
DllCall("advapi32\CryptDestroyKey", "Uint", hKey)
DllCall("advapi32\CryptReleaseContext", "Uint", hProv, "Uint", 0)
Return nSize
}
|
|
|
| Back to top |
|
|
L-Cartinine
Joined: 28 Nov 2007
Posts: 69
|
| Posted: Tue Dec 09, 2008 11:13 am Post subject: |
|
|
| i will do it myself i just need help in matching the right base encoding output exactly in AHK to one in PHP. it seems alot have been modified to there own end. i think i ask too much for this forum but if anyone done it all before. |
|
| Back to top |
|
|
L-Cartinine
Joined: 28 Nov 2007
Posts: 69
|
| Posted: Mon Dec 15, 2008 9:11 pm Post subject: |
|
|
| ok now i done it. |
|
| Back to top |
|
|
donv
Joined: 18 Oct 2008
Posts: 18
|
| Posted: Fri Dec 19, 2008 4:16 pm Post subject: Any chance you could post your AHK Code? |
|
|
I am interested in implementing public/private key encryption using AHK.. May be really beneficial if i could see what you have completed. Thank you in advance.
_________________
-d  |
|
| Back to top |
|
|
Kai
Guest
|
| Posted: Sat Aug 08, 2009 1:54 pm Post subject: Re: Any chance you could post your AHK Code? |
|
|
How?
I want to implement AES encrypt/decrypt on my AHK/PHP scripts.
Can someone help me, please?
I'm trying to do this for 1 week...
Last tried:
AHK Script:
| Code: | sTextOriginl := "Nel mezzo del cammin di nostra vita"
sPassword := "TestKey1"
SID := 256
nSize := Text_AES(sTextEncrypt, &sTextOriginl, StrLen(sTextOriginl), sPassword, SID, True) ; Encryption
sHex := Hex4Bin(&sTextEncrypt, nSize)
MsgBox % sHex
nSize := Bin4Hex(sTextEncrypt, sHex)
Text_AES(sTextDecrypt, &sTextEncrypt, nSize, sPassword, SID, False)
MsgBox % sTextDecrypt
Return
Text_AES(ByRef sResult, pData, nSize, sPassword, SID = 256, bEncrypt = True)
{
VarSetCapacity(sResult, bEncrypt ? nSize+16 : nSize)
DllCall("RtlMoveMemory", "Uint", &sResult, "Uint", pData, "Uint", nSize)
nSize := Crypt_AES(&sResult, nSize, sPassword, SID, bEncrypt)
NumPut(0, sResult, nSize, "char"), VarSetCapacity(sResult,-1)
Return nSize
}
Hex4Bin(p, l)
{
VarSetCapacity(h,l*2)
o:=A_FormatInteger
SetFormat, Integer, H
Loop, %l%
h.=SubStr(*p++,-1)
SetFormat, Integer, %o%
StringReplace, h, h, x, 0, All
Return h
}
Bin4Hex(ByRef b, h)
{
VarSetCapacity(b,l:=StrLen(h)//2)
Loop, %l%
NumPut("0x" . SubStr(h,2*A_Index-1,2),b,A_Index-1,"Uchar")
NumPut(0,b,l,"Uchar"), VarSetCapacity(b,-1)
Return l
}
Crypt_AES(pData, nSize, sPassword, SID = 256, bEncrypt = True) {
CALG_AES_256 := 1 + CALG_AES_192 := 1 + CALG_AES_128 := 0x660E
CALG_SHA1 := 1 + CALG_MD5 := 0x8003
DllCall("advapi32\CryptAcquireContextA", "UintP", hProv, "Uint", 0, "str"
, "Microsoft Enhanced RSA and AES Cryptographic Provider" . (A_OSVersion="WIN_XP" ? " (Prototype)" : ""), "Uint", 24, "Uint", 0)
DllCall("advapi32\CryptCreateHash", "Uint", hProv, "Uint", CALG_SHA1, "Uint", 0, "Uint", 0, "UintP", hHash)
DllCall("advapi32\CryptHashData", "Uint", hHash, "Uint", &sPassword, "Uint", StrLen(sPassword), "Uint", 0)
DllCall("advapi32\CryptDeriveKey", "Uint", hProv, "Uint", CALG_AES_%SID%, "Uint", hHash, "Uint", SID<<16, "UintP", hKey)
DllCall("advapi32\CryptDestroyHash", "Uint", hHash)
If bEncrypt
DllCall("advapi32\CryptEncrypt", "Uint", hKey, "Uint", 0, "Uint", True, "Uint", 0, "Uint", pData, "UintP", nSize, "Uint", nSize+16)
Else DllCall("advapi32\CryptDecrypt", "Uint", hKey, "Uint", 0, "Uint", True, "Uint", 0, "Uint", pData, "UintP", nSize)
DllCall("advapi32\CryptDestroyKey", "Uint", hKey)
DllCall("advapi32\CryptReleaseContext", "Uint", hProv, "Uint", 0)
Return nSize
} |
PHP Code: http://www.phpclasses.org/browse/package/4238.html
I modified this on AESCipher.class.php encrypt function:
| Code: | | return $this->_cipher->hexToString($output); |
to
in order to return hex.
PHP File:
| Code: | include_once('./AES.class.php');
include_once('./AESCipher.class.php');
$password = 'TestKey1';
$input = 'Nel mezzo del cammin di nostra vita';
$Cipher = new AESCipher(AES::AES256);
print('input: '.$input.'<br />');
print('key: '.$password.'<br />');
$start = microtime(true);
$cryptext = $Cipher->encrypt($input, $password);
$end = microtime(true);
print('AESCipher Class encryption time (256bit): '.(($end - $start)*1000).'ms <br />');
print 'cryptext: '.$cryptext.'<br />'; |
Results are:
AHK:
| Quote: | | 0d75715f66c4c8a45e98e640979c300c54df0e4427477fcf0e8c991febeefa4e34b0b85a556b70e6668161c6f2c5b7a1 |
PHP:
| Quote: | input: Nel mezzo del cammin di nostra vita
key: TestKey1
AESCipher Class encryption time (256bit): 5.9909820556641ms
cryptext: 65adf1b899f929ceffa3e6768ca7d42eb8693951ef314d171246e51452a251a34defe64e9a0b9546d85d4a89b76a979e |
Someone give me a solution! Thanks!
PS: sorry for my bad english. |
|
| Back to top |
|
|
Sean
Joined: 12 Feb 2007
Posts: 2462
|
| Posted: Sat Aug 08, 2009 3:47 pm Post subject: |
|
|
| You have to know what hash algorithm PHP is using to generate key. My code uses SHA1 for that. |
|
| Back to top |
|
|
Kai
Guest
|
| Posted: Sat Aug 08, 2009 8:36 pm Post subject: |
|
|
Thanks for your answer.
Unfortunally, I thought that too and I tried to change in every hash algorithm how the script generate the key.
I saw that in your (awesome!) script you use SHA1, and I tried to modify this part on AESCipher.class.php:
| Code: | private function _generateKey($password) {
switch ($this->_strenght) {
case AES::AES256:
return md5($password).md5($password.'1');
case AES::AES192:
return sha1($password);
case AES::AES128:
default:
return md5($password);
}
} |
with
| Code: | private function _generateKey($password) {
return sha1($password);
} |
but results are different too  |
|
| Back to top |
|
|
Kai
Joined: 08 Aug 2009
Posts: 17
|
| Posted: Sat Aug 08, 2009 9:27 pm Post subject: |
|
|
Okay I tried to display the hash key in this method:
AHK:
| Code: | DllCall("advapi32\CryptCreateHash", "Uint", hProv, "Uint", CALG_SHA1, "Uint", 0, "Uint", 0, "UintP", hHash)
msgbox %hHash% |
PHP:
| Code: | public function encrypt($content, $password) {
$key = $this->_generateKey($password);
$input = $this->_cipher->stringToHex($content);
$output = '';
echo "||<br>".$key."<br>||";
$output .= $this->_cipher->encrypt($chunk, $key);
return $output;
} |
and results are:
AHK:
PHP:
| Code: | | 333a13e85b3215b79cdab7242b641e851d0ee677 |
DLL results isn't a SHA1 key, I think...
So I thought something is wrong on SHA1 parameters...
I searched on MSDN and I found the parameters:
| Quote: | hProv [in]
A handle to a CSP created by a call to CryptAcquireContext.
Algid [in]
An ALG_ID value that identifies the hash algorithm to use.
Valid values for this parameter vary, depending on the CSP that is used. For a list of default algorithms, see Remarks.
hKey [in]
If the type of hash algorithm is a keyed hash, such as the Hash-Based Message Authentication Code (HMAC) or Message Authentication Code (MAC) algorithm, the key for the hash is passed in this parameter. For nonkeyed algorithms, this parameter must be set to zero.
For keyed algorithms, the key must be to a block cipher key, such as RC2, that has a cipher mode of Cipher Block Chaining (CBC).
dwFlags [in]
The following flag value is defined.
Value Meaning
CRYPT_SECRETDIGEST
0x00000001
This flag is not used.
phHash [out]
The address to which the function copies a handle to the new hash object. When you have finished using the hash object, release the handle by calling the CryptDestroyHash function. |
Last parameter says that the function copies a handle, so that's not the sha1 key?
Last edited by Kai on Sun Aug 09, 2009 3:23 am; edited 1 time in total |
|
| Back to top |
|
|
Sean
Joined: 12 Feb 2007
Posts: 2462
|
| Posted: Sun Aug 09, 2009 12:26 am Post subject: |
|
|
| hHash is not the hash value, it's just an opaque handle. To obtain the actual hash value use CryptGetHashParam API. Anyway, MD5/SHA1 are not the only hash algorithms, so, you better ask the developers about it than simply doing trial-and-errors. |
|
| Back to top |
|
|
Kai
Joined: 08 Aug 2009
Posts: 17
|
| Posted: Sun Aug 09, 2009 12:33 am Post subject: |
|
|
Yes, I read that it isn't the hash value on MSDN, and I tried to get it with CryptGetHashParam but I get a blank string . I tried to specify an hash value but it doesn't return the correct encrypted string.
| Quote: | | you better ask the developers about it than simply doing trial-and-errors. |
You did it, didn't you?
http://www.autohotkey.com/forum/topic23719.html
Thanks again. |
|
| Back to top |
|
|
Sean
Joined: 12 Feb 2007
Posts: 2462
|
| Posted: Sun Aug 09, 2009 12:42 am Post subject: |
|
|
| Kai wrote: | | You did it, didn't you? |
I meant PHP developers. |
|
| Back to top |
|
|
Kai
Joined: 08 Aug 2009
Posts: 17
|
| Posted: Sun Aug 09, 2009 3:20 am Post subject: |
|
|
I got the sha1 with AHK and it's the same on php, but AES encrypted string still wrong...
Now I'm re-checking all php code...
Thanks for your help. |
|
| Back to top |
|
|
Sean
Joined: 12 Feb 2007
Posts: 2462
|
| Posted: Sun Aug 09, 2009 12:55 pm Post subject: |
|
|
I now saw the linked page in the top post in this thread. Is that official implementation of AES in PHP? If so, I don't think you can make PHP and the AHK code used here compatible. Looks like you need the planned half-part of the codes which unfortunately has never been implemented in the script. You have to implement it yourself.
PHP seems to use its own key generation procedure. So, first translate that code into AHK. Then, to generate key handle with the data, use CryptImportKey instead of CryptDeriveKey currently used. BTW, even after that trouble, I can't guarantee to obtain the same result for both AHK and PHP. Maybe you have to translate the whole PHP's AES code into AHK. |
|
| Back to top |
|
|
|
|
You can post new topics in this forum
You can reply to topics in this forum
|
Powered by phpBB © 2001, 2005 phpBB Group
|
FAQ
Search
Memberlist
Register
Profile
Log in to check your private messages
Log in
