FileCryptFile() : Encrypt/Decrypt files. CNG-AES-256-CBC

[SKAN]

The function returns True on success or False on error. ErrorLevel is set with an error message.
This function was written to handle large files (several GB's).
If your data size measures a few MB's and you prefer to handle things in memory, try: VarV

The function along with an example:
 

Code: Select all

FileCryptFile(Mode, Src, Trg, sKey) {                ;  v0.66 By SKAN on D442/D44H @ tiny.cc/filecryptfile
Local                                                ;
                                                     ;  File Format:  .aea
                                                     ;  Offset  Size  Type   Description
                                                     ;      0      4  UTF-8  ".aea"
                                                     ;      4      4  UInt   Block size. Max value 524,288 bytes.
                                                     ;      8     32  Bytes  IV (Initialization vector),   RNG values.
                                                     ;     40         Bytes  Encrypted data in single/multiple blocks.
                                                     ;
                                                     ;   Data encryption method: AES-256-CBC
                                                     ;   KeyPhrase (sKey parameter) is hashed with SHA256 using IV as salt.
  If !Strlen(sKey)
     Return (0, ErrorLevel := "Key required")
  Mode := (Mode != "Encrypt" ? "Decrypt" : "Encrypt"),     Encrypt := (Mode = "Encrypt"),     Decrypt := (Mode = "Decrypt")

  VarSetCapacity(Head, 40, 0),               pIni := &Head+8, nIni := 32
  FileSrc := FileOpen(Src, "r -rwd"),        FileSrc.Pos := 0,   nHead := FileSrc.RawRead(&Head, 40)
  FileSrcSize := FileSrc.Length,             FileSrc.Close()
  nBytes := Min( (FileSrcSize+=16) - Mod(FileSrcSize,16), 1024*512 )

  If !( FileSrcSize )
     Return (0, ErrorLevel := FileSrcSize=0 ? "Source file is 0 bytes" : FileExist(Src) ? "Error opening Source file."
                                            : "Source file does not exist.")
  If !( FileOpen(Trg, "w -rwd").__Handle )
     Return (0, ErrorLevel := "Error creating Target file")

  If ( Decrypt )
       If ( nHead!=40 Or StrGet(&Head, 4, "utf-8") != ".aea" )
          Return (0, ErrorLevel := "Source not a .aea file.")
  Else If ( (blkSz := NumGet(&Head, 4, "UInt")) = 0 || blkSz > 1024*512)
          Return (0, ErrorLevel := ".aea version mismatch.")

  SetBatchLines, % (-1, BatchLines := A_BatchLines)
  hKey := 0, hAlg := 0, hHash := 0
  hBcrypt := DllCall("Kernel32.dll\LoadLibrary", "Str","Bcrypt.dll", "Ptr")

  If ( Encrypt )
     StrPut(".aea", &Head, 4, "utf-8")          ; BCRYPT_USE_SYSTEM_PREFERRED_RNG := 0x2
   , DllCall("Bcrypt.dll\BCryptGenRandom", "Ptr",hAlg, "Ptr",pIni, "Int",nIni, "Int",0x2)
   , NumPut(FileSrcSize, &Head, 4, "UInt")

  If ( [sKey].GetCapacity(1) = "" )
     VarSetCapacity(Key, 32, 0),             DllCall("Kernel32.dll\RtlMoveMemory", "Ptr",&Key, "Ptr",sKey+0, "Ptr",32)
  Else
     cbKey := StrPut(sKey,"utf-8"),  VarSetCapacity(Key, Max(32,cbKey), 0),  cbKey := StrPut(sKey, &Key, cbKey, "utf-8") -1
   , DllCall("Bcrypt.dll\BCryptOpenAlgorithmProvider", "PtrP",hAlg, "WStr","SHA256", "Ptr", 0, "Int",0x8)      ; HMAC = 0x8
   , DllCall("Bcrypt.dll\BCryptCreateHash",   "Ptr",hAlg, "PtrP",hHash,  "Ptr",0, "Int",0, "Ptr",pIni, "Int",nIni, "Int",0)
   , DllCall("Bcrypt.dll\BCryptHashData", "Ptr",hHash, "Ptr",&Key, "Int",cbKey, "Int",0)
   , DllCall("Bcrypt.dll\BCryptFinishHash", "Ptr",hHash, "Ptr",&Key, "Int",32, "Int",0)
   , DllCall("Bcrypt.dll\BCryptDestroyHash", "Ptr",hHash)
   , DllCall("Bcrypt.dll\BCryptCloseAlgorithmProvider", "Ptr",hAlg, "Int",0)

  DllCall("Bcrypt.dll\BCryptOpenAlgorithmProvider", "PtrP",hAlg, "WStr","AES", "Ptr",0, "Int",0)
  DllCall("Bcrypt.dll\BCryptSetProperty", "Ptr",hAlg, "WStr","ChainingMode", "WStr","ChainingModeCBC", "Int",15, "Int",0)
  DllCall("Bcrypt.dll\BCryptGenerateSymmetricKey","Ptr",hAlg, "PtrP",hKey, "Ptr",0, "Int",0, "Ptr",&Key, "Int",32, "Int",0)

  FileSrc := FileOpen(Src, "r -rwd"),        FileSrc.Pos := Encrypt ? 0  : 40
  FileTrg := FileOpen(Trg, "w -rwd"),        FileTrg.Pos := Decrypt ? 0  : FileTrg.RawWrite(&Head,40)
  rBytes  := nBytes-Encrypt,                 wBytes := 0,   VarSetCapacity(Bin, nBytes)

  Loop
    {  rBytes := FileSrc.RawRead(&Bin, rBytes)
       nErr   := DllCall("Bcrypt.dll\BCrypt" . Mode, "Ptr",hKey, "Ptr",&Bin, "Int",rBytes, "Ptr",0,"Ptr"
                                             , pIni, "Int",nIni, "Ptr",&Bin, "Int",nBytes, "UIntP",wBytes, "Int",1, "UInt")
       wBytes := nErr? 0 : FileTrg.RawWrite(&Bin, wBytes)
    }  Until ( nErr Or FileSrc.AtEOF )

  FileSrc.Close(),    FileTrg.Close()
  DllCall("Bcrypt.dll\BCryptDestroyKey", "Ptr",hKey)
  DllCall("Bcrypt.dll\BCryptCloseAlgorithmProvider", "Ptr",hAlg, "Int", 0)
  DllCall("Kernel32.dll\FreeLibrary", "Ptr",hBCrypt)

  SetBatchLines, % ( BatchLines )
Return (True, ErrorLevel := nErr ? Format("Bcrypt error: 0x{:08X}", nErr) : "")
}

; Usage example

#NoEnv
#Warn
#SingleInstance, Force
SetWorkingDir, %A_ScriptDir%

Original  :=  A_AhkPath . "\..\license.txt"
Encrypted :=  "license.txt.aea"
Decrypted :=  "license_new.txt"

KeyPhrase := "unbent-snugly-mousy-swivel-collide"         ; Phrase generated @ https://www.useapassphrase.com/

If FileCryptFile("encrypt", Original,  Encrypted, KeyPhrase)
   FileCryptFile("decrypt", Encrypted, Decrypted, KeyPhrase)

Msgbox % ( ErrorLevel ? ErrorLevel : "Done" )

[rommmcek]

Tested for some complex Unicode characters. Works fine!

Thank you!

[SKAN]

Tested for some complex Unicode characters. Works fine!

Thank you!

Thanks for testing

[ozzii]

Thank you for this script (as always very useful)

[SKAN]

@ozzii :

[DoriTos_]

Nice script!!
I did a gui for it.

Code: Select all

#NoEnv
#Warn
#SingleInstance, Force
SetWorkingDir, %A_ScriptDir%
SetBatchLines, -1

Gui, Add, Text, x15 yp+20, File:
Gui, Add, Edit, xp+40 yp-2 w430 h20 vFile_Path_Set
Gui, Add, Text, x15 yp+30, Key:
Gui, Add, Edit, xp+40 yp-2 w430 h20 password vKey_
Gui, Add, Checkbox, vShowKey gShowKey, Show key
Gui, Add, Button, xp+25 yp+30 w100 h30 gSelectFile, Select File
Gui, Add, Button, xp+120 yp w100 h30 gButton_, Encrypt
Gui, Add, Button, xp+120 yp w100 h30 gButton_, Decrypt
Gui, Show, w500 h150, Encrypter\Decrypter
Return

SelectFile:
FileSelectFile, File_Path,,, Select your file
GuiControl,, File_Path_Set, %File_Path%
Return

ShowKey:
GuiControlGet, ShowKey
If(ShowKey)
	GuiControl, -password, Key_
Else
	GuiControl, +password, Key_
Return

Button_:
GuiControlGet, Key_
GuiControlGet, File_Path_Set
If(!FileExist(File_Path_Set)) {
	MsgBox, 0x0, Error, File not found
	Return
}
SplitPath, File_Path_Set, FileName, FilePath, GetExt, GetNoExt

Original := FilePath . "\" . FileName
Encrypted := FileName "[Encrypted]" ".aes"

rmv := SubStr(GetNoExt, 1, InStr(GetNoExt, "[") - 1)
SplitPath, rmv,,, rmvExt, rmvNoExt
Decrypted := rmvNoExt "[Decrypted]" "." rmvExt

If( A_GuiControl = "Encrypt" ) {
	FileCryptFile("encrypt", Original,  Encrypted, Key_)
	MsgBox, 0x0, Encrypt, % nErr = 0 ? "Successful!`nFile Encrypted" : "FAILED"
} Else If( A_GuiControl = "Decrypt" ) {
	FileCryptFile("decrypt", FileName, Decrypted, Key_)
	MsgBox, 0x0, Decrypt, % nErr = 0 ? "Successful!`nFile Decrypted" : "FAILED"
} Return

FileCryptFile(Mode, Src, Trg, sKey) {                                     ; v0.55 By SKAN on D442/D443 @ tiny.cc/filecryptfile
Local
Global nErr
    If ( DllCall("Shlwapi.dll\StrSpn"
            ,"Str",sKey
            ,"Str","ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789") != StrLen(sKey) )
        Return ("Key has invalid characters")
    
    Mode := (Mode != "Encrypt" ? "Decrypt" : "Encrypt")
    VarSetCapacity(Hash, 48)
    pKey := &Hash,           nKey := 32
    pIni := pKey+nKey,       nIni := 16
    hKey := hAlg := hHash := nErr := 0
    
    hBcrypt := DllCall("Kernel32.dll\LoadLibrary", "Str","Bcrypt.dll", "Ptr"),   
    DllCall("Bcrypt.dll\BCryptOpenAlgorithmProvider", "PtrP",hAlg, "WStr","SHA256", "Ptr", 0, "Int",0)
    DllCall("Bcrypt.dll\BCryptCreateHash", "Ptr",hAlg, "PtrP",hHash, "Ptr",0, "Int",0, "Ptr",0, "Int",0, "Int",0)
    DllCall("Bcrypt.dll\BCryptHashData", "Ptr",hHash, "AStr",sKey, "Int",StrLen(sKey), "Int",0)
    DllCall("Bcrypt.dll\BCryptFinishHash", "Ptr",hHash, "Ptr",pKey, "Int",nKey, "Int",0)
    DllCall("Bcrypt.dll\BCryptDestroyHash", "Ptr",hHash)
    DllCall("Bcrypt.dll\BCryptCloseAlgorithmProvider", "Ptr",hAlg, "Int",0)
    DllCall("Shlwapi.dll\HashData", "Ptr",pKey, "Int",nKey, "Ptr",pIni, "Int",nIni)
    
    DllCall("Bcrypt.dll\BCryptOpenAlgorithmProvider", "PtrP",hAlg, "WStr","AES", "Ptr",0, "Int",0)
    DllCall("Bcrypt.dll\BCryptSetProperty", "Ptr",hAlg, "WStr","ChainingMode", "WStr","ChainingModeCBC", "Int",15, "Int",0)
    DllCall("Bcrypt.dll\BCryptGenerateSymmetricKey", "Ptr",hAlg, "PtrP",hKey, "Ptr",0, "Int",0, "Ptr",pKey, "Int",nKey, "Int",0)
    
    nBytes := 524288
    rBytes := (nBytes - (Mode="Encrypt"))
    wBytes := 0
    
    FileSrc := FileOpen(Src, "r -rwd")
    FileTrg := FileSrc ? FileOpen(Trg, "w -rwd") : 0
    FileSrc.Pos := 0
    VarSetCapacity(Bin, nBytes)
    
    If ( FileSrc.Length And FileTrg.__handle )
        Loop
        {   rBytes := FileSrc.RawRead(&Bin, rBytes)
            nErr   := DllCall("Bcrypt.dll\BCrypt" . Mode, "Ptr",hKey, "Ptr",&Bin, "Int",rBytes, "Ptr",0,"Ptr"
                                                  , pIni, "Int",nIni, "Ptr",&Bin, "Int",nBytes, "UIntP",wBytes, "Int",1, "UInt")
            wBytes := nErr? 0 : FileTrg.RawWrite(&Bin, wBytes)
        }   Until ( nErr Or FileSrc.AtEOF )
    
    FileSrc.Close()
    FileTrg.Close()
    DllCall("Bcrypt.dll\BCryptDestroyKey", "Ptr",hKey)
    DllCall("Bcrypt.dll\BCryptCloseAlgorithmProvider", "Ptr",hAlg, "Int", 0)
    DllCall("Kernel32.dll\FreeLibrary", "Ptr",hBCrypt)
Return ( nErr ? Format("Bcrypt error: 0x{:08X}", nErr) : wBytes=0 ? "File open Error" : 0 )
}

[SKAN]

@DoriTos_

[ozzii]

@DoriTos_
Nice, I thought about making one. You saved me some time
If I may, 2 dependent suggestions:
-Make it always on top
-And add a drop file possibility GuiDropFiles. Easier to add the file when the explorer is open.

Edit: Just test it and I add a delete of the decrypted file (size 0) if the decryption is failed.

[HiSoKa]

Hello @SKAN
Thanks for share it ,
For me as a newbie in Decrypt and its related issues,

I am wondering if this code reliable and difficult to crack for the average or newbie user?

[SKAN]

I am wondering if this code reliable and difficult to crack for the average or newbie user?

The code is reliable, it will take about 30 years for a super computer to break it, I guess.
But I'm not happy about the skey. If you give is a key like SKAN, it converts it
to a series of 48 numbers like:
87-63-253-141 ... 12-136-141
I don't like it. How can a 4 letter word become so big?

If one can collect the 48 numbers each between 1 and 255, from daily life (like a bus route number, sum of a phone number digits etc)
and manage to remember the numbers as well as the order or the series, then that would make things fantastic.

Let me know if anyone's interested. I will post a script that wouldn't require SHA256 for sKey hashing.

[HiSoKa]

I am wondering if this code reliable and difficult to crack for the average or newbie user?

The code is reliable, it will take about 30 years for a super computer to break it, I guess.
But I'm not happy about the skey. If you give is a key like SKAN, it converts it
to a series of 48 numbers like:
87-63-253-141 ... 12-136-141
I don't like it. How can a 4 letter word become so big?

If one can collect the 48 numbers each between 1 and 255, from daily life (like a bus route number, sum of a phone number digits etc)
and manage to remember the numbers as well as the order or the series, then that would make things fantastic.

Let me know if anyone's interested. I will post a script that wouldn't require SHA256 for sKey hashing.

Really cool, thank you

[SKAN]

@HiSoKa You may try this. The 48 numbers used are not computer generated and not random at all.
I don't think AI can predict something that is not random at all.
Of the 48 bytes, the first 256bits (32 bytes) is used for AES 256bit encryption and the remaining 128bits (16 bytes) are required by AES for
something called Initialization vector.
It is preferable that none of the bytes are zero.

Code: Select all

FileCryptLite(Mode, Src, Trg, D*) {                                      ; v0.55L By SKAN on D442/D443 @ tiny.cc/filecryptfile
Local
  VarSetCapacity(Hash, 48, 0), pKey := &Hash
  Loop 48
    pKey := NumPut( D[A_Index], pKey+0, "UChar")

  Mode := (Mode != "Encrypt" ? "Decrypt" : "Encrypt")
  pKey := &Hash,           nKey := 32
  pIni := pKey+nKey,       nIni := 16

  hKey := hAlg := nErr := 0
  hBcrypt := DllCall("Kernel32.dll\LoadLibrary", "Str","Bcrypt.dll", "Ptr")
  DllCall("Bcrypt.dll\BCryptOpenAlgorithmProvider", "PtrP",hAlg, "WStr","AES", "Ptr",0, "Int",0)
  DllCall("Bcrypt.dll\BCryptSetProperty", "Ptr",hAlg, "WStr","ChainingMode", "WStr","ChainingModeCBC", "Int",15, "Int",0)
  DllCall("Bcrypt.dll\BCryptGenerateSymmetricKey", "Ptr",hAlg, "PtrP",hKey, "Ptr",0, "Int",0, "Ptr",pKey, "Int",nKey, "Int",0)

  nBytes := 524288
  rBytes := (nBytes - (Mode="Encrypt"))
  wBytes := 0

  FileSrc := FileOpen(Src, "r -rwd")
  FileTrg := FileSrc ? FileOpen(Trg, "w -rwd") : 0
  FileSrc.Pos := 0
  VarSetCapacity(Bin, nBytes)

  If ( FileSrc.Length And FileTrg.__handle )
       Loop
       {  rBytes := FileSrc.RawRead(&Bin, rBytes)
          nErr   := DllCall("Bcrypt.dll\BCrypt" . Mode, "Ptr",hKey, "Ptr",&Bin, "Int",rBytes, "Ptr",0,"Ptr"
                                                , pIni, "Int",nIni, "Ptr",&Bin, "Int",nBytes, "UIntP",wBytes, "Int",1, "UInt")
          wBytes := nErr? 0 : FileTrg.RawWrite(&Bin, wBytes)
       }  Until ( nErr Or FileSrc.AtEOF )

  FileSrc.Close()
  FileTrg.Close()
  DllCall("Bcrypt.dll\BCryptDestroyKey", "Ptr",hKey)
  DllCall("Bcrypt.dll\BCryptCloseAlgorithmProvider", "Ptr",hAlg, "Int", 0)
  DllCall("Kernel32.dll\FreeLibrary", "Ptr",hBCrypt)
Return ( nErr ? Format("Bcrypt error: 0x{:08X}", nErr) : wBytes=0 ? "File open Error" : 0 )
}

#NoEnv
#Warn
#SingleInstance, Force
SetWorkingDir, %A_ScriptDir%
SetBatchLines, -1

Data := [173,218,009,175,209,081,155,225,014,034,167,218,173,218,005,079,099,138,012,165,014,108,022
,201,152,102,131,220,024,013,145,200,024,068,096,154,014,034,004,128,105,017,155,037,173,218,005,070]

Original  := A_AhkPath . "\..\license.txt"
Encrypted := "Encrypted.aes"
Decrypted := "Decrypted.txt"

FileCryptLite("encrypt", Original,  Encrypted, Data*)
FileCryptLite("decrypt", Encrypted, Decrypted, Data*)

MsgBox Done!

[HiSoKa]

Thank you again Skan ,I really appreciate your help,

I live in a place that does not respect privacy rights, so I am interested in this and I really need this thing badly.

When I writed a code that contents MsgBox, (for test only)
I tried to open the file has (.aes) extension , when i open it using windows notepad
it show to me:
¢ue"0F.شU–ي‰/#

Does this mean that code was successfully encrypted, and if I lost your code (which i used it to encrypting), did I lose my code (which i encrypted before)?
and I cannot open my code that I encrypted ..

Excuse me, maybe a little stupid question,
My experience is little when it comes down to it coding and Encryption and decryption mechanism.

[SKAN]

I tried to open the file has (.aes) extension , when i open it using windows notepad
it show to me:
¢ue"0F.شU–ي‰/#

Does this mean that code was successfully encrypted.

Yes. You may view both (encrypted.aes and decrypted.txt) in a hex viewer.
If you don't have one, view it online and compare the files. https://hexed.it/

, and if I lost your code (which i used it to encrypting), did I lose my code (which i encrypted before)?
and I cannot open my code that I encrypted ..

Why would you lose my code?. You could print it out and keep safely. My code usually wouldn't require more than one sheet of paper
Anyways.. the most important line in my code is nBytes := 524288 and that would affect only if your original file exceed 512KB.
Any programmer, can help you to decrypt your file as long as you remember
1) Your key
2) encoding was in AES 256 CBC

Okay. You got me thinking. I am using HashData() to create checksum for "Initialization vector" which is Microsoft proprietary function and nobody knows
the algorithm. I'll rewrite the function with known methods and proper documentation.

Thank you. Your concerns are valid ones.

[HiSoKa]

This is what I meant.
Is there a key that I must save it,
for example if I want to decrypt the file in another way, , or something like that?

nBytes := 524288

U mean this a digts above are it the key right ?


Correct to me if im wrong , In my case must i save both things:

1) Your key
2) encoding was in AES 256 CBC

Keys is nBytes := 524288


Of course I will keep your code,
but I prefer to be ready for all Situations

[SKAN]

This is what I meant.
Is there a key that I must save it,
for example if I want to decrypt the file in another way, , or something like that?

Ok. Let it make it clear. I don't want to give false hopes.
1) It is always best to decrypt the file with the same software that was used to encrypt.
2) You need to always have the copy of original file safe and away from the computer.

nBytes := 524288

U mean this a digts above are it the key right ?
[/quote]

I don't understand the question.
Okay let me explain more about 524288 bytes.
524288 bytes (512 KB) is the maximum file size that FileCryptFile() can encrypt/decrypt at a time.
If you give it a 5MB file it will encrypt data as 10 pages of 512 KB and write it to a single 5MB encrypted file.

To decrypt it from an another software, the software should be aware of this page size or the decryption will fail if the key is correct.

Correct to me if im wrong , In my case must i save both things:

1) Your key
2) encoding was in AES 256 CBC

Keys is nBytes := 524288

Yes, and also I should remove the hashdata() from my function. It was a bad idea, I realize only now.

[HiSoKa]

I don't understand the question.

U told me before "most important line in my code is nBytes := 524288" i thought that's the key ..

And now I get it , the key is nBytes := "524288"..

Thank you for explaining and kindness..

[ozzii]

So in your opinion SKAN, what's the best to use. Your LIte or your File script?
I don't really understand the difference (way above my pay grade).
I can remember the secret key SKAN (for example) but not 48 numbers with 3 digits....

[SKAN]

So in your opinion SKAN, what's the best to use. Your LIte or your File script?
I don't really understand the difference (way above my pay grade).
I can remember the secret key SKAN (for example) but not 48 numbers with 3 digits....

Don't worry. I'll merge the two scripts as one. Both methods will be allowed
But I'm going to rewrite the function. That hardcoded value nBytes := "524288" is annoying.
I will' write a proper header to the encrypted file and also document the file format.

[ozzii]

Thank you. I will wait for the new updated script and try to understand it