Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1658
  • Last Modified:

Decrypt via Crypto API

I am using the Crypto API definition from Project Jedi.  I can encrypt the file just fine, but going through the decrypt process I am having to do some work that I know is not correct, and need somebody to look at my decryption code, and tell me what I am doing wrong....   I will comment it in areas I think is needed.  I will also enclude my encryption procedure.


function TfrmMain.EnCrypt(cPassword: String): String;
var
 hProv      : HCRYPTPROV;

 hHash      : HCRYPTHASH;

 dwLength   : DWORD;
 Key        : String;

 hKey       : HCRYPTKEY;

 pbKeyBlob  : PByte;
 dwBlobLen  : Integer;
 str        : String;
 Password   : String;
begin
  if not Wcrypt2.CryptAcquireContext(@hProv, nil, nil, PROV_RSA_FULL, 0) then
   begin
    if GetLastError <> NTE_KEYSET_NOT_DEF then Exit;
    if not Wcrypt2.CryptAcquireContext(@hProv, nil, nil, PROV_RSA_FULL,
                                       CRYPT_NEWKEYSET) then Exit;
   end;

  if not Wcrypt2.CryptCreateHash(hProv, CALG_MD5, 0, 0, @hHash) then Exit;

  dwLength := Length(Key);
  if not Wcrypt2.CryptHashData(hHash, PByte(Key), dwLength, 0) then Exit;

  if not Wcrypt2.CryptDeriveKey(hProv, CALG_RC2, hHash, 0, @hKey) then Exit;

  // Now that are keys are generated, and stored, we can now crypt, FINALLY!

  Password := cPassword;

  dwBlobLen := Length(Password);

  Wcrypt2.CryptEncrypt(hKey, 0, True, 0, nil, @dwBlobLen, 0);

  dwLength := Length(Password);
  GetMem(pbKeyBlob, dwBlobLen);

  try
   Move(Password[1], pbKeyBlob^, dwLength);
   if not Wcrypt2.CryptEncrypt(hKey, 0, True, 0, pbKeyBlob, @dwLength,
                               dwBlobLen) then Exit;
   SetLength(Str, dwBlobLen);
   Move(pbKeyBlob^, Str[1], dwBlobLen);
  finally
   FreeMem(pbKeyBlob);
   Wcrypt2.CryptDestroyKey(hKey);
   Wcrypt2.CryptDestroyHash(hHash);
   Wcrypt2.CryptReleaseContext(hProv, 0);
   Result := Str;
  end;
end;

// Something that is not right is the L variable.  When I call this function, the L is the length of the original password, and you will see what I have to do with it later...
function TfrmMain.DeCrypt(CypherText: String; L: Integer): String;
var
 hProv      : HCRYPTPROV;

 hHash      : HCRYPTHASH;

 dwLength   : DWORD;
 Key        : String;

 hKey       : HCRYPTKEY;

 pbKeyBlob  : PByte;
 dwBlob     : String;
 dwBuffLen  : Integer;
 str        : String;
 Password   : String;
begin
  if not Wcrypt2.CryptAcquireContext(@hProv, nil, nil, PROV_RSA_FULL, 0) then
   begin
    if GetLastError <> NTE_KEYSET_NOT_DEF then Exit;
    if not Wcrypt2.CryptAcquireContext(@hProv, nil, nil, PROV_RSA_FULL,
                                       CRYPT_NEWKEYSET) then Exit;
   end;

  if not Wcrypt2.CryptCreateHash(hProv, CALG_MD5, 0, 0, @hHash) then Exit;

  dwLength := Length(Key);
  if not Wcrypt2.CryptHashData(hHash, PByte(Key), dwLength, 0) then Exit;

  if not Wcrypt2.CryptDeriveKey(hProv, CALG_RC2, hHash, 0, @hKey) then Exit;

  Wcrypt2.CryptDestroyHash(hHash); // Release the hash object.  Not needed anymore.

  Password := CypherText;
  dwBuffLen := Length(Password) * 10; // buffer was no big enough.  Must be a multiple of Length.
  dwBlob    := Password; // Set the blob to be decrypted.
  (* BOOL WINAPI CryptDecrypt(
                   HCRYPTKEY hKey,
                   HCRYPTHASH hHash,
                   BOOL Final,
                   DWORD dwFlags,
                   BYTE* pbData,
                   DWORD* pdwDataLen
  *)
  dwLength := Length(Password);
  GetMem(pbKeyBlob, dwBuffLen);  //using bloblen caused massive cpu spike
  try
   Move(Password[1], pbKeyBlob^, dwLength);
   Wcrypt2.CryptDecrypt(hKey, 0, True, 0, pbKeyBlob, @dwBuffLen); // Change BuffLen to Length
   //if not Wcrypt2.CryptDecrypt(hKey, 0, True, 0, @dwBuffLen, @dwBlobLen) then
    //Exit;
   SetLength(Str, dwBuffLen);
   Move(pbKeyBlob^, Str[1], (dwBuffLen));
   //Move(pbKeyBlob^, Str[1], dwBuffLen);
  finally
   FreeMem(pbKeyBlob);
   Wcrypt2.CryptDestroyKey(hKey);
   Wcrypt2.CryptReleaseContext(hProv, 0);
   // This is it right here.  I should not have to be calling this, or even doing this.  I know that this cannot be right.  Can anybody direct me in where I am wrong?  
   Str := Copy(Str, 1, L);
   Result := Str; // Hangs here.
  end;
end;


Cheers!
0
cjm30305
Asked:
cjm30305
1 Solution
 
LukA_YJKCommented:
Wow...
0
 
CleanupPingCommented:
cjm30305:
This old question needs to be finalized -- accept an answer, split points, or get a refund.  For information on your options, please click here-> http:/help/closing.jsp#1 
EXPERTS:
Post your closing recommendations!  No comment means you don't care.
0
 
kacorretiredCommented:
No comment has been added lately, so it's time to clean up this TA.
I will leave a recommendation in the Cleanup topic area for this question:
       PAQ and refund points            contains a lot of knowledge
Please leave any comments here within the next seven days.

PLEASE DO NOT ACCEPT THIS COMMENT AS AN ANSWER!

Some days and here is the Christmas Time. I wish good luck and good health for you all and for your loved ones

kacor
EE Cleanup Volunteer
0
 
moduloCommented:
PAQed, with points refunded (200)

modulo
Community Support Moderator
0

Featured Post

Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now