Solved

Encrypting string through CryptAPI

Posted on 2006-10-25
3
280 Views
Last Modified: 2012-06-21
We are attempting to encrypt/decrypt a string through CryptoAPI functions passing a known string key

Encrypt
======
// Get handle to user default provider.
      if (CryptAcquireContext(&hProv, NULL, NULL, PROV_RSA_FULL, 0))      
      {
            // Create hash object.            
            if (CryptCreateHash(hProv, CALG_MD5, 0, 0, &hHash))            
            {
                  // Hash password string.                  
                  dwLength = sizeof(TCHAR)*_tcslen(szKey);
                  if (CryptHashData(hHash, (BYTE *)szKey, dwLength, 0))                  
                  {
                        // Create block cipher session key based on hash of the password.
                  if (CryptDeriveKey(hProv, CALG_RC4, hHash, CRYPT_EXPORTABLE, &hKey))                        {
                              // Determine number of bytes to encrypt at a time.
                              dwLength = sizeof(TCHAR)*_tcslen(szdata);      
                              bResult = CryptEncrypt(
                                          hKey,            // Key obtained earlier
                                          0,               // No hashing of data
                                          TRUE,            // Final or only buffer of data
                                          0,               // Must be zero
                                          NULL,            // No data yet, simply return size
                                          &dwLength,         // Size of data
                                          dwLength);         // Size of block

                              // Allocate memory.
                              BYTE *pbBuffer = (BYTE *)malloc(dwLength);                                    if (pbBuffer != NULL)                                                      {
                                    memcpy(pbBuffer, szdata, dwLength);                                          // Encrypt data
                        if (CryptEncrypt(hKey, 0, TRUE, 0, pbBuffer, &dwLength, dwLength))                         {
                              // return encrypted string
                              memcpy(szEncryptData, pbBuffer, dwLength);}
........      
                               CryptDestroyKey(hKey);  // Release provider handle.      
                        ......
                  CryptDestroyHash(hHash);
            ........
            CryptReleaseContext(hProv, 0);      


Decrypt
=====
if (CryptAcquireContext(&hProv, NULL, NULL, PROV_RSA_FULL, 0))            
      {
            // Create hash object.                  
            if (CryptCreateHash(hProv, CALG_MD5, 0, 0, &hHash))
            {                        
                  // Hash password string.
                  dwLength = sizeof(TCHAR)*_tcslen(szKey);
                  if (CryptHashData(hHash, (BYTE *)szKey, dwLength, 0))                                          {
                        // Create block cipher session key based on hash of the password.
            if (CryptDeriveKey(hProv, MY_ENCRYPT, hHash, CRYPT_EXPORTABLE, &hKey))                                                {
                              // we know the encrypted data  and the lengt
                        dwLength = sizeof(TCHAR)*_tcslen(szEncryptdata);      
                         _tcscpy(szdataTemp,szEncryptdata);
                  if (!CryptDecrypt(hKey, 0, TRUE, 0, (BYTE *)szdataTemp, &dwLength))
                                    bResult = FALSE;      

                              ......
                              CryptDestroyKey(hKey);  // Release provider handle.                                    _tcscpy(szdata,szdataTemp);
                        }                              
                        .....
            .....
            CryptReleaseContext(hProv, 0);      


A string of 497 bytes gets compressed to 426 bytes on encryption;But while decrypting the length of the original string retrieved is 426 only - and we get just that much of the original string back!!!!!
I am a novice in cryptology and need help in gettign out of this.
0
Comment
Question by:ranadhir
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
3 Comments
 
LVL 39

Accepted Solution

by:
itsmeandnobodyelse earned 125 total points
ID: 17804319
MSDN says:
------------------------------------------------------------
As a rule, if a stream cipher is used the ciphertext will be the same size as the plaintext. If a block cipher is used, the ciphertext will be up to a "block length" larger than the plaintext.
------------------------------------------------------------

That means that the error already occured when encrypting.

>>>> if (CryptEncrypt(hKey, 0, TRUE, 0, pbBuffer, &dwLength, dwLength))

Here that call might be wrong: you use dwLength both for a in/out argument and a further in argument. CryptEncrpyt function might go wrong because it uses two variables which have the same storage.

MSDN:
------------------------------------------------------------
pcbData
The address of the data length. Before calling this function, the caller should set this parameter to the number of bytes to be encrypted. Upon return, this address will contain the number of bytes of encrypted data.
If the buffer specified by pbData is not large enough to hold the data, the function returns the ERROR_MORE_DATA error code (through GetLastError) and stores the required buffer size, in bytes, into the variable pointed to by pcbData.

If pbData is NULL, then no error is returned, and the function stores the size of the data, in bytes, in the variable pointed to be pcbData. This lets an application determine the correct buffer size unambiguously.

When a block cipher is used, this data length must be a multiple of the block size, unless this is the final section of data to be encrypted and the Final flag is TRUE.

cbBuffer
The number of bytes in the pbData buffer.
Note that, depending on the algorithm used, the encrypted text can be slightly larger than the original plaintext. In this case, the pbData buffer needs to be sized accordingly.

As a rule, if a stream cipher is used the ciphertext will be the same size as the plaintext. If a block cipher is used, the ciphertext will be up to a "block length" larger than the plaintext.
-----------------------------------------------------------------------

That means, you should call CryptEncrpyt two times, first with a buffer == NULL and *pcbData == number of encrypted bytes (dwLength). Use a different variable for pcbData and for cbBuffer. Then CryptEncrypt will return TRUE and filled the  pcbData argument with the number of bytes required for output. Allocate an appropriate buffer and call CryptEncrypt with pcbData unchanged (== size of the new buffer)  and use the dwLength for the following argument which is the number of bytes to encrypt.

Regards, Alex




0

Featured Post

Announcing the Most Valuable Experts of 2016

MVEs are more concerned with the satisfaction of those they help than with the considerable points they can earn. They are the types of people you feel privileged to call colleagues. Join us in honoring this amazing group of Experts.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Often, when implementing a feature, you won't know how certain events should be handled at the point where they occur and you'd rather defer to the user of your function or class. For example, a XML parser will extract a tag from the source code, wh…
Introduction This article is the first in a series of articles about the C/C++ Visual Studio Express debugger.  It provides a quick start guide in using the debugger. Part 2 focuses on additional topics in breakpoints.  Lastly, Part 3 focuses on th…
The goal of the video will be to teach the user the concept of local variables and scope. An example of a locally defined variable will be given as well as an explanation of what scope is in C++. The local variable and concept of scope will be relat…
The viewer will learn how to clear a vector as well as how to detect empty vectors in C++.

726 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question