• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 651
  • Last Modified:

How to put the CryptDecrypt output into a string

Hey,
I'm using this code:
int decryptpwd(TCHAR *pwd) {
    HCRYPTPROV  phProv;
    HCRYPTHASH  phHash;
    HCRYPTKEY   phKey;
    DWORD       pwdlen;
    int         i;
pwdlen = strlen(pwd);

    if(!CryptAcquireContext(&phProv, NULL, MS_ENHANCED_PROV, PROV_RSA_FULL, CRYPT_VERIFYCONTEXT)) return(-1);
    if(!CryptCreateHash(phProv, CALG_MD5, 0, 0, &phHash)) return(-1);
    if(!CryptHashData(phHash,  (BYTE*)L"MyKey", 16, 0)) return(-1);
    if(!CryptDeriveKey(phProv, CALG_RC4, phHash, 0x00800000, &phKey)) return(-1);
    if(!CryptDecrypt(phKey, 0, 1, 0, (BYTE*)pwd, &pwdlen)) return(-1);
    CryptDestroyKey(phKey);
    CryptDestroyHash(phHash);
    CryptReleaseContext(phProv, 0);
    return(0);
}

	int main()
{
		TCHAR pass[] = "D622C42F857CE95A3ADB8F4E3596";		
		decryptpwd(pass);
         size_t dwSize = strlen(pass);
		char* pChrRetVal = (char*)malloc(dwSize + 1);
               wprintf(L "- password: %s\n", (BYTE *)pass); ///WORKS! DISPLAYS FULL DECRYPTED PW
		wsprintf(pChrRetVal, "- password: %s\n", (BYTE *)pass); //DISPLAYS ONLY FIRST CHAR OF DECRYPTED PW
		cout << pChrRetVal;
  exit(0);
		
}

Open in new window


So I need to know how I can take the output of CryptDecrypt() and use the decrypted pass in a char buffer. As you can see I try to put the contents of (BYTE*)pass into a char buffer but it only displays the first character of the decrypted password.


Thanks!
0
JoeD77
Asked:
JoeD77
  • 3
2 Solutions
 
jkrCommented:
The password is UNICODE, so just use 'wcout' instead of 'cout', e.g.
wcout << pChrRetVal;

Open in new window

0
 
jkrCommented:
Or, to do that in the 'tchar.h' manner, try
#ifdef UNICODE
#define tcout wcout
#else
#define tcout cout
#endif

//...

		tout << pChrRetVal;

Open in new window

0
 
jkrCommented:
A few more observations - you are using ANSI CRT calls where there is a good chance that UNICODE will be needed, e.g.

pwdlen = strlen(pwd);

Better make that consistent, e.g.
#ifdef UNICODE
#define tcout wcout
#else
#define tcout cout
#endif

//...

int decryptpwd(TCHAR *pwd) {
    HCRYPTPROV  phProv;
    HCRYPTHASH  phHash;
    HCRYPTKEY   phKey;
    DWORD       pwdlen;
    int         i;
pwdlen = _tcstrlen(pwd); // <---

    if(!CryptAcquireContext(&phProv, NULL, MS_ENHANCED_PROV, PROV_RSA_FULL, CRYPT_VERIFYCONTEXT)) return(-1);
    if(!CryptCreateHash(phProv, CALG_MD5, 0, 0, &phHash)) return(-1);
    if(!CryptHashData(phHash,  (BYTE*)_T("MyKey"), 16, 0)) // <-- not just 'L'
return(-1);
    if(!CryptDeriveKey(phProv, CALG_RC4, phHash, 0x00800000, &phKey)) return(-1);
    if(!CryptDecrypt(phKey, 0, 1, 0, (BYTE*)pwd, &pwdlen)) return(-1);
    CryptDestroyKey(phKey);
    CryptDestroyHash(phHash);
    CryptReleaseContext(phProv, 0);
    return(0);
}

	int main()
{
		TCHAR pass[] = _T("D622C42F857CE95A3ADB8F4E3596";		); //  <----
		decryptpwd(pass);
         size_t dwSize = _tcslen(pass); // <-----
		TCHAR* pChrRetVal = (char*)malloc((dwSize + 1) * sizeof(TCHAR)); // <------
               wprintf(L "- password: %s\n", (BYTE *)pass); ///WORKS! DISPLAYS FULL DECRYPTED PW
		_stprintf(pChrRetVal, _T("- password: %s\n"), (BYTE *)pass); //DISPLAYS ONLY FIRST CHAR OF DECRYPTED PW
		tcout << pChrRetVal;
  exit(0);
		
}

Open in new window

0
 
sarabandeCommented:
if the TCHAR is wide char wchar_t  the statements

         TCHAR pass[] = "D622C42F857CE95A3ADB8F4E3596";            
         size_t dwSize = strlen(pass);

should not compile cause the first wouldn't take a right-hand char array and the second wouldn't accept 'pass' as argument of strlen cause that requires a const char *.

so i assume the  decryptpwd also returns single bytes but because the output contains binary zeros you neither can do a strlen which doesn't expect zero or non-printable chars in the middle of a string nor can output it using cout where it is the same problem.

you can check whether i am right by printing sizeof(TCHAR) what is either 1 (for multibyte character) or 2 (for unicode character).

if i am right (or even if i am not) you should (could) do

   
for (int i = 0; i < (int)sizeof(pass)/sizeof(pass[0]); i++)
        std::cout << std::hex << std::setw(sizeof(pass[0])*2) << std::setfill('0') << (unsigned int)pass[i];

Open in new window


what prints the encoded password as hex string.

Sara

p.s. the output manipulators require include file <iomanip>

0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Cloud Class® Course: CompTIA Healthcare IT Tech

This course will help prep you to earn the CompTIA Healthcare IT Technician certification showing that you have the knowledge and skills needed to succeed in installing, managing, and troubleshooting IT systems in medical and clinical settings.

  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now