This is a bit of a long shot but .....
I have an ancient 3 party dll that I am trying to replace with your activex components
It contains various hashing and encryption routines but I have no idea on their internal workings as I have no documentation.
I've successfully got an md5 hash working but am struggling with two functionms called DESEncryptString DESDecryptString which does not tell me much
If I call DESEncryptString three times with the following string "The quick brown fox jumps over the lazy dog 0123456789" and key "big secret" then I get the following results
As you can see they are very different but all will convert back into "The quick brown ..." using the decrypt
I've had a few goes with EncryptStringENC with different parameters but cant anything like this length of string back
They are all 128 characters long which might mean something ?
I'm no Alan Turing but can you tell anything about the above to be able to reproduce it ?
asked Sep 17 '13 at 09:45
Symmetric encryption algorithms such as AES, Blowfish, DES, RC2, etc. use binary keys of a particular length. The length of the key generally indicates the strength of the encryption. Therefore, if using 128-bit AES encryption, the key will be exactly 16 bytes. If you have a software API that uses an arbitrary length password string, then it must be that the string is transformed into a binary key of the length required. The 1st task is to understand the exact password string to binary secret key transformation algorithm that is used. Once you are assured of using the exact same key, you can continue to ensure that other encryption params are identical (cipher mode, IV, padding, etc.)
answered Sep 18 '13 at 08:48
Thanks very much for the reply I have downloaded PE Explorer and got it to disassemble the dll i'm trying to replace I know it's clutching at straws but i've attached a screen grab of a secion of the strings window As you will see it shows DES-EDE2 which looks like it's something being passed somewhere. Looking at your sample code I can't see EDE anywhere and looking on the web seems to suggest it's some form of triple DES 128-bit ??? It maybe a complete red herring but does this help ?? Thanks
answered Sep 19 '13 at 10:54
OK I seem to have found some C source code for the old function in our version control system and i've pasted in sections below.
The code uses the library http://www.cryptopp.com/
When we make the call to DFX_EncryptString (our function name) we pass "base64" along with the data and passphrase
I can see as part of the DefaultEncryptorWithMAC from the library it talks of a key length of 16 and uses a Mash function that does some complex stuff that in their words
Here is the function we export from the dll
Hopefully there is enough here to work out what we need to do to replicate it
And here is the default.cpp file from the library that contains DefaultEncryptorWithMAC and the Mash function etc
In the hope that this more succinct descripton towards the bottom of this code project page might help move things forward http://www.codeproject.com/Articles/21877/Applied-Crypto-Block-Ciphers
The text reads Encryptors with MACs Using a symmetric cipher with a MAC allows us to provide both confidentiality and integrity. Crypto++ provides us with DefaultEncryptorWithMAC and DefaultDecryptorWithMAC in default.h. From the typedefs provided in default.h, the Default[En/De]cryptorWithMAC class uses triple DES (class DES_EDE2) as the block cipher in CBC mode, and SHA as the hash. The class is straightforward to use (provided in Sample 11):
The only difference with the one i'm trying to emulate is it Base64 the result
Thanks in advance as always for any help
answered Oct 17 '13 at 07:41
In the hope I can help move this along i've done some more investigation and have now just tried the "sledgehammer" approach.
Talking an encrypted string like this
I've tried the following 40 combinations of
Having tried all 40 without luck is there any others I should be trying ?
I have managed to establish that the crypto++ libaray uses the seconds since 1/1/1970 and a cpu tickcount as part of the EncodedIV although as this is random I assume the absolute value is not critical to decryption as it can be deduced ?
Any assistance with this would be greatly appreciated
answered Oct 24 '13 at 06:22
OK futher to above i've modifed it to take the various properties so I can loop throu 11,000 or so combinations but stiull havent found the magic one
I'm starting with an encrypted string and a 29 character key in terms of what the user wants ass a 'password' That is all that is being provided to the Crypto++ decrypt function to get the right answer back but so far have not found a combinatoin that will decrypt it using your compontents
I know what i'm doing is not very scientific but there cant be that mant combinations of properties ?
I'd really like to get this knocked on the head
answered Oct 24 '13 at 08:29