Announcement

Collapse
No announcement yet.

MSN contact grabber for Powerbasic - Still need help.

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • Elias Montoya
    replied
    Thats a very good idea paul, i think ill do it.

    Leave a comment:


  • Paul Franks
    replied
    Elias,

    I'm not really up to speed on crypto, mostly just use SSL by using the https protocol. Your DES3 function looks OK, but you may want to ask about it in a more active forum, like the Programming forum.

    Leave a comment:


  • Elias Montoya
    replied
    I ported this DES3 functions from Purebasic to PowerBasic.... Can i use it for my purpose? :coffee2:lease::afraid::lam:


    Code:
    #INCLUDE "WINCRYPT.INC"
    
    %PROV_RSA_FULL   = 1
    %ALG_SID_MD5     = 3
    %ALG_SID_RC4     = 1
    %ALG_SID_RC5     = 13
    %ALG_CLASS_DATA_ENCRYPT = 24576
    
    %ALG_CLASS_HASH  = 32768
    %ALG_TYPE_ANY    = 0
    %ALG_TYPE_STREAM = 2048
    %CALG_MD5        = %ALG_CLASS_HASH OR %ALG_TYPE_ANY OR %ALG_SID_MD5
    %ALG_TYPE_BLOCK  = 1536
    %CRYPT_OAEP      = 64
    %CALG_RC4          = %ALG_CLASS_DATA_ENCRYPT OR %ALG_TYPE_STREAM OR %ALG_SID_RC4
    %CALG_RC5          = %ALG_CLASS_DATA_ENCRYPT OR %ALG_TYPE_BLOCK OR %ALG_SID_RC5
    %CRYPT_CREATE_SALT = 4
    %CRYPT_EXPORTABLE  = 1
    %CRYPT_NEWKEYSET   = 8
    $MS_DEF_PROV = "Microsoft Base Cryptographic Provider v1.0"
    %ALG_SID_3DES = 3
    %CALG_3DES = %ALG_CLASS_DATA_ENCRYPT OR %ALG_TYPE_BLOCK OR %ALG_SID_3DES
    $MS_ENHANCED_PROV = "Microsoft Enhanced Cryptographic Provider v1.0"
    
    
    '=========================================================================================================
    FUNCTION DES3_Encrypt(StringToEncrypt AS STRING, Key AS STRING) AS STRING
    
      LOCAL Buffer AS ASCIIZ * 1024
      LOCAL myKey  AS ASCIIZ * 1024
      LOCAL myIV   AS ASCIIZ * 1024
      LOCAL hProv AS LONG
      LOCAL hhash AS LONG
      LOCAL hKey  AS LONG
      LOCAL DataLength AS LONG
    
      DataLength = LEN(StringToEncrypt)
    
      Buffer = StringToEncrypt
      myKey  = Key
      myIV   = IV
    
      IF ISFALSE(CryptAcquireContext(hProv, BYVAL %NULL, TRIM$($MS_ENHANCED_PROV & CHR$(0)), %PROV_RSA_FULL, 0)) THEN
       CryptAcquireContext(hProv, BYVAL %NULL, TRIM$($MS_ENHANCED_PROV & CHR$(0)), %PROV_RSA_FULL, %CRYPT_NEWKEYSET)
      END IF
    
      IF hProv THEN
        CALL CryptCreateHash(hProv, %CALG_MD5, 0, 0, hHash)
        IF hHash THEN
          CryptHashData(hHash, BYVAL VARPTR(myKey), LEN(Key), 0)
          CryptDeriveKey(hProv, %CALG_3DES, hHash, %CRYPT_EXPORTABLE, hKey)
          IF hKey THEN
            IF CryptEncrypt(hKey, 0, 1, 0, BYVAL VARPTR(Buffer), DataLength, (LEN(StringToEncrypt)+200)) THEN
            END IF
            CryptDestroyKey(hKey)
          END IF
          CryptDestroyHash(hHash)
        END IF
        CryptReleaseContext(hProv, 0)
      END IF
    
      FUNCTION = EncodeStr64(LTRIM$(Buffer))
    
    END FUNCTION
    
    
    FUNCTION DES3_Decrypt(StringToDecrypt AS STRING, Key AS STRING) AS STRING
    
      LOCAL hProv AS LONG
      LOCAL hhash AS LONG
      LOCAL hKey  AS LONG
      LOCAL DataLength AS LONG
    
      LOCAL Result AS STRING
      LOCAL Buffer AS ASCIIZ * 1024
      LOCAL myKey  AS ASCIIZ * 1024
    
      'SetLastError 0
    
      Buffer     = Decodestr64(StringToDecrypt)
      myKey      = Key
      DataLength = LEN(Buffer)
    
      IF ISFALSE(CryptAcquireContext(hProv, BYVAL %Null, TRIM$($MS_ENHANCED_PROV & CHR$(0)), %PROV_RSA_FULL, 0)) THEN
        CryptAcquireContext(hProv, BYVAL %Null, TRIM$($MS_ENHANCED_PROV & CHR$(0)), %PROV_RSA_FULL, %CRYPT_NEWKEYSET)
      END IF
    
      IF hProv THEN
        CryptCreateHash(hProv, %CALG_MD5, 0, 0, hHash)
        IF hHash THEN
          CryptHashData(hHash, BYVAL VARPTR(myKey), LEN(Key), 0)
          CryptDeriveKey(hProv, %CALG_3DES, hHash, %CRYPT_EXPORTABLE, hKey)
          IF hKey THEN
            IF CryptDecrypt(hKey, 0, %True, 0, BYVAL VARPTR(Buffer), DataLength) THEN
              Result = PEEK$(VARPTR(Buffer), DataLength)
            END IF
            CryptDestroyKey(hKey)
          END IF
          CryptDestroyHash(hHash)
        END IF
        CryptReleaseContext(hProv, 0)
      END IF
    
      FUNCTION = Result
    
    END FUNCTION

    Leave a comment:


  • Elias Montoya
    replied
    Hello Paul,

    Thanx for enduring me all this days of questions.
    Please check this:

    http://www.powerbasic.com/support/pb...ack+encryption


    Maybe i can use that to encrypt as DES3?

    Leave a comment:


  • Elias Montoya
    replied
    Originally posted by Paul Franks View Post
    Elias,

    All of those examples are importing crypto classes or libraries, where the real work is done.
    Hmm... that could be bad, since i need this to be a PB CGI, i cant use any
    classes or tools that are not installed in my server...

    Leave a comment:


  • Paul Franks
    replied
    Elias,

    All of those examples are importing crypto classes or libraries, where the real work is done.

    M$ had a very nice digital signature object in MSXML5, but only in the M$ Office version, and they removed it in version 6.

    There's also the old Windows crypto API, which probably doesn't support newer algorithyms, and its replacement is .NET only.

    You might have a look here:

    http://www.planet-source-code.com/vb...50290&lngWId=1

    There's also OpenSSL, which the "C" example you posted is using.
    Last edited by Paul Franks; 15 Feb 2008, 11:19 AM.

    Leave a comment:


  • MSN contact grabber for Powerbasic - Still need help.

    Well I have almost everything working. But i cant still figure
    how this part (The REMarked one) is translated into PowerBASIC:

    Code:
    FUNCTION Derive_key(Key AS STRING, Magic AS STRING) AS STRING
      LOCAL hash1, hash2, hash3, hash4 AS STRING
      hash1 = HMac_Sha1(Key, Magic)
      hash2 = HMac_Sha1(Key, Hash1 & Magic)
      hash3 = HMac_Sha1(Key, hash1)
      hash4 = HMac_Sha1(Key, Hash3 & Magic)
      FUNCTION = Hash2 & MID$(Hash4, 1, 4)
    END FUNCTION
    
    FUNCTION MBI_Encrypt(Key AS STRING, nonce AS STRING) AS STRING
    
            LOCAL key1, key2, key3, IV, hHash, Gg AS STRING
    
            key1 = DecodeStr64(key)
    
            key2 = derive_key(key1, "WS-SecureConversationSESSION KEY HASH")
            key3 = derive_key(key1, "WS-SecureConversationSESSION KEY ENCRYPTION")
    
    
            hHash = HMac_Sha1(Key2, nonce)
    
            RANDOMIZE TIMER
            IV = "aT7gJlKz"
    
    '        alg3 = TripleDESCryptoServiceProvider.Create
    '        alg3.Key = Encoding.Default.GetBytes(key3)
    '        alg3.Mode = CipherMode.CBC
    '        alg3.IV = iv
    '        akm = alg3.CreateEncryptor
    
            Gg = (nonce & CHR$(8,8,8,8,8,8,8,8))
           
            FUNCTION = EncodeStr64(MKDWD$(28) & MKDWD$(1) & MKDWD$(26115) & MKDWD$(32772) & MKDWD$(8) & MKDWD$(LEN(hHash)) & MKDWD$(LEN(Gg)) & IV & hHash & Gg)
            
    END FUNCTION
    I have received lots of help already, but If someone can help me ill appreciate it very much. The part that is not translated is REMarked.

    Here is a reference in PYTON:
    http://www.openrce.org/blog/view/449...ion_scheme_REd

    Here is snippet in Java:
    Code:
              //generate key's
              byte key1[] = Base64Coder.decode(secret);
              byte key2[] = derive_key(key1, "WS-SecureConversationSESSION KEY HASH".getBytes());
              byte key3[] = derive_key(key1, "WS-SecureConversationSESSION KEY ENCRYPTION".getBytes());
    
              //create hash
              byte hash[] = HMAC(key2, nonce.getBytes());
    
              //add 8 bytes to the nonce
              byte nonceFillup[] = new byte[8];
              for(int i = 0; i < 8; i++){
                nonceFillup[i] = 0x08;
              }
    
              //create des3 thingy
              byte des[] = DES3(key3, byteCombine(nonce.getBytes(),nonceFillup), iv);
    
              //fill struct
              byte struct[] = byteCombine(byteCombine(byteCombine(start, iv ), hash ), des);
    
              //return stuff
              return ticket +" "+ new String(Base64Coder.encode(struct));
    Same code in C For Linux:
    http://www.eroster.cn/article/article_50.html

    And here is a reference in VB .NET (I think):
    http://72.14.205.104/search?q=cache:...lnk&cd=3&gl=mx



    More Info Here:
    http://forums.fanatic.net.nz/index.p...r&f=91&t=18479

    All the rest of the code is already working, and i will make it available
    when finished.

    I dont know what commands like "TripleDESCryptoServiceProvider" do, Ill investigate it.

    Feel free to help in any possible way, i will appreciate it very much.
    Last edited by Elias Montoya; 15 Feb 2008, 09:58 AM.
Working...
X