CryptoAPI

[Astro]

Hi,

Anyone here any experiennce with this?

Best regards,
Astro.

[drizz]

Hi,

Yes.

Best regards,
drizz.

[2-Bit Chip]

Hello,

Somewhat, yes.

Best regards,
Chip.



Fun.

[dedndave]

hi
well, i have seen the word "crypto", before
does that count ?
happy programming,
Dave

[Tedd]

Once is funny, don't drag the joke out ::)


A little more helpful..

Code Select Expand


.586
.model flat, stdcall
option casemap:none
include windows.inc
include kernel32.inc
includelib kernel32.lib
include user32.inc
includelib user32.lib
include advapi32.inc
includelib advapi32.lib

hashThis proto pTxt:DWORD,lenTxt:DWORD,pBuff:DWORD,lenBuff:DWORD

ALG_CLASS_HASH      equ 32768
ALG_TYPE_ANY        equ 0
ALG_SID_MD5         equ 3
ALG_SID_SHA         equ 4

PROV_RSA_FULL       equ 1
CALG_MD5 equ (ALG_CLASS_HASH or ALG_TYPE_ANY or ALG_SID_MD5)
CALG_SHA1 equ (ALG_CLASS_HASH or ALG_TYPE_ANY or ALG_SID_SHA)

CRYPT_USERDATA  equ 1

HP_HASHVAL      equ 2

HCRYPTPROV  typedef DWORD
HCRYPTHASH  typedef DWORD

.data
AppName     db "Crypt Hash",0
errAcq      db "Acquisition of context failed",0
errCreate   db "Error creating hash object",0
errHash     db "OMG! What now??",0

mykey       db "this is a key this is!!",0
;md5fmt      db "MD5 Hash = %08x%08x%08x%08x",0
shafmt      db "SHA1 Hash = %08x%08x%08x%08x%08x",0

.data?
buff        db 64 dup (?)
prbuff      db 64 dup (?)

.code
start:
    invoke hashThis, ADDR mykey,SIZEOF mykey-1,ADDR buff,SIZEOF buff
    .IF (eax)
        invoke wsprintf, ADDR prbuff,ADDR shafmt,dword ptr[buff+00h],dword ptr[buff+04h],dword ptr[buff+08h],dword ptr[buff+0Ch],dword ptr[buff+10h]
        invoke MessageBox, NULL,ADDR prbuff,ADDR mykey,MB_OK
    .ENDIF
    invoke ExitProcess, NULL

hashThis proc pTxt:DWORD,lenTxt:DWORD,pBuff:DWORD,lenBuff:DWORD
    LOCAL hCProv:HCRYPTPROV
    LOCAL hHash:HCRYPTHASH
    LOCAL hashlen:DWORD
    push ebx
    xor ebx,ebx
    invoke CryptAcquireContext, ADDR hCProv,NULL,NULL,PROV_RSA_FULL,0
    .IF (eax)
        invoke CryptCreateHash, hCProv,CALG_SHA1,0,0,ADDR hHash
        .IF (eax)
            invoke CryptHashData, hHash,pTxt,lenTxt,NULL
            .IF (eax)
                mov eax,lenBuff
                mov hashlen,eax
                invoke CryptGetHashParam, hHash,HP_HASHVAL,pBuff,ADDR hashlen,0
                mov ebx,TRUE
            .ELSE
                invoke MessageBox, NULL,ADDR errHash,ADDR AppName,MB_OK or MB_ICONERROR
            .ENDIF
            invoke CryptDestroyHash, hHash
        .ELSE
            invoke MessageBox, NULL,ADDR errCreate,ADDR AppName,MB_OK or MB_ICONERROR
        .ENDIF
        invoke CryptReleaseContext, hCProv,0
    .ELSE
        invoke MessageBox, NULL,ADDR errAcq,ADDR AppName,MB_OK or MB_ICONERROR
    .ENDIF
    mov eax,ebx
    pop ebx
    ret
hashThis endp

end start


[Astro]

Thanks Tedd!!

Seems I did understand this correctly then!

Perfect!  :U

@drizz, 2-bit chip, dedndave:  :cheekygreen:  I guess I was asking for those responses with such a short question and no follow-up!  :cheekygreen:  I really had lost it when I wrote that.  :red

Best regards,
Astro.

[dedndave]

blame drizz - he started it - lol
we just pickin on ya

[ecube]

I got the error "aquition of context failed" inside vmware under vista and windows 7, running as admin. Can someone on vista/windows 7 outside of vmware please test this on their machine? so I can narrow the problem, thanks.

*update I seemed to have found the fix with calling
invoke CryptAcquireContext, hProv,NULL,NULL,PROV_RSA_FULL,CRYPT_NEWKEYSET once

Code Select Expand


.586
.model flat, stdcall
option casemap:none
include windows.inc
include kernel32.inc
includelib kernel32.lib
include user32.inc
includelib user32.lib
include advapi32.inc
includelib advapi32.lib

hashThis proto pTxt:DWORD,lenTxt:DWORD,pBuff:DWORD,lenBuff:DWORD

ALG_CLASS_HASH      equ 32768
ALG_TYPE_ANY        equ 0
ALG_SID_MD5         equ 3
ALG_SID_SHA         equ 4

PROV_RSA_FULL       equ 1
CALG_MD5 equ (ALG_CLASS_HASH or ALG_TYPE_ANY or ALG_SID_MD5)
CALG_SHA1 equ (ALG_CLASS_HASH or ALG_TYPE_ANY or ALG_SID_SHA)

CRYPT_USERDATA  equ 1

HP_HASHVAL      equ 2

HCRYPTPROV  typedef DWORD
HCRYPTHASH  typedef DWORD
AquireContext proto :DWORD
.data
AppName     db "Crypt Hash",0
errAcq      db "Acquisition of context failed",0
errCreate   db "Error creating hash object",0
errHash     db "OMG! What now??",0

mykey       db "this is a key this is!!",0
;md5fmt      db "MD5 Hash = %08x%08x%08x%08x",0
shafmt      db "SHA1 Hash = %08x%08x%08x%08x%08x",0

.data?
buff        db 64 dup (?)
prbuff      db 64 dup (?)

.code
start:
    invoke hashThis, ADDR mykey,SIZEOF mykey-1,ADDR buff,SIZEOF buff
    .IF (eax)
        invoke wsprintf, ADDR prbuff,ADDR shafmt,dword ptr[buff+00h],dword ptr[buff+04h],dword ptr[buff+08h],dword ptr[buff+0Ch],dword ptr[buff+10h]
        invoke MessageBox, NULL,ADDR prbuff,ADDR mykey,MB_OK
    .ENDIF
    invoke ExitProcess, NULL
hashThis proc pTxt:DWORD,lenTxt:DWORD,pBuff:DWORD,lenBuff:DWORD
    LOCAL hCProv:HCRYPTPROV
    LOCAL hHash:HCRYPTHASH
    LOCAL hashlen:DWORD
    push ebx
    xor ebx,ebx
      invoke AquireContext,ADDR hCProv
    .IF (eax)
        invoke CryptCreateHash, hCProv,CALG_SHA1,0,0,ADDR hHash
        .IF (eax)
            invoke CryptHashData, hHash,pTxt,lenTxt,NULL
            .IF (eax)
                mov eax,lenBuff
                mov hashlen,eax
                invoke CryptGetHashParam, hHash,HP_HASHVAL,pBuff,ADDR hashlen,0
                mov ebx,TRUE
            .ELSE
                invoke MessageBox, NULL,ADDR errHash,ADDR AppName,MB_OK or MB_ICONERROR
            .ENDIF
            invoke CryptDestroyHash, hHash
        .ELSE
            invoke MessageBox, NULL,ADDR errCreate,ADDR AppName,MB_OK or MB_ICONERROR
        .ENDIF
        invoke CryptReleaseContext, hCProv,0
    .ELSE
        invoke MessageBox, NULL,ADDR errAcq,ADDR AppName,MB_OK or MB_ICONERROR
    .ENDIF
    mov eax,ebx
    pop ebx
    ret
hashThis endp

AquireContext proc hProv:DWORD
invoke CryptAcquireContext, hProv,NULL,NULL,PROV_RSA_FULL,0
.if (eax)
ret
.else
invoke GetLastError
.if sdword ptr eax==NTE_BAD_KEYSET
invoke CryptAcquireContext, hProv,NULL,NULL,PROV_RSA_FULL,CRYPT_NEWKEYSET
.endif
.endif
ret
AquireContext endp


that seems to fix the problem, but this is kinda disturbing as you'd it'd do this automatically if not found, can any of you guys familiar with crypto api comment on this? and is there anything else big that needs to be taken into account?

[Astro]

Hi,

invoke AquireContext,ADDR hCProv

That is the only part that looks wrong to me on closer inspection. I think it should be CryptAcquireContext (as you did in the additional proc).

Other major points of interest:

* ENSURE CryptGenRandom IS USED IF CREATING RANDOM NUMBERS FOR CRYPTO USE!

* If using an export version of Windows, then some CSPs are unavailable, and may generate an error if you attempt to invoke them. I have never seen an export version except for one screenshot someone posted, and that was relating to something else. TaskMan had (EXPORT) written next to lsass.exe.

lsass.exe (EXPORT)

Best regards,
Astro.

[ecube]

Hi,

invoke AquireContext,ADDR hCProv

That is the only part that looks wrong to me on closer inspection. I think it should be CryptAcquireContext (as you did in the additional proc).

Other major points of interest:

* ENSURE CryptGenRandom IS USED IF CREATING RANDOM NUMBERS FOR CRYPTO USE!

* If using an export version of Windows, then some CSPs are unavailable, and may generate an error if you attempt to invoke them. I have never seen an export version except for one screenshot someone posted, and that was relating to something else. TaskMan had (EXPORT) written next to lsass.exe.

lsass.exe (EXPORT)

Best regards,
Astro.

the additional proc calles cryptaquirecontext, if it fails  it creates a new key or watever, and it returns either way, fail or success, its correct i've already tested on 3 systems.

[Astro]

So you fixed it?

If not, I'll build and test here.

Best regards,
Astro.

[ecube]

as far as I can tell yes, that fixed the only problem I had with the source.

[Astro]

Great!  :thumbu

Best regards,
Astro.