headers
Richard Calosso | 2 Aug 2006 04:55
Picon
Favicon

MS .NET <-> Cryptopp

I am new to cryptopp so sorry if this is a rehash.

 

I have an application that encrypts data using CBC and the RijndaelManaged encryption class in c# 1.1.

 

I am looking for any tips/gotchas with trying to exchange encrypted data.

 

 

 

Permalink | Reply | 0 comments |
headers
Nate | 3 Aug 2006 08:54
Favicon

replacing WinCryptoAPI in shareware protection scheme

An article (linked below) on codeproject.com shows how to encrypt a code 
segment. When a valid license exists, the code segment is decrypted and 
patched in memory. This allows shareware features to be disabled until a 
valid license exists. I like this a lot, but I am less than excited that 
it uses the Windows Cryptographic API.

Would anyone be interested in helping me replace the Windows CryptoAPI 
with Crypto++? I have a feeling it would be very straightforward for 
someone familiar with these APIs.

Here is the article...
http://codeproject.com/library/ssdsdk.asp

Here is my version of the source (includes rebasing and some essential 
bug fixes)...
http://n4te.com/dev/misc/ssdsdk-refined.zip

Thank you much for any help or direction you can provide.

-Nate

P.S.
Hoping to keep this thread on track, yes, I realize this is not a 
perfect solution. Someone with a valid key could patch the decryptor so 
it patches the segment on disk rather than in memory. However, this 
protection scheme is easy to implement, yet a reasonable amount of work 
for a cracker to break. Also it *requires* a valid key to crack.
Permalink | Reply | 1 comment |
headers
johnny cypherpunk | 6 Aug 2006 19:44
Picon
Favicon

ECC patents?

Hi,

   I'm concerned about ECC patents.  I read that there are claims that point 
compression is patented.  Has anyone ever used it in a commercial or 
open-source software package and gotten a C&D letter from a lawyer?
   Has anyone ever gotten in trouble for using the ECDSA implementation in 
crypto++?

   Thanks!
   - JCP

_________________________________________________________________
Express yourself instantly with MSN Messenger! Download today - it's FREE! 
http://messenger.msn.click-url.com/go/onm00200471ave/direct/01/
Permalink | Reply | 1 comment |
headers
anthony.abate | 8 Aug 2006 17:11
Picon

VS 2005 + Crypto

Im wondering if VS 2005 will be officially support by crypto++ any time soon.

Since it currently is not, I have 4 options from what i can tell to
try to get it to work with vs 2005.

1. CVS head
2. The zip file from http://www.ibiblio.org/weidai/cryptopp_20060419.zip
3. 5.2.3 on sourceforge and not listed on the home page.
4. 5.2.1 mentioned on the the homepage.

I am confused as to which i should be using to get the most successful
results.  I am somewhat weary of using cvs head or some zip file since
i wonder of the stability.

Thanks
Anthony
Permalink | Reply | 1 comment |
headers
Richard Calosso | 8 Aug 2006 18:29
Picon
Favicon

RE: VS 2005 + Crypto

So far I have not had any problems with using 5.2.3 with VS2005.

I have a c++ program using cyptopp in static link library format exchanging
AES data with a .NET 2.0/1.1 c# set of programs.

I have not tested any of the other functionality yet, but it all compiled
without a hitch, (aside from deprecated/security warnings).

-----Original Message-----
From: anthony.abate <at> gmail.com [mailto:anthony.abate <at> gmail.com] 
Sent: Tuesday, August 08, 2006 8:11 AM
To: cryptopp-list <at> eskimo.com
Subject: VS 2005 + Crypto

Im wondering if VS 2005 will be officially support by crypto++ any time
soon.

Since it currently is not, I have 4 options from what i can tell to
try to get it to work with vs 2005.

1. CVS head
2. The zip file from http://www.ibiblio.org/weidai/cryptopp_20060419.zip
3. 5.2.3 on sourceforge and not listed on the home page.
4. 5.2.1 mentioned on the the homepage.

I am confused as to which i should be using to get the most successful
results.  I am somewhat weary of using cvs head or some zip file since
i wonder of the stability.

Thanks
Anthony
Permalink | Reply | 0 comments |
headers
Søren Dreijer | 8 Aug 2006 18:35
Picon
Favicon

RE: VS 2005 + Crypto

Yeah, it compiles but some parts of the library fail during run-time:
http://www.mail-archive.com/cryptopp-list <at> eskimo.com/msg02728.html
(make sure you read the entire thread)

I have yet to hear back from the library's developers on the matter...

- Soren
 

> From: rcalosso <at> yahoo.com
> To: cryptopp-list <at> eskimo.com
> Subject: RE: VS 2005 + Crypto
> Date: Tue, 8 Aug 2006 09:29:46 -0700
>
> So far I have not had any problems with using 5.2.3 with VS2005.
>
> I have a c++ program using cyptopp in static link library format exchanging
> AES data with a .NET 2.0/1.1 c# set of programs.
>
> I have not tested any of the other functionality yet, but it all compiled
> without a hitch, (aside from deprecated/security warnings).
>
>
>
> -----Original Message-----
> From: anthony.abate <at> gmail.com [mailto:anthony.abate <at> gmail.com] 
> Sent: Tuesday, August 08, 2006 8:11 AM
> To: cryptopp-list <at> eskimo.com
> Subject: VS 2005 + Crypto
>
> Im wondering if VS 2005 will be officially support by crypto++ any time
> soon.
>
> Since it currently is not, I have 4 options from what i can tell to
> try to get it to work with vs 2005.
>
> 1. CVS head
> 2. The zip file from http://www.ibiblio.org/weidai/cryptopp_20060419.zip
> 3. 5.2.3 on sourceforge and not listed on the home page.
> 4. 5.2.1 mentioned on the the homepage.
>
>
> I am confused as to which i should be using to get the most successful
> results.  I am somewhat weary of using cvs head or some zip file since
> i wonder of the stability.
>
> Thanks
> Anthony
>
>
>


Be one of the first to try Windows Live Mail.
Permalink | Reply | 501 comments |
headers
Nate | 8 Aug 2006 21:28
Favicon

Re: replacing WinCryptoAPI in shareware protection scheme

Hi,

I see no one has been interested yet. Just in case someone is willing to 
help me port the Window CryptoAPI to Crypto++, I have done my best to 
simplify the code that needs to be converted into the below.

Thanks!
-Nate

#define KEY_LENGTH 0x00800000
#define PROVIDER MS_ENHANCED_PROV

// acquire context "hProv"
if(!CryptAcquireContext(&hProv, CONTAINER_NAME, PROVIDER, PROV_RSA_FULL, 0))
    if(!CryptAcquireContext(&hProv, CONTAINER_NAME, PROVIDER, 
PROV_RSA_FULL, CRYPT_NEWKEYSET))
        throw "Unable to acquire/create encryption context";

// get handle "hPrivateKey" from new random private key
CryptGenKey(hProv, CALG_RC4, KEY_LENGTH|CRYPT_EXPORTABLE, &hPrivateKey);

// write private key to "lpPrivateKeyBuffer"
CryptExportKey(hPrivateKey, 0, OPAQUEKEYBLOB, 0, lpPrivateKeyBuffer, 
&nSize);

// get handle "hPrivateKey" from existing private key "lpPrivateKeyBuffer"
CryptImportKey(hProv, lpPrivateKeyBuffer, nSize, 0, CRYPT_EXPORTABLE, 
&hPrivateKey);

// encrypt buffer "lpData" with private key
CryptEncrypt(hPrivateKey, 0, TRUE, 0, lpData, &nSize, nSize);

// get handle "hPublicKey" from existing public key "lpPublicKeyBuffer"
CryptImportKey(hProv, lpPublicKeyBuffer, nSize, NULL, 0, &hPublicKey)

// create license key in "lpLicenseKeyBuffer" using private and public key
CryptExportKey(hPrivateKey, hPublicKey, SIMPLEBLOB, 0, 
lpLicenseKeyBuffer, &nSize);

// release key and context
CryptDestroyKey(hPrivateKey);
CryptReleaseContext(hProv, 0);
CryptAcquireContext(&hProv, CONTAINER_NAME, PROVIDER, PROV_RSA_FULL, 
CRYPT_DELETEKEYSET);

Nate wrote:
> An article (linked below) on codeproject.com shows how to encrypt a 
> code segment. When a valid license exists, the code segment is 
> decrypted and patched in memory. This allows shareware features to be 
> disabled until a valid license exists. I like this a lot, but I am 
> less than excited that it uses the Windows Cryptographic API.
>
> Would anyone be interested in helping me replace the Windows CryptoAPI 
> with Crypto++? I have a feeling it would be very straightforward for 
> someone familiar with these APIs.
>
> Here is the article...
> http://codeproject.com/library/ssdsdk.asp
>
> Here is my version of the source (includes rebasing and some essential 
> bug fixes)...
> http://n4te.com/dev/misc/ssdsdk-refined.zip
>
> Thank you much for any help or direction you can provide.
>
> -Nate
>
>
> P.S.
> Hoping to keep this thread on track, yes, I realize this is not a 
> perfect solution. Someone with a valid key could patch the decryptor 
> so it patches the segment on disk rather than in memory. However, this 
> protection scheme is easy to implement, yet a reasonable amount of 
> work for a cracker to break. Also it *requires* a valid key to crack.
>
Permalink | Reply | 0 comments |
headers
anthony.abate | 8 Aug 2006 21:25
Picon

Re: VS 2005 + Crypto

I assume the next release will support vs2005, because the .sln in cvs
is already updated.

Is there any official word on when that release will happen or the
stability of the cvs head?

It would be a good idea to keep a vs2003 .sln there just so users
could pick between any version of visual studio.

On 8/8/06, Søren Dreijer <halloko <at> hotmail.com> wrote:
>
> Yeah, it compiles but some parts of the library fail during run-time:
> http://www.mail-archive.com/cryptopp-list <at> eskimo.com/msg02728.html
>  (make sure you read the entire thread)
>
>  I have yet to hear back from the library's developers on the matter...
>
> - Soren
>
>  ________________________________
>
>  > From: rcalosso <at> yahoo.com
> > To: cryptopp-list <at> eskimo.com
> > Subject: RE: VS 2005 + Crypto
> > Date: Tue, 8 Aug 2006 09:29:46 -0700
> >
> > So far I have not had any problems with using 5.2.3 with
> VS2005.
> >
> > I have a c++ program using cyptopp in static
> link library format exchanging
> > AES data with a .NET 2.0/1.1 c# set of programs.
> >
> > I have not tested any of the other functionality yet,
> but it all compiled
> > without a hitch, (aside from deprecated/security
> warnings).
> >
> >
> >
> > -----Original Message-----
> > From: anthony.abate <at> gmail.com [mailto:anthony.abate <at> gmail.com]
> > Sent: Tuesday, August 08, 2006 8:11 AM
> > To: cryptopp-list <at> eskimo.com
> > Subject: VS 2005 + Crypto
>
> >
> > Im wondering if VS 2005 will be officially support
> by crypto++ any time
> > soon.
> >
> > Since it currently is not, I have 4 options from what
> i can tell to
> > try to get it to work with vs 2005.
> >
> > 1. CVS head
> > 2. The zip file from
> http://www.ibiblio.org/weidai/cryptopp_20060419.zip
> > 3. 5.2.3 on sourceforge and not listed on the home page.
> > 4. 5.2.1 mentioned on the the homepage.
> >
> >
> > I am confused as to which i should be using to get
> the most successful
> > results.  I am somewhat weary of using cvs head or some
> zip file since
> > i wonder of the stability.
> >
> > Thanks
> > Anthony
> >
> >
> >
>
>
> ________________________________
> Be one of the first to try Windows Live Mail.
Permalink | Reply | 501 comments |
headers
Albion Buckingham | 14 Aug 2006 17:12
Favicon

Calling Crypto++ 5.2.3 from VS .net 2003

Hi,
 
I am new to this arena so please pardon me if I am missing the obvious. I downloaded the Crypto++ 5.2.3 lib for use in an VB.net 2003 app which requires FIPS 140.2 conformance. At the download site it states "
  • Crypto++ Library 5.2.3 (Windows DLL, calling application must be compiled with MSVC .NET 2003)"
    •  
    I have registered Crypto++ with regasm and have tried to add it to my references in vb.net, C#.net and C++.net projects (all 2003). With each I get the following error when I try adding the reference to the Crypto++ dll.
     
    "A reference to C:\Crypto++\cryptopp523win32\Release\cryptopp.dll could not be added. this is not a valid assembly or COM component. Only assemblies with extensions 'dll' and COM components can be referenced. Please make sure that the file is accessible, and that it is a valid assembly or COM component."
     
    Any help would be appreciated. This is my first attempt to reference a .net dll from another .net language (I am usually in VB). From what I read this should be a simple matter I adding it to the references similar to COM interop.
     
    Thanks
    Al
     
    Permalink | Reply | 0 comments |
    headers
    Norbert Alexander Thek | 24 Aug 2006 15:26
    Picon

    Java<>Crypto++ 4.2

    Hello

Please be patient with me because I'm new to cryptographic .

What I want wo achive:
  We have a Windows MFC Application (VC 6.0) where we use a licenc file
The file should be encrypted with AES (Rijndeal), in C++ it works fine.
(I used the Cryptolib and I'm able to ecnrypt&decrypt files,  
bytearrays, strings....)

The problem is we need an JAVA app to create such licenc files  
(through a Web/Application Server)

My Status:
I'm able to encode/decode bytearrays in Java with AES
I'm able to encode/decode bytearrays in C++  with Crypto++ (with  
Crypto 4.2 because of VC 6.0)

but I'm not able to encode in Java and decode in C++, or vice versa ?

My C++ Code:
#################################################
	byte		m_UserKey[17];
	memset(m_UserKey,1,sizeof(m_UserKey));
	byte iv[16];
	byte inputstring[100];
         byte xxxbuf[100];
	memset (inputstring,0,sizeof(inputstring));
	memset (iv,0,sizeof(iv));

	strncpy ((char *)inputstring,m_to_encrypt,m_to_encrypt.GetLength());
	AESEncryption aesEncryption(m_UserKey, 16);
	CFBEncryption cfbEncryption(aesEncryption, iv);
	//CBCPaddedEncryptor cbcEncryptor(aesEncryption, iv, new  
ArraySink(xxxbuf,sizeof(xxxbuf)));
	//cbcEncryptor.Put(inputstring, m_to_encrypt.GetLength());
	// input more plaintext here if needed
	//cbcEncryptor.MessageEnd();
	cfbEncryption.ProcessString(inputstring,16);

	//memcpy(inputstring,xxxbuf,sizeof(xxxbuf));

	m_encrypted=CString(inputstring);
	m_encrypted_hex=byteArraytoHexString(inputstring,16);
################################################
to keep it simple i set IV to 000000.....

in Java (with Version 1.4.2..):
################################################
        String message="abcdefgaijklmnop";//"This is just an example";

        byte  the_key[] = new byte[16];
        byte idx=0;
        the_key[idx++] =(byte)0X01;
        the_key[idx++] =(byte)0X01;
        the_key[idx++] =(byte)0X01;
        the_key[idx++] =(byte)0X01;
        the_key[idx++] =(byte)0X01;
        the_key[idx++] =(byte)0X01;
        the_key[idx++] =(byte)0X01;
        the_key[idx++] =(byte)0X01;
        the_key[idx++] =(byte)0X01;
        the_key[idx++] =(byte)0X01;
        the_key[idx++] =(byte)0X01;
        the_key[idx++] =(byte)0X01;
        the_key[idx++] =(byte)0X01;
        the_key[idx++] =(byte)0X01;
        the_key[idx++] =(byte)0X01;
        the_key[idx++] =(byte)0X01;

        SecretKeySpec skeySpec =new SecretKeySpec(the_key,"AES");
        // Instantiate the cipher
        Cipher cipher = Cipher.getInstance("AES/CFB/NoPadding");
        //Cipher cipher = Cipher.getInstance("AES");
        byte iv[]= new byte[16+2];
        for (int i =0;i<iv.length;i++)
        {
     	   iv[i]=0;
        }
        iv[0]=4;
        iv[1]=0x10;
        AlgorithmParameters myparam =  AlgorithmParameters.getInstance("AES");
        myparam.init(iv);

        cipher.init(Cipher.ENCRYPT_MODE, skeySpec,myparam);
        System.out.println("IV: "+asHex(cipher.getIV()));
        System.out.println("Param: "+myparam);

        byte[] encrypted =
          cipher.doFinal((args.length == 0 ?
         		 message : args[0]).getBytes());
        System.out.println("encrypted string: " + asHex(encrypted));

        cipher.init(Cipher.DECRYPT_MODE, skeySpec,myparam);
        byte[] original =
          cipher.doFinal(encrypted);
        String originalString = new String(original);
        System.out.println("Original string: \"" +
          originalString + "\" " + asHex(original));
################################################

I tried different approaches (CFB, CBC, different Blocksizes, different IV)
but I don't come to any successfull encryption/decryption

Can somebody tell me, what I'm doing wrong?
(probably I should use a simpler algorithmen then AES but which algo?)

--

-- 
+--------------------------------------------------------+
|Thek Norbert Alexander                    ICQ# 11673043 |
|mailto:thek <at> sbox.tugraz.at                              |
+--------------------------------------------------------+
Programmer: The device for converting coffee into software
    Permalink | Reply | 0 comments |

    Gmane