How is this done? I have attached a VB6 module
modcrypt.bas by Barry Dunne which uses rc4 and Microsoft Base Cryptographic
Provider 1.0...
I can get this to rc4 encrypt / decrypt under
Windoze. Although it iterates the hashing of the password, then creates a
session key from it, and the reverse is done for decryption (I imagine this must
be changed to decrypt an openssl encrypted string). It also includes a password
encrypt string?!
Likewise I can get openssl to encrypt / decrypt rc4
under Linux.
Now comes the tricky part. How can I modify
modcrypt.bas to decrypt openssl encrypted
strings? I believe Microsoft Base Cryptographic Provider 1.0 supports 40bit rc2
encryption. Am I better to use this, (ENCRYPT_ALGORITHM=CALG_RC2) with openssl
(rc2-40cbc) as opensll uses 128 bit rc4 which I believe is unsupported by
Microsoft Base Cryptographic Provider 1.0? Most importantly, when all I have is
a password from openssl, how do I get the parameters to pass
CryptDecrypt?
The function definition looks like
this:
Private Declare Function CryptDecrypt Lib
"advapi32.dll" _ (ByVal hKey As Long, _ ByVal hHash As Long, _ ByVal Final As Long, _ ByVal dwFlags As Long, _ ByVal pbData As String, _ ByRef pdwDataLen As Long) As Long Thanks in advance,
James.
Private Const SERVICE_PROVIDER As String =
"Microsoft Base Cryptographic Provider v1.0" Private Const KEY_CONTAINER As String = "Metallica" Private Const PROV_RSA_FULL As Long = 1 Private Const PP_NAME As Long = 4 Private Const PP_CONTAINER As Long = 6 Private Const CRYPT_NEWKEYSET As Long = 8 Private Const ALG_CLASS_DATA_ENCRYPT As Long = 24576 Private Const ALG_CLASS_HASH As Long = 32768 Private Const ALG_TYPE_ANY As Long = 0 Private Const ALG_TYPE_STREAM As Long = 2048 Private Const ALG_SID_RC4 As Long = 1 Private Const ALG_SID_MD5 As Long = 3 Private Const CALG_MD5 As Long = ((ALG_CLASS_HASH Or ALG_TYPE_ANY) Or ALG_SID_MD5) Private Const CALG_RC4 As Long = ((ALG_CLASS_DATA_ENCRYPT Or ALG_TYPE_STREAM) Or ALG_SID_RC4) Private Const ENCRYPT_ALGORITHM As Long = CALG_RC4 Private Const NUMBER_ENCRYPT_PASSWORD As String = "´o¸sçPQ]" |