offcrypto Releases Rss Feed

Updated Release: CapiRC4Encrypt (Jan 08, 2009)

dcleblanc — Fri, 10 Apr 2009 02:30:29 GMT

This code demonstrates parsing an EncryptionInfo struct generated by a PowerPoint file. It depends on the ManagedRC4 project.

Use ExtractStream -e to get the header from the PowerPoint file. The password for the file is 'password'.

Note - I updated this to use CryptImportKey instead of CryptDeriveKey - this takes one layer of the black box out of the equation.

Released: CapiRC4Encrypt (Jan 08, 2009)

Fri, 10 Apr 2009 02:30:29 GMT

Updated Release: ExtractStream (Dec 21, 2008)

dcleblanc — Fri, 10 Apr 2009 02:28:34 GMT

ExtractStream is a utility used to list and extract streams from an OLE compound file, which is what is used for Office 2003 and earlier files, as well as encrypted files generated by Office 2007.

Note - updated to allow PowerPoint files to have the encryption header extracted directly, since it was a pain to specify the offset. Will tackle Word and Excel shortly.

Released: ExtractStream (Dec 21, 2008)

Fri, 10 Apr 2009 02:28:34 GMT

Updated Release: ManagedRC4 (Jan 08, 2009)

dcleblanc — Fri, 06 Feb 2009 09:02:36 GMT

This project is to get around the issue that RC4 is not available in .NET. It isn't a fully featured RC4 wrapper, but it is enough to illustrate the concepts.

An issue worth mentioning here is that CryptDeriveKey and CryptImportKey have some special behaviors with respect to 40-bit encryption. The MSDN topic "Salt Value Functionality" explains this:

=== begin quote====
The Base Provider creates 40-bit symmetric keys created with eleven bytes of zero-value salt, eleven bytes of nonzero salt if CRYPTCREATESALT is specified, or no salt value. A 40-bit symmetric key with zero-value salt, however, is not equivalent to a 40-bit symmetric key without salt. For interoperability, keys must be created without salt. This problem results from a default condition that occurs only with keys of exactly 40 bits. All other key lengths do not have salt allocated by default.

Both the Base Providers and the Extended Provider can use the CRYPTNOSALT flag to specify that no salt value is allocated for a 40-bit symmetric key. The functions that accept this flag are CryptGenKey, CryptDeriveKey, and CryptImportKey. By default, these functions provide backward compatibility for the 40-bit symmetric key case by continuing the use of the eleven-byte-long zero-value salt.
=== end quote =====

1/9/09 - Made a minor tweak to RC4Native::ImportKey to make the above explicit. Comments from the code:

// This step makes explicit what the Microsoft implementation of RC4 is really doing, unless
// CRYPTNOSALT flag is set. Essentially, there's a 128-bit key, just that the last 88 bits
// are all 0. Unfortunately, there is no standard for RC4, which is part of why this happens.
if( cbKeyData == 5 )
*pcbKeyData = 16;

So essentially, a PLAINTEXTBLOB for 40-bit RC4 is exactly the same if:
a) Data size = 5
b) Data size = 16 AND the last 11 bytes are 0

This project is needed in order to use the CapiRC4Encrypt project.

Note - this was just updated to use CryptImportKey, instead of CryptDeriveKey - removes one more layer of the CAPI calls.

2/6 - Minor bug fix for Legacy RC4 example

Released: ManagedRC4 (Jan 08, 2009)

Fri, 06 Feb 2009 09:02:35 GMT

Updated Release: ManagedRC4 (Jan 08, 2009)

dcleblanc — Fri, 06 Feb 2009 09:01:12 GMT

This project is to get around the issue that RC4 is not available in .NET. It isn't a fully featured RC4 wrapper, but it is enough to illustrate the concepts. One limitation is that it does not load the CAPI provider which gives you 128-bit encryption - the default for this encryption approach is 40-bit, which works just fine.

An issue worth mentioning here is that CryptDeriveKey and CryptImportKey have some special behaviors with respect to 40-bit encryption. The MSDN topic "Salt Value Functionality" explains this:

=== begin quote====
The Base Provider creates 40-bit symmetric keys created with eleven bytes of zero-value salt, eleven bytes of nonzero salt if CRYPTCREATESALT is specified, or no salt value. A 40-bit symmetric key with zero-value salt, however, is not equivalent to a 40-bit symmetric key without salt. For interoperability, keys must be created without salt. This problem results from a default condition that occurs only with keys of exactly 40 bits. All other key lengths do not have salt allocated by default.

Both the Base Providers and the Extended Provider can use the CRYPTNOSALT flag to specify that no salt value is allocated for a 40-bit symmetric key. The functions that accept this flag are CryptGenKey, CryptDeriveKey, and CryptImportKey. By default, these functions provide backward compatibility for the 40-bit symmetric key case by continuing the use of the eleven-byte-long zero-value salt.
=== end quote =====

1/9/09 - Made a minor tweak to RC4Native::ImportKey to make the above explicit. Comments from the code:

// This step makes explicit what the Microsoft implementation of RC4 is really doing, unless
// CRYPTNOSALT flag is set. Essentially, there's a 128-bit key, just that the last 88 bits
// are all 0. Unfortunately, there is no standard for RC4, which is part of why this happens.
if( cbKeyData == 5 )
*pcbKeyData = 16;

So essentially, a PLAINTEXTBLOB for 40-bit RC4 is exactly the same if:
a) Data size = 5
b) Data size = 16 AND the last 11 bytes are 0

This project is needed in order to use the CapiRC4Encrypt project.

Note - this was just updated to use CryptImportKey, instead of CryptDeriveKey - removes one more layer of the CAPI calls.

2/6 - Minor bug fix for Legacy RC4 example

Updated Release: Legacy RC4 (Feb 06, 2009)

dcleblanc — Fri, 06 Feb 2009 08:58:09 GMT

Demonstrates the legacy RC4 encryption technique. Files include:

LegacyRC4.cs - source code to verify the header.
password_dump.txt - notes on the intermediate hash results for the password.doc file
password.doc - a 40-bit RC4 encrypted document with a password of (you guessed it) 'password'

Released: Legacy RC4 (Feb 06, 2009)

Fri, 06 Feb 2009 08:58:08 GMT

Created Release: Legacy RC4 (Feb 06, 2009)

dcleblanc — Fri, 06 Feb 2009 08:54:17 GMT

Demonstrates the legacy RC4 encryption technique.

Updated Release: ManagedRC4 (Jan 08, 2009)

dcleblanc — Fri, 09 Jan 2009 19:11:47 GMT

Released: ManagedRC4 (Jan 08, 2009)

Fri, 09 Jan 2009 19:11:45 GMT

Updated Release: ManagedRC4 (Jan 08, 2009)

dcleblanc — Thu, 08 Jan 2009 23:03:43 GMT

This project is to get around the issue that RC4 is not available in .NET. It isn't a fully featured RC4 wrapper, but it is enough to illustrate the concepts. One limitation is that it does not load the CAPI provider which gives you 128-bit encryption - the default for this encryption approach is 40-bit, which works just fine.

An issue worth mentioning here is that CryptDeriveKey and CryptImportKey have some special behaviors with respect to 40-bit encryption. The MSDN topic "Salt Value Functionality" explains this:

=== begin quote====
The Base Provider creates 40-bit symmetric keys created with eleven bytes of zero-value salt, eleven bytes of nonzero salt if CRYPTCREATESALT is specified, or no salt value. A 40-bit symmetric key with zero-value salt, however, is not equivalent to a 40-bit symmetric key without salt. For interoperability, keys must be created without salt. This problem results from a default condition that occurs only with keys of exactly 40 bits. All other key lengths do not have salt allocated by default.

Both the Base Providers and the Extended Provider can use the CRYPTNOSALT flag to specify that no salt value is allocated for a 40-bit symmetric key. The functions that accept this flag are CryptGenKey, CryptDeriveKey, and CryptImportKey. By default, these functions provide backward compatibility for the 40-bit symmetric key case by continuing the use of the eleven-byte-long zero-value salt.
=== end quote =====

This project is needed in order to use the CapiRC4Encrypt project.

Note - this was just updated to use CryptImportKey, instead of CryptDeriveKey - removes one more layer of the CAPI calls.

Released: ManagedRC4 (Jan 08, 2009)

Thu, 08 Jan 2009 23:03:41 GMT

This project is to get around the issue that RC4 is not available in .NET. It isn't a fully featured RC4 wrapper, but it is enough to illustrate the concepts. One limitation is that it does not load the CAPI provider which gives you 128-bit encryption - the default for this encryption approach is 40-bit, which works just fine.

An issue worth mentioning here is that CryptDeriveKey and CryptImportKey have some special behaviors with respect to 40-bit encryption. The MSDN topic "Salt Value Functionality" explains this:

=== begin quote====
The Base Provider creates 40-bit symmetric keys created with eleven bytes of zero-value salt, eleven bytes of nonzero salt if CRYPTCREATESALT is specified, or no salt value. A 40-bit symmetric key with zero-value salt, however, is not equivalent to a 40-bit symmetric key without salt. For interoperability, keys must be created without salt. This problem results from a default condition that occurs only with keys of exactly 40 bits. All other key lengths do not have salt allocated by default.

Both the Base Providers and the Extended Provider can use the CRYPTNOSALT flag to specify that no salt value is allocated for a 40-bit symmetric key. The functions that accept this flag are CryptGenKey, CryptDeriveKey, and CryptImportKey. By default, these functions provide backward compatibility for the 40-bit symmetric key case by continuing the use of the eleven-byte-long zero-value salt.
=== end quote =====

This project is needed in order to use the CapiRC4Encrypt project.

Note - this was just updated to use CryptImportKey, instead of CryptDeriveKey - removes one more layer of the CAPI calls.

Updated Release: ManagedRC4 (Jan 08, 2009)

dcleblanc — Thu, 08 Jan 2009 23:02:05 GMT

This project is to get around the issue that RC4 is not available in .NET. It isn't a fully featured RC4 wrapper, but it is enough to illustrate the concepts. One limitation is that it does not load the CAPI provider which gives you 128-bit encryption - the default for this encryption approach is 40-bit, which works just fine.

An issue worth mentioning here is that CryptDeriveKey has some special behaviors with respect to 40-bit encryption. The MSDN topic "Salt Value Functionality" explains this:

=== begin quote====
The Base Provider creates 40-bit symmetric keys created with eleven bytes of zero-value salt, eleven bytes of nonzero salt if CRYPTCREATESALT is specified, or no salt value. A 40-bit symmetric key with zero-value salt, however, is not equivalent to a 40-bit symmetric key without salt. For interoperability, keys must be created without salt. This problem results from a default condition that occurs only with keys of exactly 40 bits. All other key lengths do not have salt allocated by default.

Both the Base Providers and the Extended Provider can use the CRYPTNOSALT flag to specify that no salt value is allocated for a 40-bit symmetric key. The functions that accept this flag are CryptGenKey, CryptDeriveKey, and CryptImportKey. By default, these functions provide backward compatibility for the 40-bit symmetric key case by continuing the use of the eleven-byte-long zero-value salt.
=== end quote =====

This project is needed in order to use the CapiRC4Encrypt project.

Note - this was just updated to use CryptImportKey, instead of CryptDeriveKey - removes one more layer of the CAPI calls.

Updated Release: CapiRC4Encrypt (Jan 08, 2009)

dcleblanc — Thu, 08 Jan 2009 23:00:25 GMT

This code demonstrates parsing an EncryptionInfo struct generated by a PowerPoint file. It depends on the ManagedRC4 project.

Also attached are the extracted stream used in this demo - note that there is a hard-coded offset in the Main function - if you want to use a different source file, you'll need to change the offset. The password for the file is 'password'.

Note - I just updated this to use CryptImportKey instead of CryptDeriveKey - this takes one layer of the black box out of the equation.

Released: CapiRC4Encrypt (Jan 08, 2009)

Thu, 08 Jan 2009 23:00:23 GMT

Created Release: CapiRC4Encrypt (Jan 08, 2009)

dcleblanc — Thu, 08 Jan 2009 16:57:59 GMT

Released: CapiRC4Encrypt (Jan 08, 2009)

Thu, 08 Jan 2009 16:57:55 GMT

Updated Release: OoxmlEncrypt (Dec 21, 2008)

dcleblanc — Thu, 08 Jan 2009 16:40:57 GMT

OoxmlEncrypt demonstrated how to verify the EncryptionInfo stream, which is specified in MS-OFFCRYPTO. The input files are generated using ExtractStream.