6 Replies - 3355 Views - Last Post: 15 March 2012 - 04:44 AM

#1 Frankincense  Icon User is offline

  • New D.I.C Head

Reputation: 0
  • View blog
  • Posts: 4
  • Joined: 14-March 12

Using Crypto++ and windows forms

Posted 14 March 2012 - 09:50 AM

Hi guys,


Im pretty new to programming and I am having a few problems. I am making a windows form program for storing encrypted passwords.

I have created the program in cmd, but I am now converting it to a windows form program. In the cmd version, all the code was in one .cpp file. Now I am trying to use .cpp and .h files to order my code and generally improve it.

I am using crypto++ for encryption. I have got two projects in my solution. One is the cryptlib and the other is my password encryptor project.


Basically, when the main program is loaded, it hides the main form, and opens the login form (Authenticate). This then calls on the login functions to authenticate the login details. Once this is done it closes the login form and shows the main form again.


I have been having problems calling a managed piece of code from a native function.

What I would like to know is;

What do people normally do when using an API such as crypto++ and creating a windows form?

&

Is there a way for me to call the crypto++ (managed) functions from a native funtion? As each time I try the variable are garbled, mostly ending up as either blank or KBs or random text.

The AuthenticateLogin funciton:
bool Password_Encryptor::AuthenticateLogin(string userpass, string Password, string Username){
	ofstream out3 ("C:/Users/Default/AppData/Roaming/Pass Holder/temp3.dat");
	out3 << "1 " << Username << endl;
	out3.close();
	ofstream out4 ("C:/Users/Default/AppData/Roaming/Pass Holder/temp4.dat");
	out4 << "1 " << Password << endl;
	out4.close();

	//This function is to make sure the username and password entered by the user is correct
	int size;
	char *buf;
	string hashText;

	//Read in the SALT used for the previous userpass
	ifstream in1(SALTfile, ios::in | ios::binary | ios::ate);
	size = in1.tellg();
	buf = new char[size + 1];
	buf[size] = 0;
	in1.seekg(0, ios::beg);
	in1.read(buf, size);
	in1.close();

	string hexsalt = string(buf);

	//Read in the IV used for the previous userpass
	ifstream in2(IVfile, ios::in | ios::binary | ios::ate);
	size = in2.tellg();
	buf = new char[size + 1];
	buf[size] = 0;
	in2.seekg(0, ios::beg);
	in2.read(buf, size);
	in2.close();

	string hexiv = string(buf);

	//Read in the hash used for the previous userpass, this will be compared the to newly entered userpass encrypted with the previous SALT and IV
	ifstream in3(UserpassFile, ios::in | ios::binary | ios::ate);
	size = in3.tellg();
	buf = new char[size + 1];
	buf[size] = 0;
	in3.seekg(0, ios::beg);
	in3.read(buf, size);
	in3.close();

	string cipherText = string(buf);

	//Recover the SALT and IV from the hex values in the file,
	PKCS5_PBKDF2_HMAC<SHA256> pbkdf;

	SecByteBlock recoveredkey(AES::DEFAULT_KEYLENGTH);
	SecByteBlock recoveredsalt(AES::DEFAULT_KEYLENGTH);
	StringSource saltDecoder(hexsalt,true,new HexDecoder(new ArraySink(recoveredsalt, recoveredsalt.size() ) ) );
	
	test();

	ofstream out1 ("C:/Users/Default/AppData/Roaming/Pass Holder/temp.dat");
	out1 << "1 " << Password << endl;
	out1 << "1 " << userpass << "\n2 " << Password << endl;
	out1 << "1 " << recoveredkey << "\n2 " << recoveredkey.size() << "\n3 " << Password << "\n4 " << Password.size() << "\n5 " <<
		 recoveredsalt << "\n6 " << recoveredsalt.size() << "\n7 " << iterations	;
	out1.close();

	pbkdf.DeriveKey(recoveredkey, recoveredkey.size(), 0x00, (byte *) Password.data(), Password.size(), recoveredsalt, recoveredsalt.size(), iterations);
	
	test();
		
	SecByteBlock recoverediv(AES::BLOCKSIZE);
	StringSource ivDecoder(hexiv,true,new HexDecoder(new ArraySink(recoverediv, recoverediv.size() ) ) );

	//Encrypt the userpass that has been entered, using the SALT and IV stored in the file
	SecByteBlock derivedkey(AES::DEFAULT_KEYLENGTH);

	//Buffer that holds the derived key, purpose byte (unused), password bytes, salt bytes, iteration count (large as you can tolerate)
	pbkdf.DeriveKey(derivedkey, derivedkey.size(), 0x00, (byte *) Password.data(), Password.size(), recoveredsalt, recoveredsalt.size(), iterations);
	
	//Encrypt the userpass using key derived above, storing the hex encoded result into hashtext
	CBC_Mode<AES>::Encryption aesencryption(derivedkey,derivedkey.size(),recoverediv);
	StringSource encryptor(userpass, true, new StreamTransformationFilter(aesencryption, new HexEncoder( new StringSink(hashText))) );

	//Return whether the comparison between the newly created hash, and the old hash is correct
	
	return (hashText == cipherText);
}



The function that calls it (Auth):
void Authenticate::Auth() {

	if (chances == 0) {
		MessageBox::Show("You have failed 3 times, the application will now close", "Bad Login");
		Close();
	}

	String ^UsernameTemp = Authenticate::TbUsername->Text;
	String ^PasswordTemp = Authenticate::TbPassword->Text;
	string Username, Password;
	int Ulen, Plen;
	char *Uch, *Pch;
	bool Uresult, Presult;

    pin_ptr<const wchar_t> Uwch = PtrToStringChars( UsernameTemp );
	Ulen = (( UsernameTemp->Length+1) * 2);
    Uch = new char[ Ulen ];
	Uresult = wcstombs( Uch, Uwch, Ulen ) != -1;

    Username = Uch;
    delete Uch;

	pin_ptr<const wchar_t> Pwch = PtrToStringChars( PasswordTemp );
	Plen = (( PasswordTemp->Length+1) * 2);
    Pch = new char[ Plen ];
	Presult = wcstombs( Pch, Pwch, Plen ) != -1;

    Password = Pch;
    delete Pch;

	string userpass = Username + Password;
	
	//If there was no username + pasword file (found earlier), then create one with the newly entered info
	if (!filexists){
		EncryptUserpass(userpass, Password);
	}

	ofstream out1 ("C:/Users/Default/AppData/Roaming/Pass Holder/temp1.dat");
	out1 << "1 " << Username << endl;
	out1.close();
	ofstream out2 ("C:/Users/Default/AppData/Roaming/Pass Holder/temp2.dat");
	out2 << "1 " << Password << endl;
	out2.close();


	//Authenticate the login details
	login = AuthenticateLogin(userpass, Password, Username);


	if ( login == true ) {
		MessageBox::Show("Login Successful", "Authentication", MessageBoxButtons::OK);
		Authenticate::Close();
	} else {
		MessageBox::Show("Login Failed /n/n You have " + chances + " chance(s) remaining!", "Authentication", MessageBoxButtons::OK);
		chances --;

		this->TbUsername->Text = "";
		this->TbPassword->Text = "";
	}

};



Is This A Good Question/Topic? 0
  • +

Replies To: Using Crypto++ and windows forms

#2 jimblumberg  Icon User is offline

  • member icon


Reputation: 3987
  • View blog
  • Posts: 12,298
  • Joined: 25-December 09

Re: Using Crypto++ and windows forms

Posted 14 March 2012 - 12:19 PM

Quote

I have been having problems calling a managed piece of code from a native function.


What are your problems? Do you receive error messages? If so post them.

Have you read this page about integrating Crypto++ into Visual C++?

Jim

This post has been edited by jimblumberg: 14 March 2012 - 02:05 PM

Was This Post Helpful? 0
  • +
  • -

#3 JackOfAllTrades  Icon User is offline

  • Saucy!
  • member icon

Reputation: 6031
  • View blog
  • Posts: 23,413
  • Joined: 23-August 08

Re: Using Crypto++ and windows forms

Posted 14 March 2012 - 03:56 PM

Why not make your life easier and use the existing .NET Cryptography library?
Was This Post Helpful? 1
  • +
  • -

#4 jimblumberg  Icon User is offline

  • member icon


Reputation: 3987
  • View blog
  • Posts: 12,298
  • Joined: 25-December 09

Re: Using Crypto++ and windows forms

Posted 14 March 2012 - 08:55 PM

That really sounds better to me, when dealing with Mangled C++ try to find a Mangled C++ solution. Trying to mix Mangled C++ and standard C++ is a PITA.

Jim
Was This Post Helpful? 1
  • +
  • -

#5 Frankincense  Icon User is offline

  • New D.I.C Head

Reputation: 0
  • View blog
  • Posts: 4
  • Joined: 14-March 12

Re: Using Crypto++ and windows forms

Posted 15 March 2012 - 01:29 AM

I have read through the 'integrating Crypto++ into Visual C++' article, and unfortunately it doesn't help as the problem compiles and runs correctly, the only problems I am getting are when variables are being passed to the crypto++ functions, they are garbled.

If I use the .NET library, do you know of any tutorials or examples? I have googled it quickly and not many results are useful!

Also, when people normally use crypto++ what do they do? Does everyone just use it in command line? Or is there something I am missing?
Was This Post Helpful? 0
  • +
  • -

#6 JackOfAllTrades  Icon User is offline

  • Saucy!
  • member icon

Reputation: 6031
  • View blog
  • Posts: 23,413
  • Joined: 23-August 08

Re: Using Crypto++ and windows forms

Posted 15 March 2012 - 04:39 AM

Did you look through the MSDN library site to which I linked? There is sample code in there.

Not every topic is going to have a "hold my hand" tutorial for it. If you're new to programming, you might be better off getting a solid feel for the language first.

That being said, you're going to also find it harder to find samples in CLI C++ -- the .NET version of C++ -- because if you're using a C-type language in .NET you're better off with C#. In my estimation (and many others), CLI C++ is a bit of an abomination.
Was This Post Helpful? 0
  • +
  • -

#7 Frankincense  Icon User is offline

  • New D.I.C Head

Reputation: 0
  • View blog
  • Posts: 4
  • Joined: 14-March 12

Re: Using Crypto++ and windows forms

Posted 15 March 2012 - 04:44 AM

Ok, well thanks for all your help!

I will try and get on with the .NET library, and come back with any problem I find :)
Was This Post Helpful? 0
  • +
  • -

Page 1 of 1