New Topic/Question
Reply
Im pretty new to programming and I am having a few problems. I am making a windows form program for storing encrypted passwords.
I have created the program in cmd, but I am now converting it to a windows form program. In the cmd version, all the code was in one .cpp file. Now I am trying to use .cpp and .h files to order my code and generally improve it.
I am using crypto++ for encryption. I have got two projects in my solution. One is the cryptlib and the other is my password encryptor project.
Basically, when the main program is loaded, it hides the main form, and opens the login form (Authenticate). This then calls on the login functions to authenticate the login details. Once this is done it closes the login form and shows the main form again.
I have been having problems calling a managed piece of code from a native function.
What I would like to know is;
What do people normally do when using an API such as crypto++ and creating a windows form?
&
Is there a way for me to call the crypto++ (managed) functions from a native funtion? As each time I try the variable are garbled, mostly ending up as either blank or KBs or random text.
The AuthenticateLogin funciton:
bool Password_Encryptor::AuthenticateLogin(string userpass, string Password, string Username){
ofstream out3 ("C:/Users/Default/AppData/Roaming/Pass Holder/temp3.dat");
out3 << "1 " << Username << endl;
out3.close();
ofstream out4 ("C:/Users/Default/AppData/Roaming/Pass Holder/temp4.dat");
out4 << "1 " << Password << endl;
out4.close();
//This function is to make sure the username and password entered by the user is correct
int size;
char *buf;
string hashText;
//Read in the SALT used for the previous userpass
ifstream in1(SALTfile, ios::in | ios::binary | ios::ate);
size = in1.tellg();
buf = new char[size + 1];
buf[size] = 0;
in1.seekg(0, ios::beg);
in1.read(buf, size);
in1.close();
string hexsalt = string(buf);
//Read in the IV used for the previous userpass
ifstream in2(IVfile, ios::in | ios::binary | ios::ate);
size = in2.tellg();
buf = new char[size + 1];
buf[size] = 0;
in2.seekg(0, ios::beg);
in2.read(buf, size);
in2.close();
string hexiv = string(buf);
//Read in the hash used for the previous userpass, this will be compared the to newly entered userpass encrypted with the previous SALT and IV
ifstream in3(UserpassFile, ios::in | ios::binary | ios::ate);
size = in3.tellg();
buf = new char[size + 1];
buf[size] = 0;
in3.seekg(0, ios::beg);
in3.read(buf, size);
in3.close();
string cipherText = string(buf);
//Recover the SALT and IV from the hex values in the file,
PKCS5_PBKDF2_HMAC<SHA256> pbkdf;
SecByteBlock recoveredkey(AES::DEFAULT_KEYLENGTH);
SecByteBlock recoveredsalt(AES::DEFAULT_KEYLENGTH);
StringSource saltDecoder(hexsalt,true,new HexDecoder(new ArraySink(recoveredsalt, recoveredsalt.size() ) ) );
test();
ofstream out1 ("C:/Users/Default/AppData/Roaming/Pass Holder/temp.dat");
out1 << "1 " << Password << endl;
out1 << "1 " << userpass << "\n2 " << Password << endl;
out1 << "1 " << recoveredkey << "\n2 " << recoveredkey.size() << "\n3 " << Password << "\n4 " << Password.size() << "\n5 " <<
recoveredsalt << "\n6 " << recoveredsalt.size() << "\n7 " << iterations ;
out1.close();
pbkdf.DeriveKey(recoveredkey, recoveredkey.size(), 0x00, (byte *) Password.data(), Password.size(), recoveredsalt, recoveredsalt.size(), iterations);
test();
SecByteBlock recoverediv(AES::BLOCKSIZE);
StringSource ivDecoder(hexiv,true,new HexDecoder(new ArraySink(recoverediv, recoverediv.size() ) ) );
//Encrypt the userpass that has been entered, using the SALT and IV stored in the file
SecByteBlock derivedkey(AES::DEFAULT_KEYLENGTH);
//Buffer that holds the derived key, purpose byte (unused), password bytes, salt bytes, iteration count (large as you can tolerate)
pbkdf.DeriveKey(derivedkey, derivedkey.size(), 0x00, (byte *) Password.data(), Password.size(), recoveredsalt, recoveredsalt.size(), iterations);
//Encrypt the userpass using key derived above, storing the hex encoded result into hashtext
CBC_Mode<AES>::Encryption aesencryption(derivedkey,derivedkey.size(),recoverediv);
StringSource encryptor(userpass, true, new StreamTransformationFilter(aesencryption, new HexEncoder( new StringSink(hashText))) );
//Return whether the comparison between the newly created hash, and the old hash is correct
return (hashText == cipherText);
}
The function that calls it (Auth):
void Authenticate::Auth() {
if (chances == 0) {
MessageBox::Show("You have failed 3 times, the application will now close", "Bad Login");
Close();
}
String ^UsernameTemp = Authenticate::TbUsername->Text;
String ^PasswordTemp = Authenticate::TbPassword->Text;
string Username, Password;
int Ulen, Plen;
char *Uch, *Pch;
bool Uresult, Presult;
pin_ptr<const wchar_t> Uwch = PtrToStringChars( UsernameTemp );
Ulen = (( UsernameTemp->Length+1) * 2);
Uch = new char[ Ulen ];
Uresult = wcstombs( Uch, Uwch, Ulen ) != -1;
Username = Uch;
delete Uch;
pin_ptr<const wchar_t> Pwch = PtrToStringChars( PasswordTemp );
Plen = (( PasswordTemp->Length+1) * 2);
Pch = new char[ Plen ];
Presult = wcstombs( Pch, Pwch, Plen ) != -1;
Password = Pch;
delete Pch;
string userpass = Username + Password;
//If there was no username + pasword file (found earlier), then create one with the newly entered info
if (!filexists){
EncryptUserpass(userpass, Password);
}
ofstream out1 ("C:/Users/Default/AppData/Roaming/Pass Holder/temp1.dat");
out1 << "1 " << Username << endl;
out1.close();
ofstream out2 ("C:/Users/Default/AppData/Roaming/Pass Holder/temp2.dat");
out2 << "1 " << Password << endl;
out2.close();
//Authenticate the login details
login = AuthenticateLogin(userpass, Password, Username);
if ( login == true ) {
MessageBox::Show("Login Successful", "Authentication", MessageBoxButtons::OK);
Authenticate::Close();
} else {
MessageBox::Show("Login Failed /n/n You have " + chances + " chance(s) remaining!", "Authentication", MessageBoxButtons::OK);
chances --;
this->TbUsername->Text = "";
this->TbPassword->Text = "";
}
};
MultiQuote
| 