Skip to content

Fixed crypto API exceptions and bypassed FIPS enforcement #37

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
HarmJ0y merged 6 commits into from
Feb 24, 2024
Merged

Fixed crypto API exceptions and bypassed FIPS enforcement #37

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
6 commits
Select commit Hold shift + click to select a range
1ee41c9
Changed LSAAESDecrypt to use the AesManaged class instead of AesCrypt…
subat0mik Feb 22, 2024
10a0070
Addressed FIPS issues by not enforcing FIPS policy in app.config
subat0mik Feb 22, 2024
a095233
Changed uses of the AesCryptoServiceProvider class to AesManaged in t…
subat0mik Feb 22, 2024
59fc248
Changed uses of the (CryptoServiceProvider classes to *Managed in lib…
subat0mik Feb 22, 2024
8e805ce
Changed uses of the *CryptoServiceProvider class to *Managed in lib\D…
subat0mik Feb 22, 2024
d1a048c
Changed uses of the *CryptoServiceProvider classes to *Managed in lib…
subat0mik Feb 22, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 2 additions & 2 deletions SharpChrome/SQLite/csharp-sqlite-src/crypto.cs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -163,9 +163,9 @@ public codec_ctx Copy()
const int CIPHER_ENCRYPT = 1; //#define CIPHER_ENCRYPT 1

#if NET_2_0
static RijndaelCryptoServiceProvider Aes = new RijndaelCryptoServiceProvider();
static RijndaelManaged Aes = new RijndaelManaged();
#else
static AesCryptoServiceProvider Aes = new AesCryptoServiceProvider();
static AesManaged Aes = new AesManaged();
#endif

/* BEGIN CRYPTO */
Expand Down
8 changes: 7 additions & 1 deletion SharpDPAPI/app.config
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,3 +1,9 @@
<?xml version="1.0" encoding="utf-8"?>
<configuration>
<startup><supportedRuntime version="v2.0.50727"/></startup></configuration>
<startup>
<supportedRuntime version="v2.0.50727"/>
</startup>
<runtime>
<enforceFIPSPolicy enabled="false"/>
</runtime>
</configuration>
48 changes: 25 additions & 23 deletions SharpDPAPI/lib/Crypto.cs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -74,7 +74,7 @@ public static byte[] DecryptBlob(byte[] ciphertext, byte[] key, int algCrypt, Pa
case 26128: // 26128 == CALG_AES_256
{
// takes a byte array of ciphertext bytes and a key array, decrypt the blob with AES256
var aesCryptoProvider = new AesCryptoServiceProvider();
var aesCryptoProvider = new AesManaged();

var ivBytes = new byte[16];

Expand Down Expand Up @@ -139,7 +139,7 @@ public static byte[] DeriveKey(byte[] keyBytes, byte[] saltBytes, int algHash, b

byte[] bufferI = Helpers.Combine(ipad, saltBytes);

using (var sha1 = new SHA1CryptoServiceProvider())
using (var sha1 = new SHA1Managed())
{
var sha1BufferI = sha1.ComputeHash(bufferI);

Expand Down Expand Up @@ -182,7 +182,7 @@ public static byte[] DeriveKeyRaw(byte[] hashBytes, int algHash)

if (algHash == 32772)
{
using (var sha1 = new SHA1CryptoServiceProvider())
using (var sha1 = new SHA1Managed())
{
var ipadSHA1bytes = sha1.ComputeHash(ipad);
var ppadSHA1bytes = sha1.ComputeHash(opad);
Expand Down Expand Up @@ -250,7 +250,7 @@ public static byte[] AESDecrypt(byte[] key, byte[] IV, byte[] data)
{
// helper to AES decrypt a given blob with optional IV

var aesCryptoProvider = new AesCryptoServiceProvider();
var aesCryptoProvider = new AesManaged();

aesCryptoProvider.Key = key;
if (IV.Length != 0)
Expand All @@ -266,29 +266,31 @@ public static byte[] AESDecrypt(byte[] key, byte[] IV, byte[] data)

public static byte[] LSAAESDecrypt(byte[] key, byte[] data)
{
var aesCryptoProvider = new AesCryptoServiceProvider();

aesCryptoProvider.Key = key;
aesCryptoProvider.IV = new byte[16];
aesCryptoProvider.Mode = CipherMode.CBC;
aesCryptoProvider.BlockSize = 128;
aesCryptoProvider.Padding = PaddingMode.Zeros;
var transform = aesCryptoProvider.CreateDecryptor();
using (AesManaged aesCryptoProvider = new AesManaged
{
Key = key,
IV = new byte[16],
Padding = PaddingMode.Zeros
}
)
{
ICryptoTransform transform = aesCryptoProvider.CreateDecryptor();

var chunks = Decimal.ToInt32(Math.Ceiling((decimal)data.Length / (decimal)16));
var plaintext = new byte[chunks * 16];
var chunks = Decimal.ToInt32(Math.Ceiling((decimal)data.Length / (decimal)16));
var plaintext = new byte[chunks * 16];

for (var i = 0; i < chunks; ++i)
{
var offset = i * 16;
var chunk = new byte[16];
Array.Copy(data, offset, chunk, 0, 16);
for (var i = 0; i < chunks; ++i)
{
var offset = i * 16;
var chunk = new byte[16];
Array.Copy(data, offset, chunk, 0, 16);

var chunkPlaintextBytes = transform.TransformFinalBlock(chunk, 0, chunk.Length);
Array.Copy(chunkPlaintextBytes, 0, plaintext, i * 16, 16);
}

var chunkPlaintextBytes = transform.TransformFinalBlock(chunk, 0, chunk.Length);
Array.Copy(chunkPlaintextBytes, 0, plaintext, i * 16, 16);
return plaintext;
}

return plaintext;
}

public static byte[] RSADecrypt(byte[] privateKey, byte[] dataToDecrypt)
Expand Down
8 changes: 4 additions & 4 deletions SharpDPAPI/lib/Dpapi.cs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -1786,7 +1786,7 @@ public static byte[] CalculateKeys(bool domain = true, string password = "", str
{
// Calculate SHA1 from user password
byte[] sha1bytes_password;
using (var sha1 = new SHA1CryptoServiceProvider())
using (var sha1 = new SHA1Managed())
{
sha1bytes_password = sha1.ComputeHash(utf16pass);
}
Expand Down Expand Up @@ -1897,7 +1897,7 @@ public static KeyValuePair<string, string> DecryptMasterKey(byte[] masterKeyByte
var masterKey = new byte[masterKeyLen];
Buffer.BlockCopy(domainKeyBytesDec, 8, masterKey, 0, masterKeyLen);

var sha1 = new SHA1CryptoServiceProvider();
var sha1 = new SHA1Managed();
var masterKeySha1 = sha1.ComputeHash(masterKey);
var masterKeySha1Hex = BitConverter.ToString(masterKeySha1).Replace("-", "");

Expand Down Expand Up @@ -2014,7 +2014,7 @@ private static byte[] DecryptAes256HmacSha512(byte[] shaBytes, byte[] final, byt
var masterKeyFull = new byte[64];
Array.Copy(plaintextBytes, plaintextBytes.Length - masterKeyFull.Length, masterKeyFull, 0, masterKeyFull.Length);

using (var sha1 = new SHA1CryptoServiceProvider())
using (var sha1 = new SHA1Managed())
{
var masterKeySha1 = sha1.ComputeHash(masterKeyFull);

Expand Down Expand Up @@ -2044,7 +2044,7 @@ private static byte[] DecryptTripleDESHmac(byte[] shaBytes, byte[] final, byte[]
var masterKeyFull = new byte[64];
Array.Copy(plaintextBytes, plaintextBytes.Length - masterKeyFull.Length, masterKeyFull, 0, masterKeyFull.Length);

using (var sha1 = new SHA1CryptoServiceProvider())
using (var sha1 = new SHA1Managed())
{
var masterKeySha1 = sha1.ComputeHash(masterKeyFull);

Expand Down
2 changes: 1 addition & 1 deletion SharpDPAPI/lib/Triage.cs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -211,7 +211,7 @@ public static Dictionary<string, string> TriageUserMasterKeys(byte[] backupKeyBy
bkrp.Initialize(DCIPAdress.ToString(), System.Environment.UserDomainName);
var keyBytes = bkrp.BackuprKey(SharpDPAPI.Dpapi.GetDomainKey(masterKeyBytes));
var guid = $"{{{Encoding.Unicode.GetString(masterKeyBytes, 12, 72)}}}";
var sha1 = new SHA1CryptoServiceProvider();
var sha1 = new SHA1Managed();
var masterKeySha1 = sha1.ComputeHash(keyBytes);
var masterKeySha1Hex = BitConverter.ToString(masterKeySha1).Replace("-", "");
mappings.Add(guid, masterKeySha1Hex);
Expand Down