-
Notifications
You must be signed in to change notification settings - Fork 0
/
RequestCrypter.cpp
111 lines (87 loc) · 2.92 KB
/
RequestCrypter.cpp
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
#include "RequestCrypter.h"
RequestCrypter::RequestCrypter() {
UCHAR tempKey[16] = {
0xB7, 0x4F, 0x3A, 0x6E, 0x9A, 0xC1, 0xF8, 0x3C,
0x2D, 0x7E, 0xC4, 0x56, 0x71, 0x0A, 0x8B, 0x9D
};
RtlCopyMemory(m_aesKey, tempKey, sizeof(tempKey));
}
RequestCrypter::RequestCrypter(const UCHAR* aesKey) {
RtlCopyMemory(m_aesKey, aesKey, 16 * sizeof(UCHAR));
}
RequestCrypter::~RequestCrypter() {
if (hKey) { BCryptDestroyKey(hKey); }
if (hAlg) { BCryptCloseAlgorithmProvider(hAlg, 0); }
}
void RequestCrypter::SetAESKey(const UCHAR* aesKey) {
RtlCopyMemory(m_aesKey, aesKey, 16 * sizeof(UCHAR));
}
NTSTATUS RequestCrypter::Initialize() {
if (hKey) {
BCryptDestroyKey(hKey);
hKey = NULL;
}
if (hAlg) {
BCryptCloseAlgorithmProvider(hAlg, 0);
hAlg = NULL;
}
NTSTATUS InitializationStatus = BCryptOpenAlgorithmProvider(&hAlg, BCRYPT_AES_ALGORITHM, NULL, 0);
if (!BCRYPT_SUCCESS(InitializationStatus)) {
return InitializationStatus;
}
InitializationStatus = BCryptGenerateSymmetricKey(hAlg, &hKey, NULL, 0, m_aesKey, sizeof(m_aesKey), 0);
if (!BCRYPT_SUCCESS(InitializationStatus)) {
BCryptCloseAlgorithmProvider(hAlg, 0);
hAlg = NULL;
return InitializationStatus;
}
return InitializationStatus;
}
NTSTATUS RequestCrypter::EncryptBuffer(PVOID pInput, ULONG InputSize, PUCHAR pOutput, ULONG OutputSize) {
if (!hKey || !hAlg) {
return STATUS_INVALID_HANDLE;
}
if (!pInput || !pOutput || OutputSize) {
return STATUS_INVALID_PARAMETER;
}
NTSTATUS EncryptionStatus;
// Perform encryption with separate size parameter
ULONG cbResult = OutputSize; // Use separate variable for BCrypt
EncryptionStatus = BCryptEncrypt(
hKey,
static_cast<PUCHAR>(pInput),
InputSize,
NULL,
NULL,
0,
pOutput,
OutputSize,
&cbResult,
0
);
return EncryptionStatus;
}
NTSTATUS RequestCrypter::DecryptBuffer(PUCHAR pInput, ULONG InputSize, PVOID pOutput, ULONG& OutputSize) {
if (!hKey || !hAlg) { return STATUS_INVALID_HANDLE; }
if (!pInput || !pOutput) { return STATUS_INVALID_PARAMETER; }
if (InputSize % AES_BLOCK_SIZE != 0) { return STATUS_INVALID_PARAMETER; } // The buffer should be following PKCS7 standards and be padded from usermode
NTSTATUS DecryptionStatus;
ULONG cbResult = 0; // Still dont know if this shit can be null
DecryptionStatus = BCryptDecrypt(
hKey,
pInput,
InputSize,
NULL,
NULL,
0,
static_cast<PUCHAR>(pOutput),
OutputSize,
&cbResult,
0
);
if (!BCRYPT_SUCCESS(DecryptionStatus)){
return DecryptionStatus;
}
OutputSize = cbResult;
return DecryptionStatus;
}