Demonstration of CryptoAPI encryption/Decryption, hashing, and random number generation. Encryption includes RC2, RC4, DES, DES3, AES-128, AES-192, AES-256. Hashing includes MD4, MD5, SHA-1, SHA-256, SHA-384, SHA-512. Windows XP SP2 or earlier no longer supported. Updated 20-Jul-2017, support modules and documentation.
Download from ME
Download from PSC
Count Lines of Code v2.0.353 22 Mar 2017 06:29 AM
CryptoAPI_Group.vbg
Kenneth Ives kenaso@tx.rr.com
------------------------------------------------------------------------------
VBG Name: C:\Kens Software\CryptoAPI\CryptoAPI_Group.vbg
VBP Name: C:\Kens Software\CryptoAPI\CryptoAPIDemo.vbp
Module Name: C:\Kens Software\CryptoAPI\clsKeyEdit.cls
10 Sub routines
80 Miscellaneous lines of code
15 Auto generated lines (** Not included in totals **)
60 Blank lines (** Not included in totals **)
287 Comment lines (** Not included in totals **)
----------
90 Module lines of code
Module Name: C:\Kens Software\CryptoAPI\clsManifest.cls
3 Constant variables
1 Enum Structures
1 Type Structures
5 API Declare statements
4 Property Let routines
2 Sub routines
4 Functions
182 Miscellaneous lines of code
13 Auto generated lines (** Not included in totals **)
88 Blank lines (** Not included in totals **)
289 Comment lines (** Not included in totals **)
----------
198 Module lines of code
Module Name: C:\Kens Software\CryptoAPI\clsOperSystem.cls
105 Constant variables
1 Type Structures
6 API Declare statements
163 Property Get routines
13 Sub routines
1,170 Miscellaneous lines of code
15 Auto generated lines (** Not included in totals **)
381 Blank lines (** Not included in totals **)
378 Comment lines (** Not included in totals **)
----------
1,295 Module lines of code
Module Name: C:\Kens Software\CryptoAPI\clsPrivileges.cls
11 Constant variables
3 Type Structures
6 API Declare statements
4 Property Let routines
1 Property Get routines
3 Sub routines
3 Functions
173 Miscellaneous lines of code
13 Auto generated lines (** Not included in totals **)
117 Blank lines (** Not included in totals **)
213 Comment lines (** Not included in totals **)
----------
199 Module lines of code
Module Name: C:\Kens Software\CryptoAPI\frmAbout.frm
7 Constant variables
3 API Declare statements
9 Sub routines
95 Miscellaneous lines of code
332 Auto generated lines (** Not included in totals **)
23 Blank lines (** Not included in totals **)
84 Comment lines (** Not included in totals **)
----------
114 Module lines of code
Module Name: C:\Kens Software\CryptoAPI\frmMain.frm
6 Constant variables
2 API Declare statements
37 Sub routines
1,340 Miscellaneous lines of code
779 Auto generated lines (** Not included in totals **)
93 Blank lines (** Not included in totals **)
258 Comment lines (** Not included in totals **)
----------
1,385 Module lines of code
Module Name: C:\Kens Software\CryptoAPI\frmSplash.frm
2 Sub routines
10 Miscellaneous lines of code
52 Auto generated lines (** Not included in totals **)
6 Blank lines (** Not included in totals **)
17 Comment lines (** Not included in totals **)
----------
12 Module lines of code
Module Name: C:\Kens Software\CryptoAPI\modCentering.bas
12 Constant variables
1 Type Structures
7 API Declare statements
2 Sub routines
3 Functions
83 Miscellaneous lines of code
1 Auto generated lines (** Not included in totals **)
73 Blank lines (** Not included in totals **)
207 Comment lines (** Not included in totals **)
----------
108 Module lines of code
Module Name: C:\Kens Software\CryptoAPI\modCommon.bas
5 Constant variables
5 Functions
79 Miscellaneous lines of code
1 Auto generated lines (** Not included in totals **)
50 Blank lines (** Not included in totals **)
99 Comment lines (** Not included in totals **)
----------
89 Module lines of code
Module Name: C:\Kens Software\CryptoAPI\modDialogBox.bas
61 Constant variables
7 Type Structures
24 API Declare statements
6 Sub routines
11 Functions
652 Miscellaneous lines of code
1 Auto generated lines (** Not included in totals **)
105 Blank lines (** Not included in totals **)
770 Comment lines (** Not included in totals **)
----------
761 Module lines of code
Module Name: C:\Kens Software\CryptoAPI\modMain.bas
34 Constant variables
1 Type Structures
23 API Declare statements
8 Sub routines
11 Functions
340 Miscellaneous lines of code
1 Auto generated lines (** Not included in totals **)
244 Blank lines (** Not included in totals **)
654 Comment lines (** Not included in totals **)
----------
417 Module lines of code
Module Name: C:\Kens Software\CryptoAPI\modMessages.bas
24 Constant variables
2 Enum Structures
1 Type Structures
9 API Declare statements
4 Sub routines
4 Functions
101 Miscellaneous lines of code
1 Auto generated lines (** Not included in totals **)
79 Blank lines (** Not included in totals **)
405 Comment lines (** Not included in totals **)
----------
145 Module lines of code
Module Name: C:\Kens Software\CryptoAPI\modProcesses.bas
9 Constant variables
1 Type Structures
16 API Declare statements
2 Sub routines
13 Functions
265 Miscellaneous lines of code
1 Auto generated lines (** Not included in totals **)
199 Blank lines (** Not included in totals **)
398 Comment lines (** Not included in totals **)
----------
306 Module lines of code
Module Name: C:\Kens Software\CryptoAPI\modTrimStr.bas
1 Constant variables
1 Type Structures
2 API Declare statements
2 Functions
53 Miscellaneous lines of code
1 Auto generated lines (** Not included in totals **)
33 Blank lines (** Not included in totals **)
129 Comment lines (** Not included in totals **)
----------
59 Module lines of code
----------
5,178 Sub-total for project
VBP Name: C:\Kens Software\CryptoAPI\DLL\kiCryptoAPI.vbp
Module Name: C:\Kens Software\CryptoAPI\DLL\clsAPI_Hash.cls
39 Constant variables
1 Enum Structures
7 API Declare statements
5 Property Let routines
2 Property Get routines
1 Event routines
6 Sub routines
7 Functions
320 Miscellaneous lines of code
15 Auto generated lines (** Not included in totals **)
204 Blank lines (** Not included in totals **)
554 Comment lines (** Not included in totals **)
----------
381 Module lines of code
Module Name: C:\Kens Software\CryptoAPI\DLL\clsBigFiles.cls
19 Constant variables
10 API Declare statements
2 Property Let routines
2 Event routines
4 Sub routines
13 Functions
351 Miscellaneous lines of code
15 Auto generated lines (** Not included in totals **)
230 Blank lines (** Not included in totals **)
704 Comment lines (** Not included in totals **)
----------
399 Module lines of code
Module Name: C:\Kens Software\CryptoAPI\DLL\clsCRC32.cls
8 Constant variables
1 Property Let routines
2 Property Get routines
1 Event routines
3 Sub routines
4 Functions
202 Miscellaneous lines of code
15 Auto generated lines (** Not included in totals **)
56 Blank lines (** Not included in totals **)
189 Comment lines (** Not included in totals **)
----------
218 Module lines of code
Module Name: C:\Kens Software\CryptoAPI\DLL\clsCipher.cls
7 Constant variables
7 Property Let routines
5 Property Get routines
1 Event routines
3 Sub routines
4 Functions
324 Miscellaneous lines of code
15 Auto generated lines (** Not included in totals **)
63 Blank lines (** Not included in totals **)
98 Comment lines (** Not included in totals **)
----------
339 Module lines of code
Module Name: C:\Kens Software\CryptoAPI\DLL\clsCryptoAPI.cls
73 Constant variables
2 Enum Structures
13 API Declare statements
7 Property Let routines
3 Property Get routines
2 Event routines
5 Sub routines
11 Functions
708 Miscellaneous lines of code
15 Auto generated lines (** Not included in totals **)
376 Blank lines (** Not included in totals **)
654 Comment lines (** Not included in totals **)
----------
814 Module lines of code
Module Name: C:\Kens Software\CryptoAPI\DLL\clsHash.cls
1 Constant variables
4 Property Let routines
2 Property Get routines
1 Event routines
3 Sub routines
2 Functions
128 Miscellaneous lines of code
15 Auto generated lines (** Not included in totals **)
38 Blank lines (** Not included in totals **)
117 Comment lines (** Not included in totals **)
----------
135 Module lines of code
Module Name: C:\Kens Software\CryptoAPI\DLL\clsRandom.cls
71 Constant variables
3 Enum Structures
14 API Declare statements
2 Property Let routines
2 Property Get routines
13 Sub routines
19 Functions
918 Miscellaneous lines of code
15 Auto generated lines (** Not included in totals **)
502 Blank lines (** Not included in totals **)
1,391 Comment lines (** Not included in totals **)
----------
1,038 Module lines of code
Module Name: C:\Kens Software\CryptoAPI\DLL\modCommon.bas
18 Constant variables
7 API Declare statements
3 Sub routines
18 Functions
232 Miscellaneous lines of code
1 Auto generated lines (** Not included in totals **)
172 Blank lines (** Not included in totals **)
544 Comment lines (** Not included in totals **)
----------
278 Module lines of code
Module Name: C:\Kens Software\CryptoAPI\DLL\modMessages.bas
24 Constant variables
2 Enum Structures
1 Type Structures
9 API Declare statements
4 Sub routines
4 Functions
101 Miscellaneous lines of code
1 Auto generated lines (** Not included in totals **)
79 Blank lines (** Not included in totals **)
405 Comment lines (** Not included in totals **)
----------
145 Module lines of code
Module Name: C:\Kens Software\CryptoAPI\DLL\modTrimStr.bas
1 Constant variables
1 Type Structures
2 API Declare statements
2 Functions
53 Miscellaneous lines of code
1 Auto generated lines (** Not included in totals **)
33 Blank lines (** Not included in totals **)
129 Comment lines (** Not included in totals **)
----------
59 Module lines of code
----------
3,806 Sub-total for project
==========
8,984 Total number of lines of code
******************************************************************************
NOTE: Visual Basic trailers are not counted. These are the
logical ending statements used by proceedural headings.
End Sub End Function End Property
End If End Type Loop
Next Wend End With
End Select
******************************************************************************
kiCryptoAPI.dll Kenneth Ives (kenaso|at|tx.rr.com)
I am open to ways to improve this application, please email me.
Visual Basic 6.0 with Service Pack 6 runtime files required.
To obtain required files (VBRun60sp6.exe):
http://www.microsoft.com/downloads/details.aspx?FamilyId=7B9BA261-7A9C-43E7-9117-F6730
77FFB3C
VBRun60sp6.exe installs Visual Basic 6.0 SP6 run-time files.
http://support.microsoft.com/kb/290887
This software has been tested on Windows XP SP3 64-bit through Windows 10.
Windows XP 32-bit, 9x, 2000 and NT4 are no longer supported.
*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*
*** WARNING *** WARNING *** WARNING *** WARNING *** WARNING *** WARNING ***
*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*
You acknowledge that this software is subject to the export control
laws and regulations of the United States ("U.S.") and agree to abide
by those laws and regulations. Under U.S. law, this software may not
be downloaded or otherwise exported, reexported, or transferred to
restricted countries, restricted end-users, or for restricted
end-uses. The U.S. currently has embargo restrictions against Cuba,
Iran, Iraq, Libya, North Korea, Sudan, and Syria. The lists of
restricted end-users are maintained on the U.S. Commerce Department's
Denied Persons List, the Commerce Department's Entity List, the
Commerce Department's List of Unverified Persons, and the U.S.
Treasury Department's List of Specially Designated Nationals and
Blocked Persons. In addition, this software may not be downloaded or
otherwise exported, reexported, or transferred to an end-user engaged
in activities related to weapons of mass destruction.
*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*
REFERENCE:
The Cryptography API, or How to Keep a Secret
http://msdn.microsoft.com/en-us/library/ms867086.aspx
CryptoAPI Cryptographic Service Providers
http://msdn.microsoft.com/en-us/library/bb931357(VS.85).aspx
SHA-2 support on MS Windows
Paraphrasing: Regarding SHA-224 support, SHA-224 offers less security
than SHA-256 but takes the same amount of resources. Also SHA-224 is
not generally used by protocols and applications. The NSA's (National
Security Agency) Suite B standards also does not include it. Microsoft
has no plans to add it to future versions of their Cryptographic
Service Providers (CSP).
http://blogs.msdn.com/b/alejacma/archive/2009/01/23/sha-2-support-on-windows-xp.aspx
NIST (National Institute of Standards and Technology)
FIPS (Federal Information Processing Standards Publication)
SP (Special Publications)
http://csrc.nist.gov/publications/PubsFIPS.html
FIPS 180-2 (Federal Information Processing Standards Publication)
dated 1-Aug-2002, with Change Notice 1, dated 25-Feb-2004
http://csrc.nist.gov/publications/fips/fips180-2/FIPS180-2_changenotice.pdf
FIPS 180-3 (Federal Information Processing Standards Publication)
dated Oct-2008 (supercedes FIPS 180-2)
http://csrc.nist.gov/publications/fips/fips180-3/fips180-3_final.pdf
FIPS 180-4 (Federal Information Processing Standards Publication)
dated Mar-2012 (Supercedes FIPS-180-3)
http://csrc.nist.gov/publications/fips/fips180-4/fips-180-4.pdf
Examples of the implementation of the secure hash algorithms
SHA-1, SHA-224, SHA-256, SHA-384, SHA-512, SHA-512/224 and
SHA-512/256, can be found at:
http://csrc.nist.gov/groups/ST/toolkit/examples.html
http://csrc.nist.gov/groups/ST/toolkit/documents/Examples/SHA2_Additional.pdf
Aaron Gifford's additional test vectors
http://www.adg.us/computers/sha.html
Guidelines for Media Sanitization (SP800-88)
http://csrc.nist.gov/publications/nistpubs/800-88/NISTSP800-88_rev1.pdf
WARNING:
MD4 Message-Digest Algorithm has been compromised at the rump
session of Crypto 2004 it was announced that Xiaoyun Wang,
Dengguo Feng, Xuejia Lai and Hongbo Yu found collisions for
MD4, MD5, RIPEMD, and the 128-bit version of HAVAL.
http://eprint.iacr.org/2004/199.pdf
Feb-2005: SHA-1 has been compromised. Recommended that
you do not use for password or document authentication.
http://www.schneier.com/blog/archives/2005/02/sha1_broken.html
http://csrc.nist.gov/groups/ST/toolkit/documents/shs/NISTHashComments-final.pdf
Mar-2005 Demonstrating a technique for finding MD5 collisions quickly.
Eight hours on 1.6 GHz computer.
http://cryptography.hyperlink.cz/md5/MD5_collisions.pdf
Jun-2005 Two researchers from the Institute for Cryptology and
IT-Security have generated PostScript files with identical MD5-sums
but entirely different (but meaningful!) content.
http://www.schneier.com/blog/archives/2005/06/more_md5_collis.html
March 15, 2006: The SHA-2 family of hash functions
(i.e., SHA-224, SHA-256, SHA-384 and SHA-512) may be used
by Federal agencies for all applications using secure hash
algorithms. Federal agencies should stop using SHA-1 for
digital signatures, digital time stamping and other
applications that require collision resistance as soon as
practical, and must use the SHA-2 family of hash functions
for these applications after 2010. After 2010, Federal
agencies may use SHA-1 only for the following applications:
- hash-based message authentication codes (HMACs)
- key derivation functions (KDFs)
- random number generators (RNGs)
Regardless of use, NIST encourages application and protocol
designers to use the SHA-2 family of hash functions for all
new applications and protocols.
http://csrc.nist.gov/groups/ST/hash/policy.html
Export Control: Certain cryptographic devices and technical
data regarding them are subject to Federal export controls.
Exports of cryptographic modules implementing this standard
and technical data regarding them must comply with these
Federal regulations and be licensed by the Bureau of Export
Administration of the U.S. Department of Commerce.
Information about export regulations is available at:
http://www.bis.doc.gov/index.htm
*****************************************************************************
How to use:
For a simple example, execute the SHA_Demo application. The demo converts
the data to a byte array prior to passing it to the DLL to be hashed.
[STRING DATA]
Convert string data to byte array prior to passing to the HashString function.
Ex: abytData() = StrConv("abc", vbFromUnicode)
[FILE DATA]
Just the path and filename are passed in the byte array. Convert the
path\filename data to byte array prior to passing to the HashFile function.
The HashFile routine will open and read the file into an internal byte array.
Ex: abytData() = StrConv("C:\Files\Test Folder\Testfile.txt", vbFromUnicode)
Both will create a hashed output string based on file data input.
-------------------------------------------------------------------------------
Test data provided to test either hash or cipher:
TestPhrase.txt ASCII text phrase (Copy & paste phrase for string test)
TestFile.txt ASCII text file
Binary test files:
kB_32.dat 32,768 binary zeros
OneMil_0.dat One million binary zeros (FIPS 180-3)
OneMil_a.dat One million letter "a" (FIPS 180-2)
API32.txt Text file over 1 MB
*****************************************************************************
Note from Mark Hutchinson's presentation about Microsoft's VB random number
generator. http://www.15seconds.com/issue/051110.htm
References:
Randomize Statement Doesn't Re-initialize Rnd Function
http://support.microsoft.com/default.aspx?scid=kb;en-us;120587
"To re-initialize the random-number generator, use the Rnd function with a
value of -1 to re-initialize the Rnd function, and then use the Randomize
statement with the value you want to use as the seed value for the Rnd
function."
VBA's Pseudo Random Number Generator
http://www.noesis.net.au/prng.php
INFO: How Visual Basic Generates Pseudo-Random Numbers for the RND Function
http://support.microsoft.com/kb/231847/en-us
RND and RANDOMIZE Alternatives for Generating Random Numbers
http://support.microsoft.com/kb/28150/EN-US/
** Enhanced ciphers
********************************
With all ciphers, except ArcFour, the data length will change. After
encrytption, data sizes will not match original sizes. This is due to
internal padding and the storing of information required to decrypt the
data later.
********************************
** PASSWORDS
********************************
Currently there is a minimum and maximum length of the password the user
may enter. This can be changed in the kiCrypt DLL basCommon.bas module.
In the declarations section, locate these two constants and make the
desired change. Be sure to recompile the DLL and the demo application.
PWD_LENGTH_MIN = 8
PWD_LENGTH_MAX = 50
If no hash algorithm is selected then the default hash will be SHA-256.
Sources:
http://www.planetsourcecode.com/vb/scripts/ShowCode.asp?txtCodeId=74645&lngWId=1
http://www.vbforums.com/showthread.php?831741-How-do-I-use-Crypto-API-functionality-in-VB6-without-CAPICOM-ActiveX-control