Encryption and compression, native and managed

• Download source and release DLL (C++) - 922 KB
• Download test application source and release (C++) - 1.24 MB
• Download RSA key generator (C#) source and EXE - 14.2 KB
• Download web page encryption (ASP.NET) - 85.6 KB

Introduction

Every application usually stores data, and basic encryption is needed to prevent access by unauthorized subjects. If you are using C++, Crypto++ is a very powerful library to encrypt and compress. The problem is that I had many implementations of the same code. I had some using CString, some using ATL. Some were using GZip, some ZLib. For the web, I used RSA (because .NET supports it); for pure native implementations, I used DEM encryption. Besides, compiling the Crypto++ sources every time a project is re-built takes too long.

So, I built a DLL with the functionality these applications used:

• Base 64 (encode and decode)
• GZip (zip and unzip)
• ZLib (zip and unzip)
• DEM (encrypt and decrypt)
• RSA (encrypt and decrypt)

The C++ DLL

The DLL does not use MFC or ATL. It exposes functions using "char*" so you need conversion of strings to use it. It is a thin layer on top of the Crypto++ libraries.

To use it:

• Extract the files in the release folder of CryptoLib.zip
• In your project properties, Linker -> Input -> "Additional dependencies", add the path to CryptoLib.lib
• Add include header for InfoFormat.h
• Remember that the DLL must be in the directory with the exe in the debug and release folders

The CInfoFormat class has only two methods, Encode and Decode:

• Encode: Compresses, encrypts, and returns the string in base64 (in that order)
• Decode: Converts base64 to normal, decrypts, and decompresses the string

Encryption and compression is optional in both methods. These are the two methods that are used the most because:

• Compression, while it requires some processing power, can reduce a lot of the size of the data.
• Encryption is needed to make the data safe.
• Base64 is used to be able to copy and paste data (that has a binary representation). It is also useful when you need to handle data as strings in programs or databases.

The CInterno class provides methods for all the functionality independently. The methods are:

• EncodeB64 / DecodeB64: Converts a string from and to Base64.
• EncryptDEM / DecryptDEM: Encrypts and decrypts using DefaultEncryptorWithMAC which is a password-based encryptor using DES-EDE2 and HMAC/SHA-1. It needs the method SetDEMPWD to be called first, to set the password.
• EncryptRSA / DecryptRSA: Encrypts using RSA. It needs the method InitRSA to be called first to set the keys.
• GZip / UnGZip: Compresses and uncompresses using the Gzip algorithm.
• ZLibCompress / ZLibUnCompress: Compresses and uncompresses using the ZLib algorithm.
• InitRSA: Sets the keys for the RSA encryption. You can generate random keys with the RSAKeyGenerator program.
• SetDEMPWD: Sets the password for the DefaultEncryptorWithMAC encryption.

RSA Key Generator

This is a very simple utility to build random keys for the RSA encryption. It generates the keys so you can copy/paste in the code. It is in C# as it was the first way I found to do it. It is not very difficult to do using Crypto++ (I may later include it in the DLL).

Web Page Encryption and Compression

If you have an application that needs to send and receive data from the web (in XML format, for example), you can use the native library to encrypt and zip the data. Unfortunately, usually web hosting sites only allow managed code. So, I built a web page that decrypts data encrypted with the native library. It receives data in the post field of the request, and returns the response (encrypted and compressed, if necessary). It uses the parameters "Zip" and "Enc" to know if the data is compressed or encrypted and how.

The sample page in CryptTestWeb.zip decrypts and decompresses the message and adds "Added-" "-In-WebSite" to the message.

Unfortunately, .NET doesn't support DefaultEncryptorWithMAC, so you can only encrypt with RSA (which is very slow). I hosted the sample page at http://Bragadolmos.com.ar/CryptTestWeb.aspx for testing purposes. ZLib is not supported in .NET, so a free library (ManagedZLib.dll) is used.

Test Application

The test application is built with MFC and is only to test the native DLL and the .NET page. You just select the encryption and compression from the dropdownlist and test a message. For files and web messages, the dropdown options apply too.

The Code

The code is pretty simple, all hard work is done in the libraries. For the native library, there is a generic function that takes advantage of how Crypto++ is designed:

void ProcessBuffTrans(BufferedTransformation& buf, const BYTE* input, 
                      int inputlen,BYTE** output, int* outputlen)
{
    buf.Put(input, inputlen);
    buf.MessageEnd();
    int len = buf.MaxRetrievable();
    *output = new BYTE[len];
    buf.Get(*output, len);
    *outputlen = len;
}

so that it can later be called with different transformations:

Gzip zip;
ProcessBuffTrans(zip, input, inputlen, output, outputlen);

Gunzip unzip;
ProcessBuffTrans(unzip, input, inputlen, output, outputlen);

ZlibCompressor zcomp;
ProcessBuffTrans(zcomp, input, inputlen, output, outputlen);

ZlibDecompressor zuncomp;
ProcessBuffTrans(zuncomp, input, inputlen, output, outputlen);

In the class CInterno, the object encrsa of type CRSAEnc is declared as void*. That is to avoid including RSA headers (which in turn include most Crypto++ headers) into the library.

The class CRSAEnc is responsible for RSA encryption. The methods InternalEncrypt and InternalDecrypt divide the string into chunks for RSA encryption and decryption.

References

• Crypto++ library
• Cryptographic Interoperability: Keys
• I'm sure I got some of the code from other sources (that I can't find now)...I thank them all.

This article, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)