Author Topic: RSA CryptoImportKey  (Read 98 times)

drunkenmyno

  • Regular Member
  • *
  • Posts: 6
RSA CryptoImportKey
« on: January 08, 2020, 03:44:31 AM »
Hello Guys,

im trying to find out why my ImportKey function is not working i have a 1024 bit RSA key which is defined in rawBytes (RSA Private Key Blob)
i can see in debugger the right Format, i used the same on C++.

the CryptImportKey function returns in ASM false not true :(

Does anyone have a clue why?

In C++ i used the same way and the CryptImportKey returns a true

Code: [Select]
Signing proto :DWORD


HMAC             PROTO :DWORD,:DWORD,:DWORD
HCRYPTPROV  TYPEDEF     DWORD
HCRYPTKEY   TYPEDEF     DWORD
HCRYPTHASH  TYPEDEF     DWORD


includelib \masm32\lib\advapi32.lib


.data

szDescription db "None",0

rawBytes dd 519, 9216, 843141970, 1024, 65537, 4019681269, 766412654, 1148339671, 3866187518
dd 2208827980, 3725094966, 3328195280, 279753705, 1185242044, 441431080, 338919816
dd 1189069500, 3421272584, 995117820, 2761590050, 1478749359, 3054043772, 1852434794
dd 1511026794, 60665850, 431488057, 1761925545, 2464878382,  17292288, 2464055766, 1391480318, 2432119691, 1276130207, 3342049767
dd 1199483438, 2706136194, 3158609378, 3648997927, 4289748319, 2112254099, 809163591, 2598171490, 2651196471, 1462967614, 999864054
dd 1701406992, 1042879468, 807054280, 2904857369, 82545403, 3487195402, 107665225, 4177176679, 3847817859, 2183183874, 65420134
dd 2263642747, 2457559605, 4150499079, 671441804, 2504352067, 513073965, 1722800881, 2340340157, 2113849822, 2630967230, 3143460073
dd 2443071714, 3247677803, 1600584253, 3194871878, 2464094644, 2526144991, 2620415525, 1295086982, 1794169127, 1249383001, 2120846881
dd 3727398376, 924069329, 2266696090, 4168236888, 3520046464, 146217402, 1960698674, 915096797, 7678332, 1434769760, 2996754898, 174259423
dd 2702328646, 1678846420, 1282527839, 1509313856, 4099963353, 3706094432, 1652060894 , 3799400480, 874534381, 1206300033, 823701122
dd 725569641, 3764666093, 4184631630, 2752519214, 2207957691, 1627685453, 3034486924, 926995118, 371308652, 3385529976, 2233341141, 4212945849
dd 766579896, 3918000119, 3525927196, 356385526, 3116687861, 838868864, 803251139, 2445458860, 304498296, 3419667450, 303472893 , 2575597453
dd 463342028, 890561905, 3269636090, 3994423602, 2233446350, 197291754, 2839409835, 4008012529, 1185794166, 951204057, 1400606485, 4191412566
dd 1446368551, 1227923537,  2716609714, 1124550373, 1374757809, 2526754295, 1879931556, 2880040433, 3107470658, 78399183,  826386004, 2855457678






.data?
       
.code

Signing proc hWin:DWORD

LOCAL hProv:HCRYPTPROV
LOCAL hHash:HCRYPTHASH
LOCAL hKey:HCRYPTKEY

  lea eax, hProv
  invoke CryptAcquireContext, addr hProv, offset szDescription, NULL,PROV_RSA_FULL,CRYPT_DELETEKEYSET
  invoke CryptAcquireContext, addr hProv, offset szDescription, NULL,PROV_RSA_FULL,0
  invoke CryptAcquireContext, addr hProv, offset szDescription, NULL,PROV_RSA_FULL,CRYPT_NEWKEYSET
  invoke CryptAcquireContext, addr hProv, offset szDescription, NULL,PROV_RSA_FULL,0
invoke CryptImportKey, addr hProv, addr rawBytes, 596,  0 , CRYPT_EXPORTABLE,  addr hKey

       
Ret
Signing endp

AW

  • Member
  • *****
  • Posts: 2508
  • Let's Make ASM Great Again!
Re: RSA CryptoImportKey
« Reply #1 on: January 08, 2020, 04:44:06 AM »
If it works in C++ and does not work in MASM is because you are not doing a proper conversion.
Use GetLastError to help you in the debug process. I am sure you will find the problem in 5 minutes (or less).




drunkenmyno

  • Regular Member
  • *
  • Posts: 6
Re: RSA CryptoImportKey
« Reply #2 on: January 08, 2020, 06:47:46 AM »
You are right it has somrthing todo with the conversion.. But i dont know why gestlasterror gives me 0x57 as

In debugger i See it correct and the size of 0x254 bytes But the cryptimportkey reads the privateKey blob wrong then


AW

  • Member
  • *****
  • Posts: 2508
  • Let's Make ASM Great Again!
Re: RSA CryptoImportKey
« Reply #3 on: January 08, 2020, 05:00:14 PM »
.. But i dont know why gestlasterror gives me 0x57 as
Good finding.
Now, you may suspect that the CryptImportKey declaration does not correspond to the one you are using.