[Lazarus] Encryption compatible with .net

classic Classic list List threaded Threaded
12 messages Options
Reply | Threaded
Open this post in threaded view
|

[Lazarus] Encryption compatible with .net

Gabriele Cappelletto
I can not find a way to encrypt a file with Lazarus and decrypt it with
the .net DESCryptoServiceProvider. I tried with lockbox2, DCPcrypt but I
could not. Someone can give me the code to implement this in Lazarus?

Gabriele Cappelletto

--
_______________________________________________
Lazarus mailing list
[hidden email]
http://lists.lazarus.freepascal.org/mailman/listinfo/lazarus
Reply | Threaded
Open this post in threaded view
|

Re: [Lazarus] Encryption compatible with .net

leledumbo
Administrator
> I can not find a way to encrypt a file with Lazarus and decrypt it with
the .net DESCryptoServiceProvider. I tried with lockbox2, DCPcrypt but I
could not. Someone can give me the code to implement this in Lazarus?

DES is a standard encryption. If you can't decrypt what's encrypted by a standard encryption, regardless of languages and libraries, then either the library or your way to use the library is wrong. Ensure all properties (key size, block size, initialization vector, whatever) you use is the same and the resulting data is also of the same type and structure. All in all, show what you've done.
Reply | Threaded
Open this post in threaded view
|

Re: [Lazarus] Encryption compatible with .net

Gabriele Cappelletto
I tried to put all the same properties, but I could not. There is
probably something I did wrong. So I ask if someone can give me the
code. is two days I feel.


Il 14/11/2015 16:36, leledumbo ha scritto:

>> I can not find a way to encrypt a file with Lazarus and decrypt it with
> the .net DESCryptoServiceProvider. I tried with lockbox2, DCPcrypt but I
> could not. Someone can give me the code to implement this in Lazarus?
>
> DES is a standard encryption. If you can't decrypt what's encrypted by a
> standard encryption, regardless of languages and libraries, then either the
> library or your way to use the library is wrong. Ensure all properties (key
> size, block size, initialization vector, whatever) you use is the same and
> the resulting data is also of the same type and structure. All in all, show
> what you've done.
>
>
>
> --
> View this message in context: http://free-pascal-lazarus.989080.n3.nabble.com/Lazarus-Encryption-compatible-with-net-tp4045490p4045492.html
> Sent from the Free Pascal - Lazarus mailing list archive at Nabble.com.
>
> --
> _______________________________________________
> Lazarus mailing list
> [hidden email]
> http://lists.lazarus.freepascal.org/mailman/listinfo/lazarus
>


--
_______________________________________________
Lazarus mailing list
[hidden email]
http://lists.lazarus.freepascal.org/mailman/listinfo/lazarus
Reply | Threaded
Open this post in threaded view
|

Re: [Lazarus] Encryption compatible with .net

Graeme Geldenhuys-3
In reply to this post by Gabriele Cappelletto
On 2015-11-14 09:44, Gabriele Cappelletto wrote:
> the .net DESCryptoServiceProvider.

Please show how the data was encrypted... The exact code snippet would
be useful. I could then show you how to use DCPCrypt with the same
settings to decrypt it.

Without knowing how it was encrypted, there is no way anybody can show
you code on how to decrypt it.

Regards,
  - Graeme -

--
fpGUI Toolkit - a cross-platform GUI toolkit using Free Pascal
http://fpgui.sourceforge.net/

My public PGP key:  http://tinyurl.com/graeme-pgp

--
_______________________________________________
Lazarus mailing list
[hidden email]
http://lists.lazarus.freepascal.org/mailman/listinfo/lazarus
Reply | Threaded
Open this post in threaded view
|

Re: [Lazarus] Encryption compatible with .net

Gabriele Cappelletto


Il 14/11/2015 18:11, Graeme Geldenhuys ha scritto:

> On 2015-11-14 09:44, Gabriele Cappelletto wrote:
>> the .net DESCryptoServiceProvider.
> Please show how the data was encrypted... The exact code snippet would
> be useful. I could then show you how to use DCPCrypt with the same
> settings to decrypt it.
>
> Without knowing how it was encrypted, there is no way anybody can show
> you code on how to decrypt it.
>
> Regards,
>   - Graeme -
> Ok thanks. We start from the opposite. cryptographer a string with vb.net with the following code, what's the code to decrypt it with DCPCrypt?

Ok thanks. We start from the opposite. cryptographer a string with
vb.net with the following code, what's the code to decrypt it with DCPCrypt?

        Dim Key() As Byte = {}
        Dim IV() As Byte = {1, 2, 3, 4, 5, 6, 7, 8}

        Dim KeyStr As String = "cicciob1"
        Dim vector As String = "12345678"
        Dim inputByteArray(TextBox3.Text.Length) As Byte
        Dim des As New DESCryptoServiceProvider
        'des.Mode = CipherMode.CBC
        'des.Padding = PaddingMode.Zeros
        Key = System.Text.Encoding.UTF8.GetBytes(KeyStr)      
        inputByteArray = Encoding.UTF8.GetBytes(TextBox3.Text)
       
        Dim ms As New MemoryStream
        Dim cs As New CryptoStream(ms, des.CreateEncryptor(Key, IV),
CryptoStreamMode.Write)
        cs.Write(inputByteArray, 0, inputByteArray.Length)
        cs.FlushFinalBlock()

        TextBox4.Text = Convert.ToBase64String(ms.ToArray)



--
_______________________________________________
Lazarus mailing list
[hidden email]
http://lists.lazarus.freepascal.org/mailman/listinfo/lazarus
Reply | Threaded
Open this post in threaded view
|

Re: [Lazarus] Encryption compatible with .net

Graeme Geldenhuys-3
On 2015-11-15 05:30, Gabriele Cappelletto wrote:
> what's the code to decrypt it with DCPCrypt?


Here is one usage example... This is actually the DES3 self-test code

===========================
procedure test;
const
  Key: array[0..23] of byte =
    ($01,$23,$45,$67,$89,$ab,$cd,$ef,$fe,$dc,$ba,$98,
     $76,$54,$32,$10,$89,$ab,$cd,$ef,$01,$23,$45,$67);    // whatever
your key is
  PlainText: array[0..7] of byte=
    ($01,$23,$45,$67,$89,$ab,$cd,$e7);
  CipherText: array[0..7] of byte=
    ($de,$0b,$7c,$06,$ae,$5e,$0e,$d5);
var
  Cipher: TDCP_3des;
  Block: array[0..7] of byte;
begin
  dcpFillChar(Block, SizeOf(Block), 0); // initialize block to 0's
  Cipher:= TDCP_3des.Create(nil);
  Cipher.Init(Key,Sizeof(Key)*8,nil);
  Cipher.EncryptECB(PlainText,Block); // encrypt to Block
  Result:= CompareMem(@Block,@CipherText,Sizeof(CipherText));
  Cipher.DecryptECB(Block,Block); // decrypt the data in Block
  Result:= Result and CompareMem(@Block,@PlainText,Sizeof(PlainText));
  Cipher.Free;
end;

===========================


Here is another example where DCPCrypt is used to decrypt a file. It
used a different cipher and hash, but the usage would be the same for
DES or DES3.


==========================
procedure TDecryptDCPCrypt.DecryptFile(const pSrcFile, pDestFile: string);
var
  SrcFileStream, DestFileStream: TFileStream;
  DestPath: string;
  lSrc, lDest: string;
begin
  lSrc := tiFixPathDelim(pSrcFile);
  lDest := tiFixPathDelim(pDestFile);

  if FileExists(lSrc) then
  begin
    SrcFileStream  := TFileStream.Create(lSrc, fmOpenRead);
    DestFileStream := TFileStream.Create(lDest, fmCreate);

    try
      DestPath := ExtractFilePath(lDest);
      if not DirectoryExists(DestPath) then
        CreateDir(DestPath);

      try
        FCipher.InitStr(cDecryptKey, TDCP_haval);
        FCipher.DecryptStream(SrcFileStream, DestFileStream,
LongWord(SrcFileStream.Size));
        FCipher.Burn;
      except
        on E: Exception do
        begin
          Log(E.Message, lsError);
          raise ESlideDecryptionFailed.Create('Failed to decrypt slide <'
              + lSrc + '>' + tiLineEnd +  'Error: ' + E.Message);
        end;
      end;  { try.. except }

    finally
      SrcFileStream.Free;
      DestFileStream.Free;
    end;  { try..finally }
  end  { if }
  else
    Log('pSrcFile does NOT exist!', lsError);
end;
==========================

Regards,
  - Graeme -

--
fpGUI Toolkit - a cross-platform GUI toolkit using Free Pascal
http://fpgui.sourceforge.net/

My public PGP key:  http://tinyurl.com/graeme-pgp

--
_______________________________________________
Lazarus mailing list
[hidden email]
http://lists.lazarus.freepascal.org/mailman/listinfo/lazarus
Reply | Threaded
Open this post in threaded view
|

Re: [Lazarus] Encryption compatible with .net

Sven Barth
In reply to this post by Gabriele Cappelletto

Am 15.11.2015 06:31 schrieb "Gabriele Cappelletto" <[hidden email]>:
>
>
>
> Il 14/11/2015 18:11, Graeme Geldenhuys ha scritto:
> > On 2015-11-14 09:44, Gabriele Cappelletto wrote:
> >> the .net DESCryptoServiceProvider.
> > Please show how the data was encrypted... The exact code snippet would
> > be useful. I could then show you how to use DCPCrypt with the same
> > settings to decrypt it.
> >
> > Without knowing how it was encrypted, there is no way anybody can show
> > you code on how to decrypt it.
> >
> > Regards,
> >   - Graeme -
> > Ok thanks. We start from the opposite. cryptographer a string with vb.net with the following code, what's the code to decrypt it with DCPCrypt?
>
> Ok thanks. We start from the opposite. cryptographer a string with
> vb.net with the following code, what's the code to decrypt it with DCPCrypt?
>
>         Dim Key() As Byte = {}
>         Dim IV() As Byte = {1, 2, 3, 4, 5, 6, 7, 8}
>
>         Dim KeyStr As String = "cicciob1"
>         Dim vector As String = "12345678"
>         Dim inputByteArray(TextBox3.Text.Length) As Byte
>         Dim des As New DESCryptoServiceProvider
>         'des.Mode = CipherMode.CBC
>         'des.Padding = PaddingMode.Zeros
>         Key = System.Text.Encoding.UTF8.GetBytes(KeyStr)
>         inputByteArray = Encoding.UTF8.GetBytes(TextBox3.Text)
>
>         Dim ms As New MemoryStream
>         Dim cs As New CryptoStream(ms, des.CreateEncryptor(Key, IV),
> CryptoStreamMode.Write)
>         cs.Write(inputByteArray, 0, inputByteArray.Length)
>         cs.FlushFinalBlock()
>
>         TextBox4.Text = Convert.ToBase64String(ms.ToArray)

What did you try in the Pascal side (code please)? Did you decode the Base64 stream before passing the data to the decryption?

Regards,
Sven


--
_______________________________________________
Lazarus mailing list
[hidden email]
http://lists.lazarus.freepascal.org/mailman/listinfo/lazarus
Reply | Threaded
Open this post in threaded view
|

Re: [Lazarus] Encryption compatible with .net

Gabriele Cappelletto
I have try with this code but not work, I have test the function give me the same result:

var
  Cipher: TDCP_des;
  KeyStr: string;
  TextIn, TextOut : String;
  Hash: TDCP_sha1;
  Digest: array[0..19] of byte;
  Vector : array of Byte;

  src, enc, b64: TBytes;
  index, lunghezza, blocksize, paddingsize: integer;    

begin
    SetLength(Vector, 8);

  Vector[0] := 1;
  Vector[1] := 2;
  Vector[2] := 3;
  Vector[3] := 4;
  Vector[4] := 5;
  Vector[5] := 6;
  Vector[6] := 7;
  Vector[7] := 8;

  Cipher := TDCP_des.Create(Self);    
   Cipher.Init('cicciob1',Length('cicciob1')*8, addr(Vector[0]));
  TextIn := Edit1.Text;
  lunghezza := Length(TextIn);
  index := SizeOf(TextIn);
  blocksize := Cipher.BlockSize div 8;
  paddingsize:= blocksize - (lunghezza mod blocksize);
  Inc(lunghezza, paddingsize);
  SetLength(TextIn, lunghezza);
  for index:=paddingsize downto 1 do
  begin
       TextIn[lunghezza - index] := char(0);
  end;
  index := Length(TextOut);
  SetLength(TextOut, lunghezza);
  Cipher.EncryptCBC(TextIn[1], TextOut[1], length(TextIn));
  Edit2.Text:=EncodeStringBase64(TextOut);    






Il 15/11/2015 11:59, Sven Barth ha scritto:

Am 15.11.2015 06:31 schrieb "Gabriele Cappelletto" <[hidden email]>:
>
>
>
> Il 14/11/2015 18:11, Graeme Geldenhuys ha scritto:
> > On 2015-11-14 09:44, Gabriele Cappelletto wrote:
> >> the .net DESCryptoServiceProvider.
> > Please show how the data was encrypted... The exact code snippet would
> > be useful. I could then show you how to use DCPCrypt with the same
> > settings to decrypt it.
> >
> > Without knowing how it was encrypted, there is no way anybody can show
> > you code on how to decrypt it.
> >
> > Regards,
> >   - Graeme -
> > Ok thanks. We start from the opposite. cryptographer a string with vb.net with the following code, what's the code to decrypt it with DCPCrypt?
>
> Ok thanks. We start from the opposite. cryptographer a string with
> vb.net with the following code, what's the code to decrypt it with DCPCrypt?
>
>         Dim Key() As Byte = {}
>         Dim IV() As Byte = {1, 2, 3, 4, 5, 6, 7, 8}
>
>         Dim KeyStr As String = "cicciob1"
>         Dim vector As String = "12345678"
>         Dim inputByteArray(TextBox3.Text.Length) As Byte
>         Dim des As New DESCryptoServiceProvider
>         'des.Mode = CipherMode.CBC
>         'des.Padding = PaddingMode.Zeros
>         Key = System.Text.Encoding.UTF8.GetBytes(KeyStr)
>         inputByteArray = Encoding.UTF8.GetBytes(TextBox3.Text)
>
>         Dim ms As New MemoryStream
>         Dim cs As New CryptoStream(ms, des.CreateEncryptor(Key, IV),
> CryptoStreamMode.Write)
>         cs.Write(inputByteArray, 0, inputByteArray.Length)
>         cs.FlushFinalBlock()
>
>         TextBox4.Text = Convert.ToBase64String(ms.ToArray)

What did you try in the Pascal side (code please)? Did you decode the Base64 stream before passing the data to the decryption?

Regards,
Sven



--
_______________________________________________
Lazarus mailing list
[hidden email]
http://lists.lazarus.freepascal.org/mailman/listinfo/lazarus


--
_______________________________________________
Lazarus mailing list
[hidden email]
http://lists.lazarus.freepascal.org/mailman/listinfo/lazarus
Reply | Threaded
Open this post in threaded view
|

Re: [Lazarus] Encryption compatible with .net

DougC
After quick look I noticed that

var
  Vector : array of Byte;

  SetLength(Vector, 8);
  Vector[0] := 1;
  Vector[1] := 2;
  Vector[2] := 3;
  Vector[3] := 4;
  Vector[4] := 5;
  Vector[5] := 6;
  Vector[6] := 7;
  Vector[7] := 8;

does not match

  Dim vector As String = "12345678"

Should be something like
  Vector[0] := '1';
  Vector[1] := '2';
  Vector[2] := '3';
  Vector[3] := '4';
  Vector[4] := '5';
  Vector[5] := '6';
  Vector[6] := '7';
  Vector[7] := '8';

I didn't look at the rest.


--
_______________________________________________
Lazarus mailing list
[hidden email]
http://lists.lazarus.freepascal.org/mailman/listinfo/lazarus
Reply | Threaded
Open this post in threaded view
|

Re: [Lazarus] Encryption compatible with .net

Gabriele Cappelletto
But the cipther constructor does not refer to vector, but the variable IV. Vector is not used in this example

Il 15/11/2015 12:44, DougC ha scritto:
After quick look I noticed that

var
  Vector : array of Byte;

  SetLength(Vector, 8);
  Vector[0] := 1;
  Vector[1] := 2;
  Vector[2] := 3;
  Vector[3] := 4;
  Vector[4] := 5;
  Vector[5] := 6;
  Vector[6] := 7;
  Vector[7] := 8;

does not match

  Dim vector As String = "12345678"

Should be something like
  Vector[0] := '1';
  Vector[1] := '2';
  Vector[2] := '3';
  Vector[3] := '4';
  Vector[4] := '5';
  Vector[5] := '6';
  Vector[6] := '7';
  Vector[7] := '8';

I didn't look at the rest.



--
_______________________________________________
Lazarus mailing list
[hidden email]
http://lists.lazarus.freepascal.org/mailman/listinfo/lazarus


--
_______________________________________________
Lazarus mailing list
[hidden email]
http://lists.lazarus.freepascal.org/mailman/listinfo/lazarus
Reply | Threaded
Open this post in threaded view
|

Re: [Lazarus] Encryption compatible with .net

payl
I see another problem: Your pascal implementation sets key badly. I think it should be 'key'[1]. However as I didn't even use buffer with constant string so I might be wrong.
You should also try to encrypt longer messages to see if first block is intact because then it's padding problem.
Please also note that such implementation is insecure because IV is static, key isn't derived with KDF, DES is insecure nowadays, and no integrity checking is done. So if you want your encryption to be of any security, fix these flaws.
Also consider cleaning up code so we don't get confused about unused variables.

(Btw. My first post on this mailing list - yay!)

W dniu .11.2015 o 12:56 Gabriele Cappelletto <[hidden email]> pisze:

But the cipther constructor does not refer to vector, but the variable IV. Vector is not used in this example

Il 15/11/2015 12:44, DougC ha scritto:
After quick look I noticed that

var
  Vector : array of Byte;

  SetLength(Vector, 8);
  Vector[0] := 1;
  Vector[1] := 2;
  Vector[2] := 3;
  Vector[3] := 4;
  Vector[4] := 5;
  Vector[5] := 6;
  Vector[6] := 7;
  Vector[7] := 8;

does not match

  Dim vector As String = "12345678"

Should be something like
  Vector[0] := '1';
  Vector[1] := '2';
  Vector[2] := '3';
  Vector[3] := '4';
  Vector[4] := '5';
  Vector[5] := '6';
  Vector[6] := '7';
  Vector[7] := '8';

I didn't look at the rest.



--
_______________________________________________
Lazarus mailing list
[hidden email]
http://lists.lazarus.freepascal.org/mailman/listinfo/lazarus





--
_______________________________________________
Lazarus mailing list
[hidden email]
http://lists.lazarus.freepascal.org/mailman/listinfo/lazarus
Reply | Threaded
Open this post in threaded view
|

Re: [Lazarus] Encryption compatible with .net

DougC
In reply to this post by Gabriele Cappelletto
So why is vector in your code? Including irrelevant parts just makes it harder for others to help you.

Rewrite your Pascal code to use the same variables as the VB code!


---- On Sun, 15 Nov 2015 06:56:09 -0500 Gabriele Cappelletto <[hidden email]> wrote ----

But the cipther constructor does not refer to vector, but the variable IV. Vector is not used in this example


--
_______________________________________________
Lazarus mailing list
[hidden email]
http://lists.lazarus.freepascal.org/mailman/listinfo/lazarus