Pages: 1

#1 2016-03-16 11:58:08

ertank
Member
Registered: 2016-03-16
Posts: 163

Sample AES encryption

Hi,

I am all new to this encryption stuff. I am suggested to use AES anyway. So here I am.

My code below is not working as I expected, and I couldn't find any other sample I can use of. So, I appreciate someone fix it for me, please.

uses SynCrypto;

procedure TForm10.Button1Click(Sender: TObject);
var
  myAES:TAES;
  myBlock:TAESBlock;
  I: Integer;
  s:string;
begin
  myAES.EncryptInit('12345678901234567890123456789012', 256);

  for I := 1 to 16 do begin
    myBlock[i-1] := Ord(edtTextToEncrypt.Text[i]);
  end;

  myAES.Encrypt(myBlock);

  // Fill with zeros
  s := '0000000000000000';  // 16 character string
  for I := 1 to 16 do begin
    s[i] := Chr(myBlock[i-1]);
  end;
  edtCrypted.Text := s;
end;

procedure TForm10.Button2Click(Sender: TObject);
var
  myAES:TAES;
  myBlock:TAESBlock;
  I: Integer;
  s:string;
begin
  myAES.DecryptInit('12345678901234567890123456789012', 256);

  for I := 1 to 16 do begin
    myBlock[i-1] := Ord(edtCrypted.Text[i]);
  end;

  myAES.Decrypt(myBlock);

  // Fill with zeros
  s := '0000000000000000';  // 16 character string
  for I := 1 to 16 do begin
    s[i] := Chr(myBlock[i-1]);
  end;
  edtDecrypted.Text := s;
end;

Text to encrypt is: Sample Text at all!
Decrypted text is: Sample Text at a

Thanks.

Offline

#2 2016-03-16 12:30:17

AOG
Member
Registered: 2014-02-24
Posts: 490

Re: Sample AES encryption

Length('Sample Text at all!') = 20 ?

Offline

#3 2016-03-16 12:38:46

ertank
Member
Registered: 2016-03-16
Posts: 163

Re: Sample AES encryption

AOG wrote:

Length('Sample Text at all!') = 20 ?

I read below in SynCrypto.pas:
TAESBlock = packed array[0..AESBlockSize-1] of byte;
AESBlockSize = 16

I didn't understand how to fit for example 20 characters into 16 bytes. Or, 60 characters into 16 bytes.

Well, I tried to explain that I do not know cryptography and how to use it. I do need a sample to understand, please.

Offline

#4 2016-03-16 12:47:48

AOG
Member
Registered: 2014-02-24
Posts: 490

Re: Sample AES encryption

Have a look at the SynSelfTests.
Especially at procedure TTestCryptographicRoutines._AES256;
Here, you will find exactly how to use these functions !
I hope you will succeed.

Offline

#5 2016-03-16 12:49:39

ab
Administrator
From: France
Registered: 2010-06-21
Posts: 14,225
Website

Re: Sample AES encryption

Use padding to work with any size of data, and not raw AES, but with proper block chaining, e.g. CFB.

The easiest is to use TAESCFB class, and its EncryptPKCS7/DecryptPKCS7 methods - setting IVAtBeginning=true for direct use.

Offline

#6 2016-03-16 13:26:56

ertank
Member
Registered: 2016-03-16
Posts: 163

Re: Sample AES encryption

After some more search on the forum I found this post: http://synopse.info/forum/viewtopic.php?id=1587
Thank you Swanty!

I have used it and below is the code that I came up with.

uses SynCommons, SynCrypto;

procedure TForm10.btnMakeAESClick(Sender: TObject);
const
  my_key = 'testkey';
  my_iv  = '1234567890ABCDEF';
var
  key : TSHA256Digest;
  aes : TAESCBC;
  iv  : TAESBlock;
begin
  HexToBin(Pointer(SHA256(my_key)), @key, 32);
  Move(TEncoding.ANSI.GetBytes(my_iv)[0], iv[0], 16);
  aes := TAESCBC.Create(key, 256, iv);
  try
    edtCrypted.Text := BinToBase64(aes.EncryptPKCS7(edtTextToEncrypt.Text));
  finally
    aes.Free;
  end;
end;

procedure TForm10.btnDecryptAESClick(Sender: TObject);
const
  my_key = 'testkey';
  my_iv  = '1234567890ABCDEF';
var
  key : TSHA256Digest;
  aes : TAESCBC;
  iv  : TAESBlock;
begin
  HexToBin(Pointer(SHA256(my_key)), @key, 32);
  Move(TEncoding.ANSI.GetBytes(my_iv)[0], iv[0], 16);
  aes := TAESCBC.Create(key, 256, iv);
  try
    edtDecrypted.Text := aes.DecryptPKCS7(Base64ToBin(edtCrypted.Text));
  finally
    aes.Free;
  end;
end;

edtTextToEncrypt.Text = 'Sample Text at all!'
edtCrypted.Text = 'Occ1u4nfrXSaJUZvbXCg1zpSytS4vFH4sldaZjU46gQ='
edtDecrypted.Text = 'Sample Text at all!'


So, could I do an AES crypt text with above code? Or, this is a crypt text but not an AES crypt because it uses "PKCS7"? Just give it to me being newbie, please.

Offline

#7 2016-03-16 14:36:24

ab
Administrator
From: France
Registered: 2010-06-21
Posts: 14,225
Website

Re: Sample AES encryption

It does uses AES.
But TAESCBC use AES-CBC which is known to be weak.
Prefer TAESCFB, for instance.

But your code would be broken, since it mixes RawByteString and String.
Use e.g. StringToUTF8 / UTF8ToString as defined in SynCommons.pas if your purpose is to crypt some text.
The easiest/safest is to use the CreateFromSha256() constructor, e.g. via TAESCFB.CreateFromSha256(StringToUTF8(keyfield.text)).

You do not need to use TEncoding.ANSI... just define 

const my_iv: array[0..15] of AnsiChar = '1234567890ABCDEF';

You could then use directly TAESBlock(my_iv).
Or even better, do not create a manual fixed IV, but use the IVAtBeginning=true parameter to EncryptPKCS7/DecryptPKCS7 methods, which would create a random IV for each encryption.

Offline

#8 2016-03-16 15:43:04

ertank
Member
Registered: 2016-03-16
Posts: 163

Re: Sample AES encryption

ab wrote:

Or even better, do not create a manual fixed IV, but use the IVAtBeginning=true parameter to EncryptPKCS7/DecryptPKCS7 methods, which would create a random IV for each encryption.

I believe I could do all suggestions but above one. SynCommons.pas or SynCrypto.pas do not have "IVAtBeginning" text in it. I couldn't find this parameter declared anywhere at all. Would you explain a little bit more, please? Maybe with some code sample?

--Ertan

Offline

#9 2016-03-16 17:54:20

ertank
Member
Registered: 2016-03-16
Posts: 163

Re: Sample AES encryption

It turns out that I installed version 1.17 of the framework which is indicated as stable on the web site. When I switch to version 1.18 nightly build from 2016-03-15 I got IVAtBeginning as a parameter for EncryptPKCS7 and DecryptPKCS7 functions.

Now, I can encrypt, and decrypt.

My final code is as follows:

const
  my_key = 'testkey';

var
  Form10: TForm10;

implementation

{$R *.dfm}

uses SynCommons, SynCrypto;

procedure TForm10.btnMakeAESClick(Sender: TObject);
var
  key : TSHA256Digest;
  aes : TAESCFB;
  s:RawByteString;
begin
  SynCommons.HexToBin(Pointer(SHA256(my_key)), @key, 32);

  aes := TAESCFB.Create(key, 256);
  try
    s := StringToUTF8(edtTextToEncrypt.Text);
    s := BinToBase64(aes.EncryptPKCS7(s, True));
    edtCrypted.Text := UTF8ToString(s);
  finally
    aes.Free;
  end;
end;

procedure TForm10.btnDecryptAESClick(Sender: TObject);
var
  key : TSHA256Digest;
  aes : TAESCFB;
  s:RawByteString;
begin
  SynCommons.HexToBin(Pointer(SHA256(my_key)), @key, 32);

   aes := TAESCFB.Create(key, 256);
  try
    s := StringToUTF8(edtCrypted.Text);
    s := aes.DecryptPKCS7(Base64ToBin(s), True);
    edtDecrypted.Text := UTF8ToString(s);
  finally
    aes.Free;
  end;
end;

Now, I have different crypt strings for same text.
Text to crypt: 'Sample Text at all!'
Crypt text1: 'WcSmQUMs0yPMPEwaaseNCWThhFkNzSEifnn0631q3c6IfKnurWHxjxtNliCcTBBL'
Crypt text2 (clicked btnMakeAES again): 'ioFKOtLfMFxXATJ4oiQw5P5gXUExvGBssiWtlgeDoNMkIBpka2Y7eo8KuYo8n/MA'
Crypt text3 (clicked btnMakeAES 3rd time): 'Yb8aMYICC51nbynZ6DLG1CmtCPui8HD9vUQgtnDg5o/p0DywyrVDbaIOhnOSIS7n'

All above Crypt strings decrypt back to 'Sample Text at all!' which is good.

Now, I wonder if there is anything more I can do to make crypt strings stronger than they are now.

Thanks for all the support.

--Ertan

Offline

#10 2016-03-16 19:16:49

ab
Administrator
From: France
Registered: 2010-06-21
Posts: 14,225
Website

Re: Sample AES encryption

It is stronger as it can get, IMHO.

Offline

Pages: 1

Board footer

Powered by FluxBB