You are not logged in.
Pages: 1
Hi, I'm getting AV in TAES.DoBlocksThread, version from yesterday.
Am I doing something wrong here?
function AESEncrypt(const AContent, APass: RawByteString): RawByteString;
var
Digest: TSHA256Digest;
begin
SHA256Weak(APass, Digest);
Result := BinToBase64(SynCrypto.AES(Digest, SizeOf(Digest), AContent, True));
end;
procedure TForm3.btnEncClick(Sender: TObject);
var
Temp: RawByteString;
begin
Temp := AESEncrypt('Lorem ipsum do', '123456'); // Works
Temp := AESEncrypt('Lorem ipsum dolor sit amet, consectetur adipiscin', '123456'); // Fails - AV
end;
Last edited by igors233 (2020-10-19 16:54:13)
Offline
Don't use this AES() function which is clearly deprecated and should not be called. It uses ECB, which is a not safe block mode.
Take a look at EncryptPKCS7/DecryptPKCS7 methods of a safe class, e.g. TAESOFB.
Online
Thanks, I wasn't aware of this, it would be good to mark AES procedure as unsafe
Is it OK to use, TAESOFB.SimpleEncrypt?
Offline
Pages: 1