#1 2022-09-15 10:37:16

teleport.soccer
Member
Registered: 2019-01-29
Posts: 6

AES (Rijndael)?

can someone help me to implement this method in delphi:

private static string DecryptString(string content, string password)
{
    Rijndael aes;
    byte[] retVal = null;
    byte[] contentBytes;
    byte[] passwordBytes;
    byte[] ivBytes;
    try
    {
        //Get the content as byte[]
        contentBytes = Convert.FromBase64String(content);

        //Create the password and initial vector bytes
        passwordBytes = new byte[32];
        ivBytes = new byte[16];
        Array.Copy(Encoding.Unicode.GetBytes(password), passwordBytes,         
                   Encoding.Unicode.GetBytes(password).Length);
        Array.Copy(passwordBytes, ivBytes, 16);


        //Create the cryptograpy object
        aes = Rijndael.Create();
        aes.Key = passwordBytes;
        aes.IV = ivBytes;
        aes.Padding = PaddingMode.PKCS7;
        //Decrypt
        retVal = aes.CreateDecryptor().TransformFinalBlock(contentBytes, 0,
                 contentBytes.Length);
    }
    catch
    {
    }
    aes = null;
    contentBytes = null;
    passwordBytes = null;
    ivBytes = null;
    return Encoding.Unicode.GetString(retVal)
}

I've tried with TAESCFB, but I always get "Invalid input"!
Any advice is welcome.

Offline

#2 2022-09-15 12:19:55

ab
Administrator
From: France
Registered: 2010-06-21
Posts: 14,718
Website

Re: AES (Rijndael)?

What is the AES mode used?
Ask this on a dot net forum.

Show the input/output content on each step of the C# code.
And show the pascal/mORMot code you tried.

The way how IV and keys are initialized are pretty weak and unsecure.
You should never derivate the IV from the password.
And you should never directly use the password as key, but hash or PBKDF2 the password text into a key.
Please don't reinvent the wheel, and make people with security skills review your code.

Offline

#3 2022-09-15 16:06:23

teleport.soccer
Member
Registered: 2019-01-29
Posts: 6

Re: AES (Rijndael)?

thx ab.
I made it with help from this example:
https://synopse.info/forum/viewtopic.php?id=4821

BAT something is strange!
if I use Indy TCP Client:

IdTCPClient1.Connect;
IdTCPClient1.Disconnect;

and then call decrypt I get always "Invalid input"!
without using IdTCPClient1 is everything fine!

Offline

Board footer

Powered by FluxBB