EldoS | Feel safer!

Software components for data protection, secure storage and transfer

Invalid Key Material error during symmetric encryption

Also by EldoS: Rethync
The cross-platform framework that simplifies synchronizing data between mobile and desktop applications and servers and cloud storages
#6217
Posted: 05/13/2008 01:06:47
by Support GenusSoft (Standard support level)
Joined: 05/12/2008
Posts: 4

I need to encrypt and decrypt a file using symmetric encryption and get an error "Invalid Key Material" - any suggestions:


Code
procedure LoadConfig();
var
  fn : string;
  sl : TStringList;
  ems, ums : TMemoryStream;
  z : TElBlowfishSymmetricCrypto;
  k : TElSymmetricKeyMaterial;
begin
  try
    fn := ConfigFileName(); //get the name of teh global config file
    sl := TStringList.Create();

    if FileExists(fn) then
    begin

      ems := TMemoryStream.Create;
      ums := TMemoryStream.Create;
      ems.LoadFromFile(fn);

      try
        k := TElSymmetricKeyMaterial.Create();
        k.Key := SBUtils.BytesOfString('12345');
        z := TElBlowfishSymmetricCrypto.Create(cmDefault);
        z.KeyMaterial := k;
        z.Decrypt(ems, ums);
      finally
        if assigned(z) then z.free;
        if assigned(k) then k.free;
      end;

      {put in string list}
      sl.LoadFromStream(ums);

      {read the settings}
      FConnectionData.Driver := sl.Values['driver'];
      FConnectionData.Server := sl.Values['server'];
      FConnectionData.Database := sl.Values['database'];
      FConnectionData.User := sl.Values['user'];
      FConnectionData.Password := sl.Values['password'];
      FConnectionData.Configured := true;
    end
    else
    begin
      FConnectionData.Configured := false;
      {nada};
    end;
  finally
    if assigned(sl) then sl.free;
    if assigned(ems) then ems.free;
    if assigned(ums) then ums.free;    
  end;
end;
#6219
Posted: 05/13/2008 03:42:37
by Mykola Olshevsky (Basic support level)
Joined: 07/07/2005
Posts: 450

On which source line you are receiving such error?
#6223
Posted: 05/13/2008 09:19:42
by Support GenusSoft (Standard support level)
Joined: 05/12/2008
Posts: 4

z.Decrypt(ems, ums);
#6226
Posted: 05/13/2008 09:34:22
by Support GenusSoft (Standard support level)
Joined: 05/12/2008
Posts: 4

Same error happens in the encryption part on z.Encrypt(ums, ems).

Code
procedure SaveConnectionData;
var
  fn : string;
  sl : TStringList;
  ums, ems : TMemoryStream;
  z : TElBlowfishSymmetricCrypto;
  k : TElSymmetricKeyMaterial;
begin
   fn := ConfigFileName();
  {write the settings}
   try
    {String list}
    sl := TStringList.Create;
    sl.Add('driver='+FConnectionData.Driver);
    sl.Add('server='+FConnectionData.Server);
    sl.Add('database='+FConnectionData.Database);
    sl.Add('user='+FConnectionData.User);
    sl.Add('password='+FConnectionData.Password);

    {Streams}
    ums := TMemoryStream.Create;
    ems := TMemoryStream.Create;

    {Save data to stream}
    sl.SaveToStream(ums);
    
    try
      k := TElSymmetricKeyMaterial.Create();
      k.Key := SBUtils.BytesOfString('12345');
      z := TElBlowfishSymmetricCrypto.Create(cmDefault);
      z.KeyMaterial := k;

      z.Encrypt(ums, ems);

    finally
      if assigned(z) then z.free;
      if assigned(k) then k.free;
    end;

    ems.SaveToFile(fn);

  finally
    if assigned(sl) then sl.free;
    if assigned(ems) then ems.free;
    if assigned(ums) then ums.free;    
  end;  
end;

#6235
Posted: 05/14/2008 00:29:08
by Mykola Olshevsky (Basic support level)
Joined: 07/07/2005
Posts: 450

By default, CBC mode is used, which needs KeyMaterial.IV to be set. It should be 8 bytes for Blowfish.
Also don't forget to set SymmetricCrypto padding before encryption (if your file size is not divisible by 8), i.e.:

k.IV := SBUtils.BytesOfString('12345678');
z.Padding := cpPKCS5;
#6247
Posted: 05/14/2008 06:50:10
by Support GenusSoft (Standard support level)
Joined: 05/12/2008
Posts: 4

That works - two things to think about:

1. The position on the memory streams have to be set to zero before calling encrypt or decrypt and considering that it is very unlikely that a person would want to encrypt only a part of a stream or no part (if the position = size) - should the sym crypto classes to set position to 0 or raise an exception?

2. The use of the low level symmetric crypto needs some examples and extended documentation

Thanks
#6248
Posted: 05/14/2008 07:19:07
by Eugene Mayevski (EldoS Corp.)

Quote
Support GenusSoft wrote:
. The position on the memory streams have to be set to zero before calling encrypt or decrypt and considering that it is very unlikely that a person would want to encrypt only a part of a stream or no part (if the position = size) - should the sym crypto classes to set position to 0 or raise an exception?


No, they shouldn't. It seems to be unlikely to you, but in complex algorithms (such as PGP stream processing) it's often necessary to process some part of the incoming stream without seeking the stream or copying the data.

Quote
Support GenusSoft wrote:
2. The use of the low level symmetric crypto needs some examples and extended documentation


Actually, those classes are a free bonus. They are used internally and so we made them public. However, we never advertise their availability and don't treat them as one of the product features.


Sincerely yours
Eugene Mayevski
Also by EldoS: CallbackProcess
A component to control process creation and termination in Windows and .NET applications.

Reply

Statistics

Topic viewed 2449 times

Number of guests: 1, registered members: 0, in total hidden: 0




|

Back to top

As of July 15, 2016 EldoS Corporation will operate as a division of /n software inc. For more information, please read the announcement.

Got it!