EldoS | Feel safer!

Software components for data protection, secure storage and transfer

Converting from TurboPower LockBox

Also by EldoS: MsgConnect
Cross-platform protocol-independent communication framework for building peer-to-peer and client-server applications and middleware components.
#35679
Posted: 01/25/2016 08:00:04
by Dan Olsson (Standard support level)
Joined: 01/25/2016
Posts: 5

Hello again.

Now the Ticket is in Place.


Do You have a sample on how could be made with Your software?

Best regards
//Dan
#35680
Posted: 01/25/2016 08:03:40
by Vsevolod Ievgiienko (EldoS Corp.)

You can use a sample from \EldoS\SecureBlackbox.VCL\Samples\Delphi\PKIBlackbox\SymmetricCrypto directory as a reference. The only difference is that you should set TElSymmetricCrypto.Padding to TSBSymmetricCipherPadding.cpANSIX923 value.
#35683
Posted: 01/25/2016 09:09:43
by Dan Olsson (Standard support level)
Joined: 01/25/2016
Posts: 5

Thank You.

I've tried Your suggestion and I only manage to get a
"Invalid key material exception" from Crypto.Encrypt.

I then tried to change the
Hash := TElHashFunction.Create(SB_ALGORITHM_DGST_SHA256);
to
Hash := TElHashFunction.Create(SB_ALGORITHM_DGST_MD5);
in the PasswordToKeyMaterial, ut that doesn't make a difference.

What else needs to be changed?

Best regards
//Dan
#35684
Posted: 01/25/2016 09:16:43
by Vsevolod Ievgiienko (EldoS Corp.)

Please modify both encryption and decryption methods of the sample next way:

Code
Crypto := FFactory.CreateInstance(SB_ALGORITHM_CNT_AES256, cmDefault);
  try
    try
      Crypto.KeyMaterial := PasswordToKeyMaterial(edPassword.Text);
      Crypto.Padding := cpANSIX923; // THIS SHOUL BE ADDED!!!


If you change key size, then PasswordToKeyMaterial method should be changes to generate appropriate key size.
#35685
Posted: 01/25/2016 10:10:59
by Dan Olsson (Standard support level)
Joined: 01/25/2016
Posts: 5

Thank You
This is the code (yours)
Code
function PasswordToKeyMaterial(const Pass: string): TElSymmetricKeyMaterial;
var
  Hash : TElHashFunction;
  PassBytes : ByteArray;
  Digest : ByteArray;
  IV : ByteArray;
begin
  SetLength(IV, 16);
  FillChar(IV[0], 16, 0);

  Hash := TElHashFunction.Create(SB_ALGORITHM_DGST_SHA256);
//  Hash := TElHashFunction.Create(SB_ALGORITHM_DGST_MD5);  // Should this be used instead?
  try
    PassBytes := SBUtils.BytesOfString(Pass);
    Hash.Update(@PassBytes[0], Length(PassBytes));
    Digest := Hash.Finish;
  finally
    FreeAndNil(Hash);
  end;

  Result := TElSymmetricKeyMaterial.Create;
  Result.Key := Digest; // set 256-bit key
  Result.IV := IV; // set 128-bit initialization vector
end;

procedure TfmMain.bbEncryptClick(Sender: TObject);
var
  Crypto : TElSymmetricCrypto;
  KeyMaterial : TElSymmetricKeyMaterial;
  InBuf, OutBuf : ByteArray;
  OutSize : integer;
begin
  Crypto := FFactory.CreateInstance(SB_ALGORITHM_CNT_AES256, cmDefault);
  try
    try
      Crypto.KeyMaterial := PasswordToKeyMaterial(edPassword.Text);
      Crypto.Padding := TSBSymmetricCipherPadding.cpANSIX923;

      InBuf := SBUtils.BytesOfString(edInputStr.Text);

      OutSize := 0;
      Crypto.Encrypt(@InBuf[0], Length(InBuf), nil, OutSize);
      SetLength(OutBuf, OutSize);
      Crypto.Encrypt(@InBuf[0], Length(InBuf), @OutBuf[0], OutSize);
      SetLength(OutBuf, OutSize);

      // convert binary output to Base64 to make it readable
      edEncryptedStr.Text := SBEncoding.Base64EncodeArray(OutBuf, false);
    except
      on Ex : Exception do
        ShowMessage('Encryption error: ' + Ex.Message);
    end;
  finally
    FreeAndNil(Crypto);
  end;
end;


Result with password/key = sippenippe123456
and input = Input String
is
Encrypted = 1fkDLRTFPsDEZ+dyVs90Ow==


But With lockbox code
Code
function CryptAStr(const AStr, AKey: string): string;
var
  FKey: TKey128;
begin
  GenerateMD5KeyW(FKey, AKey);
  RDLEncryptStringCBCW(AStr, Result, FKey, SizeOf(FKey), True);
end;


Result with key = sippenippe123456
and input = Input String
is
Encrypted = qMtIEATV9HoeUEcCmRZYAkQUQGAfq8FhiCqjzRpa5lirLU9uGMk7Ww11GnLAAT4m



I need the encrypted result to be the same so what else do I need to change?
I thought maybe the hash should be SB_ALGORITHM_DGST_MD5 but that gives the exception. And I'm not certain on how to change the other settings to fit this.

Maybe this isn't possible at all since, the encrypted string allways change when the lockbox method is used.

Best regards
//Dan
#35688
Posted: 01/25/2016 16:55:11
by Eugene Mayevski (EldoS Corp.)

We have investigated the lockbox function. This function uses several different modes and performs other operations after that. This can not be emulated by any SecureBlackbox function out of the box. We would be able to implement such function for you, but it would take about 3-4 hours to implement. We can do this as a custom job for a small fee. If you are interested, I can move this topic to the HelpDesk to negotiate the details.


Sincerely yours
Eugene Mayevski
Also by EldoS: Rethync
The cross-platform framework that simplifies synchronizing data between mobile and desktop applications and servers and cloud storages

Reply

Statistics

Topic viewed 2336 times

Number of guests: 1, registered members: 0, in total hidden: 0




|

Back to top

As of July 15, 2016 EldoS Corporation will operate as a division of /n software inc. For more information, please read the announcement.

Got it!