EldoS | Feel safer!

Software components for data protection, secure storage and transfer

Using Win32CryptoProvider for AES Encryption

Also by EldoS: CallbackRegistry
A component to monitor and control Windows registry access and create virtual registry keys.
#33739
Posted: 06/23/2015 05:06:00
by Vitaly  (Basic support level)
Joined: 06/23/2015
Posts: 4

Hello,

I am trying to use Win32CryptoProvider for the AES encryption/decryption with SB_ALGORITHM_CNT_AES256 in cmCBC mode.

As a start point I used SymmetricEncryption demo and added following:
FFactory.CryptoProvider := SBCryptoProvWin32.Win32CryptoProvider

However a result of TElWin32CryptoProvider.IsAlgorithmSupported is false.

Can you please help me how can I achieve this?

Thanks
#33740
Posted: 06/23/2015 05:22:55
by Eugene Mayevski (EldoS Corp.)

Thank you for contacting us.

Can you please show how you call IsAlgorithmSupported (i.e. what parameters are passed)?


Sincerely yours
Eugene Mayevski
#33741
Posted: 06/23/2015 06:32:55
by Vitaly  (Basic support level)
Joined: 06/23/2015
Posts: 4

Hello Eugene,

Thanks for the quick response.

IsAlgorithmSupported is executed from Factory.CreateInstance(SB_ALGORITHM_CNT_AES256, cmCBC)

So the parameters are following Algorithm = 28679 (SB_ALGORITHM_CNT_AES256) and Mode 2 (cmCBC)

It fails already on the condition IsSymmetricKeyAlgorithm(Algorithm) and (not Ops.FUseForSymmetricKeyOperations)

If I instantiate Win32CryptoProvider and modify the option to Options.UseForSymmetricKeyOperations := true;
then IsAlgorithmSupported returned already true, but the it fails within IsOperationSupported on the condition "Key is TElWin32CryptoKey". The real Key is TElBuiltInSymmetricCryptoKey

Thanks
#33742
Posted: 06/23/2015 06:35:05
by Eugene Mayevski (EldoS Corp.)

Your message assumes that you have a license. However there's no license ticket linked to your user account.

Technical Support is provided to customers with the linked license tickets. You will find your license ticket together with all the details about how to use it in the registration e-mail that we’ve sent to you upon the purchase. The procedure of linking the license ticket is described in the registration e-mail as well.


Sincerely yours
Eugene Mayevski
#33743
Posted: 06/23/2015 06:46:19
by Vitaly  (Basic support level)
Joined: 06/23/2015
Posts: 4

Assigned a license ticket now.
#33744
Posted: 06/23/2015 07:16:34
by Ken Ivanov (EldoS Corp.)

Hi Vitaly,

Please use the following code as a guide:

Code
uses
  System.SysUtils,
  SBCryptoProvWin32,
  SBConstants,
  SBSymmetricCrypto,
  SBCustomCrypto,
  SBTypes,
  SBUtils,
  SBRandom;

var
  Fac : TElSymmetricCryptoFactory;
  CP : TElWin32CryptoProvider;
  CPOps : TElWin32CryptoProviderOptions;
  Crypto : TElSymmetricCrypto;
  KM : TElSymmetricKeyMaterial;
  Key, IV : ByteArray;
  SrcBuf, EncBuf, DecBuf : ByteArray;
  SrcLen, EncLen, DecLen : integer;
begin
  try
    SetLength(Key, 32);
    SetLength(IV, 16);
    SBRndGenerate(@Key[0], Length(Key));
    SBRndGenerate(@IV[0], Length(IV));
    SrcLen := 61;
    SetLength(SrcBuf, SrcLen);
    SBRndGenerate(@SrcBuf[0], Length(SrcBuf));
    Fac := TElSymmetricCryptoFactory.Create();
    try
      CPOps := TElWin32CryptoProviderOptions.Create();
      try
        CPOps.UseForSymmetricKeyOperations := true;
        CP := TElWin32CryptoProvider.Create(CPOps, nil);
        try
          Fac.CryptoProvider := CP;
          Crypto := Fac.CreateInstance(SB_ALGORITHM_CNT_AES256);
          try
            KM := TElSymmetricKeyMaterial.Create(CP);
            try
              KM.Key := Key;
              KM.IV := IV;
              Crypto.KeyMaterial := KM;
              // encrypting
              EncLen := 0;
              Crypto.Encrypt(@SrcBuf[0], Length(SrcBuf), nil, EncLen);
              SetLength(EncBuf, EncLen);
              Crypto.Encrypt(@SrcBuf[0], Length(SrcBuf), @EncBuf[0], EncLen);
              SetLength(EncBuf, EncLen);
              // decrypting
              DecLen := 0;
              Crypto.Decrypt(@EncBuf[0], EncLen, nil, DecLen);
              SetLength(DecBuf, DecLen);
              Crypto.Decrypt(@EncBuf[0], EncLen, @DecBuf[0], DecLen);
              SetLength(DecBuf, DecLen);
              // verifying
              if CompareMem(SrcBuf, DecBuf) then
                Writeln('Encryption succeeded')
              else
                Writeln('Decrypted data doesn''t match the original');
            finally
              FreeAndNil(KM);
            end;
          finally
            FreeAndNil(Crypto);
          end;
        finally
          FreeAndNil(CP);
        end;
      finally
        FreeAndNil(CPOps);
      end;
    finally
      FreeAndNil(Fac);
    end;
  except
    on E: Exception do
      Writeln(E.ClassName, ': ', E.Message);
  end;


Cheers,

Ken
#33798
Posted: 06/26/2015 06:00:28
by Vitaly  (Basic support level)
Joined: 06/23/2015
Posts: 4

Thanks. That works.

I missed the point that constructor of TElSymmetricKeyMaterial may accept Crypto Provider as a parameter. After I saw it in your example, all the rest was working fine.
Also by EldoS: RawDisk
Access locked and protected files in Windows, read and write disks and partitions and more.

Reply

Statistics

Topic viewed 1177 times

Number of guests: 1, registered members: 0, in total hidden: 0




|

Back to top

As of July 15, 2016 EldoS Corporation will operate as a division of /n software inc. For more information, please read the announcement.

Got it!