(SOLVED) problem with cryptography, incompatibility between libraries

[Xor-el]

For example of xor-el I found this example.

https://forum.lazarus.freepascal.org/index.php/topic,44746.msg314966.html#msg314966

But there is no decrypt.

Ok we need to get some factors clear before I might be able to help you.
 Do you have any code samples you are trying to replicate?
The reason I ask this is that there are a lot of factors in play that will affect the output like the Padding Mode been used if the plaintext cannot be evenly divided into the AES blocksize which is 128bits.

I will ask you a few questions that will help me give you an appropriate example.

1. What padding mode do you wish to use? PKCS7 is normally encouraged but I ask this for compatibility purposes incase you have a sample you are trying to replicate.

2. Chaining Mode (a popular option is CBC Mode)

3. What is your IV (must be 16 bytes for CBC Mode)

4. What is your Key (for AES 256, it must be 32 bytes).

5. The plaintext you want to encrypt.

6. How do you want the encrypted output. (I presume Base64 Encoded).

7. I will have to use Cryptolib4Pascal since I am more comfortable with it. (Are you ok with that?)

[xinyiman]

So I'll explain, I want to build a cryptographic tcp tunnel. I am well on my way but as you can see I don't have any great skills in cryptography. Since the program is mine I have no major constraints to respect. I would like to opt for a robust algorithm. And here is my choice to use 256 bit aes. For the rest you have white paper. The aes key generates the server randomly when the tcp connection is started and communicates it to the client. For me IV can also be part of the inverted password. When the connection is terminated, the password is regenerated. You need anything else. Also use Cryptolib4Pascal I use it for asymmetric key cryptography to exchange the key aes between server and client.

thanks a lot

[Xor-el]

So I'll explain, I want to build a cryptographic tcp tunnel. I am well on my way but as you can see I don't have any great skills in cryptography. Since the program is mine I have no major constraints to respect. I would like to opt for a robust algorithm. And here is my choice to use 256 bit aes. For the rest you have white paper. The aes key generates the server randomly when the tcp connection is started and communicates it to the client. For me IV can also be part of the inverted password. When the connection is terminated, the password is regenerated. You need anything else. Also use Cryptolib4Pascal I use it for asymmetric key cryptography to exchange the key aes between server and client.

thanks a lot

Attached below is my Demo Project Generating Encryption Key (using a Key Stretching Algorithm (PBKDF2) with a specified Salt) and IV the proper way,  it also Encrypt and Decrypt our input using AES-256 CBC Mode using PKCS7 Padding.

[xinyiman]

Perfect. Thank you very much. You are an angel 

[xinyiman]

Hi xor-el I used your code and I did some testing. For the most part it works well, then sometimes it skips something. Surely I'm wrong but as you will see when I decipher I do not get the same value that I pass at the beginning of the program. Surely it is bullshit, but you may notice it on the fly.

[Xor-el]

Hi xor-el I used your code and I did some testing. For the most part it works well, then sometimes it skips something. Surely I'm wrong but as you will see when I decipher I do not get the same value that I pass at the beginning of the program. Surely it is bullshit, but you may notice it on the fly.

the function StringIntToString(str) returns an empty string for your input '0 0 0 8 4 210 22 47', what is the purpose of these functions (StringIntToString(str) and StringToStringInt(str)) because from what I can see the problem is from those functions not your Encryption/Decryption Routines?

[xinyiman]

Basically the individual numbers are the ascii code of the individual characters that make up the string. I encrypt
0 0 0 8 4 210 22 47
but when I decipher I get
0 0 0 8 4 63 22 47

The error is that it gives me back 0 0 0 8 4 63 22 47

[Xor-el]

Basically the individual numbers are the ascii code of the individual characters that make up the string. I encrypt
0 0 0 8 4 210 22 47
but when I decipher I get
0 0 0 8 4 63 22 47

The error is that it gives me back 0 0 0 8 4 63 22 47

That is why I said the problem is from your method "StringToStringInt" or "StringIntToString".
If you debug your code, you will see that the decryption succeeds.

[xinyiman]

I have modified the unit slightly to demonstrate that the two functions you mention behave correctly.

If you look before executing the encryption, you re-transform the string into a string of integers. And they coincide (see point one and point two). But after the decryption I try to re-transform the value into a string of integers and only then do they coincide.

If I didn't explain myself then tell me I try to explain myself better.
result:

Code: Pascal  [Select][+][-]

1. 1. 0 0 0 8 4 210 22 47 //<--start value
2. 2. 0 0 0 8 4 210 22 47 //<--stringtostringint(stringinttostring(start value))
3. 3.
4. 4. TZM1uX+MIdAYsxMfXpoHwA== //<--encrypt value
5. 5.
6. 6. 0 0 0 8 4 239 191 189 22 47 //<--stringtostringint(stringinttostring( decrypt(encrypt value) ))
7.  

Test on mac and windows

edit: attachment

[Xor-el]

I have modified the unit slightly to demonstrate that the two functions you mention behave correctly.

If you look before executing the encryption, you re-transform the string into a string of integers. And they coincide (see point one and point two). But after the decryption I try to re-transform the value into a string of integers and only then do they coincide.

If I didn't explain myself then tell me I try to explain myself better.
result:

Code: Pascal  [Select][+][-]

1. 1. 0 0 0 8 4 210 22 47 //<--start value
2. 2. 0 0 0 8 4 210 22 47 //<--stringtostringint(stringinttostring(start value))
3. 3.
4. 4. TZM1uX+MIdAYsxMfXpoHwA== //<--encrypt value
5. 5.
6. 6. 0 0 0 8 4 239 191 189 22 47 //<--stringtostringint(stringinttostring( decrypt(encrypt value) ))
7.  

Test on mac and windows

edit: attachment

to achieve what you want, you have to use the TEncoding variant that works with AnsiString not UnicodeString.
Unfortunately, this variant is only available in FPC 3.2.0 upwards.
I must warn though, I am really not a fan of those function of yours (stringinttostring and stringtostringint) because they will easily break when you switch your project to use UTF-16 String which is Unicode in Delphi terms.

[xinyiman]

Thank you very much, it works well.
Quiet those two functions I wrote them only to debug why my project didn't work and isolate an example that reproduced the problem. Thanks a lot, it works well on windows. Tomorrow I also try on the mac. You were very kind