Home Explore Help
Sign In
pascal
/
PascalCoin
2
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Browse Source

Encryption files -> TRawBytes

PascalCoin 6 years ago
parent
b9cf3a893f
commit
68e594846b
2 changed files with 42 additions and 54 deletions
Unified View Show Diff Stats
  1. 22 34
      src/core/UAES.pas
  2. 20 20
      src/core/UECIES.pas

+ 22 - 34
src/core/UAES.pas
View File 

@@ -38,10 +38,10 @@ Type
 
   TAESComp = Class
 
   TAESComp = Class
 
   private
 
   private
 
   public
 
   public
 
-    Class function EVP_Encrypt_AES256(Value: TBytes; APassword: TBytes): TBytes; overload;
 
-    Class function EVP_Decrypt_AES256(const Value: TBytes; APassword: TBytes; var Decrypted: TBytes) : Boolean; overload;
 
-    Class function EVP_Encrypt_AES256(Const TheMessage, APassword : AnsiString): AnsiString; overload;
 
-    Class function EVP_Decrypt_AES256(const EncryptedMessage: TRawBytes; APassword: AnsiString; var Decrypted : AnsiString) : Boolean; overload;
 
+    Class function EVP_Encrypt_AES256(const TheMessage, APassword: TRawBytes): TRawBytes; overload;
 
+    Class function EVP_Encrypt_AES256(const TheMessage: TRawBytes; const APassword : String): TRawBytes; overload;
 
+    Class function EVP_Decrypt_AES256(const EncryptedMessage, APassword: TRawBytes; var Decrypted: TRawBytes) : Boolean; overload;
 
+    Class function EVP_Decrypt_AES256(const EncryptedMessage: TRawBytes; const APassword: String; var Decrypted : TRawBytes) : Boolean; overload;
 
   End;
 
   End;
 
 
 
 {$IFDEF FPC}
 
 {$IFDEF FPC}
 
@@ -73,14 +73,14 @@ begin
 
   RAND_pseudo_bytes(@result[0], PKCS5_SALT_LEN);
 
   RAND_pseudo_bytes(@result[0], PKCS5_SALT_LEN);
 
 end;
 
 end;
 
 
 
-Function EVP_GetKeyIV(APassword: TBytes; ACipher: PEVP_CIPHER; const ASalt: TBytes; out Key, IV: TBytes) : Boolean;
 
+Function EVP_GetKeyIV(APassword: TRawBytes; ACipher: PEVP_CIPHER; const ASalt: TRawBytes; out Key, IV: TRawBytes) : Boolean;
 
 var
 
 var
 
   pctx: PEVP_MD_CTX;
 
   pctx: PEVP_MD_CTX;
 
   {$IFDEF OpenSSL10}
 
   {$IFDEF OpenSSL10}
 
   ctx: EVP_MD_CTX;
 
   ctx: EVP_MD_CTX;
 
   {$ENDIF}
 
   {$ENDIF}
 
   hash: PEVP_MD;
 
   hash: PEVP_MD;
 
-  mdbuff: TBytes;
 
+  mdbuff: TRawBytes;
 
   mds: integer;
 
   mds: integer;
 
   nkey, niv: integer;
 
   nkey, niv: integer;
 
 begin
 
 begin
 
@@ -146,21 +146,14 @@ end;
 
 
 
 { TAESComp }
 
 { TAESComp }
 
 
 
-class function TAESComp.EVP_Decrypt_AES256(const EncryptedMessage: TRawBytes; APassword: AnsiString; var Decrypted : AnsiString) : Boolean;
 
-Var bytes_encrypted, bytes_password, bytes_result : TBytes;
 
+class function TAESComp.EVP_Decrypt_AES256(const EncryptedMessage: TRawBytes; const APassword: String; var Decrypted : TRawBytes) : Boolean;
 
+Var bytes_password : TRawBytes;
 
 begin
 
 begin
 
-  SetLength(bytes_encrypted,Length(EncryptedMessage));
 
-  CopyMemory(bytes_encrypted,@EncryptedMessage[Low(EncryptedMessage)],Length(EncryptedMessage));
 
-  SetLength(bytes_password,Length(APassword));
 
-  CopyMemory(bytes_password,@APassword[Low(APassword)],Length(APassword));
 
-  Result := EVP_Decrypt_AES256(bytes_encrypted,bytes_password,bytes_result);
 
-  if Result then begin
 
-    SetLength(Decrypted,Length(bytes_result));
 
-    CopyMemory(@Decrypted[Low(Decrypted)],bytes_result,Length(bytes_result));
 
-  end else Decrypted := '';
 
+  bytes_password.FromString(APassword);
 
+  Result := EVP_Decrypt_AES256(EncryptedMessage,bytes_password,Decrypted);
 
 end;
 
 end;
 
 
 
-class function TAESComp.EVP_Decrypt_AES256(const Value: TBytes; APassword: TBytes; var Decrypted: TBytes) : Boolean;
 
+class function TAESComp.EVP_Decrypt_AES256(const EncryptedMessage, APassword: TRawBytes; var Decrypted: TRawBytes) : Boolean;
 
 var
 
 var
 
   cipher: PEVP_CIPHER;
 
   cipher: PEVP_CIPHER;
 
   pctx: PEVP_CIPHER_CTX;
 
   pctx: PEVP_CIPHER_CTX;
 
@@ -174,9 +167,9 @@ begin
 
   cipher := EVP_aes_256_cbc;
 
   cipher := EVP_aes_256_cbc;
 
   SetLength(salt, SALT_SIZE);
 
   SetLength(salt, SALT_SIZE);
 
   // First read the magic text and the salt - if any
 
   // First read the magic text and the salt - if any
 
-  if (length(Value)>=SALT_MAGIC_LEN) AND (AnsiString(TEncoding.ASCII.GetString(Value, 0, SALT_MAGIC_LEN)) = SALT_MAGIC) then
 
+  if (length(EncryptedMessage)>=SALT_MAGIC_LEN) AND (AnsiString(TEncoding.ASCII.GetString(EncryptedMessage, 0, SALT_MAGIC_LEN)) = SALT_MAGIC) then
 
   begin
 
   begin
 
-    Move(Value[SALT_MAGIC_LEN], salt[0], SALT_SIZE);
 
+    Move(EncryptedMessage[SALT_MAGIC_LEN], salt[0], SALT_SIZE);
 
     If Not EVP_GetKeyIV(APassword, cipher, salt, key, iv) then exit;
 
     If Not EVP_GetKeyIV(APassword, cipher, salt, key, iv) then exit;
 
     src_start := SALT_MAGIC_LEN + SALT_SIZE;
 
     src_start := SALT_MAGIC_LEN + SALT_SIZE;
 
   end
 
   end
 
@@ -193,9 +186,9 @@ begin
 
   {$ENDIF}
 
   {$ENDIF}
 
   try
 
   try
 
     If EVP_DecryptInit(pctx, cipher, @key[0], @iv[0])<>1 then exit;
 
     If EVP_DecryptInit(pctx, cipher, @key[0], @iv[0])<>1 then exit;
 
-    SetLength(buf, Length(Value));
 
+    SetLength(buf, Length(EncryptedMessage));
 
     buf_start := 0;
 
     buf_start := 0;
 
-    If EVP_DecryptUpdate(pctx, @buf[buf_start], out_len, @Value[src_start], Length(Value) - src_start)<>1 then exit;
 
+    If EVP_DecryptUpdate(pctx, @buf[buf_start], out_len, @EncryptedMessage[src_start], Length(EncryptedMessage) - src_start)<>1 then exit;
 
     Inc(buf_start, out_len);
 
     Inc(buf_start, out_len);
 
     If EVP_DecryptFinal(pctx, @buf[buf_start], out_len)<>1 then exit;
 
     If EVP_DecryptFinal(pctx, @buf[buf_start], out_len)<>1 then exit;
 
     Inc(buf_start, out_len);
 
     Inc(buf_start, out_len);
 
@@ -211,19 +204,14 @@ begin
 
   end;
 
   end;
 
 end;
 
 end;
 
 
 
-class function TAESComp.EVP_Encrypt_AES256(const TheMessage, APassword: AnsiString): AnsiString;
 
-Var bytes_message, bytes_password, bytes_result : TBytes;
 
+class function TAESComp.EVP_Encrypt_AES256(const TheMessage: TRawBytes; const APassword : String): TRawBytes;
 
+Var bytes_password : TRawBytes;
 
 begin
 
 begin
 
-  SetLength(bytes_message,Length(TheMessage));
 
-  CopyMemory(bytes_message,@TheMessage[Low(TheMessage)],Length(TheMessage));
 
-  SetLength(bytes_password,Length(APassword));
 
-  CopyMemory(bytes_password,@APassword[Low(APassword)],Length(APassword));
 
-  bytes_result := EVP_Encrypt_AES256(bytes_message,bytes_password);
 
-  SetLength(Result,Length(bytes_result));
 
-  CopyMemory(@Result[Low(Result)],bytes_result,Length(bytes_result));
 
+  bytes_password.FromString(APassword);
 
+  Result := EVP_Encrypt_AES256(TheMessage,bytes_password);
 
 end;
 
 end;
 
 
 
-class function TAESComp.EVP_Encrypt_AES256(Value, APassword: TBytes): TBytes;
 
+class function TAESComp.EVP_Encrypt_AES256(const TheMessage, APassword: TRawBytes): TRawBytes;
 
 var
 
 var
 
   cipher: PEVP_CIPHER;
 
   cipher: PEVP_CIPHER;
 
   pctx: PEVP_CIPHER_CTX;
 
   pctx: PEVP_CIPHER_CTX;
 
@@ -247,13 +235,13 @@ begin
 
   try
 
   try
 
     EVP_EncryptInit(pctx, cipher, @key[0], @iv[0]);
 
     EVP_EncryptInit(pctx, cipher, @key[0], @iv[0]);
 
     block_size := EVP_CIPHER_CTX_block_size(pctx);
 
     block_size := EVP_CIPHER_CTX_block_size(pctx);
 
-    SetLength(buf, Length(Value) + block_size + SALT_MAGIC_LEN + PKCS5_SALT_LEN);
 
+    SetLength(buf, Length(TheMessage) + block_size + SALT_MAGIC_LEN + PKCS5_SALT_LEN);
 
     buf_start := 0;
 
     buf_start := 0;
 
     Move(PAnsiChar(SALT_MAGIC)^, buf[buf_start], SALT_MAGIC_LEN);
 
     Move(PAnsiChar(SALT_MAGIC)^, buf[buf_start], SALT_MAGIC_LEN);
 
     Inc(buf_start, SALT_MAGIC_LEN);
 
     Inc(buf_start, SALT_MAGIC_LEN);
 
     Move(salt[0], buf[buf_start], PKCS5_SALT_LEN);
 
     Move(salt[0], buf[buf_start], PKCS5_SALT_LEN);
 
     Inc(buf_start, PKCS5_SALT_LEN);
 
     Inc(buf_start, PKCS5_SALT_LEN);
 
-    EVP_EncryptUpdate(pctx, @buf[buf_start], out_len, @Value[0], Length(Value));
 
+    EVP_EncryptUpdate(pctx, @buf[buf_start], out_len, @TheMessage[0], Length(TheMessage));
 
     Inc(buf_start, out_len);
 
     Inc(buf_start, out_len);
 
     EVP_EncryptFinal(pctx, @buf[buf_start], out_len);
 
     EVP_EncryptFinal(pctx, @buf[buf_start], out_len);
 
     Inc(buf_start, out_len);
 
     Inc(buf_start, out_len);

+ 20 - 20
src/core/UECIES.pas
View File 

@@ -49,9 +49,9 @@ Const CT_Max_Bytes_To_Encrypt = 32000;
 
 
 
 Type size_t = Word;
 
 Type size_t = Word;
 
 
 
-function ECIESEncrypt(const ECDSAPubKey: TECDSA_Public; const MessageToEncrypt: AnsiString): TRawBytes; overload;
 
-function ECIESEncrypt(EC_OpenSSL_NID : Word; PubKey: EC_POINT; const MessageToEncrypt: AnsiString): TRawBytes; overload;
 
-function ECIESDecrypt(EC_OpenSSL_NID : Word; PrivateKey: PEC_KEY; logErrors : Boolean; const MessageToDecrypt: TRawBytes; Var Decrypted : AnsiString): Boolean;
 
+function ECIESEncrypt(const ECDSAPubKey: TECDSA_Public; const RawToEncrypt: TRawBytes): TRawBytes; overload;
 
+function ECIESEncrypt(EC_OpenSSL_NID : Word; PubKey: EC_POINT; const RawToEncrypt: TRawBytes): TRawBytes; overload;
 
+function ECIESDecrypt(EC_OpenSSL_NID : Word; PrivateKey: PEC_KEY; logErrors : Boolean; const MessageToDecrypt: TRawBytes; Var Decrypted : TRawBytes): Boolean;
 
 
 
 implementation
 
 implementation
 
 
 
@@ -144,14 +144,14 @@ begin
 
   Result := EVP_md5;
 
   Result := EVP_md5;
 
 end;
 
 end;
 
 
 
-function ECIESEncrypt(const ECDSAPubKey: TECDSA_Public; const MessageToEncrypt: AnsiString): TRawBytes;
 
+function ECIESEncrypt(const ECDSAPubKey: TECDSA_Public; const RawToEncrypt: TRawBytes): TRawBytes;
 
 Var BNx,BNy : PBIGNUM;
 
 Var BNx,BNy : PBIGNUM;
 
   ECG : PEC_GROUP;
 
   ECG : PEC_GROUP;
 
   ctx : PBN_CTX;
 
   ctx : PBN_CTX;
 
   pub_key : PEC_POINT;
 
   pub_key : PEC_POINT;
 
   s : String;
 
   s : String;
 
 begin
 
 begin
 
-  Result := '';
 
+  SetLength(Result,0);
 
   BNx := BN_bin2bn(PAnsiChar(ECDSAPubKey.x),length(ECDSAPubKey.x),nil);
 
   BNx := BN_bin2bn(PAnsiChar(ECDSAPubKey.x),length(ECDSAPubKey.x),nil);
 
   BNy := BN_bin2bn(PAnsiChar(ECDSAPubKey.y),length(ECDSAPubKey.y),nil);
 
   BNy := BN_bin2bn(PAnsiChar(ECDSAPubKey.y),length(ECDSAPubKey.y),nil);
 
   Try
 
   Try
 
@@ -166,7 +166,7 @@ begin
 
     pub_key := EC_POINT_new(ECG);
 
     pub_key := EC_POINT_new(ECG);
 
     ctx := BN_CTX_new;
 
     ctx := BN_CTX_new;
 
     if EC_POINT_set_affine_coordinates_GFp(ECG,pub_key,BNx,BNy,ctx)=1 then begin
 
     if EC_POINT_set_affine_coordinates_GFp(ECG,pub_key,BNx,BNy,ctx)=1 then begin
 
-      Result := ECIESEncrypt(ECDSAPubKey.EC_OpenSSL_NID,pub_key^,MessageToEncrypt);
 
+      Result := ECIESEncrypt(ECDSAPubKey.EC_OpenSSL_NID,pub_key^,RawToEncrypt);
 
     end else begin
 
     end else begin
 
       s := Format('An error occurred while trying to convert public key to public point {error = %s}',
 
       s := Format('An error occurred while trying to convert public key to public point {error = %s}',
 
          [ERR_error_string(ERR_get_error(),nil)]);
 
          [ERR_error_string(ERR_get_error(),nil)]);
 
@@ -181,7 +181,7 @@ begin
 
   End;
 
   End;
 
 End;
 
 End;
 
 
 
-function ECIESEncrypt(EC_OpenSSL_NID : Word; PubKey: EC_POINT; const MessageToEncrypt: AnsiString): TRawBytes;
 
+function ECIESEncrypt(EC_OpenSSL_NID : Word; PubKey: EC_POINT; const RawToEncrypt: TRawBytes): TRawBytes;
 
 Var PK,PEphemeral : PEC_KEY;
 
 Var PK,PEphemeral : PEC_KEY;
 
   i,key_length,block_length,envelope_length,body_length : Integer;
 
   i,key_length,block_length,envelope_length,body_length : Integer;
 
   mac_length : Cardinal;
 
   mac_length : Cardinal;
 
@@ -197,9 +197,9 @@ Var PK,PEphemeral : PEC_KEY;
 
   hmac : HMAC_CTX;
 
   hmac : HMAC_CTX;
 
   {$ENDIF}
 
   {$ENDIF}
 
 begin
 
 begin
 
-  Result := '';
 
-  if length(MessageToEncrypt)>CT_Max_Bytes_To_Encrypt then begin
 
-    TLog.NewLog(lterror,'ECIES','Max bytes to encrypt: '+inttostr(length(MessageToEncrypt))+'>'+Inttostr(CT_Max_Bytes_To_Encrypt));
 
+  SetLength(Result,0);
 
+  if length(RawToEncrypt)>CT_Max_Bytes_To_Encrypt then begin
 
+    TLog.NewLog(lterror,'ECIES','Max bytes to encrypt: '+inttostr(length(RawToEncrypt))+'>'+Inttostr(CT_Max_Bytes_To_Encrypt));
 
     exit;
 
     exit;
 
   end;
 
   end;
 
   // Make sure we are generating enough key material for the symmetric ciphers.
 
   // Make sure we are generating enough key material for the symmetric ciphers.
 
@@ -239,9 +239,9 @@ begin
 
       exit;
 
       exit;
 
     end;
 
     end;
 
     // We use a conditional to pad the length if the input buffer is not evenly divisible by the block size.
 
     // We use a conditional to pad the length if the input buffer is not evenly divisible by the block size.
 
-    if (Length(MessageToEncrypt) MOD block_length)=0 then i := 0
 
-    else i := block_length - (Length(MessageToEncrypt) MOD block_length);
 
-    cryptex := secure_alloc(envelope_length,EVP_MD_size(ECIES_HASHER),Length(MessageToEncrypt), Length(MessageToEncrypt) + i);
 
+    if (Length(RawToEncrypt) MOD block_length)=0 then i := 0
 
+    else i := block_length - (Length(RawToEncrypt) MOD block_length);
 
+    cryptex := secure_alloc(envelope_length,EVP_MD_size(ECIES_HASHER),Length(RawToEncrypt), Length(RawToEncrypt) + i);
 
     try
 
     try
 
       // Store the public key portion of the ephemeral key.
 
       // Store the public key portion of the ephemeral key.
 
       If EC_POINT_point2oct(EC_KEY_get0_group(PEphemeral),EC_KEY_get0_public_key(PEphemeral),
 
       If EC_POINT_point2oct(EC_KEY_get0_group(PEphemeral),EC_KEY_get0_public_key(PEphemeral),
 
@@ -270,16 +270,16 @@ begin
 
         // Initialize the cipher with the envelope key.
 
         // Initialize the cipher with the envelope key.
 
         if (EVP_EncryptInit_ex(pcipher,EVP_aes_256_cbc,nil,@envelope_key,@iv)<>1) or
 
         if (EVP_EncryptInit_ex(pcipher,EVP_aes_256_cbc,nil,@envelope_key,@iv)<>1) or
 
           (EVP_CIPHER_CTX_set_padding(pcipher,0)<>1) or
 
           (EVP_CIPHER_CTX_set_padding(pcipher,0)<>1) or
 
-          (EVP_EncryptUpdate(pcipher,body,body_length,@MessageToEncrypt[Low(MessageToEncrypt)],
 
-            Length(MessageToEncrypt) - (Length(MessageToEncrypt) MOD block_length))<>1) then begin
 
+          (EVP_EncryptUpdate(pcipher,body,body_length,@RawToEncrypt[Low(RawToEncrypt)],
 
+            Length(RawToEncrypt) - (Length(RawToEncrypt) MOD block_length))<>1) then begin
 
               TLog.NewLog(lterror,'ECIES',Format('An error occurred while trying to secure the data using the chosen symmetric cipher. {error = %s}',
 
               TLog.NewLog(lterror,'ECIES',Format('An error occurred while trying to secure the data using the chosen symmetric cipher. {error = %s}',
 
               [ERR_error_string(ERR_get_error(),nil)]));
 
               [ERR_error_string(ERR_get_error(),nil)]));
 
               exit;
 
               exit;
 
             end;
 
             end;
 
         // Check whether all of the data was encrypted. If they don't match up, we either have a partial block remaining, or an error occurred.
 
         // Check whether all of the data was encrypted. If they don't match up, we either have a partial block remaining, or an error occurred.
 
-        if (body_length<>Length(MessageToEncrypt)) then begin
 
+        if (body_length<>Length(RawToEncrypt)) then begin
 
           // Make sure all that remains is a partial block, and their wasn't an error
 
           // Make sure all that remains is a partial block, and their wasn't an error
 
-          if (Length(MessageToEncrypt) - body_length >= block_length) then begin
 
+          if (Length(RawToEncrypt) - body_length >= block_length) then begin
 
             TLog.NewLog(lterror,'ECIES',Format('Unable to secure the data using the chosen symmetric cipher. {error = %s}',
 
             TLog.NewLog(lterror,'ECIES',Format('Unable to secure the data using the chosen symmetric cipher. {error = %s}',
 
             [ERR_error_string(ERR_get_error(),nil)]));
 
             [ERR_error_string(ERR_get_error(),nil)]));
 
             exit;
 
             exit;
 
@@ -291,7 +291,7 @@ begin
 
           {$ELSE}
 
           {$ELSE}
 
           FillMemory(@block,length(block),0);
 
           FillMemory(@block,length(block),0);
 
           {$ENDIF}
 
           {$ENDIF}
 
-          CopyMemory(@block,Pointer(PtrInt(@MessageToEncrypt[Low(MessageToEncrypt)])+body_length),Length(MessageToEncrypt)-body_length);
 
+          CopyMemory(@block,Pointer(PtrInt(@RawToEncrypt[Low(RawToEncrypt)])+body_length),Length(RawToEncrypt)-body_length);
 
           // Advance the body pointer to the location of the remaining space, and calculate just how much room is still available.
 
           // Advance the body pointer to the location of the remaining space, and calculate just how much room is still available.
 
           body := Pointer(PtrInt(body)+body_length);
 
           body := Pointer(PtrInt(body)+body_length);
 
           body_length := secure_body_length(cryptex) - body_length;
 
           body_length := secure_body_length(cryptex) - body_length;
 
@@ -390,7 +390,7 @@ Begin
 
 End;
 
 End;
 
 
 
 
 
-function ECIESDecrypt(EC_OpenSSL_NID : Word; PrivateKey: PEC_KEY; logErrors : Boolean; const MessageToDecrypt: TRawBytes; Var Decrypted : AnsiString): Boolean;
 
+function ECIESDecrypt(EC_OpenSSL_NID : Word; PrivateKey: PEC_KEY; logErrors : Boolean; const MessageToDecrypt: TRawBytes; Var Decrypted : TRawBytes): Boolean;
 
 var
 
 var
 
   cryptex : Psecure_t;
 
   cryptex : Psecure_t;
 
   phmac : PHMAC_CTX;
 
   phmac : PHMAC_CTX;
 
@@ -410,7 +410,7 @@ var
 
   {$ENDIF}
 
   {$ENDIF}
 
 Begin
 
 Begin
 
   Result := false;
 
   Result := false;
 
-  Decrypted := '';
 
+  Decrypted := Nil;
 
   cryptex := Psecure_t(@MessageToDecrypt[Low(MessageToDecrypt)]);
 
   cryptex := Psecure_t(@MessageToDecrypt[Low(MessageToDecrypt)]);
 
   // Make sure we are generating enough key material for the symmetric ciphers.
 
   // Make sure we are generating enough key material for the symmetric ciphers.
 
   key_length := EVP_CIPHER_key_length(EVP_aes_256_cbc);
 
   key_length := EVP_CIPHER_key_length(EVP_aes_256_cbc);