Watch, Follow, &
Connect with Us

Welcome, Guest
Guest Settings
Help

Thread: Encrypt



Permlink Replies: 5 - Last Post: Sep 25, 2017 12:43 PM Last Post By: David Wilcockson
grega loboda

Posts: 43
Registered: 2/5/10
Encrypt
Click to report abuse...   Click to reply to this thread Reply
  Posted: Sep 1, 2017 12:25 AM
Hi

First of all, I have no expirience and knowledge about encryption. But a customer has a REST server which I'll use and at login I need to encrypt the password and send. Any idea how to deal with this? Most of the posts on the web say what you encrypt in Delphi cannot be decrypted on other side. Here is a demo code in c# how to enrypt. I need to do that in Delphi.

using System;
using System.Collections.Generic;
using System.Linq;
using System.Text.RegularExpressions;
using System.Security.Cryptography;
using System.IO;
using System.Text;
 
public class EncryptExample
{
    private byte[] _iv;
    
    public EncryptExample()
    {
        _iv = Array.Empty<byte>();
    }
    
    /// <summary>
    /// Encrypts a string using a specific encryption key.
    /// </summary>
    /// <param name="value">String to encrypt</param>
    /// <param name="key">Encryption key to use</param>
    /// <returns>Encrypted value</returns>
    public string EncryptString(string value, string key)
    {
        var encryptedValue = EncryptValue(value, key);
        var iv = Convert.ToBase64String(_iv);
        
        return string.Concat(iv, encryptedValue);
    }
    
    private string EncryptValue(string value, string key)
    {
        // Create our Encryptor
        var transformer = CreateEncryptor(key);
        
        // Using the transformer, encrypt the value
        using (var memory = new MemoryStream())
        {
            using (var stream = new CryptoStream(memory, transformer, CryptoStreamMode.Write))
            {
                using (var streamwriter = new StreamWriter(stream))
                {
                    streamwriter.Write(value);
                    streamwriter.Flush();
                }
            }
            
            // encrypted value is available trough the the memory stream
            var buffer = memory.ToArray();
            return Convert.ToBase64String(buffer);
        }
    }
    
    private ICryptoTransform CreateEncryptor(string keyword)
    {
        // Converts our key to a byte array 
        var key = Encoding.ASCII.GetBytes(keyword);
 
        // https://msdn.microsoft.com/en-us/library/system.security.cryptography.rijndaelmanaged(v=vs.110).aspx
        var rj = new RijndaelManaged
        {
            Mode = CipherMode.CBC,
            Key = key
        };
        
        // Since no iv is supplied, RijndaelManaged generates it for us. 
        _iv = rj.IV;
        return rj.CreateEncryptor();
    }
}
    
    public class Program
    {
        public static void Main(string[] args)
        {
            //Your code goes here
            Console.WriteLine("Hello, world!");
            EncryptExample ee = new EncryptExample();
            Console.WriteLine(ee.EncryptString("Hello, world!", "qwertzuiopasdfghjklyxcvbnmqwertz"));
        }         
    }   
Roy Lambert

Posts: 959
Registered: 10/21/99
Re: Encrypt
Click to report abuse...   Click to reply to this thread Reply
  Posted: Sep 1, 2017 2:03 AM   in response to: grega loboda in response to: grega loboda
grega

Any idea how to deal with this? Most of the posts on the web say what you encrypt in Delphi cannot be decrypted on other side.

The "most of the posts on the web" would be correct if you're encrypting something in Delphi using one encryption method and then trying to decrypt at the other end using a different method.

Before you start looking at how to encrypt using Delphi you first need to find out what the customer's REST server needs.

Roy
Kim Madsen

Posts: 323
Registered: 12/13/99
Re: Encrypt
Click to report abuse...   Click to reply to this thread Reply
  Posted: Sep 1, 2017 2:44 AM   in response to: grega loboda in response to: grega loboda
Delphi has no built in encryption support, but there are several
3rdparty products, some paid, some free.

Example using kbmMW Professional or Enterprise Edition (my middleware
for Delphi/C++Builder):

function EncryptValue(const AValue:string;
const AKey:string):string;
var
aes:TkbmMWCipherAES;
begin
aes:=TkbmMWCipherAES.Create(nil);
try
aes.InitString(AKey,TkbmMWHashSHA256);
Result:=aes.EncryptString(AValue,false);
finally
aes.Free;
end;
end;

I assume that the encryption in C# use standard SHA256 for hashing the
key. Further I assume that the key will be automatically converted to
UTF8 and the Unicode string value (because your example use Base64
encoding), is automatically Base64 encoded on encryption.

By setting false to true (the default), EncryptString would convert the
string to UTF8 first, instead of Base64 converting it.

If the key should also be Base64 encoded, instead of UTF8 encoded, then
you should use InitBytes providing it the Base64 encoded key.

I dont see that your key needs salting, but that is usually advicable.
However the other side obviously needs to agree on that.

best regards
Kim/C4D

www.components4developers.com

On 01/09/2017 09.25, grega loboda wrote:
Hi

First of all, I have no expirience and knowledge about encryption. But a customer has a REST server which I'll use and at login I need to encrypt the password and send. Any idea how to deal with this? Most of the posts on the web say what you encrypt in Delphi cannot be decrypted on other side. Here is a demo code in c# how to enrypt. I need to do that in Delphi.

using System;
using System.Collections.Generic;
using System.Linq;
using System.Text.RegularExpressions;
using System.Security.Cryptography;
using System.IO;
using System.Text;
 
public class EncryptExample
{
    private byte[] _iv;
    
    public EncryptExample()
    {
        _iv = Array.Empty<byte>();
    }
    
    /// <summary>
    /// Encrypts a string using a specific encryption key.
    /// </summary>
    /// <param name="value">String to encrypt</param>
    /// <param name="key">Encryption key to use</param>
    /// <returns>Encrypted value</returns>
    public string EncryptString(string value, string key)
    {
        var encryptedValue = EncryptValue(value, key);
        var iv = Convert.ToBase64String(_iv);
        
        return string.Concat(iv, encryptedValue);
    }
    
    private string EncryptValue(string value, string key)
    {
        // Create our Encryptor
        var transformer = CreateEncryptor(key);
        
        // Using the transformer, encrypt the value
        using (var memory = new MemoryStream())
        {
            using (var stream = new CryptoStream(memory, transformer, CryptoStreamMode.Write))
            {
                using (var streamwriter = new StreamWriter(stream))
                {
                    streamwriter.Write(value);
                    streamwriter.Flush();
                }
            }
            
            // encrypted value is available trough the the memory stream
            var buffer = memory.ToArray();
            return Convert.ToBase64String(buffer);
        }
    }
    
    private ICryptoTransform CreateEncryptor(string keyword)
    {
        // Converts our key to a byte array 
        var key = Encoding.ASCII.GetBytes(keyword);
 
        // https://msdn.microsoft.com/en-us/library/system.security.cryptography.rijndaelmanaged(v=vs.110).aspx
        var rj = new RijndaelManaged
        {
            Mode = CipherMode.CBC,
            Key = key
        };
        
        // Since no iv is supplied, RijndaelManaged generates it for us. 
        _iv = rj.IV;
        return rj.CreateEncryptor();
    }
}
    
    public class Program
    {
        public static void Main(string[] args)
        {
            //Your code goes here
            Console.WriteLine("Hello, world!");
            EncryptExample ee = new EncryptExample();
            Console.WriteLine(ee.EncryptString("Hello, world!", "qwertzuiopasdfghjklyxcvbnmqwertz"));
        }         
    }   

David Wilcockson

Posts: 3
Registered: 2/16/04
Re: Encrypt
Click to report abuse...   Click to reply to this thread Reply
  Posted: Sep 25, 2017 12:43 PM   in response to: Kim Madsen in response to: Kim Madsen
Kim Madsen wrote:
Delphi has no built in encryption support, but there are several

If you are using Windows 10 you can use Winapi.Security.Cryptopgraphy and the TCore_CryptographicEngine. I suspect this is actually using the same code library as C#.

There is good support in Delphi for this with not too many lines of code needed.
Chad Hower

Posts: 437
Registered: 3/2/07
Re: Encrypt
Click to report abuse...   Click to reply to this thread Reply
  Posted: Sep 4, 2017 6:35 AM   in response to: grega loboda in response to: grega loboda
On 9/1/2017 3:25 AM, grega loboda wrote:
First of all, I have no expirience and knowledge about encryption. But a customer has a REST server which I'll use and at login I need to encrypt the password and send. Any idea how to deal with this? Most of the posts on the web say what you encrypt in Delphi cannot be decrypted on other side. Here is a demo code in c# how to enrypt. I need to do that in Delphi.

{code}
using System;
using System.Collections.Generic;
using System.Linq;
using System.Text.RegularExpressions;
using System.Security.Cryptography;
using System.IO;
using System.Text;

There are third party encryption libraries for Delphi, or since you
already have .NET code here you could use CrossTalk and use the same
.NET Encryption from Delphi. CrossTalk even has a .NET encryption in
some of the sample docs.
bernard roussely

Posts: 102
Registered: 2/8/05
Re: Encrypt
Click to report abuse...   Click to reply to this thread Reply
  Posted: Sep 5, 2017 11:18 AM   in response to: grega loboda in response to: grega loboda
You can have a look at TMS Cryptography Pack with lots of examples in the FMX and VCL demos.

http://www.tmssoftware.com/site/tmscrypto.asp

bernard
Legend
Helpful Answer (5 pts)
Correct Answer (10 pts)

Server Response from: ETNAJIVE02