Can't get same Hash results between Cryptography pack 4 and 5

VCL TMS Cryptography Pack
1

Is it possible to have the installer of latest v4 (4.3.3) of TMS Cryptography pack ? I just cant get v5 working the same and all my previous hash are invalidated despite testing all options for THashSHA2

it was created this way :
sha_2 := TSHA2Hash.Create(THashSize.hs256);
with sha_2 do
begin
HashSizeBytes := 256;
outputFormat := TConvertType.base64;
Unicode := TUnicode.yesUni;
end;

sha_2.Hash(aString);

I tried simply switching from hashSizeByte to hashsize:=hs256 , or differently :
sha_2 := TSHA2Hash.Create(THashSize.hs256);
with sha_2 do
begin
inputFormat := TConvertType.raw;
outputFormat := TConvertType.base64;
Unicode := TUnicode.yesUni;
end;
with raw or noFormat but the result is still different from needed (can't get same result of previous compiled code).

Thanks in advance !

2

Hi, most likely a conversion issue.

What is the input you want to hash?

inputFormat := TConvertType.raw doesn’t convert, but makes the assumption that the input is a ‘raw’ string.

If the input is something like s := ‘AE12F7E3251764CE’ (hex string) then you have 2 options:

inputFormat := TConvertType.hexa;

then hash(s)

or

s := Conv.ToCharString(s);

inputFormat := TConvertType.raw;

then hash(s).

Regards,

bernard

3

Thanks for your answer. The string is a simple simple (a concatenation of db fields as string). I have an encryption after the hash that i could decrypt thanks to secure log option in my old version, and i now get the same Hash thanks to inputFormat := TConvertType.raw;

it’s the new encryption Encrypt that’s not Decrypt-able with old version and vice-versa. new encrypt gives me a much wider string, whereas old decrypt of this field fails.
Its code didn’t change, but default value for some parameters must be different. input format wasn’t defined either :
aes := TAESEncryption.Create(self);
with aes do
begin
AType := atCTR;
keyLength := kl256;
Unicode := yesUni;
key := aSecured32charString;
inputFormat := TConvertType.base64; // raw(default) // noFormat <-- test (LINE ADDED V5)
outputFormat := TConvertType.base64;
paddingMode := TPaddingMode.PKCS7;
IVMode := TIVMode.rand;
end;

if you could provide me with last v4 installer for Delphi 12, i could rollback and check for differences.

4

V4 should appera in your product list.

You have several threads on this very issue in the TMS CP support section (AES or error -208 or similar).

5

Only the latest version is available. (website, tmsgui, tmssubscrptionmanager)

6

Hello,

I am checking for the location of previous versions with colleagues from support.

In the meantime, can you send me an example of a string and the resulting hash with 4.3.3 (and the code if different from the first post’s?

bernard [at] tmssoftware [dot] com

Regards,

bernard

7

the old version was under the name “TMS Cryptography Pack classic version (43.29 MB)” on web interface.

now i need a way to be able to Decrypt old entries with the new version… while treating new data the same way. I will take the time to look to other threads concerning the library evolution later, but if you have some hints on handling deciphering with new version of old version result declared this way, this will be warmly welcome :

aes := TAESEncryption.Create(self);
with aes do
begin
AType := atCTR;
keyLength := kl256;
Unicode := yesUni;
key := aSecured32charString;
outputFormat := TConvertType.base64;
paddingMode := TPaddingMode.PKCS7;
IVMode := TIVMode.rand;
end;

8

4.3.1 code (no difference with 4.3.3 for AES)

procedure TDemoForm.AESDebugBtnClick(Sender: TObject);
var
Laes: TAESEncryption;
LCipher, LResultat: string;
Conv: TConvert;

begin
Laes:= TAESEncryption.Create;
Conv := TConvert.Create(hexa);
try
Laes.AType:=              atCBC;
Laes.KeyLength:=          kl128;
Laes.Unicode :=           yesUni;
Laes.Key:=                '1234567890123456';
Laes.OutputFormat :=      hexa;
Laes.PaddingMode:=        TpaddingMode.PKCS7;
Laes.IVMode:=             rand; // will be converted to hexa in the cryptogram
// Encrypt
LCipher:= Laes.Encrypt('Any string for a test'); // raw string, unicode
MainMemo.Lines.Add('Cryptogram: ' + LCipher); // hex output
// Decrypt


//    Laes.OutputFormat := raw;
Laes.Decrypt(LCipher, LResultat);
MainMemo.Lines.Add('Cleartext: ' + LResultat);

finally
Conv.Free;
Laes.Free;
end;
end;

AS ‘IV’ is ‘rand’, you won’t get the same output, but here is an example in 5.1.1.6.

procedure TDemoForm.AESDebugBtnClick(Sender: TObject);
var
Laes: TAESEncryption;
LCipher, LResultat: string;
Conv: TConvert;

begin
Laes:= TAESEncryption.Create;
Conv := TConvert.Create();
try
Laes.AType        := atCBC;
Laes.KeyLength    := kl128;
Laes.Unicode      := yesUni;
Laes.Key          := '1234567890123456'; // 'raw' key
Laes.inputFormat  := raw;
Laes.OutputFormat := raw;
Laes.PaddingMode  := TpaddingMode.PKCS7;
Laes.IVMode       := rand; // will be converted to hexa in the cryptogram
// Encrypt (useless when LCipher is forced like below)
LCipher:= Laes.Encrypt('Any string for a test'); // raw string, unicode
MainMemo.Lines.Add('Cryptogram: ' + Conv.ToHexString(LCipher)); // hex output
// Decrypt
// inputFormat is raw, convert Cryptogram that was in hex
Conv.AType := hexa;

// we want the output as a raw string (or whatever else)
// from 4.3.1 (the example)
LCipher := '7A9677686D855EDDAE593F936472FE3C1AF910DD839666AE989B19566414FE3ED109DCFBB9843356E7C025D71EC24426';
LCipher := Conv.ToCharString(LCipher); // HERE IS THE CONVERSION
Laes.OutputFormat := raw; // We want some ASCII or UNICODE STRING BACK
Laes.Decrypt(LCipher, LResultat);
MainMemo.Lines.Add('Cleartext: ' + LResultat);

finally
Conv.Free;
Laes.Free;
end;
end;

4.3.1 runs on RAD Studio 11.3 and 5.1.1.6 runs on RAD Studio 13.0 with all patches.

LCipher := '7A9677686D855EDDAE593F936472FE3C1AF910DD839666AE989B19566414FE3ED109DCFBB9843356E7C025D71EC24426';

was obtained with 4.3.1.