I just installed version 5 of “cryptography pack,” and I see differences in how it works compared to v4 for AES encryption (for now).
In the old version, a 256-bit key required 32 characters, but in v5, you need 64 characters for a 256-bit key (the same number of characters is required for a 128-bit key).
My problem is that passwords were encrypted and stored in the database using CBC mode with a 256-bit key for a Base64 output format in version 4.
However, with version 5, decrypting these passwords does not work.
My question is: how can I decrypt these passwords from v4 with v5? Is there an intermediate step? i.e., decrypt with v4 then re-encrypt with v5?
The thread should indeed help you as the issue looks very similar.
Here what I said at that time.
“Just on "in earlier versions the key length was shorter": no, the key was in 'raw' format by default, so the length was then 32 bytes for kl256. If you use a key converted to 'hexa', then the size is 64 bytes.
The new 'inputFormat' property allows users to select the format (raw, hexa, base64, base64url or base32). The 'issue' is that the format shall be applied to all parameters (key, IV, salt, etc.) and input (text string or file).
Then, you are correct that parameters for the key have an order. Because of the possible encoding of the key, it is not possible to identify the key size only with the number of bytes in the key. A key length is also required.”
You can have a look at the code towards the end of the thread. It should fix your issue, with the appropriate format conversions.
Bernard. I have the same error. I just don't want to create another thread. Previously, key was equal to 32 characters. On the client side, files were encrypted with this key. Today the same error was updated that the length should be 16. At the same time, the TAESEncryption component lost the keyLength object inspector field. And if I forcibly specify keyLength := kl256 in the code, Delphi does not compile. I also read this thread: AES decryption fails with invalid key length - #11 by Fab
And I didn’t understand how to solve the problem, because your last code in this post does not compile, it also gives an error:
Laes.KeyLength:= kl256;
How can I fix it so that on the client side the key of 32 characters is saved and it decrypts old files?
I already had 5.0.1.0. And it worked fine there. Component cast on the form (SEA). There are the following settings (the key is indicated as an example, on the client side it is its own, but also 32 characters)
I moved the TAESKeyLength declaration from the AESObj file to CryptoConst.pas (to reduce duplication and to reduce conversions between identical constants from different files). The side effect is that the KeyLength property is no longer in the visual AESEncryption class. There may be a valid explanation, but it looks strange to me. Possibly a compiler issue that I am not aware of.
To fix that, you need to assign the key size in your code, as it is no longer in the graphic component.
