Issues with v5.0.9.5

VCL TMS Cryptography Pack
1

Hi TMS support team. Can you please look at the code below? This used to work on Delphi 12.x with Crypt v4. Now using Delphi 13, i seem to have to use crypt v5 but it breaks the below functionality when decrypting the encrypted strings. What is the solution to get Decrypt working again?

function Encrypt(const AText: string; const APassword: string): string;
var
  aes: TAESEncryption;
  myPass : string;
begin
  result := '';
  MyPass := APassword;
  MyPass := MyPass + StringOfChar (' ', 32 - Length(MyPass) ); { fill passphrase to a required length of 32 chars }

  aes:= TAESEncryption.Create;
  try
    aes.AType        := atCTR;
    aes.keyLength    := kl256;
    aes.outputFormat := base64url;
    aes.Key          := myPass;
    aes.PaddingMode  := TpaddingMode.PKCS7;
    aes.IVMode       := TIVMode.rand;
    aes.Unicode      := yesUni;
    result := aes.Encrypt(AText);
  finally
    aes.Free;
  end;

end;

function Decrypt(const AText: string; const APassword: string): string;
var
  aes: TAESEncryption;
  myPass : string;
begin
  result := '';
  MyPass := APassword;
  MyPass := MyPass + StringOfChar (' ', 32 - Length(MyPass) ); { fill passphrase to a required length of 32 chars }

  try
    aes:= TAESEncryption.Create;
    try
      aes.AType        := atCTR;
      aes.keyLength    := kl256;
      aes.outputFormat := base64url;
      aes.Key          := myPass;
      aes.PaddingMode  := TpaddingMode.PKCS7;
      aes.IVMode       := TIVMode.rand;
      aes.Unicode      := yesUni;
      result := aes.Decrypt(AText);
    finally
      aes.Free;
    end;
  except
    //
  end;

end;
2

Bump. This is still not fixed in v5.0.9.7.
Please!!!
I have many users, all licensed so I have many stored passwords.
Due to this I can't upgrade to the latest Delphi and have to stay with the old legacy v4 version of this component.
Does anyone have any idea on what I can do to fix this?
Any help is greatly appreciated

3

Hi,
Did you check this?

4

Yes of course. did you check the simple code that I provided at the start of this request? It is quite simple. This used to work in the previous v4 version.
I now have numerous encrypted data from numerous users that I can't get to decrypt anymore.
Although in the end, I've been able to come up with something (using ChatGPT) that at least can be used to decrypt the text, albeit not unicode so Asian text can still not be decrypted properly.
I hope you guys come up with a decent and workable solution else I'm going to have to move away from your component and look elsewhere.

5

I see what the issues are.

  1. IV contains the counter, that, in principle, starts at 0. The CTR mode should not use
    aes.IVMode := TIVMode.rand. You get an exception as the CTR is not assigned in this case.
    I can fix that by adding 'rand' and storing it with result (that would deviate from the standard).

  2. the output of encryption is base64url. Then the input of decryption for data and key shall be base64url. However, it is better to convert the cryptogram to 'raw' before decrypting.

I tested IVMode:=userdefined with AText := '简单明文' and the input conversion to 'raw' before decryption and it works fine.

Do you want to add the IVMode := rand?