问题
I am trying to write a function that returns the same result in Delphi (RAD Studio 10.2) as the following piece of code in PHP:
<?php
$method = 'AES-256-CTR';
$data = 'Hello, world!';
$key = 'bRuD5WYw5wd0rdHR9yLlM6wt2vteuini';
$vector = 'bf49ea9d61104d8c';
$crypt = openssl_encrypt($data, $method, $key, 0, $vector);
echo $crypt;
?>
I have come up with this function in Pascal (using the DCPcrypt v2.1 library written by David Barton):
procedure TMainForm.Encrypt1ButtonClick(Sender: TObject);
var
Cipher: TDCP_rijndael;
Key, Vector: RawByteString;
Data, Crypt: RawByteString;
begin
Data := 'Hello, world!';
SetLength(Crypt, Length(Data));
Key := 'bRuD5WYw5wd0rdHR9yLlM6wt2vteuini';
Vector := 'bf49ea9d61104d8c';
Cipher := TDCP_rijndael.Create(nil);
try
Cipher.Init(Key[1], 256, @Vector[1]);
Cipher.EncryptCTR(Data[1], Crypt[1], Length(Data));
finally
Cipher.Free;
end;
EncryptEdit.Text := DCPBase64.Base64EncodeStr(Crypt);
end;
And indeed this works (in Windows). Both PHP and Pascal return: pEP16OOxov9QDfraIg==
However, if I compile the same code for Android and run it on my tablet, I get a very different result. Why is that?
I did read the documentation about converting code for fmx, specifically the stuff that deals with string handling, but I still don't understand why. Even if RawByteString would be 0-based instead of 1-based, I still get a difference (tried with [0] instead of [1]). A RawByteString does not have a codepage attached, right? So the problem can't be caused by some string conversion (I think). So what is going on here?
回答1:
After working on this for 3 days, I finally got it working. The key was to completely eliminate the use of strings and only use the TBytes based routines in DCPCrypt. The code below is a test program for testing all the different chaining modes that DCPCrypt supports. I also added a function that implements the four padding modes I found here (for use with CBC and ECB): https://en.wikipedia.org/wiki/Padding_(cryptography) as well as zero padding and random padding. I chose not to use DCPCrypt's own Base64 functions, because they turned out not to be compatible with FMX. Instead I use their counterparts from the System.NetEncoding unit. Please, I consider myself to be just an average programmer, so I expect the true Delphi wizzards among you to find lots to criticize. But that's ok. I will adapt the code if good feedback is given. As it is now, the code works and produces results that are compatible with PHP's openssl functions (tested with CTR mode). I only post this here in the hopes that it might be useful to someone looking for the same solution I was.
unit MainUnit;
interface
uses
System.SysUtils, System.Types, System.UITypes, System.Classes, System.Variants, System.NetEncoding,
FMX.Types, FMX.Controls, FMX.Forms, FMX.Graphics, FMX.Dialogs, FMX.StdCtrls, FMX.Layouts,
FMX.ScrollBox, FMX.Memo, FMX.Edit, FMX.Controls.Presentation,
DCPcrypt2, DCPsha256, DCPblockciphers, DCPrijndael;
type
TChainingMode = (cmCBC, cmCFB8bit, cmCFBblock, cmOFB, cmCTR, cmECB);
TPaddingMode = (pmZeroPadding, pmANSIX923, pmISO10126, pmISO7816, pmPKCS7, pmRandomPadding);
type
TMainForm = class(TForm)
ScrollBox: TScrollBox;
KeySizeLabel: TLabel;
ChainingLabel: TLabel;
EncodingLabel: TLabel;
PaddingLabel: TLabel;
KeyLabel: TLabel;
InitVectorLabel: TLabel;
DataLabel: TLabel;
DecryptedLabel: TLabel;
CipherLabel: TLabel;
EncryptedLabel: TLabel;
rbRijndael: TRadioButton;
rb128bit: TRadioButton;
rb256bit: TRadioButton;
rbANSI: TRadioButton;
rbUTF8: TRadioButton;
rbUnicode: TRadioButton;
rbCBC: TRadioButton;
rbOFB: TRadioButton;
rbCTR: TRadioButton;
rbECB: TRadioButton;
rbCFB8bit: TRadioButton;
rbCFBblock: TRadioButton;
rbZeroPadding: TRadioButton;
rbANSIX923: TRadioButton;
rbISO10126: TRadioButton;
rbISO7816: TRadioButton;
rbPKCS7: TRadioButton;
rbRandomPadding: TRadioButton;
KeyEdit: TEdit;
InitVectorEdit: TEdit;
DataMemo: TMemo;
EncryptedMemo: TMemo;
DecryptedMemo: TMemo;
EncryptButton: TButton;
DecryptButton: TButton;
procedure FormCreate(Sender: TObject);
procedure EncryptButtonClick(Sender: TObject);
procedure DecryptButtonClick(Sender: TObject);
public
procedure GetOptions(var Key: TBytes; var KeySize: integer; var InitVector: TBytes;
var Encoding: TEncoding; var ChainingMode: TChainingMode; var PaddingMode: TPaddingMode);
end;
var
MainForm: TMainForm;
implementation
{$R *.fmx}
{$R *.LgXhdpiPh.fmx ANDROID}
function BytesToHex(B: TBytes): string;
var
I: integer;
begin
Result := '';
for I := Low(B) to High(B) do Result := Result + IntToHex(B[I]) + ' ';
end;
procedure BytePadding(var Data: TBytes; BlockSize: integer; PaddingMode: TPaddingMode);
// Supports: ANSI X.923, ISO 10126, ISO 7816, PKCS7, zero padding and random padding
var
I, DataBlocks, DataLength, PaddingStart, PaddingCount: integer;
begin
BlockSize := BlockSize div 8; // convert bits to bytes
// Zero and Random padding do not use end-markers, so if Length(Data) is a multiple of BlockSize, no padding is needed
if PaddingMode in [pmZeroPadding, pmRandomPadding] then
if Length(Data) mod BlockSize = 0 then Exit;
DataBlocks := (Length(Data) div BlockSize) + 1;
DataLength := DataBlocks * BlockSize;
PaddingCount := DataLength - Length(Data);
// ANSIX923, ISO10126 and PKCS7 store the padding length in a 1 byte end-marker, so any padding length > $FF is not supported
if PaddingMode in [pmANSIX923, pmISO10126, pmPKCS7] then
if PaddingCount > $FF then Exit;
PaddingStart := Length(Data);
SetLength(Data, DataLength);
case PaddingMode of
pmZeroPadding, pmANSIX923, pmISO7816: // fill with $00 bytes
FillChar(Data[PaddingStart], PaddingCount, 0);
pmPKCS7: // fill with PaddingCount bytes
FillChar(Data[PaddingStart], PaddingCount, PaddingCount);
pmRandomPadding, pmISO10126: // fill with random bytes
for I := PaddingStart to DataLength-1 do Data[I] := Random($FF);
end;
case PaddingMode of
pmANSIX923, pmISO10126:
Data[DataLength-1] := PaddingCount; // set end-marker with number of bytes added
pmISO7816:
Data[PaddingStart] := $80; // set fixed end-markder $80
end;
end;
procedure EncryptAES(const Data: TBytes; var Crypt: TBytes; const Key: TBytes; KeySize: integer;
const InitVector: TBytes; ChainingMode: TChainingMode; PaddingMode: TPaddingMode); overload;
var
Cipher: TDCP_rijndael;
begin
Cipher := TDCP_rijndael.Create(nil);
try
Cipher.Init(Key[0], KeySize, @InitVector[0]);
// Copy Data => Crypt
Crypt := Copy(Data, 0, Length(Data));
// Padd Crypt to required length (for Block based algorithms)
if ChainingMode in [cmCBC, cmECB] then
BytePadding(Crypt, Cipher.BlockSize, PaddingMode);
// Encrypt Crypt using the algorithm specified in ChainingMode
case ChainingMode of
cmCBC: Cipher.EncryptCBC(Crypt[0], Crypt[0], Length(Crypt));
cmCFB8bit: Cipher.EncryptCFB8bit(Crypt[0], Crypt[0], Length(Crypt));
cmCFBblock: Cipher.EncryptCFBblock(Crypt[0], Crypt[0], Length(Crypt));
cmOFB: Cipher.EncryptOFB(Crypt[0], Crypt[0], Length(Crypt));
cmCTR: Cipher.EncryptCTR(Crypt[0], Crypt[0], Length(Crypt));
cmECB: Cipher.EncryptECB(Crypt[0], Crypt[0]);
end;
finally
Cipher.Free;
end;
end;
procedure DecryptAES(const Crypt: TBytes; var Data: TBytes; const Key: TBytes; KeySize: integer;
const InitVector: TBytes; ChainingMode: TChainingMode; PaddingMode: TPaddingMode); overload;
var
Cipher: TDCP_rijndael;
I: integer;
begin
Cipher := TDCP_rijndael.Create(nil);
try
Cipher.Init(Key[0], KeySize, @InitVector[0]);
// Copy Crypt => Data
Data := Copy(Crypt, 0, Length(Crypt));
// Decrypt Data using the algorithm specified in ChainingMode
case ChainingMode of
cmCBC: Cipher.DecryptCBC(Data[0], Data[0], Length(Data));
cmCFB8bit: Cipher.DecryptCFB8bit(Data[0], Data[0], Length(Data));
cmCFBblock: Cipher.DecryptCFBblock(Data[0], Data[0], Length(Data));
cmOFB: Cipher.DecryptOFB(Data[0], Data[0], Length(Data));
cmCTR: Cipher.DecryptCTR(Data[0], Data[0], Length(Data));
cmECB: Cipher.DecryptECB(Data[0], Data[0]);
end;
// Correct the length of Data, based on the used PaddingMode (only for Block based algorithms)
if ChainingMode in [cmCBC, cmECB] then
case PaddingMode of
pmANSIX923, pmISO10126, pmPKCS7: // these modes store the original Padding count in the last byte
SetLength(Data, Length(Data) - Data[Length(Data)-1]);
pmISO7816: // this mode uses a fixed end-marker. Find it and correct length accordingly.
for I := Length(Data)-1 downto 0 do
if Data[I] = $80 then
begin
SetLength(Data, I);
Break;
end;
end;
finally
Cipher.Free;
end;
end;
procedure TMainForm.FormCreate(Sender: TObject);
begin
EncryptedMemo.Lines.Clear;
DecryptedMemo.Lines.Clear;
end;
procedure TMainForm.GetOptions(var Key: TBytes; var KeySize: integer; var InitVector: TBytes;
var Encoding: TEncoding; var ChainingMode: TChainingMode; var PaddingMode: TPaddingMode);
begin
KeySize := 256;
Encoding := TEncoding.ANSI;
ChainingMode := cmCBC;
PaddingMode := pmPKCS7;
if rb128bit.IsChecked then KeySize := 128;
if rb256bit.IsChecked then KeySize := 256;
if rbCBC.IsChecked then ChainingMode := cmCBC;
if rbCFB8bit.IsChecked then ChainingMode := cmCFB8bit;
if rbCFBblock.IsChecked then ChainingMode := cmCFBblock;
if rbOFB.IsChecked then ChainingMode := cmOFB;
if rbCTR.IsChecked then ChainingMode := cmCTR;
if rbECB.IsChecked then ChainingMode := cmECB;
if rbZeroPadding.IsChecked then PaddingMode := pmZeroPadding;
if rbANSIX923.IsChecked then PaddingMode := pmANSIX923;
if rbISO10126.IsChecked then PaddingMode := pmISO10126;
if rbISO7816.IsChecked then PaddingMode := pmISO7816;
if rbPKCS7.IsChecked then PaddingMode := pmPKCS7;
if rbRandomPadding.IsChecked then PaddingMode := pmRandomPadding;
if rbANSI.IsChecked then Encoding := TEncoding.ANSI;
if rbUTF8.IsChecked then Encoding := TEncoding.UTF8;
if rbUnicode.IsChecked then Encoding := TEncoding.Unicode;
Key := Encoding.GetBytes(KeyEdit.Text);
InitVector := Encoding.GetBytes(InitVectorEdit.Text);
end;
procedure TMainForm.EncryptButtonClick(Sender: TObject);
var
Keysize: integer;
Encoding: TEncoding;
ChainingMode: TChainingMode;
PaddingMode: TPaddingMode;
Key, InitVector, Data, Crypt: TBytes;
begin
GetOptions(Key, KeySize, InitVector, Encoding, ChainingMode, PaddingMode);
Data := Encoding.GetBytes(DataMemo.Text);
EncryptAES(Data, Crypt, Key, KeySize, InitVector, ChainingMode, PaddingMode);
EncryptedMemo.Text := TNetEncoding.Base64.EncodeBytesToString(Crypt);
end;
procedure TMainForm.DecryptButtonClick(Sender: TObject);
var
Keysize: integer;
Encoding: TEncoding;
ChainingMode: TChainingMode;
PaddingMode: TPaddingMode;
Key, InitVector, Data, Crypt: TBytes;
begin
GetOptions(Key, KeySize, InitVector, Encoding, ChainingMode, PaddingMode);
Crypt := TNetEncoding.Base64.DecodeStringToBytes(EncryptedMemo.Text);
DecryptAES(Crypt, Data, Key, KeySize, InitVector, ChainingMode, PaddingMode);
DecryptedMemo.Text := Encoding.GetString(Data);
end;
end.
回答2:
Android strings start from position 0. You can use low(Data)
that will return the first character of string, also the library internally uses string from position 1, that won't run in android or ios. For multi-platform we shouldn't use for i:=1 to length(string)
instead we should use for l in string
I think LockBox3 should solve your problem.
来源:https://stackoverflow.com/questions/43523262/delphi-fmx-dcpcrypt2-in-windows-produces-different-result-in-android-ios