I have a class hierarchy which abstracts the Lockbox crypto components. Specifically, we are interested in AES-265 with PKCS#5 padding.
The class instance is set correctly with CBC and the encoding explicitly set to ANSI but the resulting output is scrambled, which means that the padding is off. Alas, CBC supports more than one padding scheme and I think Lockbox isn't using the one we need.
Do you have any ideas where I am going wrong?
This is the class hierarchy's relevant code:
TsmEncryptBase = class(TInterfacedObject, IsmEncryption)
private
FLib: TCryptographicLibrary;
protected
FCodec: TCodec;
function Encrypt: Boolean; virtual; abstract;
function Decrypt: Boolean; virtual; abstract;
public
constructor Create(const APassword: string;
const aCipherId: string = 'native.AES-256';
const aChainModeId:string = 'native.CBC');
destructor Destroy; override;
end;
constructor TsmEncryptBase.Create(const APassword: string; const aCipherId:
string; const aChainModeId: string);
begin
inherited Create;
FLib := TCryptographicLibrary.Create(nil);
// FLib.RegisterBlockChainingModel( TPure_ECB.Create as IBlockChainingModel);
FCodec := TCodec.Create(nil);
FCodec.CryptoLibrary := FLib;
FCodec.StreamCipherId := uTPLb_Constants.BlockCipher_ProgId;
FCodec.BlockCipherId := aCipherId;
FCodec.ChainModeId := uTPLb_Constants.CBC_ProgId;
FCodec.Password := APassword;
end;
TsmFileEncryptAES = class(TsmEncryptBase)
private
FPlainTextFileName: string;
FEncryptedFileName: string;
protected
function Encrypt: boolean; override;
function Decrypt: Boolean; override;
public
constructor Create(const APlainTextFileName, AEncryptedFileName,
APassword: string);
end;
constructor TsmFileEncryptAES.Create(const APlainTextFileName, AEncryptedFileName,
APassword: string);
begin
inherited Create(APassword);
FPlainTextFileName := APlainTextFileName;
FEncryptedFileName := AEncryptedFileName;
FCodec.Encoding := TEncoding.ANSI;
end;
The code is used like so:
procedure TForm1.AESFileDecryptClick(Sender: TObject);
var lEncrypt: IsmEncryption;
begin
lEncrypt := TsmFileEncryptAES.Create(AESFileSaveTo.AsString,
AESSourceFile.AsString, AESFileKey.AsString);
lEncrypt.Decrypt;
end;
Any ideas?