|
Author | EncryptString returns empty string |
Rael Bauer 2018-04-30 15:55:42 Registered user |
Hi,
In below code it appears EncryptString returns an empty string: const PlainText = 'he who doesn''t do anything, doesn''t go wrong -- Zeev Suraski'; Password = 'glop'; var S: AnsiString; begin S := EncryptString(caBlowFish, cmECB, Password, PlainText); S := StrToMIME64(S); //S := Encode(S); ShowMessage(S); I tried with AnsiString and OctetString. What am I doing wrong? ST_2.3.1.273, DXE4 Rael |
Henrick Wibell Hellström 2018-04-30 17:42:48 Registered user |
Hard to tell, I get the result 'KHq7nOro7pkbC7pKPNzUyIHGiaJj3u65S7QEYulK5MawZd2mHMZVkNaWFTm1yJHmwKb9MEFREHJ3KMnwaJdC9w==' with SecUtils, SsBlowfish and SsBase64 in the uses clause (ST_2.3.1.273, DXE4 as well).
If SsBlowfish is not used by the project, the result will however be an empty string. (v2.x specific behavior, in ST 4.0 an exception will be raised.) This might be what you are experiencing. Also please note that ECB is not a proper chaining mode. There are very unlikely many scenarios where the scheme in your example would be cryptologically optimal. |
Rael Bauer 2018-04-30 19:00:32 Registered user |
I can confirm it works if I add SsBlowFish to the uses Clause.
Thanks |
Rael Bauer 2018-05-01 00:43:24 Registered user |
If I use cmCBC, then I get this error:
'CBC mode encryption requires Encryptor' and similar for Decryption |
Henrick Wibell Hellström 2018-05-01 08:28:52 Registered user |
Confirmed. It should be noted that for over a decade, v2.3 has only been maintained for its SSL/TLS support. Since Blowfish isn't one of the SSL/TLS ciphers, the recommendation is to use the v4.0 implementation of Blowfish instead.
That said, fixing the issue is just a matter of adding SetDirection(cdBoth); as the last line of the TBlowfish_ECB.SetUp method. |