- Correção de Bug na Cripto AES (Nativa do RAL)

- Implementação de Cripto usando OpenSSL

Author: FernandoBanhos

src/base/RALTypes.pas

@@ -88,6 +88,9 @@ function RALHighStr(const AStr: StringRAL): integer;
 function StringToBytesUTF8(const AString: StringRAL): TBytes;
 function BytesToStringUTF8(const ABytes: TBytes): StringRAL;
 
+function StringToBytes(const AString: StringRAL): TBytes;
+function BytesToString(const ABytes: TBytes): StringRAL;
+
 {$IF NOT Defined(FPC) AND NOT Defined(DELPHIXE6UP)}
 function DateToISO8601(const AValue: TDateTime): StringRAL;
 function ISO8601ToDate(const AValue: StringRAL): TDateTime;
@@ -107,6 +110,21 @@ function RALHighStr(const AStr: StringRAL): integer;
   {$IFEND}
 end;
 
+function StringToBytes(const AString: StringRAL): TBytes;
+{$IFNDEF HAS_Encoding}
+  var
+    vStr : ansistring;
+{$ENDIF}
+begin
+  {$IFDEF HAS_Encoding}
+    Result := TEncoding.ANSI.GetBytes(AString);
+  {$ELSE}
+    vStr := AString;
+    SetLength(Result, Length(vStr));
+    Move(vStr[POSINISTR], Result[0], Length(vStr));
+  {$ENDIF}
+end;
+
 function StringToBytesUTF8(const AString: StringRAL): TBytes;
 {$IFNDEF HAS_Encoding}
   var
@@ -122,6 +140,21 @@ function StringToBytesUTF8(const AString: StringRAL): TBytes;
   {$ENDIF}
 end;
 
+function BytesToString(const ABytes: TBytes): StringRAL;
+{$IFNDEF HAS_Encoding}
+  var
+    vStr : ansistring;
+{$ENDIF}
+begin
+  {$IFDEF HAS_Encoding}
+    Result := TEncoding.ANSI.GetString(ABytes);
+  {$ELSE}
+    SetLength(vStr, Length(ABytes));
+    Move(ABytes[0], vStr[POSINISTR], Length(ABytes));
+    Result := UTF8Decode(vStr);
+  {$ENDIF}
+end;
+
 function BytesToStringUTF8(const ABytes: TBytes): StringRAL;
 {$IFNDEF HAS_Encoding}
   var

src/utils/RALBase64.pas

@@ -24,7 +24,7 @@   TRALBase64 = class
     class function DecodeAsBytes(AValue: TStream): TBytes; overload;
     class function DecodeAsStream(AValue: TStream): TStream; overload;
     class function DecodeAsStream(AValue: StringRAL): TStream; overload;
-    class function Encode(const AValue: StringRAL): StringRAL; overload;
+    class function Encode(const AValue: StringRAL; ABinary : boolean = false): StringRAL; overload;
     class function Encode(AValue: TBytes): StringRAL; overload;
     class function Encode(AValue: TStream): StringRAL; overload;
     class function EncodeAsBytes(const AValue: StringRAL): TBytes; overload;
@@ -72,7 +72,7 @@ class function TRALBase64.Decode(const AValue: StringRAL): StringRAL;
   vStream: TStream;
 begin
   if AValue = '' then
-    Raise Exception.Create(emHMACEmptyText);
+    raise Exception.Create(emHMACEmptyText);
 
   vStream := StringToStreamUTF8(AValue);
   try
@@ -158,7 +158,7 @@ class function TRALBase64.DecodeAsStream(AValue: StringRAL): TStream;
 var
   vStream: TStream;
 begin
-  vStream := StringToStreamUTF8(AValue);
+  vStream := StringToStream(AValue);
   try
     Result := DecodeAsStream(vStream);
   finally
@@ -195,7 +195,7 @@ class function TRALBase64.DecodeAsBytes(const AValue: StringRAL): TBytes;
 var
   vStream: TStream;
 begin
-  vStream := StringToStreamUTF8(AValue);
+  vStream := StringToStream(AValue);
   try
     Result := DecodeAsBytes(vStream);
   finally
@@ -339,14 +339,18 @@ class function TRALBase64.DecodeBase64(AInput, AOutput: PByte;
   end;
 end;
 
-class function TRALBase64.Encode(const AValue: StringRAL): StringRAL;
+class function TRALBase64.Encode(const AValue: StringRAL; ABinary : boolean): StringRAL;
 var
   vStream: TStream;
 begin
   if AValue = '' then
-    Raise Exception.Create(emHMACEmptyText);
+    raise Exception.Create(emHMACEmptyText);
+
+  if ABinary then
+    vStream := StringToStream(AValue)
+  else
+    vStream := StringToStreamUTF8(AValue);
 
-  vStream := StringToStreamUTF8(AValue);
   try
     Result := Encode(vStream);
   finally

src/utils/RALCripto.pas

@@ -32,14 +32,14 @@   TRALCripto = class
   protected
     procedure SetKey(const AValue: StringRAL); virtual;
   public
-    function Decrypt(const AValue: StringRAL): StringRAL; overload;
+    function Decrypt(const AValue: StringRAL; ABinary : boolean = false): StringRAL; overload;
     function Decrypt(AValue: TBytes): StringRAL; overload;
     function Decrypt(AValue: TStream): StringRAL; overload;
     function DecryptAsBytes(const AValue: StringRAL): TBytes; overload;
     function DecryptAsBytes(AValue: TBytes): TBytes; overload;
     function DecryptAsBytes(AValue: TStream): TBytes; overload;
     function DecryptAsStream(AValue: TStream): TStream; virtual; abstract;
-    function Encrypt(const AValue: StringRAL): StringRAL; overload;
+    function Encrypt(const AValue: StringRAL; ABinary : boolean = false): StringRAL; overload;
     function Encrypt(AValue: TBytes): StringRAL; overload;
     function Encrypt(AValue: TStream): StringRAL; overload;
     function EncryptAsBytes(const AValue: StringRAL): TBytes; overload;
@@ -71,12 +71,20 @@ procedure TRALCripto.SetKey(const AValue: StringRAL);
   FKey := AValue;
 end;
 
-function TRALCripto.Encrypt(const AValue: StringRAL): StringRAL;
+function TRALCripto.Encrypt(const AValue: StringRAL; ABinary : boolean): StringRAL;
 var
   vInputStream: TStringStream;
 begin
+<<<<<<< HEAD
+  if ABinary then
+    vStream := StringToStream(AValue)
+  else
+    vStream := StringToStreamUTF8(AValue);
+
+=======
   { TODO -cCompatibilidade : Melhorar esse código pra compatibilizar com versões antigas do Delphi }
   vInputStream := nil;
+>>>>>>> 37ded8a62a3bb2216bf3ebab8873cede96fc7d8d
   try
     vInputStream := TStringStream.Create(AValue, TEncoding.UTF8);
     vInputStream.Position := 0;
@@ -86,15 +94,23 @@ function TRALCripto.Encrypt(const AValue: StringRAL): StringRAL;
   end;
 end;
 
-function TRALCripto.Decrypt(const AValue: StringRAL): StringRAL;
+function TRALCripto.Decrypt(const AValue: StringRAL; ABinary : boolean): StringRAL;
 var
   vInputStream: TStringStream;
 begin
+<<<<<<< HEAD
+  if ABinary then
+    vStream := StringToStream(AValue)
+  else
+    vStream := StringToStreamUTF8(AValue);
+
+=======
   { TODO -cCompatibilidade : Melhorar esse código pra compatibilizar com versões antigas do Delphi }
   if AValue = '' then
     Raise Exception.Create(emHMACEmptyText);
 
   vInputStream := nil;
+>>>>>>> 37ded8a62a3bb2216bf3ebab8873cede96fc7d8d
   try
     {$IFDEF FPC}
     vInputStream := TStringStream.Create(TRALBase64.Decode(AValue), TEncoding.UTF8);

src/utils/RALCriptoAES.pas

@@ -1,4 +1,9 @@
+<<<<<<< HEAD
+/// Unit for AES Criptography functions
+/// AES EBC (Sem IV)
+=======
 /// Unit for AES Criptography functions
+>>>>>>> 37ded8a62a3bb2216bf3ebab8873cede96fc7d8d
 unit RALCriptoAES;
 
 {$I ..\base\PascalRAL.inc}
@@ -631,16 +636,15 @@ procedure TRALCriptoAES.KeyExpansion;
   vNb := cBlockSize;
   vNr := cNumberRounds[FAESType];
 
-  SetLength(vKey, 4 * vNk);
-  FillChar(vKey[0], 4 * vNk, 0);
-  SetLength(FWordKeys, vNb * (vNr + 1));
+  vKey := StringToBytesUTF8(Key);
 
   vInt := 4 * vNk;
   if Length(Key) < vInt then
     vInt := Length(Key);
 
-  if Length(Key) > 0 then
-    Move(Key[PosIniStr], vKey[0], vInt);
+  SetLength(vKey, 4 * vNk);
+  FillChar(vKey[vInt], (4 * vNk) - vInt, 0);
+  SetLength(FWordKeys, vNb * (vNr + 1));
 
   for vInt := 0 to Pred(vNk) do
     FWordKeys[vInt] := PCardinal(@vKey[4 * vInt])^;
@@ -681,6 +685,7 @@ function TRALCriptoAES.EncryptAsStream(AValue: TStream): TStream;
 begin
   if not CheckKey then
     Exit;
+
   vPadding := 0;
   AValue.Position := 0;
   vPosition := 0;

src/utils/RALCriptoOpenSSL.pas

@@ -0,0 +1,171 @@
+unit RALCriptoOpenSSL;
+
+{$I ..\base\PascalRAL.inc}
+
+interface
+
+uses
+  Classes, SysUtils,
+  RALCripto, RALTypes, RALConsts, RALTools, RALOpenSSL;
+
+type
+  TRALCriptoOpenSSLTypes = (cotAES128_CBC, cotAES192_CBC, cotAES256_CBC,
+                            cotAES128_ECB, cotAES192_ECB, cotAES256_ECB);
+
+  TRALCriptoOpenSSL = class(TRALCripto)
+  private
+    FAESType : TRALCriptoOpenSSLTypes;
+    FIV : StringRAL;
+  public
+    constructor Create;
+
+    function DecryptAsStream(AValue: TStream): TStream; override;
+    function EncryptAsStream(AValue: TStream): TStream; override;
+  published
+    property IV: StringRAL read FIV write FIV;
+    property AESType: TRALCriptoOpenSSLTypes read FAESType write FAESType;
+  end;
+
+implementation
+
+{ TRALCriptoOpenSSL }
+
+constructor TRALCriptoOpenSSL.Create;
+begin
+  inherited;
+  TRALOpenSSL.GetInstance;
+end;
+
+function TRALCriptoOpenSSL.DecryptAsStream(AValue: TStream): TStream;
+var
+  vCTX: PEVP_CIPHER_CTX;
+  vCipher, vPIV : Pointer;
+  vBytesRead, vBytesWrite: IntegerRAL;
+  vInBuf, vOutBuf, vKey, vIV: TBytes;
+  vSizeBuf : Int64RAL;
+begin
+  vCTX := EVP_CIPHER_CTX_new;
+  try
+    vKey := StringToBytesUTF8(Key);
+    vIV := StringToBytesUTF8(FIV);
+
+    case FAESType of
+      cotAES128_CBC: vCipher := EVP_aes_128_cbc;
+      cotAES192_CBC: vCipher := EVP_aes_192_cbc;
+      cotAES256_CBC: vCipher := EVP_aes_256_cbc;
+
+      cotAES128_ECB: vCipher := EVP_aes_128_ecb;
+      cotAES192_ECB: vCipher := EVP_aes_192_ecb;
+      cotAES256_ECB: vCipher := EVP_aes_256_ecb;
+    end;
+
+    if Length(vIV) > 0 then
+      vPIV := @vIV[0]
+    else
+      vPIV := nil;
+
+    if EVP_DecryptInit_ex(vCTX, vCipher, nil, @vKey[0], vPIV) <> 1 then
+      raise Exception.Create('DecryptInit falhou');
+
+    Result := TMemoryStream.Create;
+    Result.Size := AValue.Size;
+
+    AValue.Position := 0;
+
+    vSizeBuf := AValue.Size;
+    if vSizeBuf > DEFAULTBUFFERSTREAMSIZE then
+      vSizeBuf := (DEFAULTBUFFERSTREAMSIZE div 16) * 16;
+
+    SetLength(vInBuf, vSizeBuf);
+    SetLength(vOutBuf, vSizeBuf);
+
+    while AValue.Position < AValue.Size do begin
+      vBytesRead := AValue.Read(vInBuf[0], Length(vInBuf));
+
+      vBytesWrite := Length(vOutBuf);
+      if EVP_DecryptUpdate(vCTX, @vOutBuf[0], @vBytesWrite, @vInBuf[0], vBytesRead) = 1 then
+        Result.Write(vOutBuf[0], vBytesWrite)
+      else
+        raise Exception.Create('DecryptUpdate falhou');
+    end;
+
+    vBytesWrite := Length(vOutBuf);
+    if EVP_DecryptFinal_ex(vCTX, @vOutBuf[0], @vBytesWrite) = 1 then
+      Result.Write(vOutBuf[0], vBytesWrite)
+    else
+      raise Exception.Create('DecryptFinal falhou');
+
+    Result.Size := Result.Position;
+    Result.Position := 0;
+  finally
+     EVP_CIPHER_CTX_free(vCTX);
+  end;
+end;
+
+function TRALCriptoOpenSSL.EncryptAsStream(AValue: TStream): TStream;
+var
+  vCTX: PEVP_CIPHER_CTX;
+  vCipher, vPIV : Pointer;
+  vBytesRead, vBytesWrite: IntegerRAL;
+  vInBuf, vOutBuf, vKey, vIV: TBytes;
+  vSizeBuf : Int64RAL;
+begin
+  vCTX := EVP_CIPHER_CTX_new;
+  try
+    vKey := StringToBytesUTF8(Key);
+    vIV := StringToBytesUTF8(FIV);
+
+    case FAESType of
+      cotAES128_CBC: vCipher := EVP_aes_128_cbc;
+      cotAES192_CBC: vCipher := EVP_aes_192_cbc;
+      cotAES256_CBC: vCipher := EVP_aes_256_cbc;
+
+      cotAES128_ECB: vCipher := EVP_aes_128_ecb;
+      cotAES192_ECB: vCipher := EVP_aes_192_ecb;
+      cotAES256_ECB: vCipher := EVP_aes_256_ecb;
+    end;
+
+    if Length(vIV) > 0 then
+      vPIV := @vIV[0]
+    else
+      vPIV := nil;
+
+    if EVP_EncryptInit_ex(vCTX, vCipher, nil, @vKey[0], vPIV) <> 1 then
+      raise Exception.Create('EncryptInit falhou');
+
+    Result := TMemoryStream.Create;
+    Result.Size := AValue.Size + 16;
+
+    AValue.Position := 0;
+
+    vSizeBuf := AValue.Size;
+    if vSizeBuf > DEFAULTBUFFERSTREAMSIZE then
+      vSizeBuf := (DEFAULTBUFFERSTREAMSIZE div 16) * 16;
+
+    SetLength(vInBuf, vSizeBuf);
+    SetLength(vOutBuf, vSizeBuf + 16);
+
+    while AValue.Position < AValue.Size do begin
+      vBytesRead := AValue.Read(vInBuf[0], Length(vInBuf));
+
+      vBytesWrite := Length(vOutBuf);
+      if EVP_EncryptUpdate(vCTX, @vOutBuf[0], @vBytesWrite, @vInBuf[0], vBytesRead) = 1 then
+        Result.Write(vOutBuf[0], vBytesWrite)
+      else
+        raise Exception.Create('EncryptUpdate falhou');
+    end;
+
+    vBytesWrite := Length(vOutBuf);
+    if EVP_EncryptFinal_ex(vCTX, @vOutBuf[0], @vBytesWrite) = 1 then
+      Result.Write(vOutBuf[0], vBytesWrite)
+    else
+      raise Exception.Create('EncryptFinal falhou');
+
+    Result.Size := Result.Position;
+    Result.Position := 0;
+  finally
+     EVP_CIPHER_CTX_free(vCTX);
+  end;
+end;
+
+end.