0

for these 2 libraries,

  1. Delphi Encryption Compendium v 5.2
  2. TurboPower Lockbox v 2.07

I tested their Rijndael DCB/CBC algorithm with "AES Known Answer Test (KAT) Vectors" obtained at NIST website (http://csrc.nist.gov/groups/STM/cavp/index.html)

But, both of these libraries failed the tests.

Not sure if it was my testing that has error, has anyone tested them before as well? I am looking for a Delphi Rijndael library that is able to pass the KAT Vectors test. Does anyone know of any such library?

seveleven
  • 697
  • 2
  • 13
  • 21
  • 8
    Most likely your tests are not correct - I doubt that two widely used implementations would fail on test data yet remain compatible with other implementations. – Eugene Mayevski 'Callback Oct 06 '10 at 12:40
  • FWIW, if Eugene from EldoS doubts your tests, take another look at your tests. – Chris Thornton Oct 06 '10 at 13:40
  • Are you, perhaps, testing the test vectors as unicode strings where they should really be ansi strings? FWIW the DEC components have worked ok for me but I haven't specifically tested that algortihm. – shunty Oct 07 '10 at 08:16
  • i had to feed byte array into the function then it works. Feeding it ASCII strings didn't generate the expected results though.. – seveleven Oct 07 '10 at 14:00

3 Answers3

4

Are you sure it fails? The vectors are written as hex strings. Did you feed the hex strings as strings or did you convert them first as binary data. If you fed them as strings it is no wonder you get a different result.

NB: I do not use both libraries but my own components but they bioth have a good track record and failing these simple tests seems highly unlikely.

Ritsaert Hornstra
  • 5,013
  • 1
  • 33
  • 51
  • Initially I fed ASCII (converted from the hex strings in test vector file) strings to the function, and it failed. But after looking into the code, realize the function manipulate the data as bytes. So, I fed byte array into the function, and now it works. =) – seveleven Oct 07 '10 at 13:56
  • But I've got a question, is byte array also called as binary data? Is binary data same as a base2 string? – seveleven Oct 07 '10 at 13:59
  • The successful testing was done on DEC library. Didn't try again on LockBox. – seveleven Oct 07 '10 at 17:06
  • :) Good. As an answer to your question: a Byte Array is a good placeholder to store binary data or octets if you want to call them; values that each hold 8 bits of data (eg a byte). If you need to store a base2 string you might consider using a Boolean array since a boolean is in fact just a single bit. You might be confused in how binary data is shown( hexadecimal (base16), decimal (base10) or as ones and zeros (base2). Hope this answers your question.. – Ritsaert Hornstra Oct 10 '10 at 21:01
1

I know another lib, but not if passes your test or not:

DCPCrypt http://www.cityinthesky.co.uk/cryptography.html

Marco van de Voort
  • 25,628
  • 5
  • 56
  • 89
1

TurboPower LockBox 3.1.0 has been released. It includes DUnit tests which validates the correctness of its implememtation using the official AES test vectors.

Sean B. Durkin
  • 12,659
  • 1
  • 36
  • 65