2

We have an encryped, and then zipped file of a XML document. This file is encrypted in Delphi with a package called 'DcpCrypt', using Rijndael and SHA256:

fRijndael:=TDCP_rijndael.Create(nil);
fRijndael.BlockSize:=16;
fRijndael.CipherMode:=cmCBC;
fSHA256:=TDCP_sha256.Create(nil);
fSHA256.HashSize:=256;

Is C# capable of uncrypting this? I've googled a lot and it seems that DcpCrypt calculates his Keys different than the .NET lib does.

Many thanks in advance

JonHendrix
  • 933
  • 15
  • 28
  • 1
    Yes, it is. Worst-case: write a Delphi DLL that you can call from C# which decrypts it. Fortunately, there are several encryption/decryption solutions for C# and even zipping/unzipping should not be a problem. I just don't know which ones you could use. – Wim ten Brink Nov 18 '10 at 11:31

1 Answers1

3

The short answer is yes. The long answer is "it depends".

By the words "calculates his keys", I assume you mean generate the encryption keys. How the keys are generated is completely irrelevant to the process of using thos keys for encryption and decryption.

DcpCrypt was written before Rijndael became the AES standard (that's a long time ago). Assuming that the pre-standard Rijndael implementation is the same as AES (it probably is), AES encryption/decryption interoperability should be language and implementation neutral, only dependant on the implementation options.

But here is the rub ... identifying those options and setting them to be the same on both the encryption codec and the decryption codec can be tricky.

What are the options?

  1. Chaining mode;
  2. IV
  3. How is the message salted? if at all?
  4. Termination: AES does not specify the blocking scheme for non-key-streaming chaining modes.
  5. In general, with ciphers other than AES, you may also have an issue with specifying how the keys are encoded - but this shouldn't be a problem with AES.

Once you identify all the options that the encryptor uses, you must apply those same options to the decryptor. This problem is not specific to Rijndael/AES but is universal to all ciphers.

By the way, if you are zipping for the purposes of compression, encryption following by zipping is pointless. Zip will not compress any file whose contents are already maximally random, such as ciphertext.

I recommend you use TurboPower LockBox 3 to encrypt in AES, rather than DcpCrypt. Dave Barton's DCPcrypt was good in it day, but it's not up to date with standards, and it doesn't manage IV's safely.

What are the options if you use LockBox? If you use LockBox 3's AES codec with CBC mode, salting and IV are managed by setting the IV to a nonce and pre-emitting it. For messages longer than one block, blocking is achieved by ciphertext stealing. For messages shorter than one block, the chaining mode is forced to 8-bit CFB, which is key-streaming.

Also your comment about encrypting the file with SHA256 doesnt make sense. SHA is a hash, not a cipher.

Sean B. Durkin
  • 12,659
  • 1
  • 36
  • 65
  • Sean, you provided some very useful information in your response. I came across this searching for information about LockBox's encryption compared to standard encryption options. For example, I want to encrypt something with LockBox and be able to decrypt it with OpenSSL.exe. Is there a way I could contact you directly? I may end up posting another question here on SO. If I do, I'll edit this comment with a link to my question. My concern is that I have a multitude of questions at this point. ;) Thanks – Jon Robertson Feb 08 '12 at 23:51
  • LockBox has an active set of forums at lockbox.seanbdurkin.id.au . You can post your question there. LB3 also includes a wrapper for OpenSSL, but only in relation to its sign & verify functionality, not the encrypt/decrypt functions. - But even then, I may be able to help you. – Sean B. Durkin Feb 09 '12 at 00:21
  • Also see this questions & answer: http://stackoverflow.com/questions/9188045/how-to-aes-128-encrypt-a-string-using-a-password-in-delphi-and-decrypt-in-c/9203567#9203567 – Sean B. Durkin Feb 09 '12 at 00:23
  • I just learned about LB3, after posting my comment above. Somehow I've missed it until now. Anyway, I created an account on the LB3 forum and posted my question there. Thanks for the help! – Jon Robertson Feb 09 '12 at 00:58