|
|
|
|
const
MaxArraySize = 1000;
DesMaxArraySize = 800;
AESBlockSize = 16; // bytes
//
// AES related info:
// Input data size for ECB and CBC modes must be an even multiple of this size.
//
// In CFB mode the very last block of a complete data stream is allowed to be
// smaller than the cipher block size.
//
// A common block padding algorithm used in many standards is RFC 1423. The
// CryptEncode module provides functions to pad an unpad data blocks using
// this algorithm.
//
// Errors returned from routines.
NoError = 0;
IncompatibleDataTypes = 1;
InvalidCipherText = 2;
InvalidKeyValue = 3;
InvalidPlainText = 4;
KeyNotSafe = 5;
type
ByteArrayType = array [0 .. (MaxArraySize - 1)] of char;
DesByteKeyType = array [0 .. 7] of char;
DesByteArrayType = array [0 .. (DesMaxArraySize - 1)] of char;
MethodType = (AsciiSet,
MixedOnly,
MixedSpace,
MixedSet,
UpperOnly,
UpperSpace,
UpperSet);
//
// -- | AsciiSet - Set of all ASCII characters whose values range
// -- | from 0 .. 255
// -- |
// -- | MixedOnly - Set of characters 'A' .. 'Z' and 'a' .. 'z'
// -- |
// -- | MixedSpace - Set of characters ' ', 'A' .. 'Z' and 'a' .. 'z'
// -- |
// -- | MixedSet - Set of characters ' ', '0' .. '9', 'A' .. 'Z' and
// -- | 'a' .. 'z'
// -- |
// -- | UpperOnly - Set of characters from 'A' .. 'Z'
// -- |
// -- | UpperSpace - Set of characters from ' ' and 'A' .. 'Z'
// -- |
// -- | UpperSet - Set of characters from ' ', 'A' .. 'Z' and '0' .. '9'
//
AES = pointer;
Key128 = array [0 .. 15] of System.BYTE;
Key192 = array [0 .. 23] of System.BYTE;
Key256 = array [0 .. 31] of System.BYTE;
IVType = packed record
// initial vector for CBC and CFB modes
TheBytes : array [0 .. AESBlockSize - 1] of ModSys.CARD8;
TheDWords : array [0 .. (AESBlockSize div 4) - 1] of ModSys.CARD32;
end;
function KeyIsValid
(const Key : ByteArrayType;
const Method : MethodType) : boolean; stdcall;
exports KeyIsValid name 'Crypto_KeyIsValid';
//*
// KeyIsValid - Returns boolean value showing key validity.
//
//
// KeyIsValid returns a boolean value reflecting where the key is
// valid for the selected character set.
//
// CALLING SEQUENCE -
//
// KeyIsValid (Key, Method)
//
// ENTRY -
//
// Key : ByteArrayType
// A key to be checked.
//
// Method : MethodType
// The character alphabet to use.
//
// EXIT -
//
// True - The key contains all valid characters.
// False - The key contains invalid characters.
//
// EXAMPLE -
//
// if KeyIsValid (Key,
// Method) then begin
//
procedure CeaserEncrypt
(const Key : cardinal;
const Method : MethodType;
const DataSize : cardinal;
var Data : ByteArrayType;
var Error : cardinal); stdcall;
exports CeaserEncrypt name 'Crypto_CeaserEncrypt';
//*
// CeaserEncrypt - Encryption using a Ceaser cipher.
//
//
// Ceaser encrypts data using the Ceaser cipher encryption algorithm.
// This is a very simple method and may be quite susceptible to
// breaking although it is made slightly more difficult by the fact
// that different alphabets are being used. This is because of the
// various choices for Method. This is the simplest of the encyption
// in this package. Be sure to check the Error as it can be set by
// using the wrong key.
//
// CALLING SEQUENCE -
//
// CeaserEncrypt (Key, Method, DataSize, Data, Error)
//
// ENTRY -
//
// Key : cardinal
// This number should be in the range of 1 .. 255.
//
// Method : MethodType
// The character alphabet to use.
//
// DataSize : cardinal
// The number of characters to encode in the array.
//
// Data : ByteArrayType
// The plain text array of data.
//
// EXIT -
//
// Data : ByteArrayType
// The array with the first DataSize bytes encrypted.
//
// Error : cardinal
// 0 if no problem, set to one of the error codes if a problem.
//
// EXAMPLE -
//
// CeaserEncrypt (5,
// AsciiSet,
// 10,
// MyData
// Error);
//
// if (Error = 0) then begin
// Display.DisplayMessage ('Encryption Complete',
// False);
// end else begin
// Display.DisplayMessage ('Encryption Error',
// False);
// end;
//
procedure DesEncrypt
(const Key : DesByteKeyType;
var DataSize : cardinal;
var Data : DesByteArrayType;
var Error : cardinal); stdcall;
exports DesEncrypt name 'Crypto_DesEncrypt';
//*
// DesEncrypt - Encryption using a DES cipher.
//
//
// DesEncrypt encrypts data using the DES cipher encryption algorithm. This
// is the encryption standard used by the National Security Agency for
// un-classified data. This is a very strong method which is known to
// be breakable only by trying all possible key combinations. This
// method is much more complex than the Vernam encryption. Be sure
// to check the Error as it can be set by using the wrong key.
//
// CALLING SEQUENCE -
//
// DesEncrypt (Key, DataSize, Data, Error)
//
// ENTRY -
//
// Key : DesByteKeyType
// This is an array of bytes that hold the key values.
// This key must be 8 bytes long.
//
// DataSize : cardinal
// The number of bytes in the array to encode. NOTE - the DES
// algorithm requires a number of bytes evenly divisible by 8. If your
// data does not end on an even 8 bytes the last few bytes will be null
// filled, encoded and returned. In other words if you send in 5 bytes
// then 3 additional bytes of null will be encoded and returned as a
// full 8 bytes. The value of DataSize will also be returned as 8 to show
// that. You MUST return those eight bytes later or the final set of 8
// bytes of data cannot be decrypted.
//
// Data : DesByteArrayType
// The plain text array of data.
//
// EXIT -
//
// DataSize : cardinal
// The number of bytes that are part of the encoded data.
//
// Data : DesByteArrayType
// The array with the first DataSize bytes encrypted.
//
// Error : cardinal
// 0 if no problem, set to one of the error codes if a problem.
//
// EXAMPLE -
//
// Key : DesByteKeyType;
// Data : DesByteArrayType;
//
// begin
// Key := 'TestKeys';
//
// Data := 'My Data to Encrypt';
//
// DataSize := 18;
//
// Crypto.DesEncrypt (Key,
// DataSize,
// Data,
// Error);
//
// if (Error = 0) then begin
// Display.DisplayMessage ('Encryption Complete',
// False);
// end else begin
// Display.DisplayMessage ('Encryption Error',
// False);
// end;
//
procedure VernamEncrypt
(const Key : ByteArrayType;
const DataSize : cardinal;
var Data : ByteArrayType;
var Error : cardinal); stdcall;
exports VernamEncrypt name 'Crypto_VernamEncrypt';
//*
// VernamEncrypt - Encryption using a Vernam cipher.
//
//
// VernamEncrypt encrypts data using the Vernam cipher encryption algorithm.
// This is a moderately strong method but may still be susceptible to
// breaking. This method is more complex than the Vigenere encryption
// but less complex than DES. Be sure to check the Error as it can be
// set by using the wrong key.
//
// CALLING SEQUENCE -
//
// Vernam (Key, DataSize, Data, Error)
//
// ENTRY -
//
// Key : cardinal
// This an array of bytes that hold the key values.
//
// DataSize : cardinal
// The number of bytes in the array to encode.
//
// Data : ByteArrayType
// The plain text array of data.
//
// EXIT -
//
// Data : ByteArrayType
// The array with the first DataSize bytes encrypted.
//
// Error : cardinal
// 0 if no problem, set to one of the error codes if a problem.
//
// EXAMPLE -
//
// Key : ByteArrayType;
//
// MyData : ByteArrayType;
//
// begin
// Key := 'TestKeys';
//
// MyData := 'Encode this';
//
// Crypto.VernamEncrypt (Key,
// DataSize,
// MyData,
// Error);
//
// if (Error = 0) then begin
// Display.DisplayMessage ('Encryption Complete',
// False);
// end else begin
// Display.DisplayMessage ('Encryption Error',
// False);
// end;
//
procedure VigenereEncrypt
(const Key : ByteArrayType;
const Method : MethodType;
const DataSize : cardinal;
var Data : ByteArrayType;
var Error : cardinal); stdcall;
exports VigenereEncrypt name 'Crypto_VigenereEncrypt';
//*
// VigenereEncrypt - Encryption using a Vigenere cipher.
//
//
// Vigenere encrypts data using the Vigenere cipher encryption algorithm.
// This is a moderately simple method and may be susceptible to
// breaking although it is made slightly more difficult by the fact
// that different alphabets are being used. This is because of the
// various choices for Method. This method is more complex than the
// Ceaser encryption but less complex than the others. Be sure to check
// the Error as it can be set by using the wrong key.
//
// CALLING SEQUENCE -
//
// Vigenere (Key, Method, DataSize, Data, Error)
//
// ENTRY -
//
// Key : cardinal
// This an array of bytes that hold the key values.
//
// Method : MethodType
// The character alphabet to use.
//
// DataSize : cardinal
// The number of bytes in the array to encode.
//
// Data : ByteArrayType
// The plain text array of data.
//
// EXIT -
//
// Data : ByteArrayType
// The array with the first DataSize bytes encrypted.
//
// Error : cardinal
// 0 if no problem, set to one of the error codes if a problem.
//
// EXAMPLE -
//
// Key : ByteArrayType;
//
// MyData : ByteArrayType;
//
// begin
// Key := 'TestKeys';
//
// MyData := 'Encode this';
//
// Crypto.VigenereEncrypt (Key,
// Crypto.AsciiSet,
// DataSize,
// MyData,
// Error);
//
// if (Error = 0) then begin
// Display.DisplayMessage ('Encryption Complete',
// False);
// end else begin
// Display.DisplayMessage ('Encryption Error',
// False);
// end;
//
procedure CeaserDecrypt
(const Key : cardinal;
const Method : MethodType;
const DataSize : cardinal;
var Data : ByteArrayType;
var Error : cardinal); stdcall;
exports CeaserDecrypt name 'Crypto_CeaserDecrypt';
//*
// CeaserDecrypt - Decryption using a Ceaser cipher.
//
//
// Ceaser Decrypts data using the Ceaser cipher Decryption algorithm.
// This is a very simple method and may be quite susceptible to
// breaking although it is made slightly more difficult by the fact
// that different alphabets are being used. This is because of the
// various choices for Method. This is the simplest of the encyption
// in this package. Be sure to check the Error as it can be set by
// using the wrong key.
//
// CALLING SEQUENCE -
//
// CeaserDecrypt (Key, Method, DataSize, Data, Error)
//
// ENTRY -
//
// Key : cardinal
// This number should be in the range of 1 .. 255.
//
// Method : MethodType
// The character alphabet to use.
//
// DataSize : cardinal
// The number of characters to encode in the array.
//
// Data : ByteArrayType
// The plain text array of data.
//
// EXIT -
//
// Data : ByteArrayType
// The array with the first DataSize bytes Decrypted.
//
// Error : cardinal
// 0 if no problem, set to one of the error codes if a problem.
//
// EXAMPLE -
//
// CeaserDecrypt (5,
// AsciiSet,
// 10,
// MyData
// Error);
//
// if (Error = 0) then begin
// Display.DisplayMessage ('Decryption Complete',
// False);
// end else begin
// Display.DisplayMessage ('Decryption Error',
// False);
// end;
//
procedure DesDecrypt
(const Key : DesByteKeyType;
var DataSize : cardinal;
var Data : DesByteArrayType;
var Error : cardinal); stdcall;
exports DesDecrypt name 'Crypto_DesDecrypt';
//*
// DesDecrypt - Decryption using a DES cipher.
//
//
// DesDecrypt Decrypts data using the DES cipher Decryption algorithm. This
// is the Decryption standard used by the National Security Agency for
// un-classified data. This is a very strong method which is known to
// be breakable only by trying all possible key combinations. This
// method is much more complex than the Vernam Decryption. Be sure
// to check the Error as it can be set by using the wrong key.
//
// CALLING SEQUENCE -
//
// DesDecrypt (Key, DataSize, Data, Error)
//
// ENTRY -
//
// Key : DesByteKeyType
// This is an array of bytes that hold the key values.
// This key must be 8 bytes long.
//
// DataSize : cardinal
// The number of bytes in the array to encode. NOTE - the DES
// algorithm requires a number of bytes evenly divisible by 8. If your
// data does not end on an even 8 bytes the last few bytes will be null
// filled, encoded and returned. In other words if you send in 5 bytes
// then 3 additional bytes of null will be encoded and returned as a
// full 8 bytes. The value of DataSize will also be returned as 8 to show
// that. You MUST return those eight bytes later or the final set of 8
// bytes of data cannot be decrypted.
//
// Data : DesByteArrayType
// The plain text array of data.
//
// EXIT -
//
// DataSize : cardinal
// The number of bytes that are part of the encoded data.
//
// Data : DesByteArrayType
// The array with the first DataSize bytes Decrypted.
//
// Error : cardinal
// 0 if no problem, set to one of the error codes if a problem.
//
// EXAMPLE -
//
// Crypto.DesDecrypt (Key,
// DataSize,
// Data,
// Error);
//
// if (Error = 0) then begin
// Display.DisplayMessage ('Decryption Complete',
// False);
// end else begin
// Display.DisplayMessage ('Decryption Error',
// False);
// end;
//
procedure VernamDecrypt
(const Key : ByteArrayType;
const DataSize : cardinal;
var Data : ByteArrayType;
var Error : cardinal); stdcall;
exports VernamDecrypt name 'Crypto_VernamDecrypt';
//*
// VernamDecrypt - Decryption using a Vernam cipher.
//
//
// VernamDecrypt Decrypts data using the Vernam cipher Decryption algorithm.
// This is a moderately strong method but may still be susceptible to
// breaking. This method is more complex than the Vigenere Decryption
// but less complex than DES. Be sure to check the Error as it can be
// set by using the wrong key.
//
// CALLING SEQUENCE -
//
// Vernam (Key, DataSize, Data, Error)
//
// ENTRY -
//
// Key : cardinal
// This an array of bytes that hold the key values.
//
// DataSize : cardinal
// The number of bytes in the array to encode.
//
// Data : ByteArrayType
// The plain text array of data.
//
// EXIT -
//
// Data : ByteArrayType
// The array with the first DataSize bytes Decrypted.
//
// Error : cardinal
// 0 if no problem, set to one of the error codes if a problem.
//
// EXAMPLE -
//
// Crypto.VernamDecrypt (Key,
// DataSize,
// MyData,
// Error);
//
// if (Error = 0) then begin
// Display.DisplayMessage ('Decryption Complete',
// False);
// end else begin
// Display.DisplayMessage ('Decryption Error',
// False);
// end;
//
procedure VigenereDecrypt
(const Key : ByteArrayType;
const Method : MethodType;
const DataSize : cardinal;
var Data : ByteArrayType;
var Error : cardinal); stdcall;
exports VigenereDecrypt name 'Crypto_VigenereDecrypt';
//*
// VigenereDecrypt - Decryption using a Vigenere cipher.
//
//
// Vigenere Decrypts data using the Vigenere cipher Decryption algorithm.
// This is a moderately simple method and may be susceptible to
// breaking although it is made slightly more difficult by the fact
// that different alphabets are being used. This is because of the
// various choices for Method. This method is more complex than the
// Ceaser Decryption but less complex than the others. Be sure to check
// the Error as it can be set by using the wrong key.
//
// CALLING SEQUENCE -
//
// Vigenere (Key, Method, DataSize, Data, Error)
//
// ENTRY -
//
// Key : cardinal
// This an array of bytes that hold the key values.
//
// Method : MethodType
// The character alphabet to use.
//
// DataSize : cardinal
// The number of bytes in the array to encode.
//
// Data : ByteArrayType
// The plain text array of data.
//
// EXIT -
//
// Data : ByteArrayType
// The array with the first DataSize bytes Decrypted.
//
// Error : cardinal
// 0 if no problem, set to one of the error codes if a problem.
//
// EXAMPLE -
//
// Crypto.VigenereDecrypt (Key,
// Crypto.AsciiSet,
// DataSize,
// MyData,
// Error);
//
// if (Error = 0) then begin
// Display.DisplayMessage ('Decryption Complete',
// False);
// end else begin
// Display.DisplayMessage ('Decryption Error',
// False);
// end;
//
function AESCreate
(const Key : array of System.BYTE;
const keySize : cardinal) : AES; stdcall;
exports AESCreate name 'Crypto_AESCreate';
//
// create a new AES encryption object with the given key.
//
// keySize = the size in *bits* of the key.
// must be either 128, 192 or 256 (bits).
//
// key is the key data. it must have at least keySize/8 bytes of data.
//
// failure is indicated by a nil return value, otherwise
// the return value is a valid AES object.
//
// the returned object is ready to encrypt/decrypt data.
//
// only one thread at a time can use an encryption object, except for ECB mode.
//
procedure AESDestroy
(var crypt : AES); stdcall;
exports AESDestroy name 'Crypto_AESDestroy';
// destroy a previously created encryption object
procedure AESResetIV
(const crypt : AES;
const iv : IVType); stdcall;
exports AESResetIV name 'Crypto_AESResetIV';
//
// reset the encryption engine with the specific IV.
// you only need use this call with the CBC and CFB encryption routines.
// you must reset the IV before you encrypt/decrypt each unique
// data stream.
//
procedure AESEncryptECB
(const crypt : AES;
const input : pointer;
const output : pointer;
const amount : cardinal); stdcall;
exports AESEncryptECB name 'Crypto_AESEncryptECB';
procedure AESEncryptCBC
(const crypt : AES;
const input : pointer;
const output : pointer;
const amount : cardinal); stdcall;
exports AESEncryptCBC name 'Crypto_AESEncryptCBC';
procedure AESEncryptCFB
(const crypt : AES;
const input : pointer;
const output : pointer;
const amount : cardinal); stdcall;
exports AESEncryptCFB name 'Crypto_AESEncryptCFB';
//
// encrypt a block of data of size amount.
// you can encrypt a large data stream in multiple smaller pieces using this call.
// you can pass the same variable to both input and output should you so desire.
// this procedure expects the buffers have a minimum of 4-byte alignment.
// amount must be an even multiple of the block size.
//
// ECB = Electronic code book.
// C[IntVal] := Encrypt (P[IntVal])
// CBC = cipher block chaining.
// C[IntVal] := Encrypt (C[i-1] BXOR P[IntVal])
// You must have setup an IV via ResetIV to use CBC.
// CFB = cipher feedback.
// C[IntVal] := Encrypt (C[i-1]) BXOR P[IntVal]
// You must have setup an IV via ResetIV to use CFB.
// In CFB mode the data stream does not need to be an even multiple of
// the block size. the very last 'block' in the stream can be a partial block.
// if you are processing a large stream in multiple smaller pieces (buffers),
// all buffers must be an even multiple, except the very last one.
//
procedure AESDecryptECB
(const crypt : AES;
const input : pointer;
const output : pointer;
const amount : cardinal); stdcall;
exports AESDecryptECB name 'Crypto_AESDecryptECB';
procedure AESDecryptCBC
(const crypt : AES;
const input : pointer;
const output : pointer;
const amount : cardinal); stdcall;
exports AESDecryptCBC name 'Crypto_AESDecryptCBC';
procedure AESDecryptCFB
(const crypt : AES;
const input : pointer;
const output : pointer;
const amount : cardinal); stdcall;
exports AESDecryptCFB name 'Crypto_AESDecryptCFB';
//
// decrypt a block of data of size amount.
// you can decrypt a large data stream in multiple smaller pieces using this call.
// you can pass the same variable to both input and output should you so desire.
// this procedure expects the buffers have a minimum of 4-byte alignment.
// amount must be an even multiple of the block size.
//
// ECB = Electronic code book.
// P[IntVal] := Decrypt (C[IntVal])
// CBC = cipher block chaining.
// P[IntVal] := Decrypt (C[IntVal]) BXOR C[i-1]
// You must have setup an IV via ResetIV to use CBC.
// CFB = cipher feedback.
// P[IntVal] := Encrypt (C[i-1]) BXOR C[IntVal]
// You must have setup an IV via ResetIV to use CFB.
// In CFB mode the data stream does not need to be an even multiple of
// the block size. the very last 'block' in the stream can be a partial block.
// if you are processing a large stream in multiple smaller pieces (buffers),
// all buffers must be an even multiple, except the very last one.
//
function AESSelfTest
() : boolean; stdcall;
exports AESSelfTest name 'Crypto_AESSelfTest';
//
// returns True if the implemented algorithm properly operates.
// this call is only useful when porting this code to some other processor/compiler.
//
Send mail to
warren.merrill@inl.gov
with questions or comments about this web site.
Copyright © 1989-2006 Battelle Energy Alliance