Roy,

<< Unfortunately its not exposed, but I'm happy to work with the Memory
property. >>

Sorry about that - I missed that it was only in the implementation.  Feel
free to copy it out and use it directly - it won't interfere with the
edbcomps version.

<< One (hopefully) final question: How do I decrypt it? >>

You just call the Decrypt method for the TEDBMemoryStream.  Both the Encrypt
and Decrypt methods work on the basis of encrypting/decrypting from the
current position to the Size of the stream if you pass 0 to them, or don't
pass anything at all.

<< I can stuff my data in and encrypt it and using

for cntr := 1 to Length(ts.Memory) do xyz:=xyz+char(ts.memory[cntr]);

get it out to have a look at (strangely with my data the last few
characters are always in the clear). >>

You need to make sure that your stream is using a block size of 8 bytes.
Blowfish works by encrypting/decrypting 8-byte blocks, and so you need to
pad your data so that the length is divisible by 8 (CRYPTO_BLOCK_SIZE in
edbcommon.pas).  In the remote comms, for example, I do the padding and keep
track of the original size of the data so that I know what to adjust the
data back to in terms of size after the decryption takes place.

<< What I'm doing now as a test is >>

Use this:

interim := Trim(Licencee.Text) + '¬' + MaxUsers.Text + '¬' +
LicenceCode.Text;
ts := TEDBMemoryStream.Create;
bf := TEDBDigest.Create;
bf.AsString := '1qw'+#8+#160+'roylambertqw42ecccrtyuiopasdfghjkl';
ts.InitEncryption(bf);
ts.WriteString(interim, Length(interim));
ts.Size:=BlockOffset(ts.Size,CRYPTO_BLOCK_SIZE);
ts.Position := 0;
ts.Encrypt;
ts.Position := 0;
ts.Decrypt;
ts.Size:=Length(interim);
ts.Position := 0;
for cntr := 1 to ts.Size do xyz:=xyz+char(ts.memory[cntr]);
showmessage(inttostr(length(xyz))+' '+xyz);
bf.Free;
ts.Free;

The TEDBMemoryStream automatically fills out any new memory with zero bytes,
so you're assured that any padding adjustments to the size of the stream are
"clean".

--
Tim Young
Elevate Software
www.elevatesoft.com

Tim


Finally sused - the final piece in the jigsaw was the first few characters (3 in my case) are #0 - see nulls really do have it in for me

Was there a reason for

ts.Size:=Length(interim);

Roy Lambert

Tim


Sorry - I still need some help. With the help you've given so far encrypt & decrypt a string with a single instance of works. However, if I try and split it up (which I need to do when saving to and restoring from a file) I cannot get the original text back.



procedure TForm1.Button1Click(Sender: TObject);
var
interim: string;
tin, tout: string;
ts: TEDBMemoryStream;
bf: TEDBDigest;
cntr: integer;
ms: TMemoryStream;
const
digest = '1qw' + #8 + #160 + 'roylambertqw42ecccrtyuiopasdfghjkl';
begin

interim := Trim(Licencee.Text) + '¬' + MaxUsers.Text + '¬' + LicenceCode.Text;
ts := TEDBMemoryStream.Create;
bf := TEDBDigest.Create;
bf.AsString := digest;
ts.InitEncryption(bf);
ts.WriteString(interim, Length(interim));
ts.Size := BlockOffset(ts.Size, CRYPTO_BLOCK_SIZE);
ts.Position := 0;
ts.Encrypt;
ts.Position := 0;
tin := '';
for Cntr := 0 to ts.Size - 1 do tin := tin + Char(ts.Memory[cntr]);
ts.Free;
bf.Free;

{-----------------------------------------------------------------------}

ts := TEDBMemoryStream.Create;
bf := TEDBDigest.Create;
bf.AsString := digest;
ts.InitEncryption(bf);
ts.WriteString(tin);
ts.Position := 0;
ts.Decrypt;
ts.Position := 0;
tout := '';
for Cntr := 0 to ts.Size - 1 do if ts.Memory[cntr] > 0 then tout := tout + Char(ts.Memory[cntr]);
showmessage('In:' + #13 + tin + #13 + 'Out:' + #13 + tout);
bf.Free;
ts.Free;
end;

Roy Lambert

Roy,

<< Was there a reason for

ts.Size:=Length(interim); >>

Yes, it trims off the extra padding that we put in place.  However, I just
realized that you're using our special WriteString method, which prefixes
the staring with an Integer-sized length value.  In that case, the line
above should read:

ts.Size:=SizeOf(Integer)+Length(interim);

--
Tim Young
Elevate Software
www.elevatesoft.com

Roy,

Well, for starters you certainly don't want WriteString in there when you're
trying to read the string.  Also, my previous example was using some
shortcuts because the string was being encrypted/decrypted in the same block
of code.

Something like this should work for the reading:

ts := TEDBMemoryStream.Create;
bf := TEDBDigest.Create;
bf.AsString := digest;
ts.InitEncryption(bf);

// Copy the data from the file stream

ts.LoadFromStream(MyEDBFileStream);
ts.Position := 0;
ts.Decrypt;
ts.Position := 0;

tout := '';

// You can get away with the following, even if the length of the stream is
longer than it should be due to the encryption block padding.   This is
because of the fact that WriteString/ReadString use the integer length
prefix.

ts.ReadString(tout);

ShowMessage(tout);

bf.Free;
ts.Free;
end;


--
Tim Young
Elevate Software
www.elevatesoft.com

Tim

>Well, for starters you certainly don't want WriteString in there when you're
>trying to read the string.

Err, at this point I thought I was trying to load the encrypted string back into the TEDBMemoryStream.

>Also, my previous example was using some
>shortcuts because the string was being encrypted/decrypted in the same block
>of code.

I'm not complaining, just explaining. I'm grateful for the time you're giving me.

> // Copy the data from the file stream
>
> ts.LoadFromStream(MyEDBFileStream);

Given that the rest is ok (far from certain with me writing code) I think this bit is what's screwing me. EDBFileStream may be just what I want, but isn't exposed. How can I load the encrypted string now held in tin manually into a freshly created TEDBMenoryStream? Everything I try results in some nicely encrypted garbage coming out.

Roy Lambert

Roy,

<< Err, at this point I thought I was trying to load the encrypted string
back into the TEDBMemoryStream. >>

Perhaps you can re-post what you've got now, complete with what the code
should be doing.  I'm a bit confused at this point as to what you
specifically want the code to do.

<< Given that the rest is ok (far from certain with me writing code) I think
this bit is what's screwing me. EDBFileStream may be just what I want, but
isn't exposed.>>

You can use the stream wrapper code that I referred to in order to bridge
the gap between TFileStream and the TEDBStream used with the
TEDBMemoryStream's LoadFromStream/SaveToStream methods.

--
Tim Young
Elevate Software
www.elevatesoft.com

Tim

>I'm a bit confused at this point as to what you
>specifically want the code to do.

me too

>You can use the stream wrapper code that I referred to in order

<mad giggle> This is the one that's not exposed - or another? </mad giggle>

The original idea was that I supply a licence key (well sort of) which has a few bits of info one of which is the number of simultaneous users allowed to login. Currently this is using lightweight encryption so I thought "Tim has built heavyweight encryption into ElevateDB can I use that so I don't increase the apps footprint any more". It boils down to encrypting a string, saving it to disk and later on retrieving from disk, decrypting and parsing the string.

The fundamental problem is how to extract the encrypted string from the first TEDBMemoryStream (ts) and supply it to the second TEDBMemoryStream (xts). If I do xts.LoadFromStream(ts); then everything works fine. I've tried everything I can find ReadString/WriteString, reading the memory property into a string etc but as CatWeasel used to say "nothing works".

I think I'm getting the string out OK (at least if I encrypt/decrypt ts and read the string its what I put in) but on the basis xts can't decrypt the encrypted string somethings wrong.

Rather than take up any more of your time I'll revert to my old method - it works even if its not mega secure.

Thanks for your time so far.

Roy Lambert

Tim


EUREKA - scratch that last post. I HATE being beaten so I kept on. This may be far from ideal but it works - YIPPEE.

Quick question - I assume the longer the digest the more secure?


procedure TForm1.Button1Click(Sender: TObject);
var
ts, xts: TEDBMemoryStream;
bf, xbf: TEDBDigest;
encrypted, decrypted: string;
cntr: integer;
sl: TStringList;
const
digest = 'abc';
interim = 'abcdefghijklmnopqrstuvwxyz';
begin
ts := TEDBMemoryStream.Create;
bf := TEDBDigest.Create;
bf.AsString := digest;
ts.InitEncryption(bf);
ts.WriteString(interim, Length(interim));
ts.Size := BlockOffset(ts.Size, CRYPTO_BLOCK_SIZE);
ts.Position := 0;
ts.Encrypt;
ts.Position := 0;
ts.ReadString(encrypted);
sl := TStringList.Create;
for cntr := 0 to ts.size do sl.Add(IntToStr(ts.Memory[cntr]));
sl.SaveToFile('e:\zap\test.tfr');
sl.Free;
{-------------------------------------------------------------------------------}
sl := TStringList.Create;
sl.LoadFromFile('e:\zap\test.tfr');
xts := TEDBMemoryStream.Create;
xbf := TEDBDigest.Create;
xbf.AsString := digest;
xts.InitEncryption(xbf);
xts.Size := sl.Count;
for cntr := 0 to sl.Count - 1 do xts.Memory[cntr] := StrToIntDef(sl[cntr], 0);
xts.Position := 0;
xts.Decrypt;
xts.Position := 0;
Decrypted := '';
for cntr := 4 to xts.Memory[0] + 3 do Decrypted := Decrypted + Char(xts.Memory[cntr]);
label1.caption := decrypted;

bf.Free;
ts.Free;
xbf.Free;
xts.Free;
sl.Free;
end;


Roy Lambert

Roy,

<< <mad giggle> This is the one that's not exposed - or another? </mad
giggle> >>

I meant you can grab the code - it will work outside of edbcomps.pas also.

See my other reply on this.

--
Tim Young
Elevate Software
www.elevatesoft.com