Delphi ActiveX
Delphi ActiveX
AES 256-bit CBC using PBKDF2 Generated Secret Key
See more Encryption Examples
First generates a 32-byte secret key using PBKDF2 (with HMAC-SHA256), and then uses the secret key to do 256-bit AES CBC mode decryption.(Duplicates the following Java code)
public String decrypt(String strToDecrypt) {
try {
// Read the initialization vector from the first bytes for the data
byte [] rawData = Base64.getDecoder().decode(strToDecrypt);
byte [] iv = new byte[Config.get().encryptionIVLength()];
byte [] encryptedData = new byte[rawData.length - iv.length];
System.arraycopy(rawData, 0, iv, 0, iv.length);
System.arraycopy(rawData, iv.length, encryptedData, 0, encryptedData.length);
IvParameterSpec ivspec = new IvParameterSpec(iv);
SecretKeyFactory factory = SecretKeyFactory.getInstance("PBKDF2WithHmacSHA256");
KeySpec spec = new PBEKeySpec(secretKey.toCharArray(), salt.getBytes(), 65536, 256);
SecretKey tmp = factory.generateSecret(spec);
SecretKeySpec secretKey = new SecretKeySpec(tmp.getEncoded(), "AES");
Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5PADDING");
cipher.init(Cipher.DECRYPT_MODE, secretKey, ivspec);
return new String(cipher.doFinal(encryptedData));
}
catch (Exception e) {
log.error("Could not decrypt the string.", e);
}
return null;
}
Chilkat Delphi ActiveX Downloads
uses
Winapi.Windows, Winapi.Messages, System.SysUtils, System.Variants, System.Classes, Vcl.Graphics,
Vcl.Controls, Vcl.Forms, Vcl.Dialogs, Vcl.StdCtrls, Chilkat_TLB;
...
procedure TForm1.Button1Click(Sender: TObject);
var
crypt: TChilkatCrypt2;
password: WideString;
saltHex: WideString;
iterationCount: Integer;
outputKeyBitLen: Integer;
secretKeyHex: WideString;
iv: WideString;
strToDecrypt: WideString;
decryptedStr: WideString;
begin
// This example requires the Chilkat API to have been previously unlocked.
// See Global Unlock Sample for sample code.
crypt := TChilkatCrypt2.Create(Self);
password := 'some arbitrary length password';
// We have 8 bytes of salt encoded using hex.
// (The salt can be any number of bytes, in any desired encoding such as base64, hex, etc.)
saltHex := '0102030405060708';
// Generate the 256-bit (32-byte) AES secret key we'll use to decrypt.
iterationCount := 65536;
outputKeyBitLen := 256;
secretKeyHex := crypt.Pbkdf2(password,'utf-8','sha256',saltHex,iterationCount,outputKeyBitLen,'hex');
// Setup for 256-bit AES CBC decryption.
crypt.CryptAlgorithm := 'aes';
crypt.KeyLength := 256;
crypt.CipherMode := 'cbc';
crypt.PaddingScheme := 0;
// The IV for AES is 16 bytes.
iv := '000102030405060708090A0B0C0D0E0F';
crypt.SetEncodedIV(iv,'hex');
// Set the secret key for 256-bit AES.
crypt.SetEncodedKey(secretKeyHex,'hex');
// AES decrypt
// assume our string to decrypt is base64
strToDecrypt := '....';
crypt.EncodingMode := 'base64';
decryptedStr := crypt.DecryptStringENC(strToDecrypt);
Memo1.Lines.Add(decryptedStr);
end;