Use dynamic loading and cross-platform support

[LecturePress]

Is it possible to use dynamic loading for the DLL (LoadLibrary, GetProcAddress and FreeLibrary) in order to use this wrapper in FMX cross-platforms projects ?

[zedalaye]

Not sureLoadLibrary and GetProcAddress are available in other systems than Windows. Don't Delphi wraps the right APIs in static (or delayed) loading ?

[zedalaye]

Looks like Delphi handles all the heavy stuff : http://docwiki.embarcadero.com/RADStudio/Athens//en/Procedures_and_Functions_(Delphi)#Importing_Functions_from_Libraries

Maybe it's just a matter of adding ifdefs to change the name of the shared lib depending on the target system.

[LecturePress]

Yes of course, just like that, you use ifdefs to change the name of the shared lib depending on the target system. And RTL LoadLibrary and GetProcAddress are gonna handle that on the supported platforms. It would be very interesting to use LibSodium with Delphi on other platforms.

[LecturePress]

I have worked on a fork that use dynamic loading (it's working but not all LibSodium functions were ported), I have also used the Utils and helpers you made, they were very useful. When I tried to reproduce a demo of yours (test_aead_aegis256.dpr), it works but there is something I didn't understand in this function : if crypto_aead_aegis256_encrypt(@ciphertext[0], ciphertext_len, @cleartext[0], Length(cleartext), @additional_data[0], Length(additional_data), nil, @nonce[0], @key[0]) = 0 Why does @key[0] mean ? and how to store the key as a string for later encrypting/decrypting ?

[zedalaye]

crypto_aead_aegis256_encrypt() encrypts the provided cleartext buffer into ciphertext with authentication and additional data (that's what aead means) the resulting buffer contains encrypted data, additional data and a hash that authenticates everything.

See :

• https://en.wikipedia.org/wiki/Authenticated_encryption
• https://libsodium.gitbook.io/doc/secret-key_cryptography/aead/aes-256-gcm
• Here is an example on how to misuse AES "GCM" : https://frereit.de/aes_gcm/ (TLDR; never reuse the nonce. A nonce is a number used once)

@key[0] is a pointer to the very first byte of the key buffer, you may "convert" it to an hexadecimal string, maybe by using TBuffer.ToHex()

[LecturePress]

Isn't it possible to have simple and easy to use wrappers like those in PHP ?

I mean they have very easy functions that take text and key and nonce input as string then it will return the encrypted or decrypted text as string directly from the function.

Is it possible to do that for AEGIS functions ?

Le mer. 19 juin 2024 à 21:49, Pierre Yager @.***> a écrit :

crypto_aead_aegis256_encrypt() encrypts the provided cleartext buffer into ciphertext with authentication and additional data (that's what aead means) the resulting buffer contains encrypted data, additional data and a hash that authenticates everything.

See :

• https://en.wikipedia.org/wiki/Authenticated_encryption

• https://libsodium.gitbook.io/doc/secret-key_cryptography/aead/aes-256-gcm

• Here is an example on how to misuse AES "GCM" : https://frereit.de/aes_gcm/ (TLDR; never reuse the nonce. A nonce is a number used once)

@key[0] is a pointer to the very first byte of the key buffer, you may "convert" it to an hexadecimal string, maybe by using TBuffer.ToHex()

— Reply to this email directly, view it on GitHub https://github.com/zedalaye/Delphi-NaCl/issues/1#issuecomment-2179440286, or unsubscribe https://github.com/notifications/unsubscribe-auth/AOEZA46RP73PIO5LQZLHANDZIHVHDAVCNFSM6AAAAABJR3YBSOVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMZDCNZZGQ2DAMRYGY . You are receiving this because you authored the thread.Message ID: @.***>

[zedalaye]

Have you had a look at high level wrappers, like https://github.com/zedalaye/Delphi-NaCl/blob/master/lib/Sodium.Aead.pas ?

[LecturePress]

Well I tried that wrapper and I also tried to tweak the demo. All what I need is the ability to store the ciphered text and key and nonce as string for a delayed decryption/encryption, instead of jumping between Bytes and Pointers. But I am still stuck with unknown error because the function raise no error.

I tweaked the demo procedure in order to get string format of the key and nonce, like this :

var
    s_key: string := '';
  for var I: integer := 0 to (Length(key) - 1) do
  begin
    s_key := s_key + key[I].ToHexString;
  end;

And here is the used code for the decryption, it is in a GUI form with TEdit controls to enter the ciphered text and key and nonce copied from the tweaked demo procedure :

procedure TForm9.Button2Click(Sender: TObject);
var
  key: TCryptoAeadAegis256Key;
  nonce: TCryptoAeadAegis256PubBytes;
  sciphertext, skey, snonce: string;

  cleartext: TBytes;
  additional_data: TBytes;

  ciphertext: TBytes;
  ciphertext_len: UInt64;

  decrypted: TBytes;
  decrypted_len: UInt64;

begin
  sciphertext := Edit1.Text;
  skey := Edit2.Text;
  snonce := Edit3.Text;

  TBytes.FromHex(ciphertext, sciphertext);
  TBytes.FromHex(key, skey);
  TBytes.FromHex(nonce, snonce); 

  additional_data := TEncoding.UTF8.GetBytes('I should be a random string');

  SetLength(decrypted, (Length(ciphertext) - _crypto_aead_aegis256_ABYTES));

  var
    m : integer;

  m := crypto_aead_aegis256_decrypt(@decrypted[0], decrypted_len, nil,
    @ciphertext[0], ciphertext_len, @additional_data[0],
    Length(additional_data), @nonce[0], @key[0]);

  if (m = 0) then
  begin
    // this must write : 'test'
    Memo2.Lines.Add(TEncoding.UTF8.GetString(decrypted));
  end
  else
    // it show only '-1'
    ShowMessage(m.ToString);

end;