MHumm
Confused by NEXTGEN directive
With Delphi 12.2 Win32 compiler :
encrypting a string with AES 256bits ECB PKCS7 with a 32bits key
gives me the answer : EDECCipherException: Keymaterial is too large for use (Security Issue)
Why ?
but I get the correct result đź‘Ť RtLvajdNNj/lVtodrXCiXJhyUhyS02noQraeYwK7OmJk2vMF6WB7VvV/7tE86lacCJ11udQyom1koksNw8Yb+g==
If I set the NEXTGEN compiler directive !!!
problem : The NEXTGEN compiler directive does not exist anymore in latest compilers !
My question is : why do I have to set it to get the correct result ?
if allways needed isn't it confusing to keep the deprecated NEXTGEN name ?
Shoud I put $DEFINE NEXTGEN somewhere in the code ?
My code
function EncryptAES(const AText, AKey: String; AMode: TCipherMode=cmECBx; APadding: TPaddingMode=pmPKCS7): String; var Cipher: TCipher_AES; Key: TBytes; Data, EncryptedData: TBytes; begin // Utilise la bibliothèque opensource DEC Delphi Encryption Compendium
Result := '';
// clé (32 caractères pour AES-256) Key := TEncoding.UTF8.GetBytes(AKey); if Length(Key) <> 32 then raise Exception.Create('La clé doit avoir 32 caractères.');
// Initialiser le chiffrement AES Cipher := TCipher_AES.Create; try Cipher.Mode := AMode; // Mode de cryptage Cipher.PaddingMode := APadding; // Mode de remplissage Cipher.Init(AKey, '', 255, Cipher.PaddingMode); // Initialiser avec la clé
// Convertir le texte en tableau d'octets
Data := TEncoding.UTF8.GetBytes(AText);
// Chiffrer les données
EncryptedData := Cipher.EncodeBytes(Data);
// Convertir les données chiffrées en chaîne Base64
Result := TNetEncoding.Base64.EncodeBytesToString(EncryptedData);
finally Cipher.Free; end; end;
Above Function input values for the test are MODE=RPACS&TYPE=S&LID=demo&LPW=demo&PID=00000001&AN=0000012345 INFINITTINFINITTINFINITTINFINITT
Setting {$DEFINE NEXTGEN} in DECOptions.inc doesn't work because unit DECCipherInterface is using NEXTGEN directive but is not calling {$INCLUDE DECOptions.inc}
So only project wide NEXTGEN directive in EDI project options works.
But anyway why is deprecated NEXTGEN required ? and why is it not the defaut bahavior ?
As you see I'm confused
If I'm correct NEXTGEN was defined automatically by the compiler until Delphi 10.3
VER330 | Delphi 10.3 Rio / C++Builder 10.3 Rio | 20.0 | 260 | 33.0
https://docwiki.embarcadero.com/RADStudio/Athens/en/Conditional_compilation_(Delphi)
But no more since then, it was just removed
But DEC still needs it ? And won't work as expected if not set ?
Don't get confused! You just discovered at least one bug: DECCipherInterface should include the include file.
For the other issue with the exception: I need to look into the code what triggers it and then we can discuss if that's wrongly implemented or if your parameters are not suitable or if that check shouldn't be there or whatever... But before having that look I'll need some dinner first ;-)
First change: DECOptions.inc is included in DECCipherInterface.pas in latest commit to development branch now. But: NEXTGEN still shouldn't be needed. NEXTGEN was meant for the mobile compilers by Embarcadero since those removed some features to clean up and had used ARC memory mamagement so one could distinguish between those and the non-mobile compilers.
Thank you Marcus for looking into it, glad Delhi has a maintained free encryption library