Hi,

i am trying to encrypt text in PHP (result of web form) and decrypt it in Delphi using AES-256, but withnout success.

In php i am using OpenSSL_encrypt with following code:

$key="secure";
$plaintext = "Hello";
$cipher = "aes-256-cbc";
$ivlen = 16;
$iv = openssl_random_pseudo_bytes($ivlen);
$ciphertext = openssl_encrypt($plaintext, $cipher, $key, $options=0, $iv);

The Delphi code to decrypt is (i made my own function TEncUtil.DecryptString, which converts string to stream and then calls TEncUtil.Decrypt):

EncUtil.UseBase64 := true;
EncUtil.Passphrase := 'secure';
EncUtil.Cipher := 'AES-256-CBC';
EncUtil.DecryptString(cipherText, s);

When i am trying to decrypt it in Delphi, receive an error. Also the encrypted string length is different.
The problem i see is in initial vector, where in PHP is required also for decryption, but in Delphi is not required, but created during encryption (decryption?) process according some rules.

Do you have any suggestions to solve this problem?

Thanks in advance, Pavel

Load correct public key raise error:

In the previous version this file has been read (after correcting pchar issue)

I attach a public key file (I change extension from pem to txt)

key_mf.txt

Unit OpenSSL.Core.pas has method:

function OpenSSLEncodeFileName(const FileName :string) :PAnsiChar;
var
Utf8FileName: RawByteString;
begin
Utf8FileName := UTF8Encode(FileName);
Result := PAnsiChar(Utf8FileName);
end;

IMHO this is error because returned PAnsiChar pointed to local variables Utf8FileName that is... free after exit method,

Thank you - your work has allowed me to get going with encryption that I needed on files.

Delphi-OpenSSL uses libeay32.dll. If I understand things correctly, this was discontinued with the move from OpenSSL1.0.2 to 1.1.1, and the library is now called libcrypto-1_1.dll

Could you please confirm this, and comment on how this might affect the Delphi-OpenSSL source/operations. Should there be a modification/replacement to OpenSSL.libeay32.pas?

Will it be possible to make the code compatible with Linux

This project is very good, and there is no memory leakage problem, which helps me a lot. I hope you can continue to update this project and improve and add other OpenSSL related functions and modules. Thank you very much.

Hello
please, how to decrypt AES256 with PrivateKey (Certificate)
Thx.

Thank you for this valuable wrapper.

IMHO there is a security issue in the AES (TEncUtil.Encrypt/Decrypt) when you use the passphrase option. Just to add salt to the passphrase is too less secure nowadays. You should use a password-based key derivation function like PBKDF2. This function is also built-in in OpenSSL.

Hi,

This is not an implementation. It's a wrapper to OpenSSL.
Would you please change the description from implementation to wrapper?

Hi,

It would be nice to have an overload version of encrypt/decrypt that supports TArray< Byte > as parameters rather than text files only.

thanks for the library.

how encrypt and decrypt string with rsa, using your wrapper ?