These are chat archives for IndySockets/Indy

May 2018
Martin Clarke
May 31 2018 00:37

Indy Encryption / Decryption using des_cbc cipher:

The headers in the D10.x version of IdSSLOpenSSLHeaders incorrectly declare some of the EVP_ functions.
This can be worked around by declaring an alternate signature and assigning the address, eg:

LC_EVP_DecryptUpdate : function(ctx : PEVP_CIPHER_CTX; _out : PIdAnsiChar; outl : pinteger; _in : PIdAnsiChar; inl : integer) : integer cdecl;
LC_EVP_DecryptFinal : function(ctx : PEVP_CIPHER_CTX; outm : PIdAnsiChar; outl : pinteger) : integer cdecl;
LC_EVP_EncryptUpdate : function(ctx : PEVP_CIPHER_CTX; _out : PIdAnsiChar; outl : pinteger; _in : PIdAnsiChar; inl : integer) : integer cdecl = nil;
LC_EVP_EncryptFinal : function(ctx : PEVP_CIPHER_CTX; _out : PIdAnsiChar; outl: pinteger) : integer cdecl = nil;
// use these functions instead of the originals
@LC_EVP_DecryptUpdate := @EVP_DecryptUpdate;
@LC_EVP_DecryptFinal := @EVP_DecryptFinal;
@LC_EVP_EncryptUpdate := @EVP_EncryptUpdate;
@LC_EVP_EncryptFinal := @EVP_EncryptFinal;

This is bad, but nothing compared to the faulty setup of the des ciphers, eg: @EVP_des_cbc := LoadFunctionCLib(fn_EVP_des_cfb64,False);
To work around this, once indy is loaded and you have a GetCryptLibHandle(), setup your own cipher function, eg:
@LC_EVP_des_cbc := Windows.GetProcAddress(hLibEay,'EVP_des_cbc');

I don't know whether Delphi will ever ship with an updated IdSSLOpenSSLHeaders.pas, or whether these issues still exist in the current build, but these pointers may save you some misery and allow you to continue using the shipped version.

Remy Lebeau
May 31 2018 15:59
@KingNothing_gitlab those EVP errors were already fixed in Indy's SVN last year. Embarcadero is planning on shipping an updated rev of Indy in RAD Studio 10.3, but they have some fixes/tweaks of their own that they want to submit into the official code, and Idera (who bought Embarcadero a few years ago) has some policies on place that Embarcadero has to work through on their end so they can work with me to get Indy updated in 10.3.