These are chat archives for IndySockets/Indy

31st
May 2018
Martin Clarke
@KingNothing_gitlab
May 31 2018 00:37

Indy Encryption / Decryption using des_cbc cipher:

The headers in the D10.x version of IdSSLOpenSSLHeaders incorrectly declare some of the EVP_ functions.
This can be worked around by declaring an alternate signature and assigning the address, eg:

{$EXTERNALSYM LC_EVP_DecryptUpdate}
LC_EVP_DecryptUpdate : function(ctx : PEVP_CIPHER_CTX; _out : PIdAnsiChar; outl : pinteger; _in : PIdAnsiChar; inl : integer) : integer cdecl;
{$EXTERNALSYM LC_EVP_DecryptFinal}
LC_EVP_DecryptFinal : function(ctx : PEVP_CIPHER_CTX; outm : PIdAnsiChar; outl : pinteger) : integer cdecl;
{$EXTERNALSYM LC_EVP_EncryptUpdate}
LC_EVP_EncryptUpdate : function(ctx : PEVP_CIPHER_CTX; _out : PIdAnsiChar; outl : pinteger; _in : PIdAnsiChar; inl : integer) : integer cdecl = nil;
{$EXTERNALSYM LC_EVP_EncryptFinal}
LC_EVP_EncryptFinal : function(ctx : PEVP_CIPHER_CTX; _out : PIdAnsiChar; outl: pinteger) : integer cdecl = nil;
...
// use these functions instead of the originals
@LC_EVP_DecryptUpdate := @EVP_DecryptUpdate;
@LC_EVP_DecryptFinal := @EVP_DecryptFinal;
@LC_EVP_EncryptUpdate := @EVP_EncryptUpdate;
@LC_EVP_EncryptFinal := @EVP_EncryptFinal;

This is bad, but nothing compared to the faulty setup of the des ciphers, eg: @EVP_des_cbc := LoadFunctionCLib(fn_EVP_des_cfb64,False);
To work around this, once indy is loaded and you have a GetCryptLibHandle(), setup your own cipher function, eg:
@LC_EVP_des_cbc := Windows.GetProcAddress(hLibEay,'EVP_des_cbc');

I don't know whether Delphi will ever ship with an updated IdSSLOpenSSLHeaders.pas, or whether these issues still exist in the current build, but these pointers may save you some misery and allow you to continue using the shipped version.

Remy Lebeau
@rlebeau
May 31 2018 15:59
@KingNothing_gitlab those EVP errors were already fixed in Indy's SVN last year. Embarcadero is planning on shipping an updated rev of Indy in RAD Studio 10.3, but they have some fixes/tweaks of their own that they want to submit into the official code, and Idera (who bought Embarcadero a few years ago) has some policies on place that Embarcadero has to work through on their end so they can work with me to get Indy updated in 10.3.