read_eng.txt

提供字符串、文件 及 Memory Streams 加密/解密的控件 ( 2.1 版

TCryptLib 2.4

Class  for  Delphi 3,4,5. Realizes encryption-decryption of files, strings,
memory  streams  (TMemoryStream)  by the block encryption method, generates
hash  functions  of  password,  checks  correctness of password during file
decryption,  checks  a  password  on  the  value  of hash functions. Before
encryption your data may be compressed that increase cryptoresistance. Even
without  using  internal  compression, encrypted data are not compressed by
archivers   (zip,  rar).  Thereby,  information  is  transformed  from  the
condition  with minimum entropy in maximum that is a necessary condition of
the  cryptoresistance.  Password  length  up to 12 bytes, hash length is 32
bytes. Exe demo included. Shareware $10 , source $25.

Approximate  time of breaking a password by brute force attack. Kit from 93
symbols  (english  alphabet  in  upper  and  lower  case, numerals, special
symbols), Celeron 412 MHz/48 MB RAM/Windows NT 4.0 SP5/normal priority.

Password length  Estimated time         

   3             5 mm 26 s
   4             8.4 hours  
   5             32.55 days    (approximation)
   6             8.3 years     (approximation)


-------------------------------------------------------------------------------

Installation:

Copy files KBCrypt.dcu, KBCrypt.res, lzh.dcu, zlib.dcu to your components
folder, then :

Delphi 3
Open Component->Instal component dialog, choose KBCrypt.dcu and install it.

Delphi 4
Open Component -> Install Packages dialog, choose Delphi User Components
package, add KBCrypt.dcu file to it. Compile and save package.

Delphi 5
Open Component -> Install Packages dialog, choose Borland User Components
package, add KBCrypt.dcu file to it. Compile and save Dclusr50.bpl


-------------------------------------------------------------------------------

TCryptLib = class(TComponent)
public
  { Public declarations }
  procedure EncryptFile;                                    {encrypting a file}
  procedure DecryptFile;                                    {decrypting a file}
  function  EncryptStr(StrToEncrypt : string ) : string;    {encrypting a string}
  function  DecryptStr(StrToDecrypt : string ) : string;    {decrypting a string}
  procedure EncryptMemory(StreamToEncrypt : TMemoryStream); {encrypting a memory stream}
  procedure DecryptMemory(StreamToDecrypt : TMemoryStream); {decrypting a memory stream}
  function  PasswdHash : string;                            {generate a password hash string}
  function  PasswdIsGood(hash, passwd : string) : boolean;  {check password by the value of a hash function}

published
  { Published declarations }
  property Infile         : string;      {input file}
  property Outfile        : string;      {output file}
  property Password       : string;      {password up to 12 bytes}
  property Compression    : CompressType;{compress data before encryption}
  property IncludeHash    : boolean;     {write hash into encrypted file}
  property TerminateFiles : boolean;     {erase data before file deleting}
  property AddKey         : integer;     {parameter of algorithm}
  property MultKey        : integer;     {parameter of algorithm}
  property OnBadPassword  : TNotifyEvent;
  property OnFileCrypt    : TNotifyEvent;
  property OnMemCrypt     : TNotifyEvent;
end;

-------------------------------------------------------------------------------

Description

Properties:

InFile   - an input file for DecryptFile, EncryptFile methods
OutFile  - an output file for DecryptFile, EncryptFile methods
Password - a password by the length up to 12 symbols 
TerminateFiles  - contents of the file is erased before its deleting, it used 
    in EncryptFile, DecryptFile methods. Can be useful on FAT partitions in 
    order to avoid data recovery by low-level disk access.
AddKey, MultKey - constants, assigned in step of program development - 
    parameters of encryption algorithm. You have to adjust this values 
    differently from assigned in the constructor by default.
Compression : CompressType;   CompressType = (none, Z, LZ);
    Type of the compression algorithm before data encryption :
    none - without the compression;
    Z    - is used algorithm from Borland ZLib library;
    LZ   - an LZW algorithm .
IncludeHash - if true EncryptFile method puts hash function value into the
   encrypted file and DecryptFile method checks password using hash, if
   password is wrong OnBadPassword event is generated. EncryptMemory method
   do not write hash value into memory stream.


Methods:

EncryptFile - encrypt InFile in OutFile 
DecryptFile - decrypt InFile in OutFile 
    Properties InFile, OutFile can be different or the same. 
    During encryption a 16-byte value of a hash function is written in the
    output file if IncludeHash=true. Correctness of password is checked at file
    decryption on hash value written in it, under the wrong password event
    OnBadPassword is generated and decryption stops. If you do not want
    to write hash in encrypted file, use EncryptMemory ( as this was made in
    the demo program) or set IncludeHash to false.
EncryptMemory(StreamToEncrypt : TMemoryStream) - encrypt data in memory without
    writing a hash value to it. Memory stream may be compressed as well.
DecryptMemory(StreamToDecrypt : TMemoryStream) - decrypt memory stream.
    When using these methods checking correctness of password is not produced.
    In order to avoid runtime errors and exceptions during memory decryption
    you have to check password before it using PasswordIsGood method.
EncryptStr(StrToEncrypt : string ) : string; - encrypt a string of symbols by 
    the size before 1GB. Length of string is redoubled.
DecryptStr(StrToDecrypt : string ) : string; - decrypt a string.
PasswdHash : string; - generate 32 byte string - hash function from the 
    current password. It is possible to write this hash in the registry or ini
    file for the following checking correctness of password.
PasswdIsGood(hash, passwd : string) : boolean;
    Check correctness of password on hash. Example of checking a password is 
    provided in demonstration program.


Events:

OnBadPassword - is generated by the method DecryptFile in an effort to 
   decrypt a file, using wrong password.
OnFileCrypt, OnMemCrypt - are generated during file or memory stream 
   encryption/decryption in order to process messages in your application.


Exceptions:

'TCryptLib: Password is too long'  - if password length is more than 12 bytes
'TCryptLib: MultKey is too big'    - if MultKey is more than $7FFFFFFF
'TCryptLib: AddKey is too big'     - if AddKey  is more than $7FFFFFFF
'TCryptLib: LZH init error'        - if error during LZ initialization
'TCryptLib: Z decompression error' - if error during Z decompression
'TCryptLib: decrypting error - not hexlook string'
                                   - if string to decrypt contain not hex characters (0..F)

-------------------------------------------------------------------------------
LZH compression unit written by  A. Olowofoyeku, Andy Tam, Douglas Webb,
Andrew Eigus. ZLib from Borland. Additional thanks to S.Maksutin for his help.
-------------------------------------------------------------------------------

History

14.05.1999
    TCryptLib 1.0
09.08.1999
    TCryptLib 2.0   Fixed two bugs - runtime range check error and wrong hash
    function calculation. Algorithm improvements -  mixing a data during
    encryption.
31.08.1999
    TCryptLib 2.1   Performance improvements of encryption algorithm. 
    The current position of the memory stream moves to begining after
    EncryptMemory, DecryptMemory methods execution.
22.09.1999
    TCryptLib 2.2   Added TerminateFiles property - contents of the file is 
    erased before its deleting, it used in EncryptFile, DecryptFile methods. 
    Can be useful on FAT partitions. In demo-program added an example of 
    cracking a password by the hash-function value using the brute force attack 
    method. Delphi 5 support (see lzh.pas line 76).
20.10.1999
    TCryptLib 2.3  Shareware $10
    Added events OnFileCrypt, OnMemCrypt, property IncludeHash.
    !!! Changed type of Compression property - are supported algorithms of 
    compression LZ, Z (ZLib library from Borland).
27.09.2000
    TCryptLib 2.4
    Fixed a bug - memory leak during encryption with Compression=Z
    !!! Warning - data, encrypted with previous version of TCryptLib
    with Compression=Z cannot be decrypted - data format changed.
    Before encryption is saved, after encryption is restored the state
    of random generator.

-------------------------------------------------------------------------------

Konstantin Borodachev
kosta@energobank.ru   or   ntadm@euro.ru
http://ntadm.euro.ru