TCryptLib 2.2

Class for Delphi 3,4,5. Realizes encryption-decryption of files, strings, 
memory streams (TMemoryStream) by the block encryption method, generates
hash functions of password, checks correctness of password during file 
decryption, checks a password on the value of hash functions. Before 
encryption your data may be compressed that increase cryptoresistance.
Even without using internal compression, encrypted data are not 
compressed by archivers (zip, rar). Thereby, information is transformed from 
the condition with minimum entropy in maximum that is a necessary condition 
of the cryptoresistance. Password length up to 12 bytes, hash length is 32 
bytes. Exe demo included. Shareware $10 , source $25.

Approximate time of breaking a password by brute force attack. Kit from 93 
symbols (english alphabet in upper and lower case, numerals, special symbols), 
Celeron 412 MHz/48 MB RAM/Windows NT 4.0 SP5/normal priority.

Password length  Estimated time         

   3             5 mm 26 s
   4             8.4 hours  
   5             32.55 days    (approximation)
   6             8.3 years     (approximation)


Installation:

Copy files KBCrypt.dcu, KBCrypt.res, lzh.dcu, zlib.dcu, *.obj to your 
components folder. Then :

Delphi 3
Open Component->Instal component dialog, choose KBCrypt.dcu and install it.

Delphi 4
Open Component -> Install Packages dialog, choose Delphi User Components
package, add KBCrypt.dcu file to it. Compile and save package.

Delphi 5
Open Component -> Install Packages dialog, choose Borland User Components
package, add KBCrypt.dcu file to it. Compile and save Dclusr50.bpl


TCryptLib = class(TComponent)
public
  { Public declarations }
  procedure EncryptFile;                                    {encrypting a file}
  procedure DecryptFile;                                    {decrypting a file}
  function  EncryptStr(StrToEncrypt : string ) : string;    {encrypting a string}
  function  DecryptStr(StrToDecrypt : string ) : string;    {decrypting a string}
  procedure EncryptMemory(StreamToEncrypt : TMemoryStream); {encrypting a memory stream}
  procedure DecryptMemory(StreamToDecrypt : TMemoryStream); {decrypting a memory stream}
  function  PasswdHash : string;                            {generate a password hash string}
  function  PasswdIsGood(hash, passwd : string) : boolean;  {check password by the value of a hash function}

published
  { Published declarations }
  property Infile         : string;      {input file}
  property Outfile        : string;      {output file}
  property Password       : string;      {password up to 12 bytes}
  property Compression    : CompressType;{compress data before encryption}
  property IncludeHash    : boolean;     {write hash into encrypted file}
  property TerminateFiles : boolean;     {erase data before file deleting}
  property AddKey         : integer;     {parameter of algorithm}
  property MultKey        : integer;     {parameter of algorithm}
  property OnBadPassword  : TNotifyEvent;
  property OnFileCrypt    : TNotifyEvent;
  property OnMemCrypt     : TNotifyEvent;
end;

Description
-------------------------------------------------------------------------------
Properties:

InFile   - an input file for DecryptFile, EncryptFile methods
OutFile  - an output file for DecryptFile, EncryptFile methods
Password - a password by the length up to 12 symbols 
TerminateFiles  - contents of the file is erased before its deleting, it used 
    in EncryptFile, DecryptFile methods. Can be useful on FAT partitions in 
    order to avoid data recovery by low-level disk access.
AddKey, MultKey - constants, assigned in step of program development - 
    parameters of encryption algorithm. You have to adjust this values 
    differently from assigned in the constructor by default.
Compression : CompressType;   CompressType = (none, Z, LZ);
    Type of the compression algorithm before data encryption :
    none - without the compression;
    Z    - is used algorithm from Zlib library (zip);
    LZ   - an LZW algorithm .
IncludeHash - if true EncryptFile method puts hash function value into the
   encrypted file and DecryptFile method checks password using hash, if
   password is wrong OnBadPassword event is generated. EncryptMemory method
   do not write hash value into memory stream.

Methods:

EncryptFile - encrypt InFile in OutFile 
DecryptFile - decrypt InFile in OutFile 
    Properties InFile, OutFile can be different or the same. 
    During encryption a 16-byte value of a hash function is written in the
    output file if IncludeHash=true. Correctness of password is checked at file
    decryption on hash value written in it, under the wrong password event
    OnBadPassword is generated and decryption stops. If you do not want
    to write hash in encrypted file, use EncryptMemory ( as this was made in
    the demo program) or set IncludeHash to false.
EncryptMemory(StreamToEncrypt : TMemoryStream) - encrypt data in memory without
    writing a hash value to it. Memory stream may be compressed as well.
DecryptMemory(StreamToDecrypt : TMemoryStream) - decrypt memory stream.
    When using these methods checking correctness of password is not produced.
    In order to avoid runtime errors and exceptions during memory decryption
    you have to check password before it using PasswordIsGood method.
EncryptStr(StrToEncrypt : string ) : string; - encrypt a string of symbols by 
    the size before 1GB. Length of string is redoubled.
DecryptStr(StrToDecrypt : string ) : string; - decrypt a string.
PasswdHash : string; - generate 32 byte string - hash function from the 
    current password. It is possible to write this hash in the registry or ini
    file for the following checking correctness of password.
PasswdIsGood(hash, passwd : string) : boolean;
    Check correctness of password on hash. Example of checking a password is 
    provided in demonstration program.

Events:

OnBadPassword - is generated by the method DecryptFile in an effort to 
   decrypt a file, using wrong password.
OnFileCrypt, OnMemCrypt - are generated during file or memory stream 
   encryption/decryption in order to process messages in your application.

-------------------------------------------------------------------------------
LZH compression unit written by  A. Olowofoyeku, Andy Tam, Douglas Webb,
Andrew Eigus. Thanks to them. Additional thanks to S.Maksutin for his help.
-------------------------------------------------------------------------------

History

14.05.1999
    TCryptLib 1.0
09.08.1999
    TCryptLib 2.0   Fixed two bugs - runtime range check error and wrong hash
    function calculation. Algorithm improvements -  mixing a data during
    encryption.
31.08.1999
    TCryptLib 2.1   Performance improvements of encryption algorithm. 
    The current position of the memory stream moves to begining after
    EncryptMemory, DecryptMemory methods execution.
22.09.1999
    TCryptLib 2.2   Added TerminateFiles property - contents of the file is 
    erased before its deleting, it used in EncryptFile, DecryptFile methods. 
    Can be useful on FAT partitions. In demo-program added an example of 
    cracking a password by the hash-function value using the brute force attack 
    method. Delphi 5 support (see lzh.pas line 76).
20.10.1999
    TCryptLib 2.3  Shareware $10
    Added events OnFileCrypt, OnMemCrypt, property IncludeHash,  
    !! changed type of Compression property !! - are supported algorithms of 
    compression LZ, Z(Zlib).

-------------------------------------------------------------------------------

Konstantin Borodachev
kosta@energobank.ru   or   borodach@chat.ru 
http://www.chat.ru/~borodach
