TMS SOFTWARE
TMS Cryptography Pack
DEVELOPERS GUIDE
2
Contents
Contents .........................................................................................................................2
Availability ......................................................................................................................3
Online references ..............................................................................................................3
Description ......................................................................................................................4
AES (modes ECB-CBC-OFB-CTR) .............................................................................................5
AES MAC .........................................................................................................................8
AES GCM ....................................................................................................................... 10
RSA ............................................................................................................................. 13
ECDSA, EdDSA and ECIES ................................................................................................... 17
SALSA .......................................................................................................................... 20
SHA-2........................................................................................................................... 22
SHA-3........................................................................................................................... 24
SPECK .......................................................................................................................... 27
PBKDF2 ........................................................................................................................ 30
Blake2 .......................................................................................................................... 32
RIPEMD-160 ................................................................................................................... 34
Argon2 ......................................................................................................................... 36
Converter class ............................................................................................................... 38
X509 certificates ............................................................................................................. 42
X509 CSR ...................................................................................................................... 48
XAdES .......................................................................................................................... 52
CAdES .......................................................................................................................... 55
PAdES .......................................................................................................................... 58
Random generators .......................................................................................................... 61
Encrypt an ini file ............................................................................................................ 62
Generate a self-decrypted file ............................................................................................ 63
Troubleshooting .............................................................................................................. 65
TMS SOFTWARE
TMS Cryptography Pack
DEVELOPERS GUIDE
3
Availability
TMS Cryptography Pack is available as VCL and FMX component set for Delphi and C++Builder.
TMS Cryptography Pack is available for Delphi XE2, XE3, XE4, XE5, XE6, XE7, XE8, 10 Seattle, 10.1 Berlin,
10.2 Tokyo, 10.3 Rio & C++Builder XE2, XE3, XE4, XE5, XE6, XE7, XE8, 10 Seattle, 10.1 Berlin, 10.2 Tokyo,
10.3 Rio.
TMS Cryptography Pack has been designed for and tested with: Windows Vista, Windows 7, Windows 8,
Windows 10, OSX 10.12.2 and iOS 10.2 or newer.
TMS Cryptography Pack supports following targets: Win32, Win64, Android, OSX32, iOS32, iOS64, (Linux
with no guarantees).
If you want to use TMS Cryptography Pack in Win64 target, there are two options:
- If you have Tokyo 10.2.1 or newer, you must uncomment {$define IDEVERSION1021} in tmscrypto.inc
file;
- If you have older version than 10.2.1, you must copy RandomDLL.dll from the Win64 directory to
C:\Windows\System32 if you are running 64-bit Windows or to C:\Windows\SysWOW64 if you are
running 32-bit Windows.
For the use of TMS Cryptography Pack on iOS, Android or Linux, you must add the directory “libAndroid” or
“libiOSDevice32” or “libiOSDevice64” or “libLinux” in the Search Path of the Project options.
Online references
TMS software website:
http://www.tmssoftware.com
TMS Cryptography Pack page:
http://www.tmssoftware.com/site/tmscrypto.asp
TMS Cryptography Pack is available separately and also as part of:
-TMS ALL-ACCESS: http://www.tmssoftware.com/site/tmsallaccess.asp
TMS SOFTWARE
TMS Cryptography Pack
DEVELOPERS GUIDE
4
Description
TMS Cryptography Pack is a software library that provides various algorithms used to encrypt, sign and
hash data. This library has been developed by Cyberens.
This manual provides a complete description of how to use the library and its various features. Each
section corresponds to an algorithm used in cryptography and a class into TMS Cryptography Pack.
The different algorithms are the following:
✓ AES (modes ECB-CBC-OFB-CTR)
✓ AES MAC
✓ AES GCM
✓ SPECK
✓ RSA
✓ ECDSA and EdDSA
✓ ECIES
✓ SALSA
✓ SHA-2
✓ SHA-3
✓ PBKDF 2
✓ Blake2B
✓ RIPEMD-160
✓ Argon2
✓ Generation of X509 self-signed certificates
✓ Generation of X509 CSR
✓ XAdES
✓ CAdES
✓ PAdES
TMS SOFTWARE
TMS Cryptography Pack
DEVELOPERS GUIDE
5
AES (modes ECB-CBC-OFB-CTR)
AES or Advanced Encryption Standard is a symmetric encryption algorithm. It has become a standard since
2002 in USA, described in the FIPS PUB 197. Its input is a 128-bit message and its output is a 128-bit cipher
text. Depending on the version, the key length is 128 bits, 192 bits or 256 bits. To encrypt messages of
different lengths, we use different encryption modes:
✓ ECB (Electronic Code Book): it is the simplest mode. The message to encrypt is divided into blocks
of 128 bits and each block is encrypted separately with the same key.
✓ CBC (Cipher Block Chaining): it XORs the 128-bit first block of clear text with a 128-bit
initialisation vector. Then it encrypts the result with AES. For each new block, it uses the previous
cipher text as the initialisation vector.
✓ OFB (Output Feedback): an initialisation vector is encrypted with AES, then XORed with the first
block of clear text, to obtain the first block of cipher text. Then this encrypted initialisation
vector is reused as the initialisation vector for the next block.
✓ CTR (Counter): it encrypts a counter, which is incremented for each block. Then each counter is
XORed with a block of clear text to obtain a block of cipher text.
These modes are described in the NIST Special Publication 800-38A.
The AES class is:
TAESKeyLength = (kl128, kl192, kl256);
TAESType = (atECB, atCBC, atOFB, atCTR);
TIVMode = (rand, userdefined);
TPaddingMode = (PKCS7, nopadding);
TAESEncryption = class(TTMSCryptBase)
public
Constructor Create(AOwner: TComponent); overload; override;
Constructor Create; overload;
Constructor Create(keyLength: TAESKeyLength; key: string; AType: TAESType;
paddingMode: TPaddingMode; outputFormat: TConvertType;
uni: TUnicode); overload;
Constructor Create(keyLength: TAESKeyLength; key: string; AType: TAESType;
paddingMode: TPaddingMode; outputFormat: TConvertType; uni: TUnicode;
IV: string); overload;
Destructor Destroy; override;
function Encrypt(s: string): string;
function Decrypt(s: string): string;
procedure EncryptFileW(s, o: string);
procedure DecryptFileW(s, o: string);
procedure EncryptStream(s: TStream; var o: TStream);
procedure DecryptStream(s: TStream; var o: TStream);
published
property key: string read FKey write SetKey;
property keyLength: TAESKeyLength read FKeyLength write SetKeyLength default
kl128;
property AType: TAESType read FType write FType default atcbc;
property outputFormat: TConvertType read FOutputFormat write FOutputFormat
default hexa;
property IVMode: TIVMode read FIVMode write FIVMode default rand;
property IV: string read FIV write SetIV;
property paddingMode: TPaddingMode read FPaddingMode write FPaddingMode
default PKCS7;
property Unicode: TUnicode read FUni write FUni default yesUni;
property Progress: Integer read FProgress write SetProgress;
property OnChange: TNotifyEvent write FOnChange;