Bad encryption

Posted on 2002-07-18
Last Modified: 2010-04-04
Dear Experts, please help !
     Please have a look at the program, and tell me what is wrong.

Thanks from apin.

ps : I'm using D5 Enterprise and Windows ME

Function Encrypt(S : String ; Sign : Integer ;  Key : Word ) : String ;
  C1  = 52845 ;
  C2  = 22719 ;

  I : BYTE ;
  x : string ;
  k : Integer ;

  x := S ;
  IF Length(s) = 0 Then Begin
     Result := '' ;
     Exit  ;  
  End ;
  For I := 1 To Length(S) Do Begin
     x[I] := Char(Byte(x[I]) xor ( Key Shr 8 )) ;
     Case Sign OF
       1 : Key := ( Byte(x[I]) + Key ) * C1 + C2 ;  // encrypt
       2 : Key := ( Byte(s[I]) + Key ) * C1 + C2 ;  // Decrypt
     End ; // Case
  End ;  // For
  Result := x ;
End ;

procedure TForm1.Button1Click(Sender: TObject);
  S1, S2 : String ;
  // bad
  S1 := Encrypt('00000',1,12345) ; // encrypt
  S2 := Encrypt(S1,2,12345) ;      // decrypt
  ShowMessage( S1 +  ' ' + S2 ) ;  // Not OK !!!

  // good, when I change the Key value >= 20000
  S1 := Encrypt('00000',1,20000) ;
  S2 := Encrypt(S1,2,20000) ;      
  ShowMessage( S1 +  ' ' + S2 ) ;  // OK

  S1 := Encrypt('100000',1,12345) ;
  S2 := Encrypt(S1,2,12345) ;      
  ShowMessage( S1 +  ' ' + S2 ) ;   // OK

  S1 := Encrypt('Good day',1,222) ;
  S2 := Encrypt(S1,2,222) ;      
  ShowMessage( S1 +  ' ' + S2 ) ;   // OK

Question by:pc_melsa

Accepted Solution

Cynna earned 200 total points
ID: 7162964

Firstly, thanks for this easy-to-inspect sample. I love when problem
is reduced to code sample like this. Helping you is *much* easier this

OK, on to your question...
Well, actually you don't really have a problem. To quickly see what I mean,
just replace line:

  ShowMessage( S1 +  ' ' + S2 ) ;  // Not OK !!!


  ShowMessage( 'Encrypted:'+S1); ShowMessage('Decrypted:'+S2);


Your function is correctly encrypting string, but it happened that, for
this particular S/Sign combination, the first letter (ie. '0', or Chr(48)) in
your string S is encrypted as Chr(0).

Why? Simple:

x='00000'   ->  Byte(x[1]) = 48

Key=12345   ->  Key Shr 8 = 48


x[1]= Byte(x[1]) xor  (Key Shr 8) = 48 xor 48 = 0

As you probably know, Chr(0) is interpreted by wast majority of string
functions as termination character.
So, ShowMessage actually sees S1 as empty string, although it really isn't,
as you can easily see by placing a break line at ShowMessage(), and inspecting
S1. As a conseqence, string S1+' '+S2 is also saw as empty string.
If you're not quite clear on this, tell me and I'll try to explain it further.

You have to worry about all this only if you really want to print your
encoded string (I don't see why would you  want this, though, because your
encoded string will almost certanly contain nonprintable characters, and you'll
end up with unpredictable results most of the time...).

But...if you'd like to solve this anyway, one way is to simply replace Chr(0)
in encrypted string with some printable character.

For example, you could add this function:

function DisplayableString(s: String): String;
var i: Integer; // Replace termination char with 'X'
  for i := 1 To length(s) do
      if Result[i]=#0 then Result[i]:='X'

And replace line:

  ShowMessage( S1 +  ' ' + S2 ) ;  // Not OK !!!


  ShowMessage( DisplayableString(S1)+  ' ' + S2 ) ;  // OK after all...


Author Comment

ID: 7163659
Thanks for your clear explanation, May God Bless you !

Featured Post

Use Case: Protecting a Hybrid Cloud Infrastructure

Microsoft Azure is rapidly becoming the norm in dynamic IT environments. This document describes the challenges that organizations face when protecting data in a hybrid cloud IT environment and presents a use case to demonstrate how Acronis Backup protects all data.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The uses clause is one of those things that just tends to grow and grow. Most of the time this is in the main form, as it's from this form that all others are called. If you have a big application (including many forms), the uses clause in the in…
Creating an auto free TStringList The TStringList is a basic and frequently used object in Delphi. On many occasions, you may want to create a temporary list, process some items in the list and be done with the list. In such cases, you have to…
This video shows how to quickly and easily add an email signature for all users on Exchange 2016. The resulting signature is applied on a server level by Exchange Online. The email signature template has been downloaded from: www.mail-signatures…
A short tutorial showing how to set up an email signature in Outlook on the Web (previously known as OWA). For free email signatures designs, visit If you want to manage em…

777 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question