BCryptEncrypt returns STATUS_INVALID_PARAMETER on AES-GCM
I'm trying to implement AES GCM using CNG Windows API and stuck on last step.
Disclaimer: Do not be afraid with that amount of code, most of it is just WinAPI functions and structures declaration, scroll down to actual question text. Thanks.
Uses:
uses System.Classes, Winapi.Windows, System.SysUtils;
Interface section (NOT everything is correct here (see accepted answer), added just in case if somebody will try to reproduce):
type
BCRYPT_KEY_LENGTHS_STRUCT = packed record
dwMinLength, dwMaxLength, dwIncrement: ULONG;
end;
BCRYPT_AUTH_TAG_LENGTHS_STRUCT = BCRYPT_KEY_LENGTHS_STRUCT;
BCRYPT_KEY_DATA_BLOB_HEADER = packed record
dwMagic, dwVersion, cbKeyData: ULONG;
end;
BCRYPT_AUTHENTICATED_CIPHER_MODE_INFO = packed record
cbSize, dwInfoVersion: ULONG;
pbNonce: Pointer;
cbNonce: ULONG;
pbAuthData: Pointer;
cbAuthData: ULONG;
pbTag: Pointer;
cbTag: ULONG;
pbMacContext: Pointer;
cbMacContext, cbAAD: ULONG;
cbData: ULONGLONG;
dwFlags: ULONG;
end;
const
BCRYPT_CHAINING_MODE = 'ChainingMode';
BCRYPT_CHAIN_MODE_GCM = 'ChainingModeGCM';
BCRYPT_AUTH_TAG_LENGTH = 'AuthTagLength';
BCRYPT_KEY_DATA_BLOB = 'KeyDataBlob';
//
BCRYPT_AUTHENTICATED_CIPHER_MODE_INFO_VERSION = $00000001;
//
BCrypt = 'Bcrypt.dll';
function BCryptOpenAlgorithmProvider(var phAlgorithm: Pointer;
pszAlgId: PWideChar; pszImplementation: PWideChar; dwFlags: ULONG): DWORD;
stdcall; external BCrypt;
function BCryptSetProperty(hObject: Pointer; pszProperty: PWideChar;
pbInput: Pointer; cbInput: ULONG; dwFlags: ULONG): DWORD; stdcall;
external BCrypt;
function BCryptGetProperty(hObject: Pointer; pszProperty: PWideChar;
pbOutput: Pointer; cbOutput: ULONG; var pcbResult: ULONG; dwFlagd: ULONG)
: DWORD; stdcall; external BCrypt;
function BCryptGenerateSymmetricKey(hAlgorithm: Pointer; var phKey: Pointer;
pbKeyObject: Pointer; cbKeyObject: ULONG; pbSecret: Pointer; cbSecret: ULONG;
dwFlags: ULONG): DWORD; stdcall; external BCrypt;
function BCryptGenRandom(phAlgorithm: Pointer; pbBuffer: Pointer;
cbBuffer: ULONG; dwFlags: ULONG): DWORD; stdcall; external BCrypt;
function BCryptExportKey(hKey: Pointer; hExportKey: Pointer;
pszBlobType: PWideChar; pbOutput: Pointer; cbOutput: ULONG;
var pcbResult: ULONG; dwFlags: ULONG): DWORD; stdcall; external BCrypt;
function BCryptEncrypt(hKey: Pointer; pbInput: Pointer; cbInput: ULONG;
pPaddingInfo: Pointer; pbIV: Pointer; cbIV: ULONG; pbOutput: Pointer;
cbOutput: ULONG; var pcbResult: ULONG; dwFlags: ULONG): DWORD; stdcall;
function BCryptDestroyKey(hKey: Pointer): DWORD; stdcall; external BCrypt;
function BCryptCloseAlgorithmProvider(hAlgorithm: Pointer; dwFlags: ULONG)
: DWORD; stdcall; external BCrypt;
Implementation:
function GetCryptoRandomBytes(var Buffer: TBytes; Size: DWORD): Boolean;
var
Status: DWORD;
hAlgorithm, hKey: Pointer;
begin
result := False;
Status := BCryptOpenAlgorithmProvider(hAlgorithm,
BCRYPT_RNG_ALGORITHM, nil, 0);
if Status = 0 then
begin
SetLength(Buffer, Size);
Status := BCryptGenRandom(hAlgorithm, Buffer, Size, 0);
if Status = 0 then
result := True;
end;
BCryptCloseAlgorithmProvider(hAlgorithm, 0)
end;
function AESGCMEncrypt(var Data, AAD, Key, IV, Tag, EncryptedData: TBytes;
KeyLength: DWORD = 32): Boolean;
const
AES_GCM_IV_LENGTH = 12; // nonce
var
Status, KeyLen, BytesDone, BlockLength: DWORD;
hAlgorithm, hKey: Pointer;
TagLength: BCRYPT_AUTH_TAG_LENGTHS_STRUCT;
KeyDataBlobHeader: BCRYPT_KEY_DATA_BLOB_HEADER;
AuthCiferModeInfo: BCRYPT_AUTHENTICATED_CIPHER_MODE_INFO;
KeyTemp: TBytes;
begin
result := False;
BytesDone := 0;
Status := BCryptOpenAlgorithmProvider(hAlgorithm,
BCRYPT_AES_ALGORITHM, nil, 0);
if Status = 0 then
begin
KeyLen := Length(BCRYPT_CHAIN_MODE_GCM);
Status := BCryptSetProperty(hAlgorithm, BCRYPT_CHAINING_MODE,
PChar(BCRYPT_CHAIN_MODE_GCM), BytesDone, 0);
if Status = 0 then
begin
KeyLen := SizeOf(TagLength);
Status := BCryptGetProperty(hAlgorithm, BCRYPT_AUTH_TAG_LENGTH,
@TagLength, KeyLen, BytesDone, 0);
if (Status = 0) and GetCryptoRandomBytes(KeyTemp, KeyLength) then
begin
Status := BCryptGenerateSymmetricKey(hAlgorithm, hKey, nil, 0, KeyTemp,
KeyLength, 0);
if Status = 0 then
begin
Status := BCryptExportKey(hKey, nil, BCRYPT_KEY_DATA_BLOB, nil, 0,
KeyLen, 0); // Get size
if Status = 0 then
begin
SetLength(KeyTemp, KeyLen);
Status := BCryptExportKey(hKey, nil, BCRYPT_KEY_DATA_BLOB, KeyTemp,
KeyLen, KeyLen, 0);
if Status = 0 then
begin
Move(KeyTemp[0], KeyDataBlobHeader, SizeOf(KeyDataBlobHeader));
SetLength(Key, KeyDataBlobHeader.cbKeyData);
Move(KeyTemp[SizeOf(KeyDataBlobHeader)], Key[0],
KeyDataBlobHeader.cbKeyData);
if GetCryptoRandomBytes(IV, AES_GCM_IV_LENGTH) then
begin
SetLength(Tag, TagLength.dwMaxLength);
SetLength(EncryptedData, Length(Data)); // same length as source
FillChar(AuthCiferModeInfo, SizeOf(AuthCiferModeInfo), #0);
with AuthCiferModeInfo do
begin
cbSize := SizeOf(AuthCiferModeInfo);
dwInfoVersion := BCRYPT_AUTHENTICATED_CIPHER_MODE_INFO_VERSION;
pbNonce := IV;
cbNonce := AES_GCM_IV_LENGTH;
pbAuthData := AAD;
cbAuthData := Length(AAD);
pbTag := Tag;
cbTag := TagLength.dwMaxLength;
end;
KeyLen := Length(Data);
Status := BCryptEncrypt(hKey, Data, KeyLen, @AuthCiferModeInfo,
nil, 0, EncryptedData, KeyLen, BytesDone, 0);
// Status = $C000000D = STATUS_INVALID_PARAMETER
if Status = 0 then
result := True
else // Free all buffers
begin
SetLength(Tag, 0);
SetLength(EncryptedData, 0);
SetLength(Key, 0);
SetLength(IV, 0);
end;
end
else // Free all buffers
begin
SetLength(Key, 0);
SetLength(IV, 0);
end;
end;
end;
BCryptDestroyKey(hKey);
end;
SetLength(KeyTemp, 0); // Free buffer
end;
end;
end;
BCryptCloseAlgorithmProvider(hAlgorithm, 0);
end;
Here actual question started
I know it seems like there's a lot of code, but it's not the point. All works perfectly except last BCryptEncrypt() call which returns STATUS_INVALID_PARAMETER (0xC000000D).
I've tried to follow docs, so I have no idea which of parameters doesn't fit. I guess issue is in BCRYPT_AUTHENTICATED_CIPHER_MODE_INFO structure, but can't find it.
So, dear WinAPI Gods, could you please point me what have I done wrong? I would really appreciate any help: links, debugigng ideas, etc.
Here's how I call this function:
var
Key, Tag, IV, AAD, Data, EncData: TBytes;
src, add_data: string;
begin
src := 'test_string_1234';
add_data := '12345678';
Data := TEncoding.UTF8.GetBytes(src);
AAD := TEncoding.UTF8.GetBytes(add_data);
AESGCMEncrypt(Data, AAD, Key, IV, Tag, EncData);
end;
P.S. I'm using Delphi 10.3 Community.
UPDATE
I've tried to check how this API works in C++ and ... just look. Here is BCRYPT_AUTHENTICATED_CIPHER_MODE_INFO structure (copied from docs):
typedef struct _BCRYPT_AUTHENTICATED_CIPHER_MODE_INFO {
ULONG cbSize; // 4 bytes
ULONG dwInfoVersion; // 4 bytes
PUCHAR pbNonce; // 8 bytes (on x64)
ULONG cbNonce; // 4 bytes
PUCHAR pbAuthData; // 8 bytes (on x64)
ULONG cbAuthData; // 4 bytes
PUCHAR pbTag; // 8 bytes (on x64)
ULONG cbTag; // 4 bytes
PUCHAR pbMacContext; // 8 bytes (on x64)
ULONG cbMacContext; // 4 bytes
ULONG cbAAD; // 4 bytes
ULONGLONG cbData; // 8 bytes
ULONG dwFlags; // 4 bytes
} BCRYPT_AUTHENTICATED_CIPHER_MODE_INFO, *PBCRYPT_AUTHENTICATED_CIPHER_MODE_INFO;
Let's calculate total size: 4 + 4 + 8 + 4 + 8 + 4 + 8 + 4 + 8 + 4 + 4 + 8 + 4 = 72. BUT sizeof(BCRYPT_AUTHENTICATED_CIPHER_MODE_INFO) returns 88. I have no clue, where 16 additional bytes came from. Could somebody explain me??
BCryptEncrypt() call which returns STATUS_INVALID_PARAMETER (0xC000000D).
BCryptEncrypt(keyHandle, pt, sizeof(pt), &authInfo, NULL, 0, ct, sizeof(ct), &bytesDone, 0);
Show values passed in above function that work for me, then you can compare with yours.
Update:
After comparing, it turns out that the size (cbSize) of BCRYPT_AUTHENTICATED_CIPHER_MODE_INFO structure is wrong calculated. It expects 88 but pass in 72. It is related to "Padding and Alignment of Structure Members".
The size, in bytes, of this structure. Do not set this field directly. Use the BCRYPT_INIT_AUTH_MODE_INFO macro instead.
Small update
To let code from question work properly change BCRYPT_AUTHENTICATED_CIPHER_MODE_INFO = packed record to BCRYPT_AUTHENTICATED_CIPHER_MODE_INFO = record.
- How to record microphone to MP3 with Delphi 10.4.2 on FMX Windows?
- Auto append/complete from text file to an edit box
- COM Port Commands CRC XOR
- How to load a file into a stream on Android knowing its Jnet_Uri?
- Delphi notification when a file gets updated
- Any build-in function like PosEx that finds a sub-string starting from the back of the string?
- Delphi how to Serialize and Deserialize TObject
- Selecting a directory with TOpenDialog
- How to make a function that takes 2 dimensional array of Extended and return TArray<Extended>?
- How to make Windows notification display application title instead of EXE filename?
- FMX + Android + Rotation
- CEF4Delphi application can't run two instances
- How to prevent the Scrollbar out of range?
- Delphi obtain stack trace after exception
- Trying to animate a Rectangle border with Delphi FMX
- How to draw a translucent image on a form?
- Create and run TTimer in runtime
- Breakpoints are not per project
- Delphi database search
- What is the accepted way to use frames in Delphi?
- Instead throwing BSOD nothing happend after clicking button
- Delphi Determine filesize in real time
- Incompatible Types: TZDate and TDateTime in Delphi 2010
- Determining real amount of size used in directory with hard links
- Delphi Datasnap Server - How to make Datasnap Server recognize and accept OPTIONS request?
- Delphi Console XE7 Clearscreen
- How read the content of file to a string in delphi XE
- How to center a Delphi form on a 4k screen? (Windows scaling enabled) - poScreenCenter not working
- How to access Windows shell context menu items?
- Checking to see if a number is within a range in free pascal