M_Crypto (formerly Blowfish and Bcrypt project)

  1. ‹ Older
  2. 3 years ago

    Kem T

    19 Sep 2017 Testers, Xojo Pro, XDC Speakers, MVP Connecticut

    I just updated this project and changed it over to M_Crypto from Blowfish_MTC. It's available here:


    It now includes a native AES encrypter and a handy all-purpose encryption/decryption app in the project. The README has more information.

  3. Kem T

    27 Sep 2017 Testers, Xojo Pro, XDC Speakers, MVP Connecticut

    I just released v.2.1. These are the release notes:

    • Refactored to streamline code.
    • Changed NullsWithCount padding to conform to standard. It will now add padding in all cases, even if the block is already the right size. This means the last padding byte can be 0x01, something that wasn't allowed in the previous version. Depadding will still work on something encrypted like that unless you decrypt in blocks and the last block is <= BlockSize.
    • Added the CLI project and reorganized files in general.

    I'm particularly happy with the CLI project. You can now encrypt/decrypt on the command line with a variety of options. From the help:

      mtccrypto - Encrypt/Decrypt/Bcrypt utilty v.1.0
      -h, --help           Show help
      -x STR, --execute=STR
                           The action to perform [can be: `Encrypt', `E',
                           `Decrypt', `D', `Bcrypt', `B', `Verify-bcrypt',
      --salt=STR           The specific salt to use for Bcrypt in the
                           correct format (testing option not normally used)
      --rounds=INTEGER     The number of rounds to use for Bcrypt if salt
                           is not specified [default 10]
      --against-hash=STR   The hash to verify with Bcrypt
      -e STR, --encrypter=STR
                           Encrypter to use for encrypt/decrypt [can be:
                           `aes-128', `aes-128-cbc', `aes-128-ecb', `aes
                           -192', `aes-192-cbc', `aes-192-ecb', `aes-256',
                           `aes-256-cbc', `aes-256-ecb', `bf', `bf-cbc',
      -k STR, --key=STR    The encryption key as plain, hex, or Base64
      --key-file=FILE      The file that contains the key
      --key-stdin          The key has been piped in through StdIn
      -K STR, --key-encoding=STR
                           The encoding of the key [default None] [can be:
                           `None', `N', `Hex', `H', `Base64', `B']
      -H STR, --key-hash=STR
                           The hash to apply to the key [default None] [can
                           be: `None', `N', `MD5', `M', `SHA1', `S1',
                           `SHA256', `S256', `SHA512', `S512']
      -p STR, --padding=STR
                           The padding to use [default PKCS] [can be:
                           `Nulls-Only', `Nulls-With-Count', `PKCS']
      --iv=STR             With CBC encryption, the initial vector as plain or hex
      -D STR, --data-encoding=STR
                           The encoding of the data [default None] [can be:
                           `None', `N', `Hex', `H', `Base64', `B']
      --data-file=FILE     The file that contains the data
      --data-stdin         The data has been piped in through StdIn
      -O STR, --output-encoding=STR
                           Encode the result of encryption/decryption
                           [default None] [can be: `None', `N', `Hex', `H',
                           `Base64', `B']
      --output-file=FILE   The output file that will be overwritten
      --eol                Include an EOL in the output [default TRUE
                           unless --output-file is used]
      If data is not given and no file specified, it will be pulled from
      When encrypting/decrypting, if a key is not given it will be
      requested unless the --data-stdin switch is present.
  4. Is it possible to use this implementation with iOS Xojo projects?


    p.s. It would be great thing, even for Xojo R&D, to add supported platforms tags in text and/or technical documentation.

  5. Kem T

    28 Sep 2017 Testers, Xojo Pro, XDC Speakers, MVP Connecticut

    No, it relies on the classic framework.

  6. Kem T

    28 Sep 2017 Testers, Xojo Pro, XDC Speakers, MVP Connecticut

    Also, my implementation is memory-intensive so I'm not sure it would be practical on iOS. Other implementations recalculate values as they are needed but I cache them instead so using AES, for example, will retain about 1 MB of memory. I wouldn't want to change that because the performance difference is dramatic, even in 64-bit with aggressive optimization. Something that takes milliseconds to encrypt now used to take up to a second before I made the change.

  7. Kem T

    4 Oct 2017 Testers, Xojo Pro, XDC Speakers, MVP Connecticut

    I just released v.2.2, now with GenerateUUID and a separate Scrypt module. Read about Scrypt here:


  8. Kem T

    5 Oct 2017 Testers, Xojo Pro, XDC Speakers, MVP Connecticut
    Edited 3 years ago

    I just posted 2.2.1. The only difference is a dramatic speedup of Scrypt by a factor of about 3. It turns out using a MemoryBlock is way faster than copying values to and from an array.

    In 64-bit aggressive, the Scrypt test took about 1.0s. Now it takes about 0.33s. In 32-bit, it went from about 3.5s to 1.5s.

  9. Kem T

    15 Oct 2017 Testers, Xojo Pro, XDC Speakers, MVP Connecticut

    I found a bug that could lead to a crash. I'll release an update soon, but in the meantime, look in AES_MTC.InitMultiplyTables. In the loop, change the upper bound from 256 to 255.

      for i as integer = 0 to ptrs.Ubound
        dim p as ptr = ptrs( i )
        dim v as integer = values( i )
        for x as integer = 0 to 255 // <-- was 256, a bad, bad value
          p.Byte( x ) = Multiply( x, v )
  10. Kem T

    16 Oct 2017 Testers, Xojo Pro, XDC Speakers, MVP Connecticut

    Version 2.3 is out. The release notes:

    • Harness now allows multiple encryption windows.
    • Encryption window hides the encryption key unless that field has focus.
    • Fixed bug in AES that could lead to a crash (using a Ptr to overwrite the bounds of a MemoryBlock by one byte).
    • Refactored around new framework MemoryBlock.
    • Quicker initialization for AES.
  11. Kem T

    17 Oct 2017 Testers, Xojo Pro, XDC Speakers, MVP Connecticut

    I've been trying to figure out why AES decryption was so much slower (relatively speaking) than encryption. In 64-bit, encrypting 30k took about 2 ms with AES-256-CBC while decryption took about 40 ms. It turns out that I just forgot to add pragmas to the InvCipher method. It's in the develop branch now, or you can just add this to the top of the method:

    #if not DebugBuild
      #pragma BackgroundTasks False
      #pragma BoundsChecking False
      #pragma NilObjectChecking False
      #pragma StackOverflowChecking False
  12. Kem T

    6 Nov 2017 Testers, Xojo Pro, XDC Speakers, MVP Connecticut

    v.2.4 is out.

    Release notes:

    • Added pragmas that dramatically increase the speed of `AES_MTC` decryption.
    • The same instance of an `M_Crypto.Encrypter` is now safe to use in multiple threads. Just don't change the key or Initial Vector of that instance.
    • More efficient handling of the current vector in `AES_MTC`.
    • Better description in CLI help.
    • Removed unneeded property in `M_Crypto.Encrypter`.
  13. 2 years ago
    Edited 2 years ago

    Hey, great set of classes, much appreciated! I have one issue/question. I am trying to switch from the MBS Blowfish plugin to your classes. I have some text that was encrypted using BlowfishMBS.Encrypt("key",string).

    But when I take that encrypted output and plug it into your class, trying to decode with Blowfish, I always get the following error:

    Data blocks must be an exact multiple of BlockSize

    Am I doing something wrong, or is there something off about the MBS Blowfish implementation? Are your classes simply not compatible with MBS encryption output? I've tried every variation of settings I an in your example project, but it always results in the same error.

    Any assistance would be most appreciated. Thank you.

  14. Kem T

    1 Oct 2018 Testers, Xojo Pro, XDC Speakers, MVP Connecticut

    Can you paste as hex the output you're trying to decrypt? It might be that his implementation handles padding differently, but blowfish is blowfish.

  15. I'm encrypting "hello, world" with MBS Blowfish using a key, and the output is "ÑU1ç∏MTkÏ∂≤Õ" (without the quotes). MBS Blowfish decrypts it just fine.

    Thanks for the quick response!

  16. Kem T

    1 Oct 2018 Testers, Xojo Pro, XDC Speakers, MVP Connecticut

    Using what key? And please paste the data as hex or Base64. Binary does not translate well to a forum.

  17. I don't know how to get the data as hex or base64. Please excuse my ignorance, I don't know much about encryption. I'm going to generate a new encrypted string with a new key. MBS Encrypt only gives me the data in the format I sent. Here is the new test:

    Plain text string: "hello, world"
    Key: "TNLAC9XOFC3ZY714761905"
    The output MBS gives me: "!∫–√Ödÿ{Ω≤"

    Let me know what I need to do to give you the entry in base64 or hex. I've always just stored the output directly from MBS and it worked fine. I do use ConvertEncodings.UTF on the string first.

    Thank you very much.

  18. Kem T

    1 Oct 2018 Testers, Xojo Pro, XDC Speakers, MVP Connecticut

    I can reproduce the problem here. MBS produces 14 bytes of output, but Blowfish expects blocks in multiples of 8, so I don't know how he's padding internally or what other algorithm he might have applied. Perhaps @ChristianSchmitz can shed more light.

  19. Hmm that is strange. Bummer. Well thank you very much for looking into this.

  20. Kem T

    1 Oct 2018 Testers, Xojo Pro, XDC Speakers, MVP Connecticut

    I can tell you that I've tested my classes against other implementations with no compatibility issues.

  21. Edited 2 years ago

    I definitely believe you made it universal and compatible. I wonder if MBS does something to make it proprietary. Which would be a drag honestly. I’ll have to figure out some alternate method to get old encrypted data out and use your standard encryption algorithm going forward. No idea yet what I’ll do but I’ll figure something out.

    Thanks again for your help.

  22. Newer ›

or Sign Up to reply!