Leaderboard

You can use the makeappx tool to create your appx file For signing with the Certum token, take a look at Signotaur - this will get around the token password prompts. You can set it up as a post build option on the release config in Delphi if you don't have a proper build or CI process.

Hi, I needed a mechanism for moveable and resizeable VCL labels and couldn't find exactly what I wanted so I wrote it. Link to github public repository: https://github.com/pauldardeau/delphi-sizeable-label I'm not new to programming, but I am new to Delphi and Windows customized UI controls. You will likely find strange or odd styles in my code as a result. I welcome any and all suggestions for improvement. Screen capture showing it in action:

Very nice! Here's some suggestions from looking through the code: The default scope is published so you'll probably want to start your class declaration with private scope: TSizeableLabel = class(TCustomControl) private ... By convention member variables are prefixed with F (for field). private FInSizingHandle: boolean; FResizeInProgress: boolean; FMoveInProgress: boolean; ... The HostedLabel should be a property, with a setter, not a variable (reason comes below): private FHostedLabel: TLabel; procedure SetHostedLabel(Value: TLabel); public property HostedLabel: TLabel read FHostedLabel write SetHostedLabel; ... procedure TSizeableLabel.SetHostedLabel(Value: TLabel); begin if (Value = FHostedLabel) then exit; FHostedLabel := Value; end; When a component links to another component, it should be able to handle that the other component is deleted. You do this by asking to be notified when the other component is deleted. protected procedure Notification(AComponent: TComponent; Operation: TOperation); override; ... procedure TSizeableLabel.Notification(AComponent: TComponent; Operation: TOperation); begin inherited; if (Operation = opRemove) and (AComponent = FHostedLabel) then HostedLabel := nil; end; procedure TSizeableLabel.SetHostedLabel(Value: TLabel); begin if (Value = FHostedLabel) then exit; if (FHostedLabel <> nil) then FHostedLabel.RemoveFreeNotification(Self); FHostedLabel := Value; if (FHostedLabel <> nil) then FHostedLabel.FreeNotification(Self); end; Forget the above 🙂 I commented while I read the code and only now see that the label is owned by TSizeableLabel. In that case, the property should not have a setter. You don't need to initialize your booleans class vars to False. They have already been initialized. You don't need to test for nil before calling Free. Free already does that. You don't need to reference Self unless you need to pass a reference. The scope is Self by default. Use Pascal case: Result, False, etc. Otherwise very clean and readable code. I wish my team mates wrote code that pretty 🙂 Did you consider using 8 small controls for the handles instead? It would have made painting and the mouse and cursor handling much easier, I think.

I personally want my program to run on Wine. Seems like Crowdstrike is the problem. Do you sign your executables?

Wrong forum maybe?

This reminds me of "registry cleaners" that do things like automatically remove entries that it determines are paths to files that no longer exist, as if it knows how those would be used if it even did understand how to properly check those things. I actually had this problem with some customers -- they used a snake-oil "registry cleaner" that was removing items my software needed from the registry, causing unexpected behavior. I told the customers that they were using software that was corrupting their system registry under the guise of "cleaning it" and if they needed to use my software, they'd have to stop running bogus "registry cleaners" that indiscriminately removed entries it did not understand. I moved on. I have also dealt with virus scanners and false positives. One of the worst was/is "webroot" that would do more than report false-positives -- it disabled basic Windows functionality for any application it didn't understand, including the Windows clipboard. Hours of diagnosing problems that I should have been able to bill to webroot. In the end, I told the customers, don't use that horribly designed software unless you are willing to whitelist my software. I do understand your problem is competitors whose software doesn't trigger these false-positives. But in the end all you can do is try to make this CrowdStrike's problem by making their customers aware of the issue and complain. After CrowdStrike bricked thousands of PCs across the globe I don't know why anyone would be willing to trust it any more, but I gather most of them are governments or companies fettered by government regulations, and where government bureaucracy exists, sanity and reason flees. Maybe you can write a batch file that obfuscates the string in question post-build. It's not a Delphi bug and should not be treated as a bug in the RTL.

A first example is now online at https://habarisoft.com/daraja_framework.html More examples will follow. Many thanks for your suggestion!

Press [Update Local File Cache] in SDK Manager after libgtk-3-dev installed.

Out of curiosity, I tried the CrowdStrike analyzer on the PyScripter setup program (signed). Whilst Falcon and MetaDefender gave a clean record, their Falcon Sandbox report gave a threat score 100/100! The report included the following: This report has 268 indicators that were mapped to 106 attack techniques and 11 tactics - Calls an API typically used to query local/system time as file time - Reads configuration files (.ini files) - Marks file for deletion - Contains ability to load/free library (API string) - Contains ability to modify registry key/value (API string) - Contains ability to set file time (API string) etc. Micorsoft's "MicrosoftEdgeWebview2Setup.exe" fails miserably as well. I am not sure any real-world compiled program would pass all these tests. I don't think there is much to worry about here.

You can't, without patching the EXE or recompiling the RTL. Nor should you be doing so. You should be complaining to CrowdStrike instead. And code-signing your EXE.

Hi If you want to publish your APPX or MSIX file to Microsoft Store, you don't need to sign it. For Ad-Hoc deployment it's an other problem. At this time RAD Studio can only sign programs and create signed MSIX/APPX files only with a PFX file. Embarcadero has not integrated the tokens or cloud certificates but some issues are opened on the quality portal. You have a few solutions if you want to distribute programs by yourself with or without creating an APPX/MSIX. To solve this problem for me I've created Exe Bulk Signing (available from GetIt) and DProj 2 Windows Setup projects (available in shareware or open sourced from GitHub). The first one manage the signing. The second one use Inno Setup and Exe Bulk Signing to package and sign a 32 bits and a 64 bits installer from the deployment wizard options in your project. Of course you can use many other packaging solutions to create a setup.exe program or an APPX/MSIX depending on the software used.

The "Getting started" doc on the webpage shows good examples, but you are right! Seeing some code at the first view is maybe better.

You should really show some examples of how the framework is used (meaning code examples) on your webpage.

This is documented behavior: https://docwiki.embarcadero.com/RADStudio/en/Anonymous_Methods_in_Delphi

Hi, I looked at the implementation at https://github.com/MHumm/DelphiEncryptionCompendium/blob/master/Source/DECHashAuthentication.pas#L997-L1049 and lets say this one https://github.com/MHumm/DelphiEncryptionCompendium/blob/master/Source/DECHashAuthentication.pas#L1067-L1074 class function TDECHashAuthentication.KDF1(const Data, Seed: TBytes; MaskSize: Integer): TBytes; begin if (length(Seed) > 0) then Result := KDFInternal(Data[0], length(Data), Seed[0], length(Seed), MaskSize, ktKDF1) else Result := KDFInternal(Data[0], length(Data), NullStr, 0, MaskSize, ktKDF1); end; The problem is easy to see and and easy to fix here, but lets point the cause Data is TBytes, in other words managed type and if Data is empty then Data is nil, and that is it, accessing Data from class function TDECHashAuthentication.KDFInternal(const Data; DataSize: Integer; const Seed; SeedSize, MaskSize: Integer; KDFType: TKDFType): TBytes; var I, n, Rounds, DigestBytes : Integer; Count : UInt32; HashInstance : TDECHashAuthentication; begin SetLength(Result, 0); DigestBytes := DigestSize; Assert(MaskSize >= 0); Assert(DataSize >= 0); Assert(SeedSize >= 0); Assert(DigestBytes >= 0); HashInstance := TDECHashAuthenticationClass(self).Create; try Rounds := (MaskSize + DigestBytes - 1) div DigestBytes; SetLength(Result, Rounds * DigestBytes); if (KDFType = ktKDF2) then n := 1 else n := 0; for I := 0 to Rounds-1 do begin Count := SwapUInt32(n); HashInstance.Init; if (KDFType = ktKDF3) then begin HashInstance.Calc(Count, SizeOf(Count)); HashInstance.Calc(Data, DataSize); // <-------- here Data can't be nil end else begin HashInstance.Calc(Data, DataSize); HashInstance.Calc(Count, SizeOf(Count)); // <-------- here Data can't be nil end; HashInstance.Calc(Seed, SeedSize); HashInstance.Done; Move(HashInstance.Digest[0], Result[(I) * DigestBytes], DigestBytes); Also as designed, i mean KDFx it does hash the concatenation of Data with the seed, if data is nil then just skip it, and that is the fix. As for your request the specification, then check your private messages, as i attached IEEE 1363-2000 and an old draft of ISO/IEC 18033-2.