Crosscompiling with Lazarus 1.8 on Linux Mint 18.3


Suppose you installed Lazarus 1.8 on Linux Mint 18.3 as described before and want to build Windows binaries (well we don’t like Windows, but the users do 🙂 ). I’ve found the useful piece of information about crosscompiling here and started to adopt it to my 32-bit Linux system.

The first step is to build and install the crosscompiler. For the demonstration purposes I decided to build Win32 crosscompiler (the Win64 case should not be much different).

Lazarus 1.8 uses FPC version 3.0.4, so to perform the first step open up Terminal and execute following commands:

# Navigate to the fpc source folder.
cd /usr/share/fpcsrc/3.0.4

# Compile the cross-compiler.
sudo make clean all OS_TARGET=win32 CPU_TARGET=i386

# Install the cross-compiler.
sudo make crossinstall OS_TARGET=win32 CPU_TARGET=i386 INSTALL_PREFIX=/usr

# Link the cross-compiler and place the link where Lazarus can see it.
sudo ln -sf /usr/lib/fpc/3.0.4/ppcross386 /usr/bin/ppcross386

Now let us open Lazarus and create a simple GUI project. I dropped a button on the form and written OnClick handler:

procedure TForm1.Button1Click(Sender: TObject);
  ShowMessage('Hello World!');

I created subfolder /Projects/Lazarus/HelloWorldGUI in my home folder and saved the project under the name HelloW. You can build and run the project and see it works.

Now time to configure the project for Win32 crosscompiling. Open Project Options dialog (Ctrl-Shift-F11). You should see this:


Check Build Modes checkbox:


and click the ellipsis button; a new dialog appears:


Click plus button to create a new build mode, and name it Win32:


Now we should tell Lazarus to compile Win32 code for this build mode. Select Config and Target on the left panel and select Win32 as target OS:


Now you can build the project. I simply clicked green Run button and obtained the warning window:


Well I guess one can’t expect to debug Win32 binary on Linux. Still the work was done, and I’ve found HelloW.exe file in the project folder. To be sure I’ve copied the file on 64-bit Windows 10 system, and It Works!



Installing Lazarus 1.8 on Linux Mint 18.3


Yesterday I come across my old 32-bit Celeron laptop with 2Gb memory and broken battery and decided to install Linux on it. First I tried Centos 7.5, then Ubuntu 16.04, and finally settled down on Mint 18.3 Cinnamon which I liked most. After playing a little with the OS I decided to install the brand new Lazarus 1.8. I spent a couple of hours searching for a clear installation guide in Internet; I scanned tons of outdated nonsense before I finally found what I was looking for.

My Linux Mint installation was fresh, and I need not purge it from previous fpc/lazarus installations. So I started from downloading three 32-bit .deb packages from sourceforge.

After downloading my Downloads folder looked so:


The next recommended step is to check hashes of the files. I launched Terminal and changed to Downloads directory:


Now time to install the packages. As recommended in the linked guide, I typed in Terminal

sudo apt install ./fpc_3.0.4-1_i386.deb
sudo apt install ./fpc-src_3.0.4-1_i386.deb
sudo apt install ./lazarus-project_1.8.0.0_i386.deb
sudo apt-mark hold fpc fpc-src lazarus lazarus-project

And that is all! After opening the Cinnamon menu I’ve found this:


Yet another surprise from Delphi compiler


Build and run the following console app:

program ItWorks;



  TTest = record
    FData: Integer;

procedure DoTest(const S: string);

    on E: Exception do
      Writeln(E.ClassName, ': ', E.Message);

I tested in Delphi XE and Delphi 10.1 Berlin, it compiles and even works!

CHSH game in detail


CHSH (John Clauser, Michael Horne, Abner Shimony, and Richard Holt) game is another view on the Bell’s inequalities, showing that under the hood our world is not classical. The game is played by Alice and Bob, and proceeds as follows:

  • a referee generates two independent uniformly chosen random bits (x and y, also called “questions”) and sends x bit to Alice and y bit to Bob
  • After receiving the questions, Alice and Bob send their answers back to the referee; an answer is one bit too (a for Alice and b for Bob)
  • Alice and Bob win if x \cdot y = a \oplus b, where \oplus stands for xor operation.

The game is cooperative – Alice and Bob do not play against each other, their goal is to get the highest winning probability together. Before the game starts, Alice and Bob can communicate and decide on the strategy they will use; after the game started, Alice and Bob are not allowed to communicate anymore; Alice doesn’t know what question the referee sent to Bob, and Bob doesn’t know what question the referee sent to Alice.

In the classical world, Alice and Bob have 16 possible deterministic strategies – both Alice and Bob have two possible answers for each of two possible questions, combining them we get 2^2 \cdot 2^2 = 16 possible strategies. Since the probability of x \cdot y = 0 is 75%, it can be easily seen that there exists 75%-winning strategy – Alice and Bob simply ignore the questions and answer identically – either by bit 0 both or by bit 1 both; it seems natural that this is the best strategy, and it is indeed so, as can be formally shown by checking all 16 possible strategies.

In the quantum world, Alice and Bob have additional degree of freedom – before the game starts, they share an entangled bipartite state, for example two-qubit EPR state:

|\Psi_{AB}\rangle = \frac{1}{\sqrt{2}}(|0\rangle_A\otimes|0\rangle_B + |1\rangle_A\otimes|1\rangle_B)

Now, Alice and Bob choose the measurement bases according to the questions they receive from the referee, and answer by measuring their qubits in the chosen bases.

Let us denote the basis vectors as \nu_i(\theta):

|\nu_0(\theta)\rangle = \cos \theta |0\rangle + \sin \theta |1\rangle
|\nu_1(\theta)\rangle = \sin \theta |0\rangle - \cos \theta |1\rangle

Alice uses \theta_{A0} on receiving the question 0, and \theta_{A1} on receiving the question 1; Bob uses \theta_{B0} on receiving the question 0, and \theta_{B1} on receiving the question 1.

If the referee sends questions x = 0, y = 0, Alice and Bob win if they answer identically a = 0, b = 0 or a = 1, b = 1. The correspondent probability of winning (given x = 0, y = 0) is:

P(win|x=0,y=0) =
|\langle_A\nu_0(\theta_{A0})|\otimes\langle_B\nu_0(\theta_{B0})|\Psi_{AB}\rangle|^2 + |\langle_A\nu_1(\theta_{A0})|\otimes\langle_B\nu_1(\theta_{B0})|\Psi_{AB}\rangle|^2

Substituting |\nu_i(\theta)\rangle we get
P(win|x=0,y=0) =
|(\cos\theta_{A0} \langle_A 0| + \sin\theta_{A0} \langle_A 1|) \otimes (\cos\theta_{B0} \langle_B 0| + \sin\theta_{B0} \langle_B 1|)|\Psi_{AB}\rangle|^2 +
|(\sin\theta_{A0} \langle_A 0| - \cos\theta_{A0} \langle_A 1|) \otimes (\sin\theta_{B0} \langle_B 0| - \cos\theta_{B0} \langle_B 1|)|\Psi_{AB}\rangle|^2

Substituting |\Psi_{AB}\rangle we get
P(win|x=0,y=0) =
\frac{1}{2}|\cos\theta_{A0} \cos\theta_{B0} + \sin\theta_{A0} \sin\theta_{B0}|^2 + \frac{1}{2}|\sin\theta_{A0} \sin\theta_{B0} + \cos\theta_{A0} \cos\theta_{B0}|^2

P(win|x=0,y=0) = \cos^2 (\theta_{A0} - \theta_{B0})

The cases x = 0, y = 1 and x = 1, y = 0 are similar to x = 0, y = 0: Alice and Bob win if they answer identically:

P(win|x=0,y=1) =
|\langle_A\nu_0(\theta_{A0})|\otimes\langle_B\nu_0(\theta_{B1})|\Psi_{AB}\rangle|^2 + |\langle_A\nu_1(\theta_{A0})|\otimes\langle_B\nu_1(\theta_{B1})|\Psi_{AB}\rangle|^2 =
|(\cos\theta_{A0} \langle_A 0| + \sin\theta_{A0} \langle_A 1|) \otimes (\cos\theta_{B1} \langle_B 0| + \sin\theta_{B1} \langle_B 1|)|\Psi_{AB}\rangle|^2 +
|(\sin\theta_{A0} \langle_A 0| - \cos\theta_{A0} \langle_A 1|) \otimes (\sin\theta_{B1} \langle_B 0| - \cos\theta_{B1} \langle_B 1|)|\Psi_{AB}\rangle|^2

P(win|x=0,y=1) = \cos^2 (\theta_{A0} - \theta_{B1})

P(win|x=1,y=0) =
|\langle_A\nu_0(\theta_{A1})|\otimes\langle_B\nu_0(\theta_{B0})|\Psi_{AB}\rangle|^2 + |\langle_A\nu_1(\theta_{A1})|\otimes\langle_B\nu_1(\theta_{B0})|\Psi_{AB}\rangle|^2=
|(\cos\theta_{A1} \langle_A 0| + \sin\theta_{A1} \langle_A 1|) \otimes (\cos\theta_{B0} \langle_B 0| + \sin\theta_{B0} \langle_B 1|)|\Psi_{AB}\rangle|^2 +
|(\sin\theta_{A1} \langle_A 0| - \cos\theta_{A1} \langle_A 1|) \otimes (\sin\theta_{B0} \langle_B 0| - \cos\theta_{B0} \langle_B 1|)|\Psi_{AB}\rangle|^2

P(win|x=1,y=0) =\cos^2 (\theta_{A1} - \theta_{B0})

In the last case x = 1, y = 1 Alice and Bob win if they answer differently, so:

P(win|x=1,y=1) =
|\langle_A\nu_0(\theta_{A1})|\otimes\langle_B\nu_1(\theta_{B1})|\Psi_{AB}\rangle|^2 + |\langle_A\nu_1(\theta_{A1})|\otimes\langle_B\nu_0(\theta_{B1})|\Psi_{AB}\rangle|^2=

|(\cos\theta_{A1} \langle_A 0| + \sin\theta_{A1} \langle_A 1|) \otimes (\sin\theta_{B1} \langle_B 0| - \cos\theta_{B1} \langle_B 1|)|\Psi_{AB}\rangle|^2 +
|(\sin\theta_{A1} \langle_A 0| - \cos\theta_{A1} \langle_A 1|) \otimes (\cos\theta_{B1} \langle_B 0| + \sin\theta_{B1} \langle_B 1|)|\Psi_{AB}\rangle|^2=

\frac{1}{2}|\cos\theta_{A1} \sin\theta_{B1} - \sin\theta_{A1} \cos\theta_{B1}|^2 + \frac{1}{2}|\sin\theta_{A1} \cos\theta_{B1} - \cos\theta_{A1} \sin\theta_{B1}|^2

P(win|x=1,y=1) = \sin^2 (\theta_{A1} - \theta_{B1})

Putting it all together:

P(win) = \frac{1}{4}(P(win|x=0,y=0) + P(win|x=0,y=1)+ P(win|x=1,y=0)+ P(win|x=1,y=1)) =
\frac{1}{4}(\cos^2 (\theta_{A0} - \theta_{B0})+\cos^2 (\theta_{A0} - \theta_{B1})+\cos^2 (\theta_{A1} - \theta_{B0})+\sin^2 (\theta_{A1} - \theta_{B1}))

if Alice and Bob choose \{\theta_{A0}=0, \theta_{A1}=\frac{\pi}{4}, \theta_{B0}=\frac{\pi}{8}, \theta_{B1}=-\frac{\pi}{8}\}, then

P(win) = \frac{3}{4} \cos^2 \frac{\pi}{8} + \frac{1}{4} \sin^2 \frac{3\pi}{8}= \cos^2 \frac{\pi}{8} = \frac{1+cos \frac{\pi}{4}}{2}= \frac{1}{2} + \frac{1}{2\sqrt{2}}\approx 0.85355

and we obtain the winning probability above 85%, which is significantly better than classical 75%.



TForge 0.76 is released.

The release introduces a new class TStreamCipher. The name TStreamCipher does not mean that the class supports stream cipher algorithms only, such as Salsa20 or RC4 – it supports all cipher algorithms currently implemented in TForge, like TCipher class does; block ciphers are converted into stream ciphers using CTR mode of operation.

The initial motivation to write TStreamCipher class was to generate “solid” byte-wise keystream. TCipher class generates block-wise keystream; to obtain solid byte-wise keystream you need to maintain additional state, and that’s what the TStreamCipher class is doing. Here is the code sample illustrating the above:

  Nonce = 42;

  Cipher: TCipher;
  StreamCipher: TStreamCipher;
  Key: ByteArray;
  KeyStream, KeyStream1, KeyStream2: ByteArray;

// create 128-bit AES key:
  Key:= ByteArray.AllocateRand(16);

// generate 16 bytes of keystream:
  KeyStream:= TCipher.AES.ExpandKey(Key, CTR_ENCRYPT, Nonce).KeyStream(16);

// generate 8 + 8 bytes of keystream:
  Cipher:= TCipher.AES.ExpandKey(Key, CTR_ENCRYPT, Nonce);
// Warning - KeyStream1:= Cipher.KeyStream(8) + Cipher.KeyStream(8) is wrong
//   because the compiler does not evaluate the summands in order
  KeyStream1:= Cipher.KeyStream(8);
  KeyStream1:= KeyStream1 + Cipher.KeyStream(8);
  Assert(KeyStream <> KeyStream1);

// generate 8 + 8 bytes of keystream using TStreamCipher instance:
  StreamCipher:= TStreamCipher.AES.ExpandKey(Key, Nonce);
  KeyStream2:= StreamCipher.KeyStream(8);
  KeyStream2:= KeyStream2 + StreamCipher.KeyStream(8);
  Assert(KeyStream = KeyStream2);

The Cipher instance generates 8 + 8 bytes of keystream by taking the first 8 bytes from the first block and the second 8 bytes from the second block (AES block size is 16 bytes), that is why the generated keystream is different.

The code also illustrates the use of Nonce. The purpose of nonce is to encrypt multiple messages (ex files) with the same secret key – each message should be encrypted with unique non-secret nonce. Modern cryptoalgorithms such as Salsa20 have built-in support for nonce, and TForge supported the feature since version 0.71; old block cipher algorithms such as AES allow to implement the same feature using IV (initialization vector), and this is the second thing that TStreamCipher class is doing; TStreamCipher API does not expose IV of the underlying cryptoalgorithm, it exposes Nonce only.

Nonces are now supported by both TStreamCipher and TCipher classes, as the above code sample shows; there is a limitation though: the block size of an algorithm should be 128 bits at least; that means you can’t use nonces with legacy 64-bit block ciphers such as DES or Triple DES.

TForge 0.76 includes new demo project FileEncryptDemo (Demos\Ciphers folder) which shows how to use TStreamCipher. The idea of the project is to implement secure encryption of multiple files with a single key (and multiple non-secret nonces) and transparent reading of the encrypted files.

Hensel’s lifting


Number theory is full of gems that turn into effective algorithms demanded in cryptography. Consider the congruence

x N \equiv 1 \mod R

where N is odd, and R > N is a power of 2.

Probably the most effective algorithm to solve it is based on the Hensel’s lemma; the corollary that applies for our congruence is: suppose we know the solution x_{k-1} for R=2^{k-1} :

x_{k-1}N \equiv 1 \mod 2^{k-1}

then the solution x_k for

x_k N \equiv 1 \mod 2^k

is either x_{k-1} or x_{k-1} + 2^{k-1}

Example: solve

x \cdot 21 \equiv 1 \mod 32

We start with the trivial

x_1 \cdot 21 \equiv 1 \mod 2

which can be nothing else but x_1 = 1; next,

x_2 \cdot 21 \equiv 1 \mod 4

which can be either x_2 = 1 or x_2 = 1 + 2 = 3; checking the first alternative gives 1\cdot 21\ and\ 3 = 1, so x_2=1; next,

x_3 \cdot 21 \equiv 1 \mod 8; checking x_3 = x_2 = 1 gives 1\cdot 21\ and\ 7 = 5, so x_3=x_2+4=5; next,

x_4 \cdot 21 \equiv 1 \mod 16; checking x_4 = x_3 = 5 gives 5\cdot 21\ and\ 15 = 9, so x_4=x_3+8=13; finally,

x_5 \cdot 21 \equiv 1 \mod 32; checking x_5 = x_4 = 13 gives 13\cdot 21\ and\ 31 = 17, so x_5=x_4+16=29.

The solution of the congruence is x = 29.