static bool IsValidKey(byte[] key)
{
using (var rijndael = new RijndaelManaged())
{
var bitLength = key.Length * 8;
return rijndael.ValidKeySize(bitLength);
}
}
/// <summary>
/// Given an open registry key, save this set of site parameters as a subkey under
/// that registry, encrypting the data as we go.
/// </summary>
/// <param name="registryKey">The parent registry key</param>
/// <returns>True for success, false for failure</returns>
public bool SaveToRegistry(RegistryKey registryKey)
{
// This only makes sense if the registry key exists, i.e. it is open:
if (registryKey != null)
{
// Asbestos underpants:
try
{
// Serialize the parameters binary data:
BinaryFormatter bf = new BinaryFormatter();
MemoryStream ms = new MemoryStream();
bf.Serialize(ms, this);
ms.Close();
byte[] serializedParams = ms.ToArray();
// Generate the Rijndael object, encryption key and initialization vector:
RijndaelManaged rijndael = new RijndaelManaged();
if (rijndael.ValidKeySize(256)) rijndael.KeySize = 256;
rijndael.Padding = PaddingMode.PKCS7;
byte[] cryptKey = GenerateEncryptionKey(Key);
byte[] iv = GenerateIV(rijndael.BlockSize / 8, Key);
// Encrypt the site parameters:
ICryptoTransform encryptor = rijndael.CreateEncryptor(cryptKey, iv);
ms = new MemoryStream();
CryptoStream cs = new CryptoStream(ms, encryptor, CryptoStreamMode.Write);
cs.Write(serializedParams, 0, serializedParams.Length);
cs.FlushFinalBlock();
cs.Close();
ms.Close();
// Now convert the data to Base64 and save it to the registry using the
// generated key
registryKey.SetValue(Key, ms.ToArray(), RegistryValueKind.Binary);
return true;
}
// If anything failed, let the user know:
catch { return false; }
}
// If the registry key wasn't open, there's no use continuing:
else return false;
}
public static bool ValidateKeySize( EncryptionAlgorithm algID, int Lenght)
{
switch (algID)
{
case EncryptionAlgorithm.DES:
DES des = new DESCryptoServiceProvider();
return des.ValidKeySize(Lenght);
case EncryptionAlgorithm.Rc2:
RC2 rc = new RC2CryptoServiceProvider();
return rc.ValidKeySize(Lenght);
case EncryptionAlgorithm.Rijndael:
Rijndael rj = new RijndaelManaged();
return rj.ValidKeySize(Lenght);
case EncryptionAlgorithm.TripleDes:
TripleDES tDes = new TripleDESCryptoServiceProvider();
return tDes.ValidKeySize(Lenght);
default:
throw new CryptographicException("Algorithm " + algID + " Not Supported!");
}
}
/// <summary>
/// Given an open registry key and a site key value, read the site parameters from
/// the registry and return a SiteParameters object.
/// </summary>
/// <param name="registryKey">An open registry key</param>
/// <param name="siteKey">A site key string</param>
/// <returns>A SiteParameters object, or null on failure</returns>
public static SiteParameters ReadFromRegistry(RegistryKey registryKey, string siteKey)
{
// Asbestos underpants:
try
{
// This only works if the registry key is open and the site key is
// something meaningful:
if (registryKey != null && !String.IsNullOrEmpty(siteKey))
{
// Look for the site key value in the registry key and convert it from
// Base64 to a byte array:
byte[] encryptedParams = (byte[])registryKey.GetValue(siteKey);
// Set up our decryption engine. Create the Rijndael object, its
// encryption key, and its initialization vector.
RijndaelManaged rijndael = new RijndaelManaged();
if (rijndael.ValidKeySize(256)) rijndael.KeySize = 256;
rijndael.Padding = PaddingMode.PKCS7;
byte[] cryptKey = GenerateEncryptionKey(siteKey);
byte[] iv = GenerateIV(rijndael.BlockSize / 8, siteKey);
// Decrypt the raw bytes read from the registry:
ICryptoTransform decryptor = rijndael.CreateDecryptor(cryptKey, iv);
MemoryStream ms = new MemoryStream(encryptedParams);
CryptoStream cs = new CryptoStream(ms, decryptor, CryptoStreamMode.Read);
byte[] decryptedBytes = new byte[encryptedParams.Length];
cs.Read(decryptedBytes, 0, decryptedBytes.Length);
cs.Close();
ms.Close();
// Reset the memory stream to read the raw bytes and use a binary
// formatter to deserialize the object:
ms = new MemoryStream(decryptedBytes);
BinaryFormatter bf = new BinaryFormatter();
SiteParameters sp = (SiteParameters)bf.Deserialize(ms);
return sp;
}
// If the registry key wasn't open or the site key wasn't meaningful, there's
// nothing to do:
else return null;
}
// If anything blows up, don't return anything we can use:
catch { return null; }
}
static bool IsValidKey(byte[] key)
{
using (var rijndael = new RijndaelManaged())
{
var bitLength = key.Length*8;
var maxValidKeyBitLength = rijndael.LegalKeySizes.Max(keyLength => keyLength.MaxSize);
if (bitLength < maxValidKeyBitLength)
{
Log.WarnFormat("Encryption key is {0} bits which is less than the maximum allowed {1} bits. Consider using a {1}-bit encryption key to obtain the maximum cipher strength", bitLength, maxValidKeyBitLength);
}
return rijndael.ValidKeySize(bitLength);
}
}
