protected override byte[] engineGenerateKey() { byte[] array = new byte[strength]; do { random.NextBytes(array); DesParameters.SetOddParity(array); }while (DesEdeParameters.IsWeakKey(array, 0, array.Length) || !DesEdeParameters.IsRealEdeKey(array, 0)); return(array); }
protected override byte[] engineGenerateKey() { byte[] array; do { array = this.random.GenerateSeed(this.strength); DesParameters.SetOddParity(array); }while (DesEdeParameters.IsWeakKey(array, 0, array.Length)); return(array); }
protected override byte[] engineGenerateKey() { byte[] newKey; do { newKey = random.GenerateSeed(strength); DesEdeParameters.SetOddParity(newKey); }while (DesEdeParameters.IsWeakKey(newKey, 0, newKey.Length)); return(newKey); }
protected override byte[] engineGenerateKey() { byte[] newKey = new byte[strength]; do { random.NextBytes(newKey); DesEdeParameters.SetOddParity(newKey); }while (DesEdeParameters.IsWeakKey(newKey, 0, newKey.Length)); return(newKey); }
private static void ValidateKeyUse(Algorithm keyAlg, byte[] keyBytes, Algorithm usageAlg, bool forReading) { // FSM_STATE:5.11,"TDES KEY VALIDITY TEST", "The module is validating the size and purpose of an TDES key" // FSM_TRANS:5.TDES.0,"CONDITIONAL TEST", "TDES KEY VALIDITY TEST", "Invoke Validity test on TDES key" int keyLength = keyBytes.Length * 8; if (!forReading) // decryption using 2 key TDES okay, { if (CryptoServicesRegistrar.IsInApprovedOnlyMode()) { if (keyLength == 128) { // FSM_TRANS:5.TDES.2,"TDES KEY VALIDITY TEST", "USER COMMAND REJECTED", "Validity test on TDES key failed" throw new IllegalKeyException("key must be of length 192 bits: " + usageAlg.Name); } if (!DesEdeParameters.IsReal3Key(keyBytes)) { // FSM_TRANS:5.TDES.2,"TDES KEY VALIDITY TEST", "USER COMMAND REJECTED", "Validity test on TDES key failed" throw new IllegalKeyException("key not real 3-Key TripleDES key"); } } } if (!Properties.IsOverrideSet("Org.BouncyCastle.TripleDes.AllowWeak")) { if (!forReading) { if (!DesEdeParameters.IsRealEdeKey(keyBytes)) { // FSM_TRANS:5.TDES.2,"TDES KEY VALIDITY TEST", "USER COMMAND REJECTED", "Validity test on TDES key failed" throw new IllegalKeyException("attempt to use repeated DES key: " + usageAlg.Name); } if (DesEdeParameters.IsWeakKey(keyBytes, 0, keyBytes.Length)) { // FSM_TRANS:5.TDES.2,"TDES KEY VALIDITY TEST", "USER COMMAND REJECTED", "Validity test on TDES key failed" throw new IllegalKeyException("attempt to use weak key: " + usageAlg.Name); } } } if (keyAlg != Alg && keyAlg != Alg112 && keyAlg != Alg168) { if (keyAlg != usageAlg) { // FSM_TRANS:5.TDES.2,"TDES KEY VALIDITY TEST", "USER COMMAND REJECTED", "Validity test on TDES key failed" throw new IllegalKeyException("FIPS key not for specified algorithm"); } } // FSM_TRANS:5.TDES.0,"TDES KEY VALIDITY TEST", "CONDITIONAL TEST", "Validity test on TDES key successful" }
public byte[] generateKey() { byte[] newKey = new byte[strength]; int count = 0; do { random.NextBytes(newKey); DesParameters.SetOddParity(newKey); }while (DesEdeParameters.IsWeakKey(newKey, 0, newKey.Length) && !DesEdeParameters.IsRealEdeKey(newKey) && count++ < 10); if (DesEdeParameters.IsWeakKey(newKey, 0, newKey.Length) || !DesEdeParameters.IsRealEdeKey(newKey)) { // if this happens there's got to be something terribly wrong. throw new CryptoOperationError("Failed to generate a valid TripleDES key: " + algorithm.Name); } return(newKey); }
public override void PerformTest() { base.PerformTest(); byte[] kek1 = Hex.Decode("255e0d1c07b646dfb3134cc843ba8aa71f025b7c0838251f"); byte[] iv1 = Hex.Decode("5dd4cbfc96f5453b"); byte[] in1 = Hex.Decode("2923bf85e06dd6ae529149f1f1bae9eab3a7da3d860d3e98"); byte[] out1 = Hex.Decode("690107618ef092b3b48ca1796b234ae9fa33ebb4159604037db5d6a84eb3aac2768c632775a467d4"); WrapTest(1, kek1, iv1, in1, out1); // // key generation // SecureRandom random = new SecureRandom(); DesEdeKeyGenerator keyGen = new DesEdeKeyGenerator(); keyGen.Init(new KeyGenerationParameters(random, 112)); byte[] kB = keyGen.GenerateKey(); if (kB.Length != 16) { Fail("112 bit key wrong length."); } keyGen.Init(new KeyGenerationParameters(random, 168)); kB = keyGen.GenerateKey(); if (kB.Length != 24) { Fail("168 bit key wrong length."); } try { keyGen.Init(new KeyGenerationParameters(random, 200)); Fail("invalid key length not detected."); } catch (ArgumentException) { // expected } try { DesEdeParameters.IsWeakKey(new byte[4], 0); Fail("no exception on small key"); } catch (ArgumentException e) { if (!e.Message.Equals("key material too short.")) { Fail("wrong exception"); } } try { new DesEdeParameters(weakKey); Fail("no exception on weak key"); } catch (ArgumentException e) { if (!e.Message.Equals("attempt to create weak DESede key")) { Fail("wrong exception"); } } }