private static byte[] FixKey(byte[] key, int keyOff, int keyLen) { byte[] array = new byte[24]; if (keyLen != 16) { if (keyLen != 24) { throw new ArgumentException("Bad length for DESede key: " + keyLen, "keyLen"); } Array.Copy(key, keyOff, array, 0, 24); } else { Array.Copy(key, keyOff, array, 0, 16); Array.Copy(key, keyOff, array, 16, 8); } if (DesEdeParameters.IsWeakKey(array)) { throw new ArgumentException("attempt to create weak DESede key"); } return(array); }
private void doTest( int strength, byte[] input, byte[] output) { KeyParameter key = null; CipherKeyGenerator keyGen; SecureRandom rand; IBufferedCipher inCipher = null; IBufferedCipher outCipher = null; CipherStream cIn; CipherStream cOut; MemoryStream bIn; MemoryStream bOut; rand = new FixedSecureRandom(); try { keyGen = GeneratorUtilities.GetKeyGenerator("DESEDE"); keyGen.Init(new KeyGenerationParameters(rand, strength)); key = new DesEdeParameters(keyGen.GenerateKey()); inCipher = CipherUtilities.GetCipher("DESEDE/ECB/PKCS7Padding"); outCipher = CipherUtilities.GetCipher("DESEDE/ECB/PKCS7Padding"); outCipher.Init(true, new ParametersWithRandom(key, rand)); } catch (Exception e) { Fail("DESEDE failed initialisation - " + e.ToString()); } try { inCipher.Init(false, key); } catch (Exception e) { Fail("DESEDE failed initialisation - " + e.ToString()); } // // encryption pass // bOut = new MemoryStream(); cOut = new CipherStream(bOut, null, outCipher); try { for (int i = 0; i != input.Length / 2; i++) { cOut.WriteByte(input[i]); } cOut.Write(input, input.Length / 2, input.Length - input.Length / 2); cOut.Close(); } catch (IOException e) { Fail("DESEDE failed encryption - " + e.ToString()); } byte[] bytes = bOut.ToArray(); if (!Arrays.AreEqual(bytes, output)) { Fail("DESEDE failed encryption - expected " + Hex.ToHexString(output) + " got " + Hex.ToHexString(bytes)); } // // decryption pass // bIn = new MemoryStream(bytes, false); cIn = new CipherStream(bIn, inCipher, null); try { // DataInputStream dIn = new DataInputStream(cIn); BinaryReader dIn = new BinaryReader(cIn); bytes = new byte[input.Length]; for (int i = 0; i != input.Length / 2; i++) { bytes[i] = (byte)dIn.ReadByte(); } // dIn.readFully(bytes, input.Length / 2, bytes.Length - input.Length / 2); int remaining = bytes.Length - input.Length / 2; byte[] rest = dIn.ReadBytes(remaining); if (rest.Length != remaining) throw new Exception("IO problem with BinaryReader"); rest.CopyTo(bytes, input.Length / 2); } catch (Exception e) { Fail("DESEDE failed encryption - " + e.ToString()); } if (!Arrays.AreEqual(bytes, input)) { Fail("DESEDE failed decryption - expected " + Hex.ToHexString(input) + " got " + Hex.ToHexString(bytes)); } // TODO Put back in // // // // keyspec test // // // try // { // SecretKeyFactory keyFactory = SecretKeyFactory.getInstance("DESede"); // DESedeKeySpec keySpec = (DESedeKeySpec)keyFactory.getKeySpec((SecretKey)key, DESedeKeySpec.class); // // if (!equalArray(key.getEncoded(), keySpec.getKey(), 16)) // { // Fail("DESEDE KeySpec does not match key."); // } // } // catch (Exception e) // { // Fail("DESEDE failed keyspec - " + e.ToString()); // } }
private void wrapTest( int id, byte[] kek, byte[] iv, byte[] input, byte[] output) { try { IWrapper wrapper = WrapperUtilities.GetWrapper("DESedeWrap"); KeyParameter desEdeKey = new DesEdeParameters(kek); wrapper.Init(true, new ParametersWithIV(desEdeKey, iv)); try { // byte[] cText = wrapper.Wrap(new SecretKeySpec(input, "DESEDE")); byte[] cText = wrapper.Wrap(input, 0, input.Length); if (!Arrays.AreEqual(cText, output)) { Fail("failed wrap test " + id + " expected " + Hex.ToHexString(output) + " got " + Hex.ToHexString(cText)); } } catch (Exception e) { Fail("failed wrap test exception " + e.ToString()); } wrapper.Init(false, desEdeKey); try { // Key pText = wrapper.unwrap(output, "DESede", IBufferedCipher.SECRET_KEY); byte[] pText = wrapper.Unwrap(output, 0, output.Length); // if (!Arrays.AreEqual(pText.getEncoded(), input)) if (!Arrays.AreEqual(pText, input)) { Fail("failed unwrap test " + id + " expected " + Hex.ToHexString(input) + " got " + Hex.ToHexString(pText)); } } catch (Exception e) { Fail("failed unwrap test exception " + e.ToString()); } } catch (Exception ex) { Fail("failed exception " + ex.ToString()); } }
public override void PerformTest() { KeyParameter key = new DesParameters(keyBytes); IMac mac = MacUtilities.GetMac("DESMac"); // // standard DAC - zero IV // mac.Init(key); mac.BlockUpdate(input, 0, input.Length); //byte[] outBytes = mac.DoFinal(); byte[] outBytes = new byte[mac.GetMacSize()]; mac.DoFinal(outBytes, 0); if (!AreEqual(outBytes, output1)) { Fail("Failed - expected " + Hex.ToHexString(output1) + " got " + Hex.ToHexString(outBytes)); } // // mac with IV. // mac.Init(new ParametersWithIV(key, ivBytes)); mac.BlockUpdate(input, 0, input.Length); //outBytes = mac.DoFinal(); outBytes = new byte[mac.GetMacSize()]; mac.DoFinal(outBytes, 0); if (!AreEqual(outBytes, output2)) { Fail("Failed - expected " + Hex.ToHexString(output2) + " got " + Hex.ToHexString(outBytes)); } // // CFB mac with IV - 8 bit CFB mode // mac = MacUtilities.GetMac("DESMac/CFB8"); mac.Init(new ParametersWithIV(key, ivBytes)); mac.BlockUpdate(input, 0, input.Length); //outBytes = mac.DoFinal(); outBytes = new byte[mac.GetMacSize()]; mac.DoFinal(outBytes, 0); if (!AreEqual(outBytes, output3)) { Fail("Failed - expected " + Hex.ToHexString(output3) + " got " + Hex.ToHexString(outBytes)); } // // ISO9797 algorithm 3 using DESEDE // key = new DesEdeParameters(keyBytesISO9797); mac = MacUtilities.GetMac("ISO9797ALG3"); mac.Init(key); mac.BlockUpdate(inputISO9797, 0, inputISO9797.Length); //outBytes = mac.DoFinal(); outBytes = new byte[mac.GetMacSize()]; mac.DoFinal(outBytes, 0); if (!AreEqual(outBytes, outputISO9797)) { Fail("Failed - expected " + Hex.ToHexString(outputISO9797) + " got " + Hex.ToHexString(outBytes)); } // // 64bit DESede Mac // key = new DesEdeParameters(keyBytesISO9797); mac = MacUtilities.GetMac("DESEDE64"); mac.Init(key); mac.BlockUpdate(inputDesEDE64, 0, inputDesEDE64.Length); //outBytes = mac.DoFinal(); outBytes = new byte[mac.GetMacSize()]; mac.DoFinal(outBytes, 0); if (!AreEqual(outBytes, outputDesEDE64)) { Fail("Failed - expected " + Hex.ToHexString(outputDesEDE64) + " got " + Hex.ToHexString(outBytes)); } aliasTest( ParameterUtilities.CreateKeyParameter("DESede", keyBytesISO9797), "DESedeMac64withISO7816-4Padding", "DESEDE64WITHISO7816-4PADDING", "DESEDEISO9797ALG1MACWITHISO7816-4PADDING", "DESEDEISO9797ALG1WITHISO7816-4PADDING"); aliasTest( ParameterUtilities.CreateKeyParameter("DESede", keyBytesISO9797), "ISO9797ALG3WITHISO7816-4PADDING", "ISO9797ALG3MACWITHISO7816-4PADDING"); }
public new static bool IsWeakKey(byte[] key) { return(DesEdeParameters.IsWeakKey(key, 0, key.Length)); }
public new static bool IsWeakKey(byte[] key, int offset) { return(DesEdeParameters.IsWeakKey(key, offset, key.Length - offset)); }
public DesEdeParameters(byte[] key, int keyOff, int keyLen) : base(DesEdeParameters.FixKey(key, keyOff, keyLen)) { }
public DesEdeParameters(byte[] key) : base(DesEdeParameters.FixKey(key, 0, key.Length)) { }
private byte[] Encrypt(byte[] keyData, byte[] sourceData, CryptAlgorithm alg) { byte[] result = null; KeyParameter keyParam = null; IBufferedCipher engine = null; switch (alg) { case CryptAlgorithm.TRIPLE_DES: keyParam = new DesEdeParameters(keyData); engine = CipherUtilities.GetCipher("DESede/CBC/PKCS7PADDING"); engine.Init(true, keyParam); result = engine.DoFinal(sourceData); break; case CryptAlgorithm.RSA: throw new NotSupportedException("CryptAlgorithm.RSA NOT SUPPORT YET"); case CryptAlgorithm.DES: default://默认DES keyParam = new DesParameters(keyData); engine = CipherUtilities.GetCipher("DES/ECB/PKCS7PADDING"); engine.Init(true, keyParam); result = engine.DoFinal(sourceData); break; } return result; }