/// <summary> /// 获得密钥 /// </summary> /// <returns>密钥</returns> private byte[] GetLegalKey() { //mydes.GenerateKey(); //byte[] bytTemp = mydes.Key; //int KeyLength = bytTemp.Length; const int keyLength = 24; byte[] bs = new byte[keyLength]; int len = this.key.Length; if (len == keyLength) { bs = ASCIIEncoding.ASCII.GetBytes(this.key); } else if (len > keyLength) { string temp = this.key.Substring(0, keyLength); bs = ASCIIEncoding.ASCII.GetBytes(temp); } else { string temp = this.key.PadRight(keyLength, ' '); bs = ASCIIEncoding.ASCII.GetBytes(temp); } if (TripleDES.IsWeakKey(bs)) { throw new CryptographicException(String.Format("指定密钥{0}是TripleDES的已知弱密钥,不能使用。", this.key)); } return(bs); }
public static void TripleDesIsWeakPositive() { foreach (byte[] key in BadKeys()) { bool isWeak = TripleDES.IsWeakKey(key); Assert.True(isWeak); } }
public override void GenerateKey() { KeyValue = new byte[KeySizeValue / 8]; Utils.StaticRandomNumberGenerator.GetBytes(KeyValue); // Never hand back a weak or semi-weak key while (TripleDES.IsWeakKey(KeyValue)) { Utils.StaticRandomNumberGenerator.GetBytes(KeyValue); } }
internal static byte[] GetStrongKey() { int size = DESTransform.BLOCK_BYTE_SIZE * 3; byte[] key = KeyBuilder.Key(size); while (TripleDES.IsWeakKey(key)) { key = KeyBuilder.Key(size); } return(key); }
/// <summary>Initializes a new instance of <see cref="LicenseKey" />.</summary> /// <returns>A new <see cref="LicenseKey"/> object.</returns> public static LicenseKey NewLicenseKey() { string strKey = GenerateKey(); while (TripleDES.IsWeakKey(GetTripleDesKey(strKey))) { strKey = GenerateKey(); } return(new LicenseKey(strKey)); }
/// <summary> /// This routine opens the .dat file, reads in the salt and IV, and then /// sets the crypto object's key and IV. /// </summary> private void OpenSaltIVFileAndSetKeyIV() { // Initialize the byte arrays to the proper length for the // instantiated crypto class. ReDimByteArrays(); // Create a Filestream object to read in the contents of the .dat file // that contains the salt and IV. FileStream fsKey = new FileStream(strSaltIVFile, FileMode.Open, FileAccess.Read); fsKey.Read(abytSalt, 0, abytSalt.Length); fsKey.Read(abytIV, 0, abytIV.Length); fsKey.Close(); // Derive the key from the salted Text. PasswordDeriveBytes pdb = new PasswordDeriveBytes(strText, abytSalt); // Get the same amount of bytes the current abytKey length set in // ReDimByteArrays(). abytKey = pdb.GetBytes(abytKey.Length); // if the current crypto class is TripleDES, check to make sure the key being // used is not listed among the Weak Keys (i.e., keys known to have been // successfully attacked). if (crpSym.GetType() == typeof(TripleDESCryptoServiceProvider)) { // To access the IsWeakKey method you have to cast the SymmetricAlgorithm // variable type to the TripleDES base class or // TripleDESCryptoServiceProvider. TripleDES tdes = (TripleDES)crpSym; if (TripleDES.IsWeakKey(abytKey)) { throw new Exception("The current key is listed a Weak Key. " + "You should generate a different key before proceeding further."); } } // Assign the byte arrays to the Key and IV properties of the instantiated // symmetric crypto class. crpSym.Key = abytKey; crpSym.IV = abytIV; }
public static byte[] GenerateDESKey(int keySizeInBits) { byte[] numArray = new byte[ValidateKeySizeInBytes(keySizeInBits)]; int num = 0; while (num <= 20) { GenerateRandomBytes(numArray); ++num; if (!TripleDES.IsWeakKey(numArray)) { return(numArray); } } throw new CryptographicException("Failed to generate DES key"); }
private async void EncryptAsync(object sender, RoutedEventArgs e) { int setting = (int)ApplicationData.Current.LocalSettings.Values["Algorithm"] % 8; if (itemsToEncrypt.Count > 0) { /*if (encryptionKey.Password.Length < 4) * { * await new ContentDialog { Title = "The password's length mustn't be less than 4.", CloseButtonText = "OK" }.ShowAsync(); * }*/ if (setting % 2 == 1 && TripleDES.IsWeakKey(App.StringToBytes(encryptionKey.Password, TripleDES.Create()))) { await new ContentDialog { Title = "You are using a weak password for 3DES, please strengthen it.", CloseButtonText = "OK" } } }
// Check that a key is weak. private void CheckWeak(String name, byte[] key) { if (!TripleDES.IsWeakKey(key)) { Fail(name + ": key wasn't recognized as weak"); } TripleDES alg = TripleDES.Create(); try { alg.Key = key; Fail(name + ": key was supposed to be detected as weak"); } catch (CryptographicException) { // Success } }
public TripleDESTransform(TripleDES algo, bool encryption, byte[] key, byte[] iv) : base(algo, encryption, iv) { if (key == null) { key = GetStrongKey(); } // note: checking weak keys also checks valid key length if (TripleDES.IsWeakKey(key)) { string msg = Locale.GetText("This is a known weak key."); throw new CryptographicException(msg); } byte[] key1 = new byte[8]; byte[] key2 = new byte[8]; byte[] key3 = new byte[8]; DES des = DES.Create(); Buffer.BlockCopy(key, 0, key1, 0, 8); Buffer.BlockCopy(key, 8, key2, 0, 8); if (key.Length == 16) { Buffer.BlockCopy(key, 0, key3, 0, 8); } else { Buffer.BlockCopy(key, 16, key3, 0, 8); } // note: some modes (like CFB) requires encryption when decrypting if ((encryption) || (algo.Mode == CipherMode.CFB)) { E1 = new DESTransform(des, true, key1, iv); D2 = new DESTransform(des, false, key2, iv); E3 = new DESTransform(des, true, key3, iv); } else { D1 = new DESTransform(des, false, key3, iv); E2 = new DESTransform(des, true, key2, iv); D3 = new DESTransform(des, false, key1, iv); } }
// Currently only support ECB(Electronic Codebook) mode // Key size must be 8 bytes (64 bits) or 16 Bytes (128 bits) // Data string must only contain hex digits and the length should be an even number public string Encrypt3DES(string data, string key) { byte[] dataInBytes; byte[] keyInBytes; byte[] encDataInBytes; if (string.IsNullOrEmpty(data) || string.IsNullOrEmpty(key)) { return(string.Empty); } // Convert hex string to byte array dataInBytes = Enumerable.Range(0, data.Length / 2).Select(x => Convert.ToByte(data.Substring(x * 2, 2), 16)).ToArray(); keyInBytes = Enumerable.Range(0, key.Length / 2).Select(x => Convert.ToByte(key.Substring(x * 2, 2), 16)).ToArray(); if (keyInBytes.Length >= 16 && !TripleDES.IsWeakKey(keyInBytes)) { TripleDESCryptoServiceProvider tDES = new TripleDESCryptoServiceProvider(); tDES.Mode = CipherMode.ECB; tDES.Padding = PaddingMode.None; tDES.KeySize = 128; tDES.Key = keyInBytes; encDataInBytes = tDES.CreateEncryptor().TransformFinalBlock(dataInBytes, 0, dataInBytes.Length); } else { if (keyInBytes.Length > 8) { keyInBytes = keyInBytes.Take(8).ToArray(); } DESCryptoServiceProvider sDES = new DESCryptoServiceProvider(); sDES.Mode = CipherMode.ECB; sDES.Padding = PaddingMode.None; sDES.KeySize = 64; sDES.Key = keyInBytes; encDataInBytes = sDES.CreateEncryptor().TransformFinalBlock(dataInBytes, 0, dataInBytes.Length); } return(BitConverter.ToString(encDataInBytes).Replace("-", "")); }
private void CheckNonWeak(String name, byte[] key, bool suppressCreate) { if (TripleDES.IsWeakKey(key)) { Fail(name + "key was recognized as weak"); } if (!suppressCreate) { TripleDES alg = TripleDES.Create(); try { alg.Key = key; } catch (CryptographicException) { Fail(name + ": key was not supposed to be detected as weak"); } } }
/// <summary>Determines the specified string can be converted to a <see cref="LicenseKey" />.</summary> /// <param name="value">The specified string.</param> /// <returns><see langword="true" /> if the string can be converted, otherwise <see langword="false" />.</returns> public static bool CanConvertFrom(string value) { if (value == null) { return(false); } if (value.Length == KeyLength + 4) { if (value[5] != '-' || value[11] != '-' || value[17] != '-' || value[23] != '-') { return(false); } value = value.Substring(0, 5) + value.Substring(6, 5) + value.Substring(12, 5) + value.Substring(18, 5) + value.Substring(24, 5); } if (value.Length != KeyLength) { return(false); } if (TripleDES.IsWeakKey(GetTripleDesKey(value))) { return(false); } int sum = 0; for (int i = 0; i < KeyLength - 1; i++) { int index = GetIndexOfDigit(value[i]); if (index == -1) { return(false); } sum += index; } return(value[value.Length - 1] == GetCheckSum(sum)); }
public TripleDesCryptor(byte[] key) { if (key.Length != 24) { Array.Resize(ref key, 24); } while (TripleDES.IsWeakKey(key)) { byte[] md5 = MD5.Create().ComputeHash(key); Array.Copy(md5, 0, key, 8, key.Length - 8); } this.tripleDesCryptorService = new TripleDESCryptoServiceProvider { Key = key, Mode = CipherMode.CBC, Padding = PaddingMode.ANSIX923 }; this.encryptorTransform = this.tripleDesCryptorService.CreateEncryptor(); this.decryptorTransform = this.tripleDesCryptorService.CreateDecryptor(); }
public static byte[] GenerateDESKey( int keySizeInBits, byte[] senderEntropy, out byte[] receiverEntropy) { int length = ValidateKeySizeInBytes(keySizeInBits); byte[] numArray = new byte[length]; int num = 0; while (num <= 20) { receiverEntropy = new byte[length]; _random.GetNonZeroBytes(receiverEntropy); byte[] combinedKey = ComputeCombinedKey(senderEntropy, receiverEntropy, keySizeInBits); ++num; if (!TripleDES.IsWeakKey(combinedKey)) { return(combinedKey); } } throw new CryptographicException("Failed to generate DES key"); }
// Test for weak keys. public void TestTripleDESWeak() { // Test exception behaviour of "TripleDES.IsWeakKey". try { TripleDES.IsWeakKey(null); Fail("null"); } catch (CryptographicException) { // success } try { TripleDES.IsWeakKey(new byte [0]); Fail("wrong size"); } catch (CryptographicException) { // success } // These keys are weak. CheckWeak("weak1", new byte[] { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 }); CheckWeak("weak2", new byte[] { 0x1F, 0x1F, 0x1F, 0x1F, 0x0E, 0x0E, 0x0E, 0x0E, 0x1F, 0x1F, 0x1F, 0x1F, 0x0E, 0x0E, 0x0E, 0x0E, 0x1F, 0x1F, 0x1F, 0x1F, 0x0E, 0x0E, 0x0E, 0x0E }); CheckWeak("weak3", new byte[] { 0x1F, 0x1F, 0x1F, 0x1F, 0x0E, 0x0E, 0x0E, 0x0E, 0x1F, 0x1F, 0x1F, 0x1F, 0x0E, 0x0E, 0x0E, 0x0E, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 }); CheckWeak("weak4", new byte[] { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x1F, 0x1F, 0x1F, 0x1F, 0x0E, 0x0E, 0x0E, 0x0E, 0x1F, 0x1F, 0x1F, 0x1F, 0x0E, 0x0E, 0x0E, 0x0E }); // Test weak keys whose components differ only in parity, // because parity bits aren't used in the key schedules. CheckWeak("weak5", new byte[] { 0x01, 0x00, 0x01, 0x00, 0x01, 0x00, 0x01, 0x00, 0x00, 0x01, 0x00, 0x01, 0x00, 0x01, 0x00, 0x01 }); CheckWeak("weak6", new byte[] { 0x1E, 0x1F, 0x1F, 0x1F, 0x0E, 0x0E, 0x0E, 0x0E, 0x1F, 0x1E, 0x1F, 0x1F, 0x0E, 0x0E, 0x0E, 0x0E, 0x1F, 0x1F, 0x1F, 0x1F, 0x0E, 0x0E, 0x0E, 0x0E }); // Test normal keys. CheckNonWeak("weak7", new byte[] { 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef, 0xef, 0xcd, 0xab, 0x89, 0x67, 0x45, 0x23, 0x01 }); CheckNonWeak("weak8", new byte[] { 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef, 0xef, 0xcd, 0xab, 0x89, 0x67, 0x45, 0x23, 0x01, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88 }); CheckNonWeak("weak9", new byte[] { 0x1F, 0x1F, 0x1F, 0x1F, 0x0E, 0x0E, 0x0E, 0x0E, 0xef, 0xcd, 0xab, 0x89, 0x67, 0x45, 0x23, 0x01, 0x1F, 0x1F, 0x1F, 0x1F, 0x0E, 0x0E, 0x0E, 0x0E }); // Test normal keys made up of weak DES components. // The Triple-DES form is not weak. CheckNonWeak("weak10", new byte[] { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x1F, 0x1F, 0x1F, 0x1F, 0x0E, 0x0E, 0x0E, 0x0E }); CheckNonWeak("weak11", new byte[] { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x1F, 0x1F, 0x1F, 0x1F, 0x0E, 0x0E, 0x0E, 0x0E, 0xE0, 0xE0, 0xE0, 0xE0, 0xF1, 0xF1, 0xF1, 0xF1 }); }
public void IsSemiWeakKey_Null() { TripleDES.IsWeakKey(null); }