/// <summary>
/// 获得密钥
/// </summary>
/// <returns>密钥</returns>
private byte[] GetLegalKey()
{
//mydes.GenerateKey();
//byte[] bytTemp = mydes.Key;
//int KeyLength = bytTemp.Length;
const int keyLength = 24;
byte[] bs = new byte[keyLength];
int len = this.key.Length;
if (len == keyLength)
{
bs = ASCIIEncoding.ASCII.GetBytes(this.key);
}
else if (len > keyLength)
{
string temp = this.key.Substring(0, keyLength);
bs = ASCIIEncoding.ASCII.GetBytes(temp);
}
else
{
string temp = this.key.PadRight(keyLength, ' ');
bs = ASCIIEncoding.ASCII.GetBytes(temp);
}
if (TripleDES.IsWeakKey(bs))
{
throw new CryptographicException(String.Format("指定密钥{0}是TripleDES的已知弱密钥,不能使用。", this.key));
}
return(bs);
}
public static void TripleDesIsWeakPositive()
{
foreach (byte[] key in BadKeys())
{
bool isWeak = TripleDES.IsWeakKey(key);
Assert.True(isWeak);
}
}
public override void GenerateKey()
{
KeyValue = new byte[KeySizeValue / 8];
Utils.StaticRandomNumberGenerator.GetBytes(KeyValue);
// Never hand back a weak or semi-weak key
while (TripleDES.IsWeakKey(KeyValue))
{
Utils.StaticRandomNumberGenerator.GetBytes(KeyValue);
}
}
internal static byte[] GetStrongKey()
{
int size = DESTransform.BLOCK_BYTE_SIZE * 3;
byte[] key = KeyBuilder.Key(size);
while (TripleDES.IsWeakKey(key))
{
key = KeyBuilder.Key(size);
}
return(key);
}
/// <summary>Initializes a new instance of <see cref="LicenseKey" />.</summary>
/// <returns>A new <see cref="LicenseKey"/> object.</returns>
public static LicenseKey NewLicenseKey()
{
string strKey = GenerateKey();
while (TripleDES.IsWeakKey(GetTripleDesKey(strKey)))
{
strKey = GenerateKey();
}
return(new LicenseKey(strKey));
}
/// <summary>
/// This routine opens the .dat file, reads in the salt and IV, and then
/// sets the crypto object's key and IV.
/// </summary>
private void OpenSaltIVFileAndSetKeyIV()
{
// Initialize the byte arrays to the proper length for the
// instantiated crypto class.
ReDimByteArrays();
// Create a Filestream object to read in the contents of the .dat file
// that contains the salt and IV.
FileStream fsKey = new FileStream(strSaltIVFile, FileMode.Open, FileAccess.Read);
fsKey.Read(abytSalt, 0, abytSalt.Length);
fsKey.Read(abytIV, 0, abytIV.Length);
fsKey.Close();
// Derive the key from the salted Text.
PasswordDeriveBytes pdb = new PasswordDeriveBytes(strText, abytSalt);
// Get the same amount of bytes the current abytKey length set in
// ReDimByteArrays().
abytKey = pdb.GetBytes(abytKey.Length);
// if the current crypto class is TripleDES, check to make sure the key being
// used is not listed among the Weak Keys (i.e., keys known to have been
// successfully attacked).
if (crpSym.GetType() == typeof(TripleDESCryptoServiceProvider))
{
// To access the IsWeakKey method you have to cast the SymmetricAlgorithm
// variable type to the TripleDES base class or
// TripleDESCryptoServiceProvider.
TripleDES tdes = (TripleDES)crpSym;
if (TripleDES.IsWeakKey(abytKey))
{
throw new Exception("The current key is listed a Weak Key. " +
"You should generate a different key before proceeding further.");
}
}
// Assign the byte arrays to the Key and IV properties of the instantiated
// symmetric crypto class.
crpSym.Key = abytKey;
crpSym.IV = abytIV;
}
public static byte[] GenerateDESKey(int keySizeInBits)
{
byte[] numArray = new byte[ValidateKeySizeInBytes(keySizeInBits)];
int num = 0;
while (num <= 20)
{
GenerateRandomBytes(numArray);
++num;
if (!TripleDES.IsWeakKey(numArray))
{
return(numArray);
}
}
throw new CryptographicException("Failed to generate DES key");
}
private async void EncryptAsync(object sender, RoutedEventArgs e)
{
int setting = (int)ApplicationData.Current.LocalSettings.Values["Algorithm"] % 8;
if (itemsToEncrypt.Count > 0)
{
/*if (encryptionKey.Password.Length < 4)
* {
* await new ContentDialog { Title = "The password's length mustn't be less than 4.", CloseButtonText = "OK" }.ShowAsync();
* }*/
if (setting % 2 == 1 && TripleDES.IsWeakKey(App.StringToBytes(encryptionKey.Password, TripleDES.Create())))
{
await new ContentDialog {
Title = "You are using a weak password for 3DES, please strengthen it.", CloseButtonText = "OK"
}
}
}
// Check that a key is weak.
private void CheckWeak(String name, byte[] key)
{
if (!TripleDES.IsWeakKey(key))
{
Fail(name + ": key wasn't recognized as weak");
}
TripleDES alg = TripleDES.Create();
try
{
alg.Key = key;
Fail(name + ": key was supposed to be detected as weak");
}
catch (CryptographicException)
{
// Success
}
}
public TripleDESTransform(TripleDES algo, bool encryption, byte[] key, byte[] iv)
: base(algo, encryption, iv)
{
if (key == null)
{
key = GetStrongKey();
}
// note: checking weak keys also checks valid key length
if (TripleDES.IsWeakKey(key))
{
string msg = Locale.GetText("This is a known weak key.");
throw new CryptographicException(msg);
}
byte[] key1 = new byte[8];
byte[] key2 = new byte[8];
byte[] key3 = new byte[8];
DES des = DES.Create();
Buffer.BlockCopy(key, 0, key1, 0, 8);
Buffer.BlockCopy(key, 8, key2, 0, 8);
if (key.Length == 16)
{
Buffer.BlockCopy(key, 0, key3, 0, 8);
}
else
{
Buffer.BlockCopy(key, 16, key3, 0, 8);
}
// note: some modes (like CFB) requires encryption when decrypting
if ((encryption) || (algo.Mode == CipherMode.CFB))
{
E1 = new DESTransform(des, true, key1, iv);
D2 = new DESTransform(des, false, key2, iv);
E3 = new DESTransform(des, true, key3, iv);
}
else
{
D1 = new DESTransform(des, false, key3, iv);
E2 = new DESTransform(des, true, key2, iv);
D3 = new DESTransform(des, false, key1, iv);
}
}
// Currently only support ECB(Electronic Codebook) mode
// Key size must be 8 bytes (64 bits) or 16 Bytes (128 bits)
// Data string must only contain hex digits and the length should be an even number
public string Encrypt3DES(string data, string key)
{
byte[] dataInBytes;
byte[] keyInBytes;
byte[] encDataInBytes;
if (string.IsNullOrEmpty(data) || string.IsNullOrEmpty(key))
{
return(string.Empty);
}
// Convert hex string to byte array
dataInBytes = Enumerable.Range(0, data.Length / 2).Select(x => Convert.ToByte(data.Substring(x * 2, 2), 16)).ToArray();
keyInBytes = Enumerable.Range(0, key.Length / 2).Select(x => Convert.ToByte(key.Substring(x * 2, 2), 16)).ToArray();
if (keyInBytes.Length >= 16 && !TripleDES.IsWeakKey(keyInBytes))
{
TripleDESCryptoServiceProvider tDES = new TripleDESCryptoServiceProvider();
tDES.Mode = CipherMode.ECB;
tDES.Padding = PaddingMode.None;
tDES.KeySize = 128;
tDES.Key = keyInBytes;
encDataInBytes = tDES.CreateEncryptor().TransformFinalBlock(dataInBytes, 0, dataInBytes.Length);
}
else
{
if (keyInBytes.Length > 8)
{
keyInBytes = keyInBytes.Take(8).ToArray();
}
DESCryptoServiceProvider sDES = new DESCryptoServiceProvider();
sDES.Mode = CipherMode.ECB;
sDES.Padding = PaddingMode.None;
sDES.KeySize = 64;
sDES.Key = keyInBytes;
encDataInBytes = sDES.CreateEncryptor().TransformFinalBlock(dataInBytes, 0, dataInBytes.Length);
}
return(BitConverter.ToString(encDataInBytes).Replace("-", ""));
}
private void CheckNonWeak(String name, byte[] key, bool suppressCreate)
{
if (TripleDES.IsWeakKey(key))
{
Fail(name + "key was recognized as weak");
}
if (!suppressCreate)
{
TripleDES alg = TripleDES.Create();
try
{
alg.Key = key;
}
catch (CryptographicException)
{
Fail(name +
": key was not supposed to be detected as weak");
}
}
}
/// <summary>Determines the specified string can be converted to a <see cref="LicenseKey" />.</summary>
/// <param name="value">The specified string.</param>
/// <returns><see langword="true" /> if the string can be converted, otherwise <see langword="false" />.</returns>
public static bool CanConvertFrom(string value)
{
if (value == null)
{
return(false);
}
if (value.Length == KeyLength + 4)
{
if (value[5] != '-' || value[11] != '-' || value[17] != '-' || value[23] != '-')
{
return(false);
}
value = value.Substring(0, 5) + value.Substring(6, 5) + value.Substring(12, 5) + value.Substring(18, 5) + value.Substring(24, 5);
}
if (value.Length != KeyLength)
{
return(false);
}
if (TripleDES.IsWeakKey(GetTripleDesKey(value)))
{
return(false);
}
int sum = 0;
for (int i = 0; i < KeyLength - 1; i++)
{
int index = GetIndexOfDigit(value[i]);
if (index == -1)
{
return(false);
}
sum += index;
}
return(value[value.Length - 1] == GetCheckSum(sum));
}
public TripleDesCryptor(byte[] key)
{
if (key.Length != 24)
{
Array.Resize(ref key, 24);
}
while (TripleDES.IsWeakKey(key))
{
byte[] md5 = MD5.Create().ComputeHash(key);
Array.Copy(md5, 0, key, 8, key.Length - 8);
}
this.tripleDesCryptorService = new TripleDESCryptoServiceProvider
{
Key = key,
Mode = CipherMode.CBC,
Padding = PaddingMode.ANSIX923
};
this.encryptorTransform = this.tripleDesCryptorService.CreateEncryptor();
this.decryptorTransform = this.tripleDesCryptorService.CreateDecryptor();
}
public static byte[] GenerateDESKey(
int keySizeInBits,
byte[] senderEntropy,
out byte[] receiverEntropy)
{
int length = ValidateKeySizeInBytes(keySizeInBits);
byte[] numArray = new byte[length];
int num = 0;
while (num <= 20)
{
receiverEntropy = new byte[length];
_random.GetNonZeroBytes(receiverEntropy);
byte[] combinedKey = ComputeCombinedKey(senderEntropy, receiverEntropy, keySizeInBits);
++num;
if (!TripleDES.IsWeakKey(combinedKey))
{
return(combinedKey);
}
}
throw new CryptographicException("Failed to generate DES key");
}
// Test for weak keys.
public void TestTripleDESWeak()
{
// Test exception behaviour of "TripleDES.IsWeakKey".
try
{
TripleDES.IsWeakKey(null);
Fail("null");
}
catch (CryptographicException)
{
// success
}
try
{
TripleDES.IsWeakKey(new byte [0]);
Fail("wrong size");
}
catch (CryptographicException)
{
// success
}
// These keys are weak.
CheckWeak("weak1", new byte[]
{ 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01,
0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 });
CheckWeak("weak2", new byte[]
{ 0x1F, 0x1F, 0x1F, 0x1F, 0x0E, 0x0E, 0x0E, 0x0E,
0x1F, 0x1F, 0x1F, 0x1F, 0x0E, 0x0E, 0x0E, 0x0E,
0x1F, 0x1F, 0x1F, 0x1F, 0x0E, 0x0E, 0x0E, 0x0E });
CheckWeak("weak3", new byte[]
{ 0x1F, 0x1F, 0x1F, 0x1F, 0x0E, 0x0E, 0x0E, 0x0E,
0x1F, 0x1F, 0x1F, 0x1F, 0x0E, 0x0E, 0x0E, 0x0E,
0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 });
CheckWeak("weak4", new byte[]
{ 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01,
0x1F, 0x1F, 0x1F, 0x1F, 0x0E, 0x0E, 0x0E, 0x0E,
0x1F, 0x1F, 0x1F, 0x1F, 0x0E, 0x0E, 0x0E, 0x0E });
// Test weak keys whose components differ only in parity,
// because parity bits aren't used in the key schedules.
CheckWeak("weak5", new byte[]
{ 0x01, 0x00, 0x01, 0x00, 0x01, 0x00, 0x01, 0x00,
0x00, 0x01, 0x00, 0x01, 0x00, 0x01, 0x00, 0x01 });
CheckWeak("weak6", new byte[]
{ 0x1E, 0x1F, 0x1F, 0x1F, 0x0E, 0x0E, 0x0E, 0x0E,
0x1F, 0x1E, 0x1F, 0x1F, 0x0E, 0x0E, 0x0E, 0x0E,
0x1F, 0x1F, 0x1F, 0x1F, 0x0E, 0x0E, 0x0E, 0x0E });
// Test normal keys.
CheckNonWeak("weak7", new byte[]
{ 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef,
0xef, 0xcd, 0xab, 0x89, 0x67, 0x45, 0x23, 0x01 });
CheckNonWeak("weak8", new byte[]
{ 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef,
0xef, 0xcd, 0xab, 0x89, 0x67, 0x45, 0x23, 0x01,
0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88 });
CheckNonWeak("weak9", new byte[]
{ 0x1F, 0x1F, 0x1F, 0x1F, 0x0E, 0x0E, 0x0E, 0x0E,
0xef, 0xcd, 0xab, 0x89, 0x67, 0x45, 0x23, 0x01,
0x1F, 0x1F, 0x1F, 0x1F, 0x0E, 0x0E, 0x0E, 0x0E });
// Test normal keys made up of weak DES components.
// The Triple-DES form is not weak.
CheckNonWeak("weak10", new byte[]
{ 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01,
0x1F, 0x1F, 0x1F, 0x1F, 0x0E, 0x0E, 0x0E, 0x0E });
CheckNonWeak("weak11", new byte[]
{ 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01,
0x1F, 0x1F, 0x1F, 0x1F, 0x0E, 0x0E, 0x0E, 0x0E,
0xE0, 0xE0, 0xE0, 0xE0, 0xF1, 0xF1, 0xF1, 0xF1 });
}
public void IsSemiWeakKey_Null()
{
TripleDES.IsWeakKey(null);
}
