private static byte[] FixKey(byte[] key, int keyOff, int keyLen)
{
byte[] array = new byte[24];
if (keyLen != 16)
{
if (keyLen != 24)
{
throw new ArgumentException("Bad length for DESede key: " + keyLen, "keyLen");
}
Array.Copy(key, keyOff, array, 0, 24);
}
else
{
Array.Copy(key, keyOff, array, 0, 16);
Array.Copy(key, keyOff, array, 16, 8);
}
if (DesEdeParameters.IsWeakKey(array))
{
throw new ArgumentException("attempt to create weak DESede key");
}
return(array);
}
private void doTest(
int strength,
byte[] input,
byte[] output)
{
KeyParameter key = null;
CipherKeyGenerator keyGen;
SecureRandom rand;
IBufferedCipher inCipher = null;
IBufferedCipher outCipher = null;
CipherStream cIn;
CipherStream cOut;
MemoryStream bIn;
MemoryStream bOut;
rand = new FixedSecureRandom();
try
{
keyGen = GeneratorUtilities.GetKeyGenerator("DESEDE");
keyGen.Init(new KeyGenerationParameters(rand, strength));
key = new DesEdeParameters(keyGen.GenerateKey());
inCipher = CipherUtilities.GetCipher("DESEDE/ECB/PKCS7Padding");
outCipher = CipherUtilities.GetCipher("DESEDE/ECB/PKCS7Padding");
outCipher.Init(true, new ParametersWithRandom(key, rand));
}
catch (Exception e)
{
Fail("DESEDE failed initialisation - " + e.ToString());
}
try
{
inCipher.Init(false, key);
}
catch (Exception e)
{
Fail("DESEDE failed initialisation - " + e.ToString());
}
//
// encryption pass
//
bOut = new MemoryStream();
cOut = new CipherStream(bOut, null, outCipher);
try
{
for (int i = 0; i != input.Length / 2; i++)
{
cOut.WriteByte(input[i]);
}
cOut.Write(input, input.Length / 2, input.Length - input.Length / 2);
cOut.Close();
}
catch (IOException e)
{
Fail("DESEDE failed encryption - " + e.ToString());
}
byte[] bytes = bOut.ToArray();
if (!Arrays.AreEqual(bytes, output))
{
Fail("DESEDE failed encryption - expected "
+ Hex.ToHexString(output) + " got "
+ Hex.ToHexString(bytes));
}
//
// decryption pass
//
bIn = new MemoryStream(bytes, false);
cIn = new CipherStream(bIn, inCipher, null);
try
{
// DataInputStream dIn = new DataInputStream(cIn);
BinaryReader dIn = new BinaryReader(cIn);
bytes = new byte[input.Length];
for (int i = 0; i != input.Length / 2; i++)
{
bytes[i] = (byte)dIn.ReadByte();
}
// dIn.readFully(bytes, input.Length / 2, bytes.Length - input.Length / 2);
int remaining = bytes.Length - input.Length / 2;
byte[] rest = dIn.ReadBytes(remaining);
if (rest.Length != remaining)
throw new Exception("IO problem with BinaryReader");
rest.CopyTo(bytes, input.Length / 2);
}
catch (Exception e)
{
Fail("DESEDE failed encryption - " + e.ToString());
}
if (!Arrays.AreEqual(bytes, input))
{
Fail("DESEDE failed decryption - expected "
+ Hex.ToHexString(input) + " got "
+ Hex.ToHexString(bytes));
}
// TODO Put back in
// //
// // keyspec test
// //
// try
// {
// SecretKeyFactory keyFactory = SecretKeyFactory.getInstance("DESede");
// DESedeKeySpec keySpec = (DESedeKeySpec)keyFactory.getKeySpec((SecretKey)key, DESedeKeySpec.class);
//
// if (!equalArray(key.getEncoded(), keySpec.getKey(), 16))
// {
// Fail("DESEDE KeySpec does not match key.");
// }
// }
// catch (Exception e)
// {
// Fail("DESEDE failed keyspec - " + e.ToString());
// }
}
private void wrapTest(
int id,
byte[] kek,
byte[] iv,
byte[] input,
byte[] output)
{
try
{
IWrapper wrapper = WrapperUtilities.GetWrapper("DESedeWrap");
KeyParameter desEdeKey = new DesEdeParameters(kek);
wrapper.Init(true, new ParametersWithIV(desEdeKey, iv));
try
{
// byte[] cText = wrapper.Wrap(new SecretKeySpec(input, "DESEDE"));
byte[] cText = wrapper.Wrap(input, 0, input.Length);
if (!Arrays.AreEqual(cText, output))
{
Fail("failed wrap test " + id + " expected "
+ Hex.ToHexString(output) + " got " + Hex.ToHexString(cText));
}
}
catch (Exception e)
{
Fail("failed wrap test exception " + e.ToString());
}
wrapper.Init(false, desEdeKey);
try
{
// Key pText = wrapper.unwrap(output, "DESede", IBufferedCipher.SECRET_KEY);
byte[] pText = wrapper.Unwrap(output, 0, output.Length);
// if (!Arrays.AreEqual(pText.getEncoded(), input))
if (!Arrays.AreEqual(pText, input))
{
Fail("failed unwrap test " + id + " expected "
+ Hex.ToHexString(input) + " got "
+ Hex.ToHexString(pText));
}
}
catch (Exception e)
{
Fail("failed unwrap test exception " + e.ToString());
}
}
catch (Exception ex)
{
Fail("failed exception " + ex.ToString());
}
}
public override void PerformTest()
{
KeyParameter key = new DesParameters(keyBytes);
IMac mac = MacUtilities.GetMac("DESMac");
//
// standard DAC - zero IV
//
mac.Init(key);
mac.BlockUpdate(input, 0, input.Length);
//byte[] outBytes = mac.DoFinal();
byte[] outBytes = new byte[mac.GetMacSize()];
mac.DoFinal(outBytes, 0);
if (!AreEqual(outBytes, output1))
{
Fail("Failed - expected "
+ Hex.ToHexString(output1) + " got "
+ Hex.ToHexString(outBytes));
}
//
// mac with IV.
//
mac.Init(new ParametersWithIV(key, ivBytes));
mac.BlockUpdate(input, 0, input.Length);
//outBytes = mac.DoFinal();
outBytes = new byte[mac.GetMacSize()];
mac.DoFinal(outBytes, 0);
if (!AreEqual(outBytes, output2))
{
Fail("Failed - expected "
+ Hex.ToHexString(output2) + " got "
+ Hex.ToHexString(outBytes));
}
//
// CFB mac with IV - 8 bit CFB mode
//
mac = MacUtilities.GetMac("DESMac/CFB8");
mac.Init(new ParametersWithIV(key, ivBytes));
mac.BlockUpdate(input, 0, input.Length);
//outBytes = mac.DoFinal();
outBytes = new byte[mac.GetMacSize()];
mac.DoFinal(outBytes, 0);
if (!AreEqual(outBytes, output3))
{
Fail("Failed - expected "
+ Hex.ToHexString(output3) + " got "
+ Hex.ToHexString(outBytes));
}
//
// ISO9797 algorithm 3 using DESEDE
//
key = new DesEdeParameters(keyBytesISO9797);
mac = MacUtilities.GetMac("ISO9797ALG3");
mac.Init(key);
mac.BlockUpdate(inputISO9797, 0, inputISO9797.Length);
//outBytes = mac.DoFinal();
outBytes = new byte[mac.GetMacSize()];
mac.DoFinal(outBytes, 0);
if (!AreEqual(outBytes, outputISO9797))
{
Fail("Failed - expected "
+ Hex.ToHexString(outputISO9797) + " got "
+ Hex.ToHexString(outBytes));
}
//
// 64bit DESede Mac
//
key = new DesEdeParameters(keyBytesISO9797);
mac = MacUtilities.GetMac("DESEDE64");
mac.Init(key);
mac.BlockUpdate(inputDesEDE64, 0, inputDesEDE64.Length);
//outBytes = mac.DoFinal();
outBytes = new byte[mac.GetMacSize()];
mac.DoFinal(outBytes, 0);
if (!AreEqual(outBytes, outputDesEDE64))
{
Fail("Failed - expected "
+ Hex.ToHexString(outputDesEDE64) + " got "
+ Hex.ToHexString(outBytes));
}
aliasTest(
ParameterUtilities.CreateKeyParameter("DESede", keyBytesISO9797),
"DESedeMac64withISO7816-4Padding",
"DESEDE64WITHISO7816-4PADDING",
"DESEDEISO9797ALG1MACWITHISO7816-4PADDING",
"DESEDEISO9797ALG1WITHISO7816-4PADDING");
aliasTest(
ParameterUtilities.CreateKeyParameter("DESede", keyBytesISO9797),
"ISO9797ALG3WITHISO7816-4PADDING",
"ISO9797ALG3MACWITHISO7816-4PADDING");
}
public new static bool IsWeakKey(byte[] key)
{
return(DesEdeParameters.IsWeakKey(key, 0, key.Length));
}
public new static bool IsWeakKey(byte[] key, int offset)
{
return(DesEdeParameters.IsWeakKey(key, offset, key.Length - offset));
}
public DesEdeParameters(byte[] key, int keyOff, int keyLen) : base(DesEdeParameters.FixKey(key, keyOff, keyLen))
{
}
public DesEdeParameters(byte[] key) : base(DesEdeParameters.FixKey(key, 0, key.Length))
{
}
private byte[] Encrypt(byte[] keyData, byte[] sourceData, CryptAlgorithm alg)
{
byte[] result = null;
KeyParameter keyParam = null;
IBufferedCipher engine = null;
switch (alg)
{
case CryptAlgorithm.TRIPLE_DES:
keyParam = new DesEdeParameters(keyData);
engine = CipherUtilities.GetCipher("DESede/CBC/PKCS7PADDING");
engine.Init(true, keyParam);
result = engine.DoFinal(sourceData);
break;
case CryptAlgorithm.RSA:
throw new NotSupportedException("CryptAlgorithm.RSA NOT SUPPORT YET");
case CryptAlgorithm.DES:
default://默认DES
keyParam = new DesParameters(keyData);
engine = CipherUtilities.GetCipher("DES/ECB/PKCS7PADDING");
engine.Init(true, keyParam);
result = engine.DoFinal(sourceData);
break;
}
return result;
}
