[英]Weak Key for DES in .NET
I need to perform a DES
encryption and decryption operation using a key of zeros. 我需要使用零密钥执行
DES
加密和解密操作。 I found this code on social.msdn.microsoft.com which bypasses the check .net imposes on DES keys: 我在social.msdn.microsoft.com上找到了此代码,该代码绕过了对DES密钥施加的check .net:
public static class DESCryptoExtensions {
public static ICryptoTransform CreateWeakEncryptor(this DESCryptoServiceProvider cryptoProvider, byte[] key, byte[] iv) {
// reflective way of doing what CreateEncryptor() does, bypassing the check for weak keys
MethodInfo mi = cryptoProvider.GetType().GetMethod("_NewEncryptor", BindingFlags.NonPublic | BindingFlags.Instance);
object[] Par = { key, cryptoProvider.Mode, iv, cryptoProvider.FeedbackSize, 0 };
ICryptoTransform trans = mi.Invoke(cryptoProvider, Par) as ICryptoTransform;
return trans;
}
public static ICryptoTransform CreateWeakEncryptor(this DESCryptoServiceProvider cryptoProvider) {
return CreateWeakEncryptor(cryptoProvider, cryptoProvider.Key, cryptoProvider.IV);
}
public static ICryptoTransform CreateWeakDecryptor(this DESCryptoServiceProvider cryptoProvider, byte[] key, byte[] iv) {
return CreateWeakEncryptor(cryptoProvider, key, iv);
}
public static ICryptoTransform CreateWeakDecryptor(this DESCryptoServiceProvider cryptoProvider) {
return CreateWeakDecryptor(cryptoProvider, cryptoProvider.Key, cryptoProvider.IV);
}
}
I'm using this class to encapsulate encryption and decryption: 我正在使用此类封装加密和解密:
public class SimpleDES {
private readonly byte[] IV = new byte[8] { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 };
private byte[] mKey;
private DESCryptoServiceProvider des;
public SimpleDES(byte[] aKey) {
if (aKey.Length != 8)
throw new Exception("Key size must be 8 bytes");
mKey = aKey;
des = new DESCryptoServiceProvider();
des.BlockSize = 64;
des.KeySize = 64;
des.Padding = PaddingMode.None;
}
public byte[] Encrypt(byte[] data) {
if (data.Length != 8)
throw new Exception("Data size must be 8 bytes");
ICryptoTransform encryptor = des.CreateWeakEncryptor(mKey, IV);
return encryptor.TransformFinalBlock(data, 0, data.Length);
}
public byte[] Decrypt(byte[] data) {
if (data.Length != 8)
throw new Exception("Data size must be 8 bytes");
ICryptoTransform decryptor = des.CreateWeakDecryptor(mKey, IV);
return decryptor.TransformFinalBlock(data, 0, data.Length);
}
}
While Encrypt()
works perfectly, the return value of Decrypt()
is the same as Encrypt()
. 尽管
Encrypt()
可以完美工作,但Decrypt()
的返回值与Encrypt()
相同。 I'm pretty new to C#, and I'm lost. 我是C#的新手,迷路了。 Any thoughts?
有什么想法吗?
It's pretty simple. 很简单 You are calling same method CreateWeakEncryptor in CreateDecryptor method.
您正在CreateDecryptor方法中调用同一方法CreateWeakEncryptor。 So, finally MethodInfo mi = cryptoProvider.GetType().GetMethod("_NewEncryptor", BindingFlags.NonPublic | BindingFlags.Instance);
因此,最后,MethodInfo mi = cryptoProvider.GetType()。GetMethod(“ _ NewEncryptor”,BindingFlags.NonPublic | BindingFlags.Instance);
always return a encryptor method. 总是返回一个加密方法。 To that method while invoking you are passing 0 as the last parameter which is always equals to the enum CryptoAPITransformMode.Encrypt.
调用该方法时,您要传递0作为最后一个参数,该参数始终等于枚举CryptoAPITransformMode.Encrypt。
Instead you have to pass 1 which CryptoAPITransformMode.Decrypt while decrypting. 相反,您必须在解密时传递1哪个CryptoAPITransformMode.Decrypt。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.