3DES Key Size Matter in C#.Net
Below Code is Working Fine in c#.NET
byte[] key = Encoding.ASCII.GetByte("012345678901234567890123"); //24characters
byte[] plainText = Encoding.ASCII.GetBytes("lasaa");
TripleDES des =开发者_高级运维 TripleDES.Create();
des.Key = key;
des.Mode = CipherMode.CBC;
ICryptoTransform ic = des.CreateEncryptor();
byte[] enc = ic.TransformFinalBlock(plainText, 0, plainText.Length);
MessageBox.Show(UTF8Encoding.UTF8.GetString(enc));
My questions regarding above are...
- How can I specify KeySize? if i use
des.KeySize=
128
or192
or256
it gives
Specified key is not a valid size for this algorithm
- If I change character length in key by adding more (ex:40 chars). It gives error
Specified key is not a valid size for this algorithm
I want to know why is this happen?
A 3DES key has length 128 or 192 bits. Note that, internally, the algorithm will use only 112 (respectively 168) bits out of those 128 (respectively 192) bits; however, the key itself, as encoded into bytes, stored and exchanged, must have length 16 or 24 bytes. Trying to set a key which does not have one of those two lengths triggers an error, which you observe when you try to use a 40-byte key.
You should not try to set the "key size": you already decide that when you set the key. When you set the TripleDES.Key
property, the TripleDES
class sees that you give it a 24-byte key, and thus will set itself the KeySize
property to 192.
(The output of 3DES encryption is binary, not UTF-8 encoding of a string. Chances are that your final UTF8Encoding.UTF8.GetString(enc)
will protest.)
The key size for TripleDES is 168 bits. So you'll need 21 bytes. If you want to use a string for the key you really should hash it first. In which case you can use any length of characters (the more the better) and then trim the hashed output to your key size. E.g. if you use SHA-256 from which you'll get 32 bytes, use 21 of them.
Here is some code that I used to accomplish this "trim"
byte[] keyArray;
SHA512CryptoServiceProvider hash = new SHA512CryptoServiceProvider();
keyArray = hash.ComputeHash(UTF8Encoding.UTF8.GetBytes("someProperlySaltedKey"));
byte[] trimmedBytes = new byte[24];
Buffer.BlockCopy(keyArray, 0, trimmedBytes, 0, 24);
keyArray = trimmedBytes;
TripleDESCryptoServiceProvider tdes = new TripleDESCryptoServiceProvider();
tdes.Key = keyArray;
I think the problem here is that 192bits is the maximum key size supported for 3DES in C# (and elsewhere I assume)
http://msdn.microsoft.com/en-us/library/system.security.cryptography.symmetricalgori...
Have you tryed setting the key to a 16 byte/char value?
The only other supported size seems to be 128bits. If you want somthing stronger you'll have to use a different algorithm, Aes/Rijndael.
If you look TDES up on Wikipedia, it seems the maximum key size is 168bits so I'm not sure how Microsoft have implemented it.
I suspect it was omitted from your example for brevity but you should probably hash your key from a good dose of salt. There are several RNG/HSH algorithms for this in the crypto namespace.
精彩评论