Weak Key for DES in .NET

https://stackoverflow.com/questions/21774359

11-10-2022
|

Frage

I need to perform a DES encryption and decryption operation using a key of zeros. I found this code on social.msdn.microsoft.com which bypasses the check .net imposes on DES keys:

public static class DESCryptoExtensions {
    public static ICryptoTransform CreateWeakEncryptor(this DESCryptoServiceProvider cryptoProvider, byte[] key, byte[] iv) {
        // reflective way of doing what CreateEncryptor() does, bypassing the check for weak keys
        MethodInfo mi = cryptoProvider.GetType().GetMethod("_NewEncryptor", BindingFlags.NonPublic | BindingFlags.Instance);
        object[] Par = { key, cryptoProvider.Mode, iv, cryptoProvider.FeedbackSize, 0 };
        ICryptoTransform trans = mi.Invoke(cryptoProvider, Par) as ICryptoTransform;
        return trans;
    }

    public static ICryptoTransform CreateWeakEncryptor(this DESCryptoServiceProvider cryptoProvider) {
        return CreateWeakEncryptor(cryptoProvider, cryptoProvider.Key, cryptoProvider.IV);
    }

    public static ICryptoTransform CreateWeakDecryptor(this DESCryptoServiceProvider cryptoProvider, byte[] key, byte[] iv) {
        return CreateWeakEncryptor(cryptoProvider, key, iv);
    }

    public static ICryptoTransform CreateWeakDecryptor(this DESCryptoServiceProvider cryptoProvider) {
        return CreateWeakDecryptor(cryptoProvider, cryptoProvider.Key, cryptoProvider.IV);
    }
}

I'm using this class to encapsulate encryption and decryption:

public class SimpleDES {
    private readonly byte[] IV = new byte[8] { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 };
    private byte[] mKey;
    private DESCryptoServiceProvider des;

    public SimpleDES(byte[] aKey) {
        if (aKey.Length != 8)
            throw new Exception("Key size must be 8 bytes");
        mKey = aKey;
        des = new DESCryptoServiceProvider();
        des.BlockSize = 64;
        des.KeySize = 64;
        des.Padding = PaddingMode.None;
    }

    public byte[] Encrypt(byte[] data) {
        if (data.Length != 8)
            throw new Exception("Data size must be 8 bytes");

        ICryptoTransform encryptor = des.CreateWeakEncryptor(mKey, IV);
        return encryptor.TransformFinalBlock(data, 0, data.Length);
    }

    public byte[] Decrypt(byte[] data) {
        if (data.Length != 8)
            throw new Exception("Data size must be 8 bytes");
        ICryptoTransform decryptor = des.CreateWeakDecryptor(mKey, IV);
        return decryptor.TransformFinalBlock(data, 0, data.Length);
    }
}

While Encrypt() works perfectly, the return value of Decrypt() is the same as Encrypt(). I'm pretty new to C#, and I'm lost. Any thoughts?

Lösung

It's pretty simple. You are calling same method CreateWeakEncryptor in CreateDecryptor method. So, finally MethodInfo mi = cryptoProvider.GetType().GetMethod("_NewEncryptor", BindingFlags.NonPublic | BindingFlags.Instance);

always return a encryptor method. To that method while invoking you are passing 0 as the last parameter which is always equals to the enum CryptoAPITransformMode.Encrypt.

Instead you have to pass 1 which CryptoAPITransformMode.Decrypt while decrypting.

Lizenziert unter: CC-BY-SA mit Zuschreibung

Nicht verbunden mit StackOverflow