2 // System.Security.Cryptography.DES.cs
5 // Sergey Chaban (serge@wildwestsoftware.com)
6 // Sebastien Pouliot <sebastien@ximian.com>
8 // Portions (C) 2002 Motus Technologies Inc. (http://www.motus.com)
9 // Copyright (C) 2004-2006 Novell, Inc (http://www.novell.com)
11 // Permission is hereby granted, free of charge, to any person obtaining
12 // a copy of this software and associated documentation files (the
13 // "Software"), to deal in the Software without restriction, including
14 // without limitation the rights to use, copy, modify, merge, publish,
15 // distribute, sublicense, and/or sell copies of the Software, and to
16 // permit persons to whom the Software is furnished to do so, subject to
17 // the following conditions:
19 // The above copyright notice and this permission notice shall be
20 // included in all copies or substantial portions of the Software.
22 // THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
23 // EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
24 // MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
25 // NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
26 // LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
27 // OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
28 // WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
31 using System.Globalization;
32 using System.Runtime.InteropServices;
35 // a. FIPS PUB 46-3: Data Encryption Standard
36 // http://csrc.nist.gov/publications/fips/fips46-3/fips46-3.pdf
38 namespace System.Security.Cryptography {
41 public abstract class DES : SymmetricAlgorithm {
43 private const int keySizeByte = 8;
49 FeedbackSizeValue = 8;
51 LegalKeySizesValue = new KeySizes[1];
52 LegalKeySizesValue[0] = new KeySizes(64, 64, 0);
54 LegalBlockSizesValue = new KeySizes[1];
55 LegalBlockSizesValue[0] = new KeySizes(64, 64, 0);
58 public static new DES Create ()
60 return Create ("System.Security.Cryptography.DES");
63 public static new DES Create (string algName)
65 return (DES) CryptoConfig.CreateFromName (algName);
70 internal static readonly byte[,] weakKeys = {
71 { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 },
72 { 0x1F, 0x1F, 0x1F, 0x1F, 0x0F, 0x0F, 0x0F, 0x0F },
73 { 0xE1, 0xE1, 0xE1, 0xE1, 0xF1, 0xF1, 0xF1, 0xF1 },
74 { 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF },
78 internal static readonly byte[,] semiWeakKeys = {
79 { 0x00, 0x1E, 0x00, 0x1E, 0x00, 0x0E, 0x00, 0x0E }, // map to packed key 011F011F010E010E
80 { 0x00, 0xE0, 0x00, 0xE0, 0x00, 0xF0, 0x00, 0xF0 }, // map to packed key 01E001E001F101F1
81 { 0x00, 0xFE, 0x00, 0xFE, 0x00, 0xFE, 0x00, 0xFE }, // map to packed key 01FE01FE01FE01FE
82 { 0x1E, 0x00, 0x1E, 0x00, 0x0E, 0x00, 0x0E, 0x00 }, // map to packed key 1F011F010E010E01
83 { 0x1E, 0xE0, 0x1E, 0xE0, 0x0E, 0xF0, 0x0E, 0xF0 }, // map to packed key 1FE01FE00EF10EF1
84 { 0x1E, 0xFE, 0x1E, 0xFE, 0x0E, 0xFE, 0x0E, 0xFE }, // map to packed key 1FFE1FFE0EFE0EFE
85 { 0xE0, 0x00, 0xE0, 0x00, 0xF0, 0x00, 0xF0, 0x00 }, // map to packed key E001E001F101F101
86 { 0xE0, 0x1E, 0xE0, 0x1E, 0xF0, 0x0E, 0xF0, 0x0E }, // map to packed key E01FE01FF10EF10E
87 { 0xE0, 0xFE, 0xE0, 0xFE, 0xF0, 0xFE, 0xF0, 0xFE }, // map to packed key E0FEE0FEF1FEF1FE
88 { 0xFE, 0x00, 0xFE, 0x00, 0xFE, 0x00, 0xFE, 0x00 }, // map to packed key FE01FE01FE01FE01
89 { 0xFE, 0x1E, 0xFE, 0x1E, 0xFE, 0x0E, 0xFE, 0x0E }, // map to packed key FE1FFE1FFE0EFE0E
90 { 0xFE, 0xE0, 0xFE, 0xE0, 0xFE, 0xF0, 0xFE, 0xF0 }, // map to packed key FEE0FEE0FEF1FEF1
93 public static bool IsWeakKey (byte[] rgbKey)
96 throw new CryptographicException (Locale.GetText ("Null Key"));
97 if (rgbKey.Length != keySizeByte)
98 throw new CryptographicException (Locale.GetText ("Wrong Key Length"));
100 // (fast) pre-check with "weak bytes"
101 for (int i=0; i < rgbKey.Length; i++) {
102 switch (rgbKey [i] | 0x11) {
113 // compare with known weak keys
114 for (int i=0; i < (weakKeys.Length >> 3); i++) {
116 for (; j < rgbKey.Length; j++) {
117 if ((rgbKey [j] ^ weakKeys [i,j]) > 1)
126 public static bool IsSemiWeakKey (byte[] rgbKey)
129 throw new CryptographicException (Locale.GetText ("Null Key"));
130 if (rgbKey.Length != keySizeByte)
131 throw new CryptographicException (Locale.GetText ("Wrong Key Length"));
133 // (fast) pre-check with "weak bytes"
134 for (int i=0; i < rgbKey.Length; i++) {
135 switch (rgbKey [i] | 0x11) {
146 // compare with known weak keys
147 for (int i=0; i < (semiWeakKeys.Length >> 3); i++) {
149 for (; j < rgbKey.Length; j++) {
150 if ((rgbKey [j] ^ semiWeakKeys [i,j]) > 1)
159 public override byte[] Key {
161 if (KeyValue == null) {
162 // GenerateKey is responsible to return a valid key
163 // e.g. no weak or semi-weak keys
166 return (byte[]) KeyValue.Clone ();
170 throw new ArgumentNullException ("Key");
171 if (value.Length != keySizeByte)
172 throw new ArgumentException (Locale.GetText ("Wrong Key Length"));
173 if (IsWeakKey (value))
174 throw new CryptographicException (Locale.GetText ("Weak Key"));
175 if (IsSemiWeakKey (value))
176 throw new CryptographicException (Locale.GetText ("Semi Weak Key"));
178 KeyValue = (byte[]) value.Clone ();