EldoS | Feel safer!

Software components for data protection, secure storage and transfer

Blowfish Key Length

Also by EldoS: Solid File System
A virtual file system that offers a feature-rich storage for application documents and data with built-in compression and encryption.
#14738
Posted: 10/20/2010 10:34:33
by Paul Schneider (Standard support level)
Joined: 11/10/2008
Posts: 10

I am trying to connect with a vendor who needs me to encrypt using Blowfish. He gave me a key to use that was not the standard 16 bytes. If I use anything but 16 and BitsInKey = 128 I get the 8202 error on the Encrypt.

Here is my code, any help would be appreciated:

Code
Dim strIn As New IO.MemoryStream
        Dim strOut As New IO.MemoryStream
        Dim sw1 As New IO.StreamWriter(strIn)
        Dim sr1 As New IO.StreamReader(strOut)

        sw1.Write(sValue)
        sw1.Flush()

        'Dim bKey() As Byte = Text.Encoding.UTF8.GetBytes("testkey1testkey2")
        Dim bkey() As Byte = Text.Encoding.UTF8.GetBytes("1z2y3x4w5v6u7t8s9r0qApBoCnDmElFkGjHiIhJgK")

        Dim msg As New TElMessageEncryptor()
        msg.Algorithm = SBConstants.Unit.SB_ALGORITHM_CNT_BLOWFISH
        msg.BitsInKey = bKey.Length * 8
        strIn.Position = 0
        Dim iRtn As Integer = msg.Encrypt(strIn, strOut, bKey, 0)
        If iRtn <> 0 Then
            Throw New SystemException("Error encrypting token: " & iRtn)
        End If

        strOut.Position = 0
        Dim result As String = sr1.ReadToEnd

        sw1.Close()
        sr1.Close()

        Return Convert.ToBase64String(Text.Encoding.UTF8.GetBytes(result))
#14739
Posted: 10/20/2010 10:57:05
by Vsevolod Ievgiienko (EldoS Corp.)

Hello.

Code
Dim iRtn As Integer = msg.Encrypt(strIn, strOut, bKey, 0);


Try to change 0 to key size.
#14740
Posted: 10/20/2010 13:25:41
by Paul Schneider (Standard support level)
Joined: 11/10/2008
Posts: 10

I tried, but still got the 8202 error

Code
Dim iRtn As Integer = msg.Encrypt(strIn, strOut, bkey, bkey.Length)
#14741
Posted: 10/20/2010 13:39:38
by Mykola Olshevsky (Basic support level)
Joined: 07/07/2005
Posts: 450

Hi.
Error 8202 is SB_MESSAGE_ERROR_INVALID_KEY_LENGTH.
ElMessageEncryptor can work only with standard (128 bit) blowfish key.
So, you should pass 128-bit key (16 bytes) to succeed.
#14742
Posted: 10/20/2010 13:57:06
by Paul Schneider (Standard support level)
Joined: 11/10/2008
Posts: 10

I'm not sure I can get the vendor to change the key. Is there another way to code this besides ELMessageEncryptor where I can use a different key size?
#14743
Posted: 10/20/2010 14:07:58
by Mykola Olshevsky (Basic support level)
Joined: 07/07/2005
Posts: 450

Do you actually need to use CMS (Cryptography Messages Syntax), or you just need to symmetrically encrypt data, using specified key? (btw, using Blowfish in CMS is not documented).
If no, you can use low-level TElBlowfishSymmetricCrypto, it works with any key size (of course, limited by Blowfish algorithm).
#14744
Posted: 10/20/2010 14:10:41
by Paul Schneider (Standard support level)
Joined: 11/10/2008
Posts: 10

I do not believe I need CMS, it's just it looked like the ELMessageEncryptor was the easiest way to do it.

Can you point me to some sample code for the method using TElBlowfishSymmetricCrypto?

Thanks.
#14745
Posted: 10/20/2010 14:38:53
by Mykola Olshevsky (Basic support level)
Joined: 07/07/2005
Posts: 450

Unfortunately, at the moment there are no such samples.
In short, you should:
1. Create TElBlowfishKeyMaterial object, and load key and IV to it.
2. Create TElBlowfishSymmetricCrypto object, and assign key to it's .KeyMaterial property.
3. Call blowfishCrypto.Encrypt(InputStream, OutputStream) method.
#14766
Posted: 10/23/2010 13:11:49
by Paul Schneider (Standard support level)
Joined: 11/10/2008
Posts: 10

What would I set the IV property on the KeyMaterial to?
#14767
Posted: 10/23/2010 16:35:18
by Mykola Olshevsky (Basic support level)
Joined: 07/07/2005
Posts: 450

Hi. It depends on cipher mode used (i.e. if it is actually needed).
At most cases you'll need 16 bytes random array (and, you'll need the same IV for decryption, so you should send it with encrypted data or save somewhere)
Also by EldoS: CallbackDisk
Create virtual disks backed by memory or custom location, expose disk images as disks and more.

Reply

Statistics

Topic viewed 3033 times

Number of guests: 1, registered members: 0, in total hidden: 0




|

Back to top

As of July 15, 2016 EldoS Corporation will operate as a division of /n software inc. For more information, please read the announcement.

Got it!