The .NET Framework takes the same basic approach to defining
symmetric algorithms; abstract classes
extend the
System.Security.Cryptography.SymmetricAlgorithm class for each of the supported
algorithms. Individual implementations of the algorithms extend the
abstract class, supporting the possibility of more than one
implementation of an algorithm, as represented by Figure 1.
1. The SymmetricAlgorithm Class
The
SymmetricAlgorithm class allows you to configure an
algorithm (select the block size, padding mode, etc.) and create
instances of the classes that encrypt and decrypt data; this class,
and the derived implementation classes, are not used to process data
directly;
Table 1. Members of the SymmetricAlgorithm Class
|
Member
|
Description
|
|---|
|
Properties
| |
|
BlockSize
|
Gets or sets the block size used by the cipher function.
|
|
FeedbackSize
|
Gets or sets the block size used to create feedback when encrypting
data.
|
|
KeySize
|
Gets or sets the size in bits of the secret key used by the algorithm.
|
|
IV
|
Get and set the values of the secret key and initialization vector,
expressed as an array of bytes.
|
|
Key
| |
|
LegalBlockSizes
|
Return the range of block and secret key sizes that the algorithm
supports.
|
|
LegalKeySizes
| |
|
Mode
|
Gets and sets the cipher mode used to prepare data.
|
|
Padding
|
Gets or sets the padding mode that will fill out partial blocks of
data.
|
|
Methods
| |
|
Create
|
Creates a new instance of the SymmetricAlgorithm
class by name. See the following section for further details.
|
|
CreateEncryptor
|
Create instances of the classes used to encrypt and decrypt data. See
Section 14.3.4 for details.
|
|
CreateDecryptor
| |
|
GenerateIV
|
Generate random secret keys and initialization vectors.
|
|
GenerateKey
| |
|
ValidKeySize
|
Determines if a key of a given length is valid for the algorithm.
|
2. Instantiating the Algorithm
You can instantiate
the
implementation classes
for symmetric algorithms in the same way. The preferred way to create
an instance is by using the
Create method of the
SymmetricAlgorithm class:
# C#
SymmetricAlgorithm x_alg = SymmetricAlgorithm.Create("RC2");
# Visual Basic .NET
Dim x_alg As SymmetricAlgorithm = SymmetricAlgorithm.Create("RC2")
The Create method instantiates an implementation
class based on the value of the argument; Table 14-3 shows the list of supported argument strings
and the implementation classes that they create. If no argument is
supplied, the Create method will instantiate the
RijndaelManaged class and return
null (C#) or NothingTable 14-3. The system administrator configures the
mapping between the string values and the instantiated classes. (Visual
Basic .NET) if the argument is not one of those listed in
Algorithms can be instantiated directly, an approach that is useful
if you wish to ensure that a specific implementation class is used or
if you are using algorithms for which no mappings are available:
# C#
SymmetricAlgorithm x_alg = new RC2CryptoServiceProvider( );
# Visual Basic .NET
Dim x_alg As SymmetricAlgorithm = New RC2CryptoServiceProvider( )
Table 2. Mapping string values to algorithm classes
|
String value
|
Algorithm-implementation class
|
|---|
|
DES
|
DESCryptoServiceProvider
|
|
System.Security.Cryptography.DES
|
DESCryptoServiceProvider
|
|
3DES
|
TripleDESCryptoServiceProvider
|
|
TripleDES
|
TripleDESCryptoServiceProvider
|
|
Triple DES
|
TripleDESCryptoServiceProvider
|
|
System.Security.Cryptography.TripleDES
|
TripleDESCryptoServiceProvider
|
|
RC2
|
RC2CryptoServiceProvider
|
|
System.Security.Cryptography.RC2
|
RC2CryptoServiceProvider
|
|
Rijndael
|
RijndaelManaged
|
|
System.Security.Cryptography.Rijndael
|
RijndaelManaged |
