Hello,
In the Visual Basic example I see the next line:
tdes.Key = pdb.CryptDeriveKey("TripleDES", "SHA1", 192, tdes.IV)
tdes.Key is obviously created.
but what about tdes.IV?
This value is never filled if I'm correct?
help code:
Imports System
Imports System.Security.Cryptography
Imports System.Text
Module PasswordDerivedBytesExample
Sub Main(ByVal args() As String)
' Get a password from the user.
Console.WriteLine("Enter a password to produce a key:")
'************************************************* *******
'* Security Note: Never hard-code a password within your
'* source code. Hard-coded passwords can be retrieved
'* from a compiled assembly.
'************************************************* *******
Dim pwd As Byte() = Encoding.Unicode.GetBytes(Console.ReadLine())
Dim salt As Byte() = createRandomSalt(7)
' Create a TripleDESCryptoServiceProvider object.
Dim tdes As New TripleDESCryptoServiceProvider()
Try
Console.WriteLine("Creating a key with PasswordDeriveBytes...")
' Create a PasswordDeriveBytes object and then create
' a TripleDES key from the password and salt.
Dim pdb As New PasswordDeriveBytes(pwd, salt)
' Create the key and add it to the Key property.
tdes.Key = pdb.CryptDeriveKey("TripleDES", "SHA1", 192, tdes.IV)
Console.WriteLine("Operation complete.")
Catch e As Exception
Console.WriteLine(e.Message)
Finally
' Clear the buffers
clearBytes(pwd)
clearBytes(salt)
' Clear the key.
tdes.Clear()
End Try
Console.ReadLine()
End Sub
'************************************************* *******
'* Helper methods:
'* createRandomSalt: Generates a random salt value of the
'* specified length.
'*
'* clearBytes: Clear the bytes in a buffer so they can't
'* later be read from memory.
'************************************************* *******
Function createRandomSalt(ByVal Length As Integer) As Byte()
' Create a buffer
Dim randBytes() As Byte
If Length >= 1 Then
randBytes = New Byte(Length) {}
Else
randBytes = New Byte(0) {}
End If
' Create a new RNGCryptoServiceProvider.
Dim rand As New RNGCryptoServiceProvider()
' Fill the buffer with random bytes.
rand.GetBytes(randBytes)
' return the bytes.
Return randBytes
End Function
Sub clearBytes(ByVal Buffer() As Byte)
' Check arguments.
If Buffer Is Nothing Then
Throw New ArgumentException("Buffer")
End If
' Set each byte in the buffer to 0.
Dim x As Integer
For x = 0 To Buffer.Length - 1
Buffer(x) = 0
Next x
End Sub
End Module