问题
We are trying to integrate with a legacy c# application that uses RijndaelManaged for symmetric encryption. However it appears that they have used a 13 byte string as an encryption key!
The code is basically:
var initVectorBytes = Encoding.ASCII.GetBytes("16-char string");
var keyBytes = Encoding.ASCII.GetBytes("13-char string");
var symmetricKey = new RijndaelManaged { Mode = CipherMode.CBC };
var decryptor = symmetricKey.CreateDecryptor(keyBytes, initVectorBytes);
var memoryStream = new System.IO.MemoryStream(encryptedbytes);
var cryptoStream = new CryptoStream(memoryStream, decryptor, CryptoStreamMode.Read);
....
In theory this shouldn't work - the docs clearly say "The key size must be 128, 192, or 256 bits" and when we try this (on a Xamarin/Mono compiler - don't have easy access to .net at the moment) it throws an exception.
But it apparently works on the legacy system, and they have unit tests that also call CreateDecryptor with a 13 byte key; so presumably a real .net system does somehow do something with this code. (I note that the docs for .net version 2.0 don't talk about key length restrictions - the code is compiled using .net 3.5 however)
Is it possible that it uses the Rijndael algorithm with a 104 byte key and block size? Or would it somehow pad the key or something?
来源:https://stackoverflow.com/questions/27964723/what-does-rijndaelmanaged-encryption-do-with-invalid-key-sizes