SymmetricAlgorithm Class

Definition

Namespace:

System.Security.Cryptography

Assembly:

System.Security.Cryptography.dll

Source:

SymmetricAlgorithm.cs

Represents the abstract base class from which all implementations of symmetric algorithms must inherit.

public ref class SymmetricAlgorithm abstract : IDisposable

public abstract class SymmetricAlgorithm : IDisposable

type SymmetricAlgorithm = class
    interface IDisposable

Public MustInherit Class SymmetricAlgorithm
Implements IDisposable

Inheritance

Object

SymmetricAlgorithm

Derived

System.Security.Cryptography.Aes

System.Security.Cryptography.DES

System.Security.Cryptography.RC2

System.Security.Cryptography.Rijndael

System.Security.Cryptography.TripleDES

Implements

IDisposable

Examples

The following code example uses the Aes class with the specified Key property and initialization vector (IV) to encrypt a file specified by inName, and outputs the encrypted result to the file specified by outName. The desKey and desIV parameters to the method are 8-byte arrays. You must have the high encryption pack installed to run this example.

void EncryptData( String^ inName, String^ outName, array<Byte>^aesKey, array<Byte>^aesIV )
{
   
   //Create the file streams to handle the input and output files.
   FileStream^ fin = gcnew FileStream( inName,FileMode::Open,FileAccess::Read );
   FileStream^ fout = gcnew FileStream( outName,FileMode::OpenOrCreate,FileAccess::Write );
   fout->SetLength( 0 );
   
   //Create variables to help with read and write.
   array<Byte>^bin = gcnew array<Byte>(100);
   long rdlen = 0; //This is the total number of bytes written.

   long totlen = (long)fin->Length; //This is the total length of the input file.

   int len; //This is the number of bytes to be written at a time.

   Aes^ aes = Aes::Create();

   CryptoStream^ encStream = gcnew CryptoStream( fout,aes->CreateEncryptor( aesKey, aesIV ),CryptoStreamMode::Write );
   Console::WriteLine( "Encrypting..." );
   
   //Read from the input file, then encrypt and write to the output file.
   while ( rdlen < totlen )
   {
      len = fin->Read( bin, 0, 100 );
      encStream->Write( bin, 0, len );
      rdlen = rdlen + len;
      Console::WriteLine( "{0} bytes processed", rdlen );
   }

   encStream->Close();
   fout->Close();
   fin->Close();
}

private static void EncryptData(string inName, string outName, byte[] aesKey, byte[] aesIV)
 {
     //Create the file streams to handle the input and output files.
     FileStream fin = new FileStream(inName, FileMode.Open, FileAccess.Read);
     FileStream fout = new FileStream(outName, FileMode.OpenOrCreate, FileAccess.Write);
     fout.SetLength(0);

     //Create variables to help with read and write.
     byte[] bin = new byte[100]; //This is intermediate storage for the encryption.
     long rdlen = 0;              //This is the total number of bytes written.
     long totlen = fin.Length;    //This is the total length of the input file.
     int len;                     //This is the number of bytes to be written at a time.

     Aes aes = Aes.Create();
     CryptoStream encStream = new CryptoStream(fout, aes.CreateEncryptor(aesKey, aesIV), CryptoStreamMode.Write);

     Console.WriteLine("Encrypting...");

     //Read from the input file, then encrypt and write to the output file.
     while(rdlen < totlen)
     {
         len = fin.Read(bin, 0, 100);
         encStream.Write(bin, 0, len);
         rdlen = rdlen + len;
         Console.WriteLine("{0} bytes processed", rdlen);
     }

     encStream.Close();
     fout.Close();
     fin.Close();
 }

Private Shared Sub EncryptData(inName As String, outName As String, _
rijnKey() As Byte, rijnIV() As Byte)

    'Create the file streams to handle the input and output files.
    Dim fin As New FileStream(inName, FileMode.Open, FileAccess.Read)
    Dim fout As New FileStream(outName, FileMode.OpenOrCreate, _
       FileAccess.Write)
    fout.SetLength(0)
    
    'Create variables to help with read and write.
    Dim bin(100) As Byte 'This is intermediate storage for the encryption.
    Dim rdlen As Long = 0 'This is the total number of bytes written.
    Dim totlen As Long = fin.Length 'Total length of the input file.
    Dim len As Integer 'This is the number of bytes to be written at a time.
    'Creates the default implementation, which is RijndaelManaged.
    Dim rijn As SymmetricAlgorithm = SymmetricAlgorithm.Create()
    Dim encStream As New CryptoStream(fout, _
       rijn.CreateEncryptor(rijnKey, rijnIV), CryptoStreamMode.Write)
    
    Console.WriteLine("Encrypting...")
    
    'Read from the input file, then encrypt and write to the output file.
    While rdlen < totlen
        len = fin.Read(bin, 0, 100)
        encStream.Write(bin, 0, len)
        rdlen = Convert.ToInt32(rdlen + len)
        Console.WriteLine("{0} bytes processed", rdlen)
    End While
    
    encStream.Close()
fout.Close()
fin.Close()
End Sub

Remarks

The classes that derive from the SymmetricAlgorithm class use a chaining mode called cipher block chaining (CBC), which requires a key (Key) and an initialization vector (IV) to perform cryptographic transformations on data. To decrypt data that was encrypted using one of the SymmetricAlgorithm classes, you must set the Key property and the IV property to the same values that were used for encryption. For a symmetric algorithm to be useful, the secret key must be known only to the sender and the receiver.

Aes, DES, RC2, and TripleDES are implementations of symmetric algorithms.

Note that when using derived classes, it is not enough, from a security perspective, to simply force a garbage collection after you have finished using the object. You must explicitly call the Clear method on the object to zero out any sensitive data within the object before it is released. Note that garbage collection does not zero out the contents of collected objects but simply marks the memory as available for reallocation. Thus the data contained within a garbage collected object may still be present in the memory heap in unallocated memory. In the case of cryptographic objects, this data could contain sensitive information such as key data or a block of plain text.

All cryptographic classes in the .NET Framework that hold sensitive data implement a Clear method. When called, the Clear method overwrites all sensitive data within the object with zeros and then releases the object so that it can be safely garbage collected. When the object has been zeroed and released, you should then call the Dispose method with the disposing parameter set to True to dispose of all managed and unmanaged resources associated with the object.

Notes to Implementers

When you inherit from the SymmetricAlgorithm class, you must override the following members: CreateDecryptor(Byte[], Byte[]), CreateEncryptor(Byte[], Byte[]), GenerateIV(), and GenerateKey().

Constructors

SymmetricAlgorithm()

Initializes a new instance of the SymmetricAlgorithm class.

Fields

BlockSizeValue	Represents the block size, in bits, of the cryptographic operation.
FeedbackSizeValue	Represents the feedback size, in bits, of the cryptographic operation.
IVValue	Represents the initialization vector (IV) for the symmetric algorithm.
KeySizeValue	Represents the size, in bits, of the secret key used by the symmetric algorithm.
KeyValue	Represents the secret key for the symmetric algorithm.
LegalBlockSizesValue	Specifies the block sizes, in bits, that are supported by the symmetric algorithm.
LegalKeySizesValue	Specifies the key sizes, in bits, that are supported by the symmetric algorithm.
ModeValue	Represents the cipher mode used in the symmetric algorithm.
PaddingValue	Represents the padding mode used in the symmetric algorithm.

Properties

BlockSize	Gets or sets the block size, in bits, of the cryptographic operation.
FeedbackSize	Gets or sets the feedback size, in bits, of the cryptographic operation for the Cipher Feedback (CFB) and Output Feedback (OFB) cipher modes.
IV	Gets or sets the initialization vector (IV) for the symmetric algorithm.
Key	Gets or sets the secret key for the symmetric algorithm.
KeySize	Gets or sets the size, in bits, of the secret key used by the symmetric algorithm.
LegalBlockSizes	Gets the block sizes, in bits, that are supported by the symmetric algorithm.
LegalKeySizes	Gets the key sizes, in bits, that are supported by the symmetric algorithm.
Mode	Gets or sets the mode for operation of the symmetric algorithm.
Padding	Gets or sets the padding mode used in the symmetric algorithm.

Methods

Clear()	Releases all resources used by the SymmetricAlgorithm class.
Create()	Obsolete. Creates a default cryptographic object used to perform the symmetric algorithm.
Create(String)	Obsolete. Creates the specified cryptographic object used to perform the symmetric algorithm.
CreateDecryptor()	Creates a symmetric decryptor object with the current Key property and initialization vector (IV).
CreateDecryptor(Byte[], Byte[])	When overridden in a derived class, creates a symmetric decryptor object with the specified Key property and initialization vector (IV).
CreateEncryptor()	Creates a symmetric encryptor object with the current Key property and initialization vector (IV).
CreateEncryptor(Byte[], Byte[])	When overridden in a derived class, creates a symmetric encryptor object with the specified Key property and initialization vector (IV).
DecryptCbc(Byte[], Byte[], PaddingMode)	Decrypts data using CBC mode with the specified padding mode.
DecryptCbc(ReadOnlySpan<Byte>, ReadOnlySpan<Byte>, PaddingMode)	Decrypts data using CBC mode with the specified padding mode.
DecryptCbc(ReadOnlySpan<Byte>, ReadOnlySpan<Byte>, Span<Byte>, PaddingMode)	Decrypts data into the specified buffer, using CBC mode with the specified padding mode.
DecryptCfb(Byte[], Byte[], PaddingMode, Int32)	Decrypts data using CFB mode with the specified padding mode and feedback size.
DecryptCfb(ReadOnlySpan<Byte>, ReadOnlySpan<Byte>, PaddingMode, Int32)	Decrypts data using CFB mode with the specified padding mode and feedback size.
DecryptCfb(ReadOnlySpan<Byte>, ReadOnlySpan<Byte>, Span<Byte>, PaddingMode, Int32)	Decrypts data into the specified buffer, using CFB mode with the specified padding mode and feedback size.
DecryptEcb(Byte[], PaddingMode)	Decrypts data using ECB mode with the specified padding mode.
DecryptEcb(ReadOnlySpan<Byte>, PaddingMode)	Decrypts data using ECB mode with the specified padding mode.
DecryptEcb(ReadOnlySpan<Byte>, Span<Byte>, PaddingMode)	Decrypts data into the specified buffer, using ECB mode with the specified padding mode.
Dispose()	Releases all resources used by the current instance of the SymmetricAlgorithm class.
Dispose(Boolean)	Releases the unmanaged resources used by the SymmetricAlgorithm and optionally releases the managed resources.
EncryptCbc(Byte[], Byte[], PaddingMode)	Encrypts data using CBC mode with the specified padding mode.
EncryptCbc(ReadOnlySpan<Byte>, ReadOnlySpan<Byte>, PaddingMode)	Encrypts data using CBC mode with the specified padding mode.
EncryptCbc(ReadOnlySpan<Byte>, ReadOnlySpan<Byte>, Span<Byte>, PaddingMode)	Encrypts data into the specified buffer, using CBC mode with the specified padding mode.
EncryptCfb(Byte[], Byte[], PaddingMode, Int32)	Encrypts data using CFB mode with the specified padding mode and feedback size.
EncryptCfb(ReadOnlySpan<Byte>, ReadOnlySpan<Byte>, PaddingMode, Int32)	Encrypts data using CFB mode with the specified padding mode and feedback size.
EncryptCfb(ReadOnlySpan<Byte>, ReadOnlySpan<Byte>, Span<Byte>, PaddingMode, Int32)	Encrypts data into the specified buffer, using CFB mode with the specified padding mode and feedback size.
EncryptEcb(Byte[], PaddingMode)	Encrypts data using ECB mode with the specified padding mode.
EncryptEcb(ReadOnlySpan<Byte>, PaddingMode)	Encrypts data using ECB mode with the specified padding mode.
EncryptEcb(ReadOnlySpan<Byte>, Span<Byte>, PaddingMode)	Encrypts data into the specified buffer, using ECB mode with the specified padding mode.
Equals(Object)	Determines whether the specified object is equal to the current object. (Inherited from Object)
GenerateIV()	When overridden in a derived class, generates a random initialization vector (IV) to use for the algorithm.
GenerateKey()	When overridden in a derived class, generates a random key (Key) to use for the algorithm.
GetCiphertextLengthCbc(Int32, PaddingMode)	Gets the length of a ciphertext with a given padding mode and plaintext length in CBC mode.
GetCiphertextLengthCfb(Int32, PaddingMode, Int32)	Gets the length of a ciphertext with a given padding mode and plaintext length in CFB mode.
GetCiphertextLengthEcb(Int32, PaddingMode)	Gets the length of a ciphertext with a given padding mode and plaintext length in ECB mode.
GetHashCode()	Serves as the default hash function. (Inherited from Object)
GetType()	Gets the Type of the current instance. (Inherited from Object)
MemberwiseClone()	Creates a shallow copy of the current Object. (Inherited from Object)
ToString()	Returns a string that represents the current object. (Inherited from Object)
TryDecryptCbc(ReadOnlySpan<Byte>, ReadOnlySpan<Byte>, Span<Byte>, Int32, PaddingMode)	Attempts to decrypt data into the specified buffer, using CBC mode with the specified padding mode.
TryDecryptCbcCore(ReadOnlySpan<Byte>, ReadOnlySpan<Byte>, Span<Byte>, PaddingMode, Int32)	When overridden in a derived class, attempts to decrypt data into the specified buffer, using CBC mode with the specified padding mode.
TryDecryptCfb(ReadOnlySpan<Byte>, ReadOnlySpan<Byte>, Span<Byte>, Int32, PaddingMode, Int32)	Attempts to decrypt data into the specified buffer, using CFB mode with the specified padding mode and feedback size.
TryDecryptCfbCore(ReadOnlySpan<Byte>, ReadOnlySpan<Byte>, Span<Byte>, PaddingMode, Int32, Int32)	When overridden in a derived class, attempts to decrypt data into the specified buffer, using CFB mode with the specified padding mode and feedback size.
TryDecryptEcb(ReadOnlySpan<Byte>, Span<Byte>, PaddingMode, Int32)	Attempts to decrypt data into the specified buffer, using ECB mode with the specified padding mode.
TryDecryptEcbCore(ReadOnlySpan<Byte>, Span<Byte>, PaddingMode, Int32)	When overridden in a derived class, attempts to decrypt data into the specified buffer, using ECB mode with the specified padding mode.
TryEncryptCbc(ReadOnlySpan<Byte>, ReadOnlySpan<Byte>, Span<Byte>, Int32, PaddingMode)	Attempts to encrypt data into the specified buffer, using CBC mode with the specified padding mode.
TryEncryptCbcCore(ReadOnlySpan<Byte>, ReadOnlySpan<Byte>, Span<Byte>, PaddingMode, Int32)	When overridden in a derived class, attempts to encrypt data into the specified buffer, using CBC mode with the specified padding mode.
TryEncryptCfb(ReadOnlySpan<Byte>, ReadOnlySpan<Byte>, Span<Byte>, Int32, PaddingMode, Int32)	Attempts to encrypt data into the specified buffer, using CFB mode with the specified padding mode and feedback size.
TryEncryptCfbCore(ReadOnlySpan<Byte>, ReadOnlySpan<Byte>, Span<Byte>, PaddingMode, Int32, Int32)	When overridden in a derived class, attempts to encrypt data into the specified buffer, using CFB mode with the specified padding mode and feedback size.
TryEncryptEcb(ReadOnlySpan<Byte>, Span<Byte>, PaddingMode, Int32)	Attempts to encrypt data into the specified buffer, using ECB mode with the specified padding mode.
TryEncryptEcbCore(ReadOnlySpan<Byte>, Span<Byte>, PaddingMode, Int32)	When overridden in a derived class, attempts to encrypt data into the specified buffer, using ECB mode with the specified padding mode.
ValidKeySize(Int32)	Determines whether the specified key size is valid for the current algorithm.

See also

• Cryptographic Services