private ICryptoTransform CreateTransform(byte[] rgbKey, byte[] rgbIV, bool encrypting)
{
// note: rgbIV is guaranteed to be cloned before this method, so no need to clone it again
if (rgbKey == null)
throw new ArgumentNullException(nameof(rgbKey));
long keySize = rgbKey.Length * (long)BitsPerByte;
if (keySize > int.MaxValue || !((int)keySize).IsLegalSize(LegalKeySizes))
throw new ArgumentException(SR.Cryptography_InvalidKeySize, nameof(rgbKey));
if (IsWeakKey(rgbKey))
throw new CryptographicException(SR.Cryptography_InvalidKey_Weak, "DES");
if (IsSemiWeakKey(rgbKey))
throw new CryptographicException(SR.Cryptography_InvalidKey_SemiWeak, "DES");
if (rgbIV == null)
{
if (Mode.UsesIv())
{
rgbIV = new byte[8];
s_rng.GetBytes(rgbIV);
}
}
else
{
// We truncate IV's that are longer than the block size to 8 bytes : this is
// done to maintain backward desktop compatibility with the behavior shipped in V1.x.
// The call to set the IV in CryptoAPI will ignore any bytes after the first 8
// bytes. We'll still reject IV's that are shorter than the block size though.
if (rgbIV.Length < 8)
throw new CryptographicException(SR.Cryptography_InvalidIVSize);
}
BasicSymmetricCipher cipher = new BasicSymmetricCipherCsp(CapiHelper.CALG_DES, Mode, BlockSize / BitsPerByte, rgbKey, 0, false, rgbIV, encrypting);
return UniversalCryptoTransform.Create(Padding, cipher, encrypting);
}