c# - Is AesCryptoServiceProvider.GenerateKey safe to use? -
maarten bodewes' comments on this question, suggest aescryptoserviceprovider.generatekey() unsafe use key generation.
we using method generate cryptographically secure keys. looking @ underlying implementation on reference source, generatekey() calls cryptgenkey in win32 api.
i cannot find resources suggest cryptgenkey compromised. safe use implementation?
generatekey safe, implementation on linked question not.
you can not call key = system.text.encoding.ascii.getstring(provider.key); string random byte array, getstring can not used on random binary data used on byte array generaded calling ascii.getbytes. if want store key in string format need use formatting designed store binary data key = convert.tobase64string(provider.key);
Comments
Post a Comment