Reputation: 148624
RNGCryptoServiceProvider and Zeros?
walking through some cryptogtaphy stuff , I saw that RNGCryptoServiceProvider has 2 methods :
RNGCryptoServiceProvider.GetNonZeroBytes
and
RNGCryptoServiceProvider.GetBytes
And so I ask :
What is odd with Filling an array of bytes with a cryptographically strong sequence of random value which some (0 or more) of them are zeros ? (it is random values and apparently there wont be many zeros , and still zero is also a regular number)
why did they created the distinguishing ?
Upvotes: 14
Views: 2115
Answers (1)
Reputation: 2344
Within the .NET framework, GetNonZeroBytes(byte[]) is used when generating PKCS#1 padding for RSA encryption, which uses 0x00 as a seperator.
Using a tool like Reflector, you can see it used in RSAPKCS1KeyExchangeFormatter.CreateKeyExchange(byte[]) to implement padding as per RFC 2313, section 8.1.2 (RFC 3218 has some nice ASCII art that demonstrates the byte layout more clearly).
GetNonZeroBytes(byte[]) could also be used to generate salt. The Cryptography StackExchange site has a similar question which suggests that avoiding 0x00 is to help with libraries and APIs that may treat the salt as a zero-terminated string, which would accidentally truncate the salt. However, unless one is using P/Invoke, this is unlikely to be a concern in .NET.
Upvotes: 17
Related Questions
- RNGCryptoServiceProvider - Random Number Review
- using RNGCryptoServiceProvider to generate random string
- RNGCryptoServiceProvider.GetBytes() returns all zeros
- RNGCryptoServiceProvider in .Net Core
- Is it necessary to use RNGCryptoServiceProvider() to generate random number from 0 to 9?
- RNGCryptoServiceProvider in Java
- RNGCryptoServiceProvider: generate random numbers in the range [0, randomMax)
- How to generate non-negative random numbers(integer) using RNGCryptoServiceProvider C#
- Generating random string using RNGCryptoServiceProvider
- RNGCryptoServiceProvider with both min and max inclusive