Thanks for the reply, Ed. I'm using the .NET APIs for some crypto, and yes for those I use LegalKeySizes. But I use the BC Cipher types as well (IIRC it's for a performance improvement) and I want to correctly report the supported key sizes. And not just for AES but for all the algorithms supported by BC and exposed by PCLCrypto. I guess hard-coding is the way I'll have to go. I'll be guessing I guess since different crypto implementations seem to support different key size ranges and I'm not familiar enough with the BC code base (as in: not at all) to quickly find the key sizes for each one.
In case you or anyone else can quickly do the research for me so I can hard-code the expected results into PCLCrypto, the algorithms PCLCrypto supports today are listed below (together with their key min size, max size, and step size in bits, for .NET and BCrypt implementations): [InlineData(SymmetricAlgorithmName.Aes, 128, 256, 64)] [InlineData(SymmetricAlgorithmName.Des, 64, 64, 0)] [InlineData(SymmetricAlgorithmName.Rc4, 8, 512, 8)] #if WinRT [InlineData(SymmetricAlgorithmName.Rc2, 16, 128, 8)] [InlineData(SymmetricAlgorithmName.TripleDes, 192, 192, 0)] #else [InlineData(SymmetricAlgorithmName.Rc2, 40, 128, 8)] [InlineData(SymmetricAlgorithmName.TripleDes, 128, 192, 64)] On Sat, Nov 28, 2015 at 8:33 PM Edward Ned Harvey (bouncycastle) < bouncycas...@nedharvey.com> wrote: > > From: Andrew Arnott [mailto:andrewarn...@gmail.com] > > > > I want to programmatically enumerate the allowed key sizes for a given > > Cipher. Is there an API to do this? > > If it's a .NET cipher, you can use the LegalKeySizes property > > https://msdn.microsoft.com/en-us/library/system.security.cryptography.symmetricalgorithm.legalkeysizes(v=vs.110).aspx > > If it's a BouncyCastle derivative of IBlockCipher, there is no such > analogous property of IBlockCipher. In fact, by looking at AESFastEngine, > the only time the key size seems to be checked is during > GenerateWorkingKey(), which is called by Init(). There, it's hard-coded in > a private method, to check the Key length, must be 128, 192, or 256. Based > on this, I'd say there is no programmatic way, nor even an enum you could > use. >