Monday, September 8, 2008

C# WEPkey generator

By Mark van den Broek

A Wepkey generator for protecting your wireless LAN

Introduction
Whatever bad you may have heard about WEP (Wired Equivalent Privacy) encryption for wireless networks, not using it is asking for trouble. Usually, it is quick and easy to set up, and at the very least, it doesn't cost you anything!

However, generating random WEP keys to use can be a pain - it's difficult to think up new ones, and if you want good security on your wireless network, you need to change them regularly. I found a JavaScript based WepKey Generator at Warewolf Labs and got so inspired, so I had to make a WepKey generator in C#. The entire code was written in JavaScript, and have kindly made the code available free for distribution (many thanks to them for a great job!) Several method calls in JavaScript don't exist in the .NET framework, so I had to create an equivalent for them. The second thing that I had to do was to re-package the entire regenerated C# code into an object oriented jacket. This can be a kind of handy when you want to inherit the WepKey class into your own projects. Using this application, you can generate good strong WEP keys for your wireless LAN! A good primer on WEP key setup and terms is located here.

First of all, this application can be divided into two sections:

One, create a WepKey based on a custom Pass phrase.
Two, generate a pseudo random WepKey by selecting the corresponding length required by your hardware.
First, I had to create a resource for my application to match the entered pass phrases. The first array is a char array that can hold up to 95 most used (ASCII) characters. The second is a string array that holds the same length as the ASCII array.

Collapse
///
/// Two public static array's for serving as a resource
/// witch will be used to match the input (string) value.
/// Both array's share the same index.
///

///
/// These are the 95 most possible characters from witch
/// to choose for generating the WEP key.
///

public static char [] asciiArray = new char[95] {
' ', '!', '"', '#', '$', '%', '&', '\'', '(', ')',
'*', '+', ',', '-', '.', '/','0', '1', '2', '3',
'4', '5', '6', '7', '8', '9', ':', ';', '<', '=',
'>', '?', '@', 'A', 'B', 'C', 'D', 'E', 'F', 'G',
'H', 'I', 'J', 'K', 'L', 'M', 'N', 'O', 'P', 'Q',
'R', 'S', 'T', 'U', 'V', 'W', 'X', 'Y', 'Z', '[',
'\\', ']', '^', '_', '\'', 'a', 'b', 'c', 'd', 'e',
'f', 'g', 'h', 'i', 'j', 'k', 'l', 'm', 'n', 'o',
'p', 'q', 'r', 's', 't', 'u', 'v', 'w', 'x', 'y',
'z', '{', '|', '}', '~'
};
///
/// 95 HEX value's that uses the ASCII index from above.
///

public static string [] hexArray = new string [95] {
"20","21","22","23","24","25","26","27","28","29",
"2A","2B","2C","2D","2E","2F","30","31","32","33",
"34","35","36","37","38","39","3A","3B","3C","3D",
"3E","3F","40","41","42","43","44","45","46","47",
"48","49","4A","4B","4C","4D","4E","4F","50","51",
"52","53","54","55","56","57","58","59","5A","5B",
"5C","5D","5E","5F","60","61","62","63","64","65",
"66","67","68","69","6A","6B","6C","6D","6E","6F",
"70","71","72","73","74","75","76","77","78","79",
"7A","7B","7C","7D","7E"
};
The first option in this application is to create a Custom WepKey by entering a pass phrase. The custom pass phrase string is separated into characters which have been individual matched in the (ASCII) resource array and returns an integer index number. This number will be re consumed by the second method StringToHex to collect the HEX equivalent, and will be merged into one string that finally will be returned to the caller.

///
/// This method actually iterates trough the length
/// of the passphrase to match each character in
/// the Resources.asciiArray using the method LocateAciiIndex.
/// Finally the actually result is matched in the Resources.hexArray
/// and returns the result in variable string Result.
/// Finally string Result is returned to the caller.
///

public string StringToHex() {
int i = (int)InitialValue.DefaultIntegerValue; int j = i;
string Result = string.Empty;
try {
for (i = (int)InitialValue.DefaultIntegerStartValue;
i < WepString.Length; i++) {
j = this.LocateAsciiIndex(WepString[i]);
Result += Resources.hexArray[j];
}
}
catch (System.IndexOutOfRangeException ex) {
Messaging.WepKeyMessage(ex.Message,
Messaging.MessageIcon.Critical());
}
return Result;
}
The second option in this application, probable the strongest, is to create a pseudo random WepKey. It uses pretty much the same methods; the only thing is that GenerateStrongKey now gives the pass phrase.

///
/// This method first clears the class string variable 'WepString';
/// then instatiate an Random object;
/// Then the speudo random generated integer is used
/// as an index to resolves an character
/// in Resources.asciiArray. The speudo random generated integer
/// is actually limited to the max length of Resources.asciiArray.
/// Foreach character resolved in Resources.asciiArray puts
/// the actually result in the class variable WepString.
/// Finally this method returns the combined character string.
///

///
/// (5/13/16/29 bytes for 64/128/152/256-bit WEP
///

public string GenerateStrongKey(int type) {
this.WepString = string.Empty;
Random rdm = new Random();

for (int i = (int)InitialValue.DefaultIntegerStartValue; i < type; i++) {
this.WepString +=
Resources.asciiArray[rdm.Next(Resources.asciiArray.Length)];
}
return this.StringToHex();
}
When creating WepKey's, you must consider using 'strongly generated wepkey's' for your own protection, but that choice is up to you!

More...
http://www.codeproject.com/KB/security/wepkey_generator.aspx

ASP.Net Feeds