[Mono-bugs] [Bug 54868][Nor] New - Key obtained from TripleDES SymmetricAlgorithm gets corrupted
bugzilla-daemon@bugzilla.ximian.com
bugzilla-daemon@bugzilla.ximian.com
Wed, 25 Feb 2004 18:33:05 -0500 (EST)
Please do not reply to this email- if you want to comment on the bug, go to the
URL shown below and enter your comments there.
Changed by jluciani@novell.com.
http://bugzilla.ximian.com/show_bug.cgi?id=54868
--- shadow/54868 2004-02-25 18:33:05.000000000 -0500
+++ shadow/54868.tmp.16579 2004-02-25 18:33:05.000000000 -0500
@@ -0,0 +1,158 @@
+Bug#: 54868
+Product: Mono/Class Libraries
+Version: unspecified
+OS: SUSE 9.0
+OS Details: Mono 30.1 + patches
+Status: NEW
+Resolution:
+Severity:
+Priority: Normal
+Component: System
+AssignedTo: mono-bugs@ximian.com
+ReportedBy: jluciani@novell.com
+QAContact: mono-bugs@ximian.com
+TargetMilestone: ---
+URL:
+Cc:
+Summary: Key obtained from TripleDES SymmetricAlgorithm gets corrupted
+
+Description of Problem:
+
+This problem is being encountered in iFolder.
+
+I generate a TripleDES key using a TripleDES SymmetricAlgorithm object and
+save the reference that I obtain from the object in my own object, some
+time later I try to use the key and find out that its contents have been
+cleared out. The problem does not exist under .NET.
+
+Debugging of the problem shows that the key contents are cleared out when
+the SymmetricAlgorithm object is disposed. Sounds to me that a get of the
+"Key" property on the object should return a copy rather of the key being
+held in the object to avoid the problem.
+
+
+Steps to reproduce the problem:
+1. Compile the following application using the command "mcs Test.cs"
+
+using System;
+
+using System.IO;
+using System.Security.Cryptography;
+
+
+namespace TripleDesTest
+
+{
+
+ /// <summary>
+
+ /// Summary description for Class1.
+
+ /// </summary>
+
+ class Test
+
+ {
+
+ /// <summary>
+
+ /// The main entry point for the application.
+
+ /// </summary>
+
+ [STAThread]
+
+ static void Main(string[] args)
+
+ {
+
+ try
+
+ {
+
+ //
+
+ // Generate session key and an IV
+ //
+ SymmetricAlgorithm symAlg = SymmetricAlgorithm.Create("TripleDES");
+ symAlg.GenerateKey();
+ byte[] sessionKey = symAlg.Key;
+ symAlg.GenerateIV();
+ byte[] iv = symAlg.IV;
+
+ // Display the contents of the SessionKey before clearing the
+resources
+ // associated with the symmetry algorithm.
+ Console.WriteLine("sessionKey before invoking symAlg.Clear()");
+ Console.WriteLine("sessionKey.Lenght= {0} contents=",
+sessionKey.Length);
+ foreach (byte b in sessionKey)
+ Console.Write("{0}", b);
+ Console.Write("\n\n");
+
+ // Clear the resources associated with the symmetric algorithm
+used to
+ // generate the key.
+ symAlg.Clear();
+
+ // Re-Display the contents of the SessionKey now that we have
+cleared
+ // the resources associated with the symmetry algorithm.
+ Console.WriteLine("sessionKey after invoking symAlg.Clear()");
+ Console.WriteLine("sessionKey.Lenght= {0} contents=",
+sessionKey.Length);
+ foreach (byte b in sessionKey)
+ Console.Write("{0}", b);
+ Console.Write("\n\n");
+
+ Console.WriteLine("If the contents of sessionKey changed, then
+it is an error.\n");
+ }
+
+ catch (Exception e)
+
+ {
+
+ Console.WriteLine("Exception detected while executing the test");
+
+ throw e;
+
+ }
+
+
+
+ // Keep running until Enter is pressed
+ Console.WriteLine("Press Enter to exit...");
+ Console.ReadLine();
+ }
+
+ }
+
+}
+
+
+2. Execute the application using the command "mono Test.exe"
+
+
+Actual Results:
+
+The sessionKey is displayed by the application before and after
+symAlg.Clear() is called, you will notice that the contents differ.
+
+Expected Results:
+
+The contents of sessionKey should not change after calling symAlg.Clear().
+
+How often does this happen?
+
+This happens all of the time.
+
+Additional Information:
+
+I am working around the problem by creating a copy of the key that I get
+from the SymmetricAlgorithm rather than just saving the reference to the
+object returned by symAlg.Key.
+
+Thanks for your help,
+
+Juan Carlos Luciani