[Mono-bugs] [Bug 79499][Min] Changed - PasswordDeriveByte may derive *extra* data differently on ms.net and mono
bugzilla-daemon at bugzilla.ximian.com
bugzilla-daemon at bugzilla.ximian.com
Tue Sep 26 14:32:35 EDT 2006
Please do not reply to this email- if you want to comment on the bug, go to the
URL shown below and enter your comments there.
Changed by sebastien at ximian.com.
http://bugzilla.ximian.com/show_bug.cgi?id=79499
--- shadow/79499 2006-09-26 14:00:21.000000000 -0400
+++ shadow/79499.tmp.27553 2006-09-26 14:32:35.000000000 -0400
@@ -114,6 +114,24 @@
Thank you for all your comments they were very helpful. We are stuck
still because all the examples I find have the PasswordDeriveByte
producing 32 bytes and RijndaelCipher.CreateEncryptor requires 32
bytes as well.
And yeah we are targetting 1.1 so I can't use Rfc2898DeriveBytes.
+
+------- Additional Comments From sebastien at ximian.com 2006-09-26 14:32 -------
+Mono *extra* bytes derivation isn't perfect but it's close enough. So
+you can get the same data, on Mono and MS, by doing:
+
+byte[] data = key.GetBytes (48);
+
+and then split the first 32 bytes for the key and the last 16 bytes
+for the IV (i.e. MS seems to do something *extra* between GetBytes
+calls). You can test/debug this by adding a Console.WriteLine with the
+derived bytes (should be identical between Mono and MS).
+
+Of course doing this doesn't solve any of the issues I mentionned ;-)
+
+A safer variation would be to change the default SHA1 hash algorithm
+(HashName property) to SHA384 or SHA512. This will produce 48 to 64
+"quality" derived bytes (solving one of the issues you currently have
+in your sample).
More information about the mono-bugs
mailing list