[Mono-bugs] [Bug 79499][Min] Changed - PasswordDeriveByte may derive *extra* data differently on ms.net and mono

bugzilla-daemon at bugzilla.ximian.com bugzilla-daemon at bugzilla.ximian.com
Tue Sep 26 14:32:35 EDT 2006

Please do not reply to this email- if you want to comment on the bug, go to the
URL shown below and enter your comments there.

Changed by sebastien at ximian.com.


--- shadow/79499	2006-09-26 14:00:21.000000000 -0400
+++ shadow/79499.tmp.27553	2006-09-26 14:32:35.000000000 -0400
@@ -114,6 +114,24 @@
 Thank you for all your comments they were very helpful. We are stuck
 still because all the examples I find have the PasswordDeriveByte
 producing 32 bytes and RijndaelCipher.CreateEncryptor requires 32
 bytes as well. 
 And yeah we are targetting 1.1 so I can't use Rfc2898DeriveBytes.
+------- Additional Comments From sebastien at ximian.com  2006-09-26 14:32 -------
+Mono *extra* bytes derivation isn't perfect but it's close enough. So
+you can get the same data, on Mono and MS, by doing:
+byte[] data = key.GetBytes (48);
+and then split the first 32 bytes for the key and the last 16 bytes
+for the IV (i.e. MS seems to do something *extra* between GetBytes
+calls). You can test/debug this by adding a Console.WriteLine with the
+derived bytes (should be identical between Mono and MS).
+Of course doing this doesn't solve any of the issues I mentionned ;-)
+A safer variation would be to change the default SHA1 hash algorithm
+(HashName property) to SHA384 or SHA512. This will produce 48 to 64
+"quality" derived bytes (solving one of the issues you currently have
+in your sample).

More information about the mono-bugs mailing list