[Mono-bugs] [Bug 81006][Nor] Changed - MachineKeySection.MakeKey: Invalid key length
bugzilla-daemon at bugzilla.ximian.com
bugzilla-daemon at bugzilla.ximian.com
Fri Aug 10 08:35:17 EDT 2007
Please do not reply to this email- if you want to comment on the bug, go to the
URL shown below and enter your comments there.
Changed by mhabersack at novell.com.
http://bugzilla.ximian.com/show_bug.cgi?id=81006
--- shadow/81006 2007-07-09 15:03:46.000000000 -0400
+++ shadow/81006.tmp.19393 2007-08-10 08:35:17.000000000 -0400
@@ -96,6 +96,81 @@
validationKey='13D963EE8E8CEA018E00D6321D374433856FFDCAED6DEF41CDB7A66D4FA07A231576C69AB9DA982DD9D32E7C3FAF0635155A677FD5428EA5DF7E52908BCC5F21'
decryptionKey='7CAAE45C5BFAC133F80791453C959986'
validation='SHA1' decryption='AES' />
------- Additional Comments From miguel at ximian.com 2007-07-09 15:03 -------
Please provide a self-contained test and reopen the bug
+
+------- Additional Comments From mhabersack at novell.com 2007-08-10 08:35 -------
+I'm not sure if it is a bug. The key is not AES, but 3DES. After
+changing the decryption key type to 3DES, I get the following:
+
+System.Security.Cryptography.CryptographicException: This is a known
+weak, or semi-weak, key.
+ at System.Security.Cryptography.DESTransform..ctor
+(System.Security.Cryptography.SymmetricAlgorithm symmAlgo, Boolean
+encryption, System.Byte[] key, System.Byte[] iv) [0x00093] in
+/usr/src/tmp/mono/mcs/class/corlib/System.Security.Cryptography/DESCryptoServiceProvider.cs:442
+
+ at System.Security.Cryptography.TripleDESTransform..ctor
+(System.Security.Cryptography.TripleDES algo, Boolean encryption,
+System.Byte[] key, System.Byte[] iv) [0x000d3] in
+/usr/src/tmp/mono/mcs/class/corlib/System.Security.Cryptography/TripleDESCryptoServiceProvider.cs:116
+
+ at
+System.Security.Cryptography.TripleDESCryptoServiceProvider.CreateDecryptor
+(System.Byte[] rgbKey, System.Byte[] rgbIV) [0x00000] in
+/usr/src/tmp/mono/mcs/class/corlib/System.Security.Cryptography/TripleDESCryptoServiceProvider.cs:63
+
+ at System.Security.Cryptography.SymmetricAlgorithm.CreateDecryptor
+() [0x00000] in
+/usr/src/tmp/mono/mcs/class/corlib/System.Security.Cryptography/SymmetricAlgorithm.cs:220
+
+ at System.Web.Security.MembershipProvider.DecryptPassword
+(System.Byte[] encodedPassword) [0x00010] in
+/usr/src/tmp/mono/mcs/class/System.Web/System.Web.Security/MembershipProvider.cs:111
+
+ at WSUS.PostgreSQLMembershipProvider.UnEncodePassword (System.String
+encodedPassword) [0x00025] in
+/home/grendel/Projects/work/wsus/aplikacja/providers/PostgreSQLMembershipProvider.cs:1334
+
+ at WSUS.PostgreSQLMembershipProvider.CheckPassword (System.String
+password, System.String dbpassword) [0x0002f] in
+/home/grendel/Projects/work/wsus/aplikacja/providers/PostgreSQLMembershipProvider.cs:1251
+
+ at WSUS.PostgreSQLMembershipProvider.ValidateUser (System.String
+username, System.String password) [0x000d1] in
+/home/grendel/Projects/work/wsus/aplikacja/providers/PostgreSQLMembershipProvider.cs:1081
+
+ at System.Web.UI.WebControls.Login.AuthenticateUser () [0x00076] in
+/usr/src/tmp/mono/mcs/class/System.Web/System.Web.UI.WebControls/Login.cs:1267
+
+ at System.Web.UI.WebControls.Login.OnBubbleEvent (System.Object
+source, System.EventArgs e) [0x00024] in
+/usr/src/tmp/mono/mcs/class/System.Web/System.Web.UI.WebControls/Login.cs:1100
+
+ at System.Web.UI.Control.RaiseBubbleEvent (System.Object source,
+System.EventArgs args) [0x00070] in
+/usr/src/tmp/mono/mcs/class/System.Web/System.Web.UI/Control.cs:1069
+ at System.Web.UI.WebControls.Button.OnCommand
+(System.Web.UI.WebControls.CommandEventArgs e) [0x00030] in
+/usr/src/tmp/mono/mcs/class/System.Web/System.Web.UI.WebControls/Button.cs:255
+
+ at System.Web.UI.WebControls.Button.RaisePostBackEvent
+(System.String eventArgument) [0x00027] in
+/usr/src/tmp/mono/mcs/class/System.Web/System.Web.UI.WebControls/Button.cs:271
+
+ at
+System.Web.UI.WebControls.Button.System.Web.UI.IPostBackEventHandler.RaisePostBackEvent
+(System.String eventArgument) [0x00000] in
+/usr/src/tmp/mono/mcs/class/System.Web/System.Web.UI.WebControls/Button.cs:235
+
+ at System.Web.UI.Page.RaisePostBackEvent (IPostBackEventHandler
+sourceControl, System.String eventArgument) [0x0002c] in
+/usr/src/tmp/mono/mcs/class/System.Web/System.Web.UI/Page.cs:1527
+ at System.Web.UI.Page.RaisePostBackEvents () [0x0000c] in
+/usr/src/tmp/mono/mcs/class/System.Web/System.Web.UI/Page.cs:1480
+ at System.Web.UI.Page.InternalProcessRequest () [0x002aa] in
+/usr/src/tmp/mono/mcs/class/System.Web/System.Web.UI/Page.cs:1384
+ at System.Web.UI.Page.ProcessRequest (System.Web.HttpContext
+context) [0x00058] in
+/usr/src/tmp/mono/mcs/class/System.Web/System.Web.UI/Page.cs:1202
More information about the mono-bugs
mailing list