[Mono-dev] RSA and ECDH
Brandon Perry
bperry.volatile at gmail.com
Sun Feb 16 18:22:58 UTC 2014
On 02/16/2014 11:33 AM, Edward Ned Harvey (mono) wrote:
> Ideally, yeah, but realistically, behavior will deviate. (See my other question, about the non-existence of ECDiffieHellman. Existence vs Non-existence is a pretty big deviation.) ;-) The important thing is that the API remain functionally equivalent.
But they aren't functionally equivalent, the ctors do not function
equivalently. It is only syntactically equivalent. This is, arguably, a bug.
> Not long ago, I discovered that PKCS12.GetBytes() in MS behaves fine with a blank password, while mono fails on blank password. And the hash algorithm is basically restricted to SHA1, as deviation from SHA1 causes mono to fail a lot. Which is fine, but the point is, deviations do exist. Some more dramatic than others.
Yep, agreed. I have found deviations as well. Doesn't mean they should
exist. Especially if the reason is to make unit tests perform faster, as
the below comment suggests was a main reason. You are no longer testing
the same functionality as you would be if that unit test were running on
.NET.
>
> This particular difference, generating key in constructor versus only when necessary, as far as I'm concerned, is not a bug, and not an issue. Because the API remains the same. On the other hand, the non-existent ECDiffieHellman is a significant missing feature, and the non-acceptance of blank password is a legitimate bug that nobody cares about. ;-) (Not even me)
>
> In RSACryptoServiceProvider.cs constructor, there is this comment:
>
> // Here it's not clear if we need to generate a keypair
> // (note: MS implementation generates a keypair in this case).
> // However we:
> // (a) often use this constructor to import an existing keypair.
> // (b) take a LOT of time to generate the RSA keypair
> // So we'll generate the keypair only when (and if) it's being
> // used (or exported). This should save us a lot of time (at
> // least in the unit tests).
>
According to this, behaviour deviation is not desired.
http://www.mono-project.com/FAQ:_Technical#Compatibility
However, this is a large deviation from your original question of speed
(pun intended). It may be related though.
More information about the Mono-devel-list
mailing list