[Mono-dev] Mono Encryption

Thu Oct 16 20:34:36 UTC 2014

Hi Miguel,

I've given it a bit more of a look.

The things that wouldn't work is being able to provide custom decryption
algorithms via the web.config.  Nothing else seems to be affected.

I'll package it up and send it over, thanks for the help.

Thanks,
Martin

On 16 October 2014 21:26, Miguel de Icaza <miguel at xamarin.com> wrote:

> Hello,
>
> I would say, let us wrap up what you have, and then we can review the
> implications that lacking some options might have.
>
> On Thu, Oct 16, 2014 at 3:30 PM, Martin Thwaites <monoforum at my2cents.co.uk
> > wrote:
>
>> Thanks for the quick reply Miguel.
>>
>> The crypto will be at least as secure as the existing MachineKey.Encrypt
>> methods.  It's this page that I've not looked:
>>
>>
>> http://msdn.microsoft.com/en-us/library/system.web.configuration.machinekeycompatibilitymode%28v=vs.110%29.aspx
>>
>> There appears to be some new configuration sections that can change the
>> crypto methods used.  However, I've not looked into them so I'm not sure
>> what they would change.
>>
>> Thanks,
>> Martin
>>
>> On 16 October 2014 20:23, Miguel de Icaza <miguel at xamarin.com> wrote:
>>
>>> In general, a partial implementation is better than no implementation at
>>> all.
>>>
>>> When it comes to crypto, things are a little bit different, and we need
>>> to be more careful.
>>>
>>> What are the things that would not work from the spec?
>>>
>>> Miguel
>>>
>>>
>>>
>>> On Thu, Oct 16, 2014 at 3:20 PM, Martin Thwaites <
>>> monoforum at my2cents.co.uk> wrote:
>>>
>>>> Hi All,
>>>>
>>>> In my latest endeavour to get the aspnetwebstack functioning on mono,
>>>> I've found that the MachineKey.Protect and Unprotect classes aren't
>>>> implemented.
>>>>
>>>> So, I've tried to put together something that would work, but not
>>>> something that meets all the information supplied on MSDN page (e.g.
>>>> framework options).
>>>>
>>>> My question is, I'm piggybacking on the MachineKey.Encrypt/Decrypt
>>>> methods, is this sufficient to be accepted by the community?
>>>>
>>>> Here's the start of what I'm putting together.
>>>>
>>>>
>>>> https://github.com/martinjt/mono/blob/mvc_fixes/mcs/class/System.Web/System.Web.Security/MachineKey.cs
>>>>
>>>> So, would a pull along these lines by accepted, or do all the
>>>> requirements of the MSDN page need to be met?
>>>>
>>>> I'm not asking for a review of the pull right now as I need to check
>>>> against coding standards, and add some more unit tests, just whether a half
>>>> baked (but working) implementation is acceptable.
>>>>
>>>> Thanks,
>>>> Martin
>>>>
>>>> _______________________________________________
>>>> Mono-devel-list mailing list
>>>> Mono-devel-list at lists.ximian.com
>>>> http://lists.ximian.com/mailman/listinfo/mono-devel-list
>>>>
>>>>
>>>
>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ximian.com/pipermail/mono-devel-list/attachments/20141016/d9df58fa/attachment.html>