[Mono-list] AES/CFB Stream Cipher Problem

Sebastien Pouliot sebastien.pouliot at gmail.com
Fri Jan 4 00:54:20 UTC 2013


On Thu, Jan 3, 2013 at 7:40 PM, Drew DeVault <sircmpwn at gmail.com> wrote:
> I get access denied on that bug.

Sorry I had not noticed the bug to be private (I assumed only the
attachment was).

Please fill a (public) bug report and I'll close the private one as a
duplicate (but without leaking information from it). That way everyone
interested can  be on c.c.

> As for the MS implementation, it's

which one ?* the RijndaelManaged one or the AesCryptoServiceProvider
one - because they don't match each other :-( and they should when
Rijndael is set to use 128bits blocks.

* I presume the former based your link to the source code but, right
now (and depending on some settings), Mono is not compatible with
either. OTOH CFB8 (eight being the only feedback size supported for
them) works for other ciphers (e.g. DES, 3DES, RC2).

> compatible with the Java implementation, at least, so it's less likely to be
> incorrect.

one of MS implementations must be ;-)

> How should this be solved? I can't have this only work on Windows with
> MS.NET.

First step is the bug report, along with all the data that can prove useful.

After this you can wait for a fix.... I'm looking into it now but I
can't promise when it will be done (need to be careful not to regress
the other ciphers, CFB or other modes). Mono is also open source so
you're welcome to contribute fixes.

Sebastien

>
> On Thu, Jan 3, 2013 at 3:38 PM, Sebastien Pouliot
> <sebastien.pouliot at gmail.com> wrote:
>>
>> Hello Drew,
>>
>> There was a bug filled yesterday, #9201 [1]. You might want to c.c.
>> yourself to it.
>>
>> FWIW it's not really AES related. MS implementation(s) of CFB are a bit
>> weird.
>>
>> RijndaelManaged does it differently than others .NET ciphers (which is
>> what Mono supports), including AesCryptoServiceProvider (even when the
>> former uses a 128 bits block size).
>>
>> AesManaged does not even support CFB (even if it was, once upon a
>> time, documented as a wrapper on top of RijndaelManaged).
>>
>> Sebastien
>>
>> [1] https://bugzilla.xamarin.com/show_bug.cgi?id=9201
>>
>> On Thu, Jan 3, 2013 at 4:55 PM, Rodrigo Kumpera <kumpera at gmail.com> wrote:
>> > Please file a bug in bugzilla.xamarin.com with a test case.
>> >
>> >
>> >
>> >
>> > On Tue, Jan 1, 2013 at 11:00 PM, Drew DeVault <sircmpwn at gmail.com>
>> > wrote:
>> >>
>> >> I'm having an issue with Mono that does not appear on Microsoft.NET,
>> >> related to AES/CFB encryption with no padding. Firstly, here's my Mono
>> >> version:
>> >>
>> >> Mono JIT compiler version 2.10.8.1 (Debian 2.10.8.1-1ubuntu2.2)
>> >> Copyright (C) 2002-2011 Novell, Inc, Xamarin, Inc and Contributors.
>> >> www.mono-project.com
>> >>         TLS:           __thread
>> >>         SIGSEGV:       altstack
>> >>         Notifications: epoll
>> >>         Architecture:  amd64
>> >>         Disabled:      none
>> >>         Misc:          softdebug
>> >>         LLVM:          supported, not enabled.
>> >>         GC:            Included Boehm (with typed GC and Parallel Mark)
>> >>
>> >> Secondly, I would like to find a solution that does indeed work on this
>> >> version of Mono, because most of my users are on the same version. The
>> >> problem comes
>> >> from using a CryptoStream with a RijndaelManaged cipher. I have
>> >> attached a
>> >> proof of concept to the email, along with the results of running it on
>> >> Windows with
>> >> Microsoft.NET and on Linux Mint 12 with Mono.
>> >>
>> >> The AesStream in the example comes from this project:
>> >>
>> >> https://github.com/SirCmpwn/Craft.Net/blob/master/Craft.Net/AesStream.cs
>> >>
>> >> In short, on Microsoft.NET, writing to the CryptoStream does indeed
>> >> encrypt the data properly, where on Mono, no data is written, and an
>> >> IndexOutOfBoundsException is thrown when trying to read the encrypted
>> >> data.
>> >>
>> >> Drew DeVault
>> >>
>> >> _______________________________________________
>> >> Mono-list maillist  -  Mono-list at lists.ximian.com
>> >> http://lists.ximian.com/mailman/listinfo/mono-list
>> >>
>> >
>
>


More information about the Mono-list mailing list