[Mono-list] AES/CFB Stream Cipher Problem

Drew DeVault sircmpwn at gmail.com
Fri Jan 4 00:56:32 UTC 2013


The bug report has been filed, but in the meantime, it's important that a
workaround for mono 2.10.x is found, because most of my users are using it.
It is the latest version in Debian stable, after all.


On Thu, Jan 3, 2013 at 5:54 PM, Sebastien Pouliot <
sebastien.pouliot at gmail.com> wrote:

> On Thu, Jan 3, 2013 at 7:40 PM, Drew DeVault <sircmpwn at gmail.com> wrote:
> > I get access denied on that bug.
>
> Sorry I had not noticed the bug to be private (I assumed only the
> attachment was).
>
> Please fill a (public) bug report and I'll close the private one as a
> duplicate (but without leaking information from it). That way everyone
> interested can  be on c.c.
>
> > As for the MS implementation, it's
>
> which one ?* the RijndaelManaged one or the AesCryptoServiceProvider
> one - because they don't match each other :-( and they should when
> Rijndael is set to use 128bits blocks.
>
> * I presume the former based your link to the source code but, right
> now (and depending on some settings), Mono is not compatible with
> either. OTOH CFB8 (eight being the only feedback size supported for
> them) works for other ciphers (e.g. DES, 3DES, RC2).
>
> > compatible with the Java implementation, at least, so it's less likely
> to be
> > incorrect.
>
> one of MS implementations must be ;-)
>
> > How should this be solved? I can't have this only work on Windows with
> > MS.NET.
>
> First step is the bug report, along with all the data that can prove
> useful.
>
> After this you can wait for a fix.... I'm looking into it now but I
> can't promise when it will be done (need to be careful not to regress
> the other ciphers, CFB or other modes). Mono is also open source so
> you're welcome to contribute fixes.
>
> Sebastien
>
> >
> > On Thu, Jan 3, 2013 at 3:38 PM, Sebastien Pouliot
> > <sebastien.pouliot at gmail.com> wrote:
> >>
> >> Hello Drew,
> >>
> >> There was a bug filled yesterday, #9201 [1]. You might want to c.c.
> >> yourself to it.
> >>
> >> FWIW it's not really AES related. MS implementation(s) of CFB are a bit
> >> weird.
> >>
> >> RijndaelManaged does it differently than others .NET ciphers (which is
> >> what Mono supports), including AesCryptoServiceProvider (even when the
> >> former uses a 128 bits block size).
> >>
> >> AesManaged does not even support CFB (even if it was, once upon a
> >> time, documented as a wrapper on top of RijndaelManaged).
> >>
> >> Sebastien
> >>
> >> [1] https://bugzilla.xamarin.com/show_bug.cgi?id=9201
> >>
> >> On Thu, Jan 3, 2013 at 4:55 PM, Rodrigo Kumpera <kumpera at gmail.com>
> wrote:
> >> > Please file a bug in bugzilla.xamarin.com with a test case.
> >> >
> >> >
> >> >
> >> >
> >> > On Tue, Jan 1, 2013 at 11:00 PM, Drew DeVault <sircmpwn at gmail.com>
> >> > wrote:
> >> >>
> >> >> I'm having an issue with Mono that does not appear on Microsoft.NET,
> >> >> related to AES/CFB encryption with no padding. Firstly, here's my
> Mono
> >> >> version:
> >> >>
> >> >> Mono JIT compiler version 2.10.8.1 (Debian 2.10.8.1-1ubuntu2.2)
> >> >> Copyright (C) 2002-2011 Novell, Inc, Xamarin, Inc and Contributors.
> >> >> www.mono-project.com
> >> >>         TLS:           __thread
> >> >>         SIGSEGV:       altstack
> >> >>         Notifications: epoll
> >> >>         Architecture:  amd64
> >> >>         Disabled:      none
> >> >>         Misc:          softdebug
> >> >>         LLVM:          supported, not enabled.
> >> >>         GC:            Included Boehm (with typed GC and Parallel
> Mark)
> >> >>
> >> >> Secondly, I would like to find a solution that does indeed work on
> this
> >> >> version of Mono, because most of my users are on the same version.
> The
> >> >> problem comes
> >> >> from using a CryptoStream with a RijndaelManaged cipher. I have
> >> >> attached a
> >> >> proof of concept to the email, along with the results of running it
> on
> >> >> Windows with
> >> >> Microsoft.NET and on Linux Mint 12 with Mono.
> >> >>
> >> >> The AesStream in the example comes from this project:
> >> >>
> >> >>
> https://github.com/SirCmpwn/Craft.Net/blob/master/Craft.Net/AesStream.cs
> >> >>
> >> >> In short, on Microsoft.NET, writing to the CryptoStream does indeed
> >> >> encrypt the data properly, where on Mono, no data is written, and an
> >> >> IndexOutOfBoundsException is thrown when trying to read the encrypted
> >> >> data.
> >> >>
> >> >> Drew DeVault
> >> >>
> >> >> _______________________________________________
> >> >> Mono-list maillist  -  Mono-list at lists.ximian.com
> >> >> http://lists.ximian.com/mailman/listinfo/mono-list
> >> >>
> >> >
> >
> >
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ximian.com/pipermail/mono-list/attachments/20130103/7ebd5209/attachment-0001.html>


More information about the Mono-list mailing list