Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Change FeedbackSize on Rijndael wrappers to delegate to implementation. #46686

Merged
merged 4 commits into from Jan 7, 2021
Merged

Change FeedbackSize on Rijndael wrappers to delegate to implementation. #46686

merged 4 commits into from Jan 7, 2021

Conversation

vcsjones
Copy link
Member

@vcsjones vcsjones commented Jan 7, 2021
edited

The FeedbackSize on RijndaelManaged and RijndaelImplementation were not
accurately reflecting the feedback size that the actual implementation
was using. The FeedbackSize would report 128, however the implementation
defaults to 8, so CFB8 is actually what was being used.

Likewise, the setter for FeedbackSize on the Rijndael types had no
effect. The implementation's default feedback size of 8 would always
be used.

Closes #46672

@vcsjones
Change FeedbackSize on Rijndael wrappers to delegate to implementation.
6dc815c 
The FeedbackSize on RijndaelManaged and RijndaelImplementation were not
accurately reflecting the feedback size that the actual implementation
was using. The FeedbackSize would report 128, however the implementation
defaults to 8, so CFB8 is actually what was being used.

Likewise, the setter for FeedbackSize on the Rijndael types had no
effect. The implementation's default feedback size of 8 would always
be used.
@ghost
Copy link

ghost commented Jan 7, 2021

Tagging subscribers to this area: @bartonjs, @vcsjones, @krwq
See info in area-owners.md if you want to be subscribed.

Issue Details

The FeedbackSize on RijndaelManaged and RijndaelImplementation were not
accurately reflecting the feedback size that the actual implementation
was using. The FeedbackSize would report 128, however the implementation
defaults to 8, so CFB8 is actually what was being used.

Likewise, the setter for FeedbackSize on the Rijndael types had no
effect. The implementation's default feedback size of 8 would always
be used.

Contributes to #46672

Author: vcsjones
Assignees: -
Labels:

area-System.Security
Milestone: -

@vcsjones
Copy link
Member Author

vcsjones commented Jan 7, 2021
edited

@bartonjs This PR makes the "least breaking" change. If we were doing this before .NET 5 shipped, we'd also want to set _impl.FeedbackSize = 128 in the constructor of RijndaelManaged and RijndaelImplementation. This would be desirable to match .NET Framework's default feedback size, but would break the (effective) default feedback size for the Rijndael types used in .NET 5 RTM.

It might be worth considering making this change anyway - the Rijndael types exist purely for compatibility reasons. It would seem strange that compatibility types are not... compatible.

@bartonjs
Copy link
Member

bartonjs commented Jan 7, 2021

Yeah, let's go ahead and try it as the "NetFX compatible" version.

@vcsjones
Change FeedbackSize to match .NET Framework default.
a9d2cbc
@vcsjones
Fix test to not re-use Rijndael instances.
45066e6 
We wanted to explicitly test the default FeedbackSize property without
ever setting it.
@vcsjones
Copy link
Member Author

vcsjones commented Jan 7, 2021

@bartonjs Changed.

@vcsjones
Copy link
Member Author

vcsjones commented Jan 7, 2021

I will eventually remember about Windows 7 / CFB stuff. Speaking of which @bartonjs, if you decide to backport this it should probably be done manually (which I am happy to do) to account for the CFB8 differences in .NET 5 vs. 6 in Windows 7.

@vcsjones
Copy link
Member Author

vcsjones commented Jan 7, 2021

Failing mono test is addressed by #46699.

@bartonjs
Copy link
Member

bartonjs commented Jan 7, 2021

if you decide to backport this ...

Yeah, we probably should, just to try to limit the amount of damage (at least the workaround is easy, just assign the mode to CFB8).

... it should probably be done manually (which I am happy to do)

Nice, much appreciated :)

@bartonjs bartonjs merged commit 595c616 into dotnet:master Jan 7, 2021
@vcsjones vcsjones deleted the 46672-rijndael-feedback-size branch January 7, 2021 23:06
@vcsjones vcsjones mentioned this pull request Jan 7, 2021
Merged
@runfoapp runfoapp bot mentioned this pull request Jan 8, 2021
Open
@dotnet dotnet locked as resolved and limited conversation to collaborators Feb 7, 2021
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@bartonjs bartonjs bartonjs approved these changes

Assignees
No one assigned
Labels
area-System.Security
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

AES with CipherMode.CFB and PaddingMode.PKCS7 incompatible between .NET Framework and .NET5.0
3 participants
@vcsjones @bartonjs @Dotnet-GitSync-Bot