+2004-02-26 Sebastien Pouliot <sebastien@ximian.com>
+
+ * DES.cs: Same fix as for SymmetricAlgorithm (get_Key is
+ overridden to check for weak keys). Also ensured that no weak keys
+ would be generated.
+ * SymmetricAlgorithm.cs: Return a copy of the key (and IV) so it
+ doesn't get destroyed when dispose is called (in this case the key
+ zeroization is the caller's responsability). Match MS implementation.
+ * TripleDES.cs: Same fix as for SymmetricAlgorithm (get_Key is
+ overridden to check for weak keys). Fix bugzilla #54868.
+
2004-02-12 Sebastien Pouliot <sebastien@ximian.com>
* CryptoStream.cs: Remove the _blockSize assumptions because some
// System.Security.Cryptography.DES
//
// Author:
-// Sergey Chaban (serge@wildwestsoftware.com)
-// Sebastien Pouliot (spouliot@motus.com)
+// Sergey Chaban (serge@wildwestsoftware.com)
+// Sebastien Pouliot <sebastien@ximian.com>
//
// Portions (C) 2002 Motus Technologies Inc. (http://www.motus.com)
+// (C) 2004 Novell (http://www.novell.com)
//
using System;
}
public override byte[] Key {
- get { return base.Key; }
+ get {
+ if (KeyValue == null) {
+ // generate keys as long as we get weak or semi-weak keys
+ GenerateKey ();
+ while (IsWeakKey (KeyValue) || IsSemiWeakKey (KeyValue))
+ GenerateKey ();
+ }
+ return (byte[]) KeyValue.Clone ();
+ }
set {
if (value == null)
throw new ArgumentNullException ();
if (IsWeakKey (value) || IsSemiWeakKey (value))
throw new CryptographicException ();
- base.Key = value;
+
+ KeyValue = (byte[]) value.Clone ();
}
}
//
// Authors:
// Thomas Neidhart (tome@sbox.tugraz.at)
-// Sebastien Pouliot (spouliot@motus.com)
+// Sebastien Pouliot <sebastien@ximian.com>
//
// Portions (C) 2002, 2003 Motus Technologies Inc. (http://www.motus.com)
+// (C) 2004 Novell (http://www.novell.com)
//
using System;
if (this.IVValue == null)
GenerateIV();
- return this.IVValue;
+ return (byte[]) this.IVValue.Clone ();
}
set {
if (value == null)
if (this.KeyValue == null)
GenerateKey();
- return this.KeyValue;
+ return (byte[]) this.KeyValue.Clone ();
}
set {
if (value == null)
// TripleDES.cs: Handles TripleDES (abstract class)
//
// Author:
-// Sebastien Pouliot (spouliot@motus.com)
+// Sebastien Pouliot <sebastien@ximian.com>
//
// (C) 2002, 2003 Motus Technologies Inc. (http://www.motus.com)
+// (C) 2004 Novell (http://www.novell.com)
//
using System;
while (IsWeakKey (KeyValue))
GenerateKey ();
}
- return KeyValue;
+ return (byte[]) KeyValue.Clone ();
}
set {
if (value == null)