Notice (2018-05-24): bugzilla.xamarin.com is now in
Please join us on
Visual Studio Developer Community and in the
Mono organizations on
GitHub to continue tracking issues. Bugzilla will remain
available for reference in read-only mode. We will continue to work
on open Bugzilla bugs, copy them to the new locations
as needed for follow-up, and add the new items under Related
Our sincere thanks to everyone who has contributed on this bug
tracker over the years. Thanks also for your understanding as we
make these adjustments and improvements for the future.
Please create a new report on
GitHub or Developer Community with
your current version information, steps to reproduce, and relevant error
messages or log files if you are hitting an issue that looks similar to
this resolved bug and you do not yet see a matching new report.
Created attachment 14892 [details]
## Steps to reproduce
1. Install Xamarin.iOS 22.214.171.124
2. Build and run sample
3. Enter a value, such as 6, and tap "Update"
4. Close the app
5. Install Xamarin.iOS 126.96.36.199
6. Clean, re-build and run
7. App will crash
## Expected result
No crash, data should be decrypted
## Actual result
System.Security.Cryptography.CryptographicException: Bad PKCS7 padding. Error found at position 14.
at Crimson.CommonCrypto.FastCryptorTransform.ThrowBadPaddingException (PaddingMode padding, Int32 length, Int32 position) [0x0004d] in /Users/builder/data/lanes/2689/962a0506/source/maccore/src/CommonCrypto/FastCryptorTransform.cs:198
at Crimson.CommonCrypto.FastCryptorTransform.FinalDecrypt (System.Byte inputBuffer, Int32 inputOffset, Int32 inputCount) [0x00177] in /Users/builder/data/lanes/2689/962a0506/source/maccore/src/CommonCrypto/FastCryptorTransform.cs:317
at Crimson.CommonCrypto.FastCryptorTransform.TransformFinalBlock (System.Byte inputBuffer, Int32 inputOffset, Int32 inputCount) [0x0001e] in /Users/builder/data/lanes/2689/962a0506/source/maccore/src/CommonCrypto/FastCryptorTransform.cs:345
at System.Security.Cryptography.CryptoStream.Read (System.Byte buffer, Int32 offset, Int32 count) [0x00318] in /Users/builder/data/lanes/2689/962a0506/source/maccore/_build/Library/Frameworks/Xamarin.iOS.framework/Versions/git/src/mono/external/referencesource/mscorlib/system/security/cryptography/cryptostream.cs:278
at System.IO.StreamReader.ReadBuffer () [0x0002b] in /Users/builder/data/lanes/2689/962a0506/source/maccore/_build/Library/Frameworks/Xamarin.iOS.framework/Versions/git/src/mono/external/referencesource/mscorlib/system/io/streamreader.cs:601
at System.IO.StreamReader.ReadToEnd () [0x00055] in /Users/builder/data/lanes/2689/962a0506/source/maccore/_build/Library/Frameworks/Xamarin.iOS.framework/Versions/git/src/mono/external/referencesource/mscorlib/system/io/streamreader.cs:466
at TestAppForXamarin.Crypto.DecryptStringFromBytes_Aes (System.Byte cipherText) [0x000b8] in /Users/Adam/Downloads/TestAppForXamarin/TestAppForXamarin/Crypto.cs:123
at TestAppForXamarin.Crypto.Decrypt (System.String cipherBytes) [0x00009] in /Users/Adam/Downloads/TestAppForXamarin/TestAppForXamarin/Crypto.cs:41
at TestAppForXamarin.ViewController.ViewDidLoad () [0x0003d] in /Users/Adam/Downloads/TestAppForXamarin/TestAppForXamarin/ViewController.cs:24
at at (wrapper managed-to-native) UIKit.UIApplication:UIApplicationMain (int,string,intptr,intptr)
at UIKit.UIApplication.Main (System.String args, IntPtr principal, IntPtr delegate) [0x00005] in /Users/builder/data/lanes/2689/962a0506/source/maccore/src/UIKit/UIApplication.cs:77
at UIKit.UIApplication.Main (System.String args, System.String principalClassName, System.String delegateClassName) [0x00038] in /Users/builder/data/lanes/2689/962a0506/source/maccore/src/UIKit/UIApplication.cs:61
at TestAppForXamarin.Application.Main (System.String args) [0x00008] in /Users/Adam/Downloads/TestAppForXamarin/TestAppForXamarin/Main.cs:12
Verified in the iOS Simulator.
Encrypting and decrypting while using the same version of Xamarin.iOS appears to work - the issue occurs when previously encrypted data is decrypted on a newer version of Xamarin.iOS
This is hitting the common crypto code, could you guys take a look?
That's weird as CommonCrypto code did not change between those versions. The fact that it fails in common crypto code is "normal" since it's the only part that will do validation (which can only be done on the decrypted data).
A lot of other things (like CryptoStream) are now coming from MS RS code and might influence the process. I'll have a look to figure out where the issue is coming from.
As I thought this is an issue in Mono/BCL, nothing to do with XI.
If you encrypt with mono 4.0 (C5) and try to decrypt with 4.2.2 (C6) or master you'll get the exception. E.g.
I strongly suspect the CryptoStream form MS RS not playing well with other parts of mono (not updated to use MS RS).
Did some testing. The current (master) behavior is compatible with the behavior of Microsoft .NET. The 4.0 behavior is not.
After investigation, we have found that the problem is with PasswordDeriveBytes, and is the same root cause as an issue previously seen at https://bugzilla.xamarin.com/show_bug.cgi?id=37370
We have added a section to the 4.2.1 release notes documenting the problem:
Please see that note but, short version:
- Pre-4.2 are incompatible with Microsoft.NET; 4.2 and following are compatible with .NET but incompatible with pre-4.2. Because compatibility with Microsoft.NET is what we consider "correct", we will not be reverting this.
- If you need compatibility with pre-4.2, there is a small source package for an alternate version of PasswordDeriveBytes linked in the 4.2.1 release notes. If you embed the alternate PasswordDeriveBytes in your application and use it instead of the corlib version, it will encode and decode your files created with 4.0. This should solve your problem.
- If possible you should migrate off of PasswordDeriveBytes and onto Rfc2898DeriveBytes, which is compatible across all versions of Mono and MS.NET
Thanks for the clear explanation. The workaround in the release notes is working.