From a46758f9403b5b7e7e7957290279cf86ccc25d2a Mon Sep 17 00:00:00 2001 From: Yihezkel Schoenbrun Date: Wed, 10 Aug 2022 19:05:27 +0300 Subject: [PATCH] =?UTF-8?q?The=20Rfc2898DeriveBytes=20constructor=20used?= =?UTF-8?q?=20is=20called=20out=20as=20insecure=20in=20.NET=207,=20because?= =?UTF-8?q?=20it=E2=80=99s=20insecure=20to=20use=20defaults=20for=20the=20?= =?UTF-8?q?number=20of=20iterations=20and=20hashing=20algorithm.=20The=20f?= =?UTF-8?q?ix=20is=20to=20pass=20those=20(secure)=20values=20in=20the=20ve?= =?UTF-8?q?rsions=20of=20.NET=20that=20support=20it.?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- src/ICSharpCode.SharpZipLib/Encryption/ZipAESTransform.cs | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/src/ICSharpCode.SharpZipLib/Encryption/ZipAESTransform.cs b/src/ICSharpCode.SharpZipLib/Encryption/ZipAESTransform.cs index 5aced2d71..6c84be691 100644 --- a/src/ICSharpCode.SharpZipLib/Encryption/ZipAESTransform.cs +++ b/src/ICSharpCode.SharpZipLib/Encryption/ZipAESTransform.cs @@ -76,7 +76,11 @@ public ZipAESTransform(string key, byte[] saltBytes, int blockSize, bool writeMo _encrPos = ENCRYPT_BLOCK; // Performs the equivalent of derive_key in Dr Brian Gladman's pwd2key.c +#if NET472_OR_GREATER || NETSTANDARD2_1_OR_GREATER || NETCOREAPP2_0_OR_GREATER + var pdb = new Rfc2898DeriveBytes(key, saltBytes, KEY_ROUNDS, HashAlgorithmName.SHA1); +#else var pdb = new Rfc2898DeriveBytes(key, saltBytes, KEY_ROUNDS); +#endif var rm = Aes.Create(); rm.Mode = CipherMode.ECB; // No feedback from cipher for CTR mode _counterNonce = new byte[_blockSize]; @@ -160,7 +164,7 @@ public byte[] GetAuthCode() /// public byte[] TransformFinalBlock(byte[] inputBuffer, int inputOffset, int inputCount) { - if(inputCount > 0) + if (inputCount > 0) { throw new NotImplementedException("TransformFinalBlock is not implemented and inputCount is greater than 0"); }