Forum Xamarin.iOS


The Xamarin Forums have officially moved to the new Microsoft Q&A experience. Microsoft Q&A is the home for technical questions and answers at across all products at Microsoft now including Xamarin!

To create new threads and ask questions head over to Microsoft Q&A for .NET and get involved today.

Rijndael Class

Hi all,
I have a simple encryption class which i use for all my windows based apps.
I need to share data between windows apps and iOS apps. I did a simple decrypt test on iOS, everything seems to work but during decrypt process on iOS the first 8 bytes decrypted are incorrect. Any help/idea??

many thanks


  • JasonAwbreyJasonAwbrey USInsider, University, Developer Group Leader mod

    Please post some sample code

  • poupoupoupou CAMember, Xamarin Team Xamurai

    That's generally a sign that your IV (initialization vector) is incorrect.

  • cecco77cecco77 ITMember

    That's generally a sign that your IV (initialization vector) is incorrect.

    Yes it is! But it's a bit strange..
    This was my code:
    PasswordDeriveBytes pdb = new PasswordDeriveBytes(Password, Salt);
    Byte[] encryptedData = Encrypt(clearBytes, pdb.GetBytes(32), pdb.GetBytes(16));
    where Password is a String, Salt a fixed Byte[13].
    Well, pdb.GetBytes(32) return exactly the same Bytes Array on both Win and iOS but pdb.GetBytes(16) won't get the same on both Os.
    I figure it out and I changed the code this way:
    Byte[] encryptedData = Encrypt(clearBytes, pdb.GetBytes(32), IV);
    where IV is a fixed Byte[16] got from Win. For now it's ok! Because my Password remains the same, but if would I change Password at runtime?

  • poupoupoupou CAMember, Xamarin Team Xamurai

    You're misusing the PasswordDeriveBytes class. Sadly MS extended the PKCS#5 algorithm and made it easy to misuse (asking too much data from it, it should not be more than the hash algorithm can produce - IOW 20 bytes for SHA1).

    Much worse the extension made is buggy and insecure. Mono does not support this undocumented extension (even if it was documented it's totally broken).

    I strongly suggest you to update your code to use Rfc2898DeriveBytes, which is based on a newer version of PKCS#5 (2.0) and does not AFAIK suffers from buggy/insecure extensions.

  • cecco77cecco77 ITMember

    Yes I know, i was wondering if it was a simple workaround.

Sign In or Register to comment.