diff --git a/CHANGELOG.md b/CHANGELOG.md index 792a8aa5..40bed06e 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -31,17 +31,18 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/), - #1690: Replaced GeckoFX (Firefox) with CefSharp (Chromium) - #1325: Language resource files cleanup ### Fixed +- #2096: Corrected encryption code of LegacyRijndaelCryptographyProvider - #2089: Fixed the exception thrown by menu buttons "Documentation" and "Website" - #2087: Fixed application crash, when the update file is launched from the application - #2079: Fixed theme files not being copied to output directory - #1884: Allow setting Port when using MSSQL - #1783: Added missing inheritance properties to SQL scripts -- #1773: Connection issue with mysql - Missing fields in +- #1773: Connection issue with MySql - Missing fields in - #1756: Cannot type any character on MultiSSH toolbar - #1720: Show configuration file name in title of password prompt form - #1713: Sound redirection does not work if Clipboard redirection is set to No - #1632: 1.77.1 breaks RDP drive and sound redirection -- #1610: Menu bar changes to english when canceling options form +- #1610: Menu bar changes to English when canceling options form - #1595: Unhandled exception when trying to browse through non existent multi ssh history with keyboard key strokes - #1589: Update SQL tables instead of rewriting them - #1465: REGRESSION: Smart Cards redirection to Remote Desktop not working diff --git a/mRemoteNG/Security/SymmetricEncryption/LegacyRijndaelCryptographyProvider.cs b/mRemoteNG/Security/SymmetricEncryption/LegacyRijndaelCryptographyProvider.cs index bc325095..212d2183 100644 --- a/mRemoteNG/Security/SymmetricEncryption/LegacyRijndaelCryptographyProvider.cs +++ b/mRemoteNG/Security/SymmetricEncryption/LegacyRijndaelCryptographyProvider.cs @@ -32,24 +32,25 @@ namespace mRemoteNG.Security.SymmetricEncryption try { using var aes = Aes.Create(); - using var md5 = MD5.Create(); - var key = md5.ComputeHash(Encoding.UTF8.GetBytes(strSecret.ConvertToUnsecureString())); + aes.BlockSize = BlockSizeInBytes * 8; - md5.Clear(); - aes.Key = key; - aes.GenerateIV(); + using (var md5 = MD5.Create()) + { + var key = md5.ComputeHash(Encoding.UTF8.GetBytes(strSecret.ConvertToUnsecureString())); + aes.Key = key; + aes.GenerateIV(); + } - using var ms = new MemoryStream(aes.IV); + using var ms = new MemoryStream(); + ms.Write(aes.IV, 0, BlockSizeInBytes); - var cs = new CryptoStream(ms, aes.CreateEncryptor(), CryptoStreamMode.Write); + using var cs = new CryptoStream(ms, aes.CreateEncryptor(), CryptoStreamMode.Write); var data = Encoding.UTF8.GetBytes(strToEncrypt); cs.Write(data, 0, data.Length); cs.FlushFinalBlock(); var encdata = ms.ToArray(); - cs.Close(); - aes.Clear(); return Convert.ToBase64String(encdata); } @@ -70,11 +71,13 @@ namespace mRemoteNG.Security.SymmetricEncryption try { using var aes = Aes.Create(); - using var md5 = MD5.Create(); - var key = md5.ComputeHash(Encoding.UTF8.GetBytes(password.ConvertToUnsecureString())); + aes.BlockSize = BlockSizeInBytes * 8; - md5.Clear(); - aes.Key = key; + using (var md5 = MD5.Create()) + { + var key = md5.ComputeHash(Encoding.UTF8.GetBytes(password.ConvertToUnsecureString())); + aes.Key = key; + } var ciphertext = Convert.FromBase64String(ciphertextBase64); @@ -87,7 +90,6 @@ namespace mRemoteNG.Security.SymmetricEncryption using var cryptoStream = new CryptoStream(ms, aes.CreateDecryptor(), CryptoStreamMode.Read); using var streamReader = new StreamReader(cryptoStream, Encoding.UTF8, true); var plaintext = streamReader.ReadToEnd(); - aes.Clear(); return plaintext; }