This project has moved. For the latest updates, please go here.
2
Vote

CryptographicException thrown if the stream is disposed before it has been fully read in full.

description

Hi,

We've experienced a scenario where by people who are aborting download of an encrypted file cause an exception to be thrown.
 at Security.Cryptography.BCryptNative.SymmetricDecrypt(SafeBCryptKeyHandle key, Byte[] input, Byte[] chainData, BCRYPT_AUTHENTICATED_CIPHER_MODE_INFO& authenticationInfo) in t:\gregz\work\pw_hashing\clrsecurity\svn\Security.Cryptography\src\BCryptNative.cs:line 1001
   at Security.Cryptography.BCryptAuthenticatedSymmetricCryptoTransform.CngTransform(Byte[] input, Int32 inputOffset, Int32 inputCount) in t:\gregz\work\pw_hashing\clrsecurity\svn\Security.Cryptography\src\BCryptAuthenticatedSymmetricCryptoTransform.cs:line 392
   at Security.Cryptography.BCryptAuthenticatedSymmetricCryptoTransform.TransformFinalBlock(Byte[] inputBuffer, Int32 inputOffset, Int32 inputCount) in t:\gregz\work\pw_hashing\clrsecurity\svn\Security.Cryptography\src\BCryptAuthenticatedSymmetricCryptoTransform.cs:line 349
   at System.Security.Cryptography.CryptoStream.FlushFinalBlock()
   at System.Security.Cryptography.CryptoStream.Dispose(Boolean disposing)
   at System.IO.Stream.Close()
   at System.IO.StreamReader.Dispose(Boolean disposing)
   at System.IO.TextReader.Dispose()
   at CryptographyException.UnitTest1.TestMethod1() 
I have attached a scaled down example to demonstrate the problem - it just reads the first 100 bytes of a file and then lets the dispose trigger. You'll see that it throws the CryptographicException as part of the TransformFinalBlock call that is triggered by the CryptoStream.Dispose() call.

I would grateful if you could advise on a fix for this scenario.

file attachments

comments