Fixing issue related to salt-to-byte conversion

Velir · Aug 5, 2016 · b0ee1a6 · b0ee1a6
1 parent f139add
commit b0ee1a6
Showing 1 changed file with 11 additions and 1 deletion.
diff --git a/Jabberwocky.Core/Cryptography/AesHmacCryptoService.cs b/Jabberwocky.Core/Cryptography/AesHmacCryptoService.cs
@@ -45,6 +45,7 @@ public static AesHmacCryptoService Create(string secretKey, string digestKey, st
 		public AesHmacCryptoService(CryptoConfiguration config, ISerializationProvider serializationProvider)
 		{
 			if (serializationProvider == null) throw new ArgumentNullException(nameof(serializationProvider));
+			if (!IsCryptoConfigurationValid(config)) throw new ArgumentException("All configuration properties must be valid.", nameof(config));
 			SerializationProvider = serializationProvider;
 
 			_lazyDerivedBytes = new Lazy<KeySaltPair>(() => GenerateDerivedBytes(config));
@@ -147,7 +148,9 @@ protected virtual byte[] ComputeHash(byte[] content)
 		private static KeySaltPair GenerateDerivedBytes(CryptoConfiguration config)
 		{
 			var saltBytes = new byte[SaltSize];
-			Encoding.UTF8.GetBytes(config.InitializationVector, 0, config.InitializationVector.Length, saltBytes, 0);
+			var charSizeInBytes = sizeof(char);
+			var characterCount = Math.Min(SaltSize / charSizeInBytes, config.InitializationVector.Length);
+			Encoding.UTF8.GetBytes(config.InitializationVector, 0, characterCount, saltBytes, 0);
 
 			using (var derivePassword = new Rfc2898DeriveBytes(config.SecretKey, saltBytes))
 			{
@@ -163,6 +166,13 @@ private static KeySaltPair GenerateDerivedBytes(CryptoConfiguration config)
 			}
 		}
 
+		private static bool IsCryptoConfigurationValid(CryptoConfiguration config)
+		{
+			return !string.IsNullOrEmpty(config.DigestKey)
+				   && !string.IsNullOrEmpty(config.InitializationVector)
+				   && !string.IsNullOrEmpty(config.SecretKey);
+		}
+
 		#endregion
 
 		protected struct KeySaltPair