@@ -12,44 +12,53 @@ public class Rfc2898DeriveBytes : DeriveBytes
12
12
{
13
13
public Rfc2898DeriveBytes ( byte [ ] password , byte [ ] salt , int iterations )
14
14
{
15
- Salt = salt ;
16
- IterationCount = iterations ;
15
+ if ( salt == null )
16
+ throw new ArgumentNullException ( "salt" ) ;
17
+ if ( salt . Length < MinimumSaltSize )
18
+ throw new ArgumentException ( SR . Cryptography_PasswordDerivedBytes_FewBytesSalt , "salt" ) ;
19
+ if ( iterations <= 0 )
20
+ throw new ArgumentOutOfRangeException ( "iterations" , SR . ArgumentOutOfRange_NeedPosNum ) ;
17
21
if ( password == null )
18
22
throw new NullReferenceException ( ) ; // This "should" be ArgumentNullException but for compat, we throw NullReferenceException.
23
+
24
+ _salt = salt . CloneByteArray ( ) ;
25
+ _iterations = ( uint ) iterations ;
19
26
_password = password . CloneByteArray ( ) ;
20
27
_hmacSha1 = new HMACSHA1 ( _password ) ;
21
28
22
- // We "should" call Initialize() here but we've already called it twice indirectly through setting the Salt and IterationCount properties.
23
- return ;
29
+ Initialize ( ) ;
24
30
}
25
31
26
- public Rfc2898DeriveBytes ( String password , byte [ ] salt )
32
+ public Rfc2898DeriveBytes ( string password , byte [ ] salt )
27
33
: this ( password , salt , 1000 )
28
34
{
29
35
}
30
36
31
- public Rfc2898DeriveBytes ( String password , byte [ ] salt , int iterations )
37
+ public Rfc2898DeriveBytes ( string password , byte [ ] salt , int iterations )
32
38
: this ( new UTF8Encoding ( false ) . GetBytes ( password ) , salt , iterations )
33
39
{
34
40
}
35
41
36
- public Rfc2898DeriveBytes ( String password , int saltSize )
42
+ public Rfc2898DeriveBytes ( string password , int saltSize )
37
43
: this ( password , saltSize , 1000 )
38
44
{
39
45
}
40
46
41
- public Rfc2898DeriveBytes ( String password , int saltSize , int iterations )
47
+ public Rfc2898DeriveBytes ( string password , int saltSize , int iterations )
42
48
{
43
49
if ( saltSize < 0 )
44
50
throw new ArgumentOutOfRangeException ( "saltSize" , SR . ArgumentOutOfRange_NeedNonNegNum ) ;
51
+ if ( saltSize < MinimumSaltSize )
52
+ throw new ArgumentException ( SR . Cryptography_PasswordDerivedBytes_FewBytesSalt , "saltSize" ) ;
53
+ if ( iterations <= 0 )
54
+ throw new ArgumentOutOfRangeException ( "iterations" , SR . ArgumentOutOfRange_NeedPosNum ) ;
45
55
46
- Salt = Helpers . GenerateRandom ( saltSize ) ;
47
- IterationCount = iterations ;
56
+ _salt = Helpers . GenerateRandom ( saltSize ) ;
57
+ _iterations = ( uint ) iterations ;
48
58
_password = new UTF8Encoding ( false ) . GetBytes ( password ) ;
49
59
_hmacSha1 = new HMACSHA1 ( _password ) ;
50
60
51
- // We "should" call Initialize() here but we've already called it twice indirectly through setting the Salt and IterationCount properties.
52
- return ;
61
+ Initialize ( ) ;
53
62
}
54
63
55
64
public int IterationCount
@@ -79,7 +88,7 @@ public byte[] Salt
79
88
{
80
89
if ( value == null )
81
90
throw new ArgumentNullException ( "value" ) ;
82
- if ( value . Length < 8 )
91
+ if ( value . Length < MinimumSaltSize )
83
92
throw new ArgumentException ( SR . Cryptography_PasswordDerivedBytes_FewBytesSalt ) ;
84
93
_salt = value . CloneByteArray ( ) ;
85
94
Initialize ( ) ;
@@ -204,5 +213,6 @@ private byte[] Func()
204
213
private int _endIndex ;
205
214
206
215
private const int BlockSize = 20 ;
216
+ private const int MinimumSaltSize = 8 ;
207
217
}
208
218
}
0 commit comments