System.EntryPointNotFoundException when calling KeyDerivation.Pbkdf2 on Windows Server Standard FE
Closed this issue · 4 comments
I use Microsoft.AspNetCore.Cryptography.KeyDerivation.KeyDerivation.Pbkdf2
as part of an ASP.Net 4.5.2 web application. When that application is served using Windows Server Standard FE, then I get the following exception:
System.EntryPointNotFoundException: Unable to find an entry point named BCryptDeriveKeyPBKDF2 in DLL bcrypt.dll.
The server does have a bcrypt.dll, but an old one. From https://msdn.microsoft.com/en-us/library/windows/desktop/dd433795(v=vs.85).aspx I can see that the BCryptDeriveKeyPBKDF2
function is only supported since Windows Server 2008 R2.
I would expect ManagedPbkdf2Provider
to be used instead of Win7Pbkdf2Provider
on a Windows Server older than 2008 R2. OSVersionUtil.GetOSVersion()
only checks for the existence of BCryptKeyDerivation
to return Win8OrLater
, but returns Win7OrLater
as soon as a bcrypt.dll was found. As a result Win7Pbkdf2Provider
is used regardless of whether bcrypt.dll has the BCryptDeriveKeyPBKDF2
function.
This could be fixed by adding another OSVersion
enum value for the general OSVersionUtil.IsWindows
case and leave Win7OrLater
for when BCryptDeriveKeyPBKDF2
exists. Then Pbkdf2Util.GetPbkdf2Provider
could use a new OSVersionUtil.IsWindows7OrLater
check to decide if it should use the Win7Pbkdf2Provider
.
I don't think we support anything older than Windows Server 2008 R2
@Th3BlackShadow What's your OS version?
@muratg Sadly I only wrote down that it was a Windows Server Standard FE. That is what it said in the system configuration window. Since it is pre Windows Server 2008 R2 I assume the version number would be 6.0. Since it was concerning a customer server I cannot log back in to verify.
In the mean time I have downloaded the source and compiled a new version for that customer. It uses ManagedPbkdf2Provider
when BCryptDeriveKeyPBKDF2
does not exist and that worked for them.
I would understand it if you do not want to add extra code to support a Windows version that is older than what the project requires.
@Th3BlackShadow Thanks. Unfortunately pre Windows Server 2008 R2 is not supported by the platform.