fix legacy key derivation

shadowsocks-csharp/Encryption/AEAD/AEADEncryptor.cs

@@ -88,15 +88,15 @@ namespace Shadowsocks.Encryption.AEAD
             byte[] passbuf = Encoding.UTF8.GetBytes(password);
             // init master key
             if (_Masterkey == null) _Masterkey = new byte[keyLen];
-            if (_Masterkey.Length < keyLen) Array.Resize(ref _Masterkey, keyLen);
-            DeriveKey(passbuf, _Masterkey);
+            if (_Masterkey.Length != keyLen) Array.Resize(ref _Masterkey, keyLen);
+            DeriveKey(passbuf, _Masterkey, keyLen);
             // init session key
             if (_sessionKey == null) _sessionKey = new byte[keyLen];
         }
 
-        public void DeriveKey(byte[] password, byte[] key)
+        public void DeriveKey(byte[] password, byte[] key, int keylen)
         {
-            StreamEncryptor.LegacyDeriveKey(password, key);
+            StreamEncryptor.LegacyDeriveKey(password, key, keylen);
         }
 
         public void DeriveSessionKey(byte[] salt, byte[] masterKey, byte[] sessionKey)

shadowsocks-csharp/Encryption/EncryptorBase.cs

@@ -71,6 +71,8 @@
         public const int ATYP_DOMAIN = 0x03;
         public const int ATYP_IPv6 = 0x04;
 
+        public const int MD5_LEN = 16;
+
         protected EncryptorBase(string method, string password)
         {
             Method = method;

shadowsocks-csharp/Encryption/Stream/StreamEncryptor.cs

@@ -64,25 +64,25 @@ namespace Shadowsocks.Encryption.Stream
         {
             byte[] passbuf = Encoding.UTF8.GetBytes(password);
             if (_key == null) _key = new byte[keyLen];
-            if (_key.Length < keyLen) Array.Resize(ref _key, keyLen);
-            LegacyDeriveKey(passbuf, _key);
+            if (_key.Length != keyLen) Array.Resize(ref _key, keyLen);
+            LegacyDeriveKey(passbuf, _key, keyLen);
         }
 
-        public static void LegacyDeriveKey(byte[] password, byte[] key)
+        public static void LegacyDeriveKey(byte[] password, byte[] key, int keylen)
         {
-            byte[] result = new byte[password.Length + 16];
+            byte[] result = new byte[password.Length + MD5_LEN];
             int i = 0;
             byte[] md5sum = null;
-            while (i < key.Length) {
+            while (i < keylen) {
                 if (i == 0) {
                     md5sum = MbedTLS.MD5(password);
                 } else {
-                    md5sum.CopyTo(result, 0);
-                    password.CopyTo(result, md5sum.Length);
+                    Array.Copy(md5sum, 0, result, 0, MD5_LEN);
+                    Array.Copy(password, 0, result, MD5_LEN, password.Length);
                     md5sum = MbedTLS.MD5(result);
                 }
-                md5sum.CopyTo(key, i);
-                i += md5sum.Length;
+                Array.Copy(md5sum, 0, key, i, Math.Min(MD5_LEN, keylen - i));
+                i += MD5_LEN;
             }
         }