It looks like this is actually a .NET Framework issue - something is wrong with System.Security.Cryptography.AesCryptoServiceProvider object's finalizer. The following console application can be used to reproduce the issue without using any Rebex code:
using System;
using System.Security.Cryptography;
...
static void Main()
{
while (true)
{
for (int i = 0; i < 1000; i++)
{
SymmetricAlgorithm aes = new AesCryptoServiceProvider();
for (int j = 0; j < 16; j++)
{
aes.Key = new byte[32];
}
//aes.Clear();
}
Console.WriteLine("Press X to exit and any other key to try again.");
if (Console.ReadKey().Key == ConsoleKey.X)
break;
}
}
This code triggers the MDA message you describe after several runs. Could you please try running this code and confirm that it behaves the same way at your machine?
In Rebex SFTP, we only use two instances of AesCryptoServiceProvider per SFTP session. It looks like creating 1000s of instances is not the real cause of the issue, but triggers a situation where it occurs. Uncommenting the aes.Clear()
line solves the problem.
We are now looking into possibilities of how to work around this issue. Obviously, explicitly disposing the AES CSP object in Sftp.Disconnect/Sftp.Dispose would solve it if the programmer actually calls these methods, so that's the first thing we'll do. But it's unclear whether anything can be done if the SFTP session is not explicitly shut down.