| Age | Commit message (Collapse) | Author |
|---|
|
|
|
When a BIT STRING or OCTET STRING is implicitly tagged using a tag from the
context-specific, application, or private tag classes and has a constructed
representation, the outer tag is the specified tag and the inner tags are 03 or 04.
In the deserializer the correct tag was used for TryGetPrimitive[Type]Bytes, but
that returns false for indefinite length encodings (because the content bytes
are not contiguous). During the fallback to TryCopy[Type]Bytes the expected
tag value was not passed along, so the read operation failed with a tag
mismatch.
Now we correctly pass the expected tag, so TryCopy[Type]Bytes matches the
expected outer tag and continues with the constructed encoding (definite or
indefinite length) rules for the BIT STRING or OCTET STRING value.
Character string types also have TryGetPrimitive overloads, but these aren't
used in the deserializer, currently only the string-allocating forms are
supported.
|
|
|
|
|
|
callsites (#28962)
|
|
|
|
* Remove apis that duplicate implicit operators.
https://github.com/dotnet/corefx/issues/26894
Last set of approved api changes from this issue.
Since we have to get this in by 3/7, we're doing
the minbar here of removing the methods from the
reference assemblies only and (in some cases) adding the
"api" internally in some test assemblies rather
than clean up dozens of individual callsites.
(I wouldn't be surprised if we end up adding
these back in the next version anyway...)
* Fix infinite stack overflow
* PR Feedback
|
|
* Rename string-slicing extension methods
As part of
https://github.com/dotnet/corefx/issues/26894
the api folks have approved renaming AsROSpan and AsROMemory
on string instances to AsSpan and AsMemory (as the "readonly"
is obvious given the read-only nature of the input.)
This puts the renaming in effect. Basically a big search-replace
commit.
* Fix OpenSSL build break
* I see this is going to be a treadmill
|
|
This change adds API to consume, and produce, cryptographic timestamp tokens compliant with RFC 3161, or with the RFC 5816's extensions to support certificate thumbprint algorithms other than SHA-1.
In addition to the low-level production and consumption, accelerator API exists for applying RFC 3161 Appendix A rules for (counter-)signing a SignedCMS SignerInfo signature.
|
|
Without this change the AsnWriter class always sends the last "rented" array to
the garbage collector. Since arrays from the array pool are expected to be
gen-2 highly reused objects this has unfortunate consequences for both
the induced trickle allocation and Gen2 pressure.
Now it's IDisposable, and the Dispose implementation will return the rented array.
|
|
* Convert uses of the Dangerous APIs to use MemoryMarshal.GetReference
* Fix unresolved merge conflict.
* Add using directive
* Add missing using directives.
* Add references to System.Memory
|
|
TimeSpan.From* rounds to the millisecond, but the writer is 10000x as precise,
so make the reader be as precise as the writer.
For future work around cryptographic timestamps the microseconds and
hundred-nanoseconds might be relevant.
|
|
This enables serialization and deserialization of [StructLayout(LayoutKind.Sequential)] types to/from ASN.1 BER/CER/DER data streams.
Ambiguous types (like string) require attributes to identify their ASN.1 representation, and other attributes exist to optionally control the serialization mechanism (such as [OptionalValue], [ExpectedTag], [AnyValue]).
For background, see ITU-T-REC-X.680-201508 (ASN.1 language).
|
|
The AsnReader type can read any BER-encoded value for the types that it supports (for tag values up to int.MaxValue). It also understands the CER and DER restrictions, and when reading in those modes it will enforce the restrictions that those encoding rulesets dictate. Callers who want minimal validation can just read in BER mode.
The AsnWriter type mostly writes in DER (except where CER demands a different encoding). The only significant "BER-relaxation" it takes is that closing a SET OF value will not sort the contents.
Reference materials:
* ITU-T-REC-X.680-201508 (ASN.1 language, and some semantics behind the values)
* ITU-T-REC-X.690-201508 (the BER encoding family (BER, CER, DER))
|
|
Because our data is bounded within a .NET array it cannot exceed 2GB, so
anything that looks to be larger is a read error.
Additionally, multi-byte tags are fairly rare, and we would process one as a one
byte tag and a corrupt length, so detect that we're about to go invalid and stop
early.
|
|
* Moving PlatformDetection to Corefx.Private.TestUtilities assembly
The purpose of this change is to clean up all test projects instead of including the PlatformDetection code inside every test project, we’ll have it in the Corefx.Private.TestUtilities.
I have refactored the PlatformDetection to split the different implementation of Windows and Linux. If we need to do more refactoring there we can do it later as needed.
* Fix Linux BB
* Update the xunit package reference
* Fix wrong condition on one of the tests
* Update the ConditionalFact/Theory to use Type as a parameter
|
|
* Move AssertExtensions to Corefx.Private.TestUtilities
* Update csprojs
* Fix Linq.Expressions uapaot build
|
|
|
|
AssertExtensions (#21455)
* Registry
* Collections
* ComponentModel
* Configuration
* Data
* Globalization
* Drawing
* Diagnostics
* IO
* Linq
* Add System.Net param names in tests
* Move ArgumentExceptions in System.Private.Xml to AssertExtensions
* Add System.Reflection.* ArgumentException param names
* Add param names for System.Runtime* ArgumentExceptions
* Add ArgumentException param names to System.Security.*
* Add ArgumentException param names to System.Text.*
* Add param names to ArgumentExceptions in misc projects
* Add System.Threading.* ArgumentException param names
* Fix missing files
* Fixes for unix and netfx
* Fix more failures and revert a IdnaConformance tests to avoid merge conflicts with #21463
|
|
|
|
Bulk update to AssertExtensions.Throws for AOT support. This doesn't disable Assert.Throws.
|
|
Conflicts:
netci.groovy
src/System.Net.Security/src/System/Net/Security/SecureChannel.cs
src/System.Security.Cryptography.X509Certificates/src/Internal/Cryptography/Pal.Unix/OpenSslX509Encoder.cs
src/System.Security.Cryptography.X509Certificates/src/Resources/Strings.resx
src/System.Security.Cryptography.X509Certificates/tests/Cert.cs
src/System.Security.Cryptography.X509Certificates/tests/CollectionImportTests.cs
src/System.Security.Cryptography.X509Certificates/tests/CollectionTests.cs
src/System.Security.Cryptography.X509Certificates/tests/PfxTests.cs
src/System.Security.Cryptography.X509Certificates/tests/X509StoreTests.cs
|
|
macOS (#16445)
Broken by this change:
* A lot of TLS CipherSuites have no metadata defined.
* macOS does not support version skipping in TLS. So `Tls | Tls12` is an invalid choice.
In this change:
General:
* All OSStatus related exceptions now look up the error message.
X509Certificates:
* X509Certificate moves to using SecCertificateRef from OpenSSL's X509.
* X509 metadata comes from a managed reader after being loaded by Security.framework,
due to the significant amount of data that has no public export in Apple's libraries.
* Significant code was factored out to be shared by OpenSSL and Apple implementations for X500DistinguishedName and X509Certficate2Collection.Find.
* Loading a PFX (or, rather, the private keys from a PFX) via Apple's platform
requires importing into a Keychain, and a Keychain requires a file on disk.
A temporary keychain is created during cert loading and erased when safe.
Like the perphemeral key load on Windows this can leak files due to
abnormal program termination.
* The X.509 My store for CurrentUser and LocalMachine are the default (user) and System keychains.
* The X.509 Root store is an interpretation of the Apple SecTrustSettings data.
* The X.509 Disallowed store hasn't been implemented yet, but should be a very small change.
* Other X.509 stores cannot be created due to keychain complexity.
HttpClient:
* Initialization no longer wakes up OpenSSL
SslStream:
* New implementation based on Apple SecureTransport.
* Currently has support for SNI (for AuthenticateAsClient)
|
|
|
|
|
|
* Cleanup netstandard conditions in csproj files
* Cleanup netstandard17 ifdefs
* Disable failing tests
|
|
Conflicts:
src/System.Security.Cryptography.Encoding/src/Configurations.props
src/System.Security.Cryptography.Encoding/src/System.Security.Cryptography.Encoding.csproj
|
|
|
|
The changes onclude some other minor clean up in the test project files
|
|
|
|
Conflicts:
src/Common/tests/System/Security/Cryptography/AlgorithmImplementations/DSA/DSASignVerify.cs
src/System.Security.Cryptography.Algorithms/src/Resources/Strings.resx
src/System.Security.Cryptography.Encoding/src/System.Security.Cryptography.Encoding.builds
src/System.Security.Cryptography.Encoding/src/project.json
|
|
* Add ValidateVSConfigurations
* Update project config and sln files.
|
|
|
|
|
|
build.proj (#14663)
* [WIP]Created src\tests.proj which is mostly building all tests
* Convert test project .builds to Configuration.props
* Fix test paths in targetingpack.props, move test-runtime.
* Move test-runtime under external.
* Rename RuntimeDir->RuntimePath in targetingpacks.props and
Xunit.Runtime.depproj.
* Remove test-runtime project.json from the SupplementalTestData list in
dir.targets.
* Remove XUnit.Runtime.depproj from tests.proj
* Convert test .builds files to Configuration.props.
* Revert "Convert test project .builds to Configuration.props"
This reverts commit 1efc4d9a02d1c2eced0f20a544abcbcd0092f40c.
* Fix compilation error in System.Collections.Concurrent.Tests
* Fix condition in System.Collections ref project
* Fix two more Collections test project issues
* Add Configuration.props for System.Collections ref
* Fix TargetGroup conditions in System.Collections.Tests.csproj.
* Fix compilation problems with NameResoltion.Pal.Tests.
* Fix compilation errors in SqlClient Stress tests
* Fix IO.Compression.Performance tests compilation
* Fix compilation and configurations of System.Net.Http.Unit.Tests.csproj.
* Fix compilation issues in System.Private.Xml.Linq tests
* Disable XsltScenarios.Tests project, like it was before.
* Fix missing DefineConstants for System.Linq ref project.
* Fix compilation of System.Net.Primitives.Pal.Tests.csproj
* Fix compilation of System.Net.Primitives.UnitTests.Tests.csproj
* Fix compilation of System.Security.Cryptography.Cng.Tests.csproj.
* Fix compilation of System.Net.Primitives reference project
* Fix compilation of System.Net.Security ref project
* Fix compilation of SYstem.Net.Security.Tests.csproj
* Fix configuration of X509Certificates ref project
* Fix compilation errors in System.Net.Http.Unit.Tests.csproj
* Fix Common.Tests.csproj
* Fix System.Diagnostics.Debug.Tests.csproj
* Fix Microsoft.Win32.Registry.Tests.csproj
* Add runtime.native.System.Data.SqlClient.sni to external project
* Fix System.Diagnostics.TraceSource.Tests.csproj
* Fix System.IO.Compression.Performance.Tests.csproj
* Move supplemental test data into test-runtime/project.json
* Fix System.IO.FileSystem.Watcher.Tests.csproj
* Fix System.IO.FileSystem.Tests.csproj
* Fix System.IO.Pipes.AccessControl.Tests.csproj
* Fix System.IO.MemoryMappedFiles.Tests.csproj
* Fix System.IO.Pipes.Tests.csproj
* Fix System.Json.Tests.csproj
* Add missing supplemental test data for net security tests
* Fix resource names in System.Xml.XPath.XDocument.Tests.csproj
* Fix Assembly.Location test case
* Fix assembly loading paths in DefaultLoadContextTest.cs
* Fix issues in System.Runtime.Loader.Tests.csproj
* Fix RootNamespace in ResourceManager tests
* Mark OpenSSL tests as unsupported on Windows
* Fix RootNamespace in System.Xml.XPath.Tests.csproj
* Fix RootNamespace in System.Xml.XPath.XmlDocument.Tests.csproj
* Fix System.IO.Compression.Tests.csproj
* Add missing Configurations.props files for System.Net projects
* Fix compilation issues in WinHttpHandler tests
* Add fixes and a workaround for Linq.Expressions tests
* Add workaround for System.Runtime.Tests
* Use extension methods explicitly in Ref.Emit tests
* Hook up test projects into build
* Fix build configuration of Crypto.Primitives for netcoreapp
* Enable VB tests outside Windows
* Enable Mail tests outside windows
* Don't run Unsafe tests outside windows
* Don't build Unsafe tests outside Windows
* Don't build WebServer project outside of Windows.
* Fix corerun path for Unix tests.
* Fix casing of 'Native' directory in NETCoreApp private pkgproj
* Remove runtime-specific stuff from Xunit.Runtime.depproj
* Move tests into a separate project ('tests.msbuild') which isn't built in build.proj
* Remove duplicate types from NameResolution.Pal tests
* Skip tests in a project if there is no compatible configuration.
* Include internal socket types only on Windows in NameResolution tests
* Manually fix S.R.InteropServices configurations
* Rename tests.msbuild -> tests.builds
* Manually fix System.Text.Encoding.Tests.csproj configuration
* Manually fix System.Threading.Tests configuration
* Manually clean up System.Runtime.Tests.csproj
* Fix System.IO.FileSystem.Tests configurations
* Manually fix System.Globalization.Tests configurations
* Manually fix System.IO.Pipes.Tests configurations
* Manually fix System.IO.Compression.Tests configurations
* Manually fix System.Runtime.Extensions.Tests configurations
* Manually fix System.IO.MemoryMappedFiles.Tests configurations
* Manually fix S.Diagnostics.Process.Tests configurations
* Manually fix System.ComponentModel.TypeConverter.Tests configurations
* Misc PR feedback.
* Use HostRunnerName instead of HostRunner in Process tests
* Fix configurations for S.ServiceProcess.ServiceController.Tests
* Revert to using ConfigurationErrorMsg to check if tests should be skipped.
Configuration still defaults to 'Debug' even if there is no valid configuration.
|
|
Apple's Security framework doesn't seem to expose any OID resolution or
ASN.1/DER pretty-printing, so the "make a native call here" functions just
always report that they have failed.
The pretty-printing of SubjectAlternativeName was manually written into this
library to retain support for libraries which are parsing the ToString output.
|
|
(#14482)
|
|
(#13476)
* Moving part of System.Security.Permissions down to System.Runtime.Extensions
|
|
Move all of System.IO into System.Runtime.Extensions.
Finish moving System.IO.Primitives into System.Runtime.
|
|
During the ECDSA-on-AppleCrypto work it was observed that two of the three
supported curves didn't import successfully due to the curve OIDs being
incorrect. These curves both had a sub-identifier with value 0, which was not
correctly handled by the DerEncoder class.
By changing while (!=0) to do..while(!=0) the 0-subidentifier gets a zero byte
pushed onto the data stack, making it encode as { 0x00 } instead of { }.
Added tests for both reading and writing.
|
|
Restore this common project.json upfront to improve sync time and avoid download contention from nuget.
|
|
|
|
beta-24614-00, respectively
|
|
beta-24613-00, respectively
|
|
|
|
|
|
|
|
This reverts commit 631f21b4c277f557e6482a4ed77e206884b7634a, reversing
changes made to 374a387de011924040a34bad825f2f2e951603a1.
|
|
beta-24607-00, respectively
|
|
|
