Age | Commit message (Collapse) | Author |
|
|
|
* Partial cleanup of `Internal.Cryptography.Helpers`.
At the moment, each of the `System.Security.Cryptography.*` projects defines its own
`Internal.Cryptography.Helpers` and several of them contain identical helper methods
such as for instance `CloneByteArray()`.
This causes problems for Mono when we're trying to combine pieces from multiple of these
projects into our assemblies.
This is a partial cleanup, which adds a `partial` modifier to all these classes and
moves the `CloneByteArray()` into a new shared file.
* Add the missing file to `System.Security.Cryptography.X509Certificates`.
* Make it build.
* Unconditionally include the common Helpers.cs.
|
|
* Don't write a separator after the empty DN
* Make T61String behave like it does on Windows (UTF-8 with a Latin-1 fallback)
* Use the managed decoder on Linux, instead of a lot of P/Invokes back into OpenSSL.
|
|
* Reducing chances of polluting SSL error queue (#29351)
|
|
When a BIT STRING or OCTET STRING is implicitly tagged using a tag from the
context-specific, application, or private tag classes and has a constructed
representation, the outer tag is the specified tag and the inner tags are 03 or 04.
In the deserializer the correct tag was used for TryGetPrimitive[Type]Bytes, but
that returns false for indefinite length encodings (because the content bytes
are not contiguous). During the fallback to TryCopy[Type]Bytes the expected
tag value was not passed along, so the read operation failed with a tag
mismatch.
Now we correctly pass the expected tag, so TryCopy[Type]Bytes matches the
expected outer tag and continues with the constructed encoding (definite or
indefinite length) rules for the BIT STRING or OCTET STRING value.
Character string types also have TryGetPrimitive overloads, but these aren't
used in the deserializer, currently only the string-allocating forms are
supported.
|
|
|
|
|
|
callsites (#28962)
|
|
And use it from X509Chain.ChainStatus rather than its own FormatMessage DllImport. Normally we don't care as much about exceptional paths that FormatMessage would be used on, but it shows up on success paths with X509 where certificate validation failures are known and ignored by a custom validation routine.
|
|
|
|
* Remove apis that duplicate implicit operators.
https://github.com/dotnet/corefx/issues/26894
Last set of approved api changes from this issue.
Since we have to get this in by 3/7, we're doing
the minbar here of removing the methods from the
reference assemblies only and (in some cases) adding the
"api" internally in some test assemblies rather
than clean up dozens of individual callsites.
(I wouldn't be surprised if we end up adding
these back in the next version anyway...)
* Fix infinite stack overflow
* PR Feedback
|
|
* Rename string-slicing extension methods
As part of
https://github.com/dotnet/corefx/issues/26894
the api folks have approved renaming AsROSpan and AsROMemory
on string instances to AsSpan and AsMemory (as the "readonly"
is obvious given the read-only nature of the input.)
This puts the renaming in effect. Basically a big search-replace
commit.
* Fix OpenSSL build break
* I see this is going to be a treadmill
|
|
This change adds API to consume, and produce, cryptographic timestamp tokens compliant with RFC 3161, or with the RFC 5816's extensions to support certificate thumbprint algorithms other than SHA-1.
In addition to the low-level production and consumption, accelerator API exists for applying RFC 3161 Appendix A rules for (counter-)signing a SignedCMS SignerInfo signature.
|
|
Without this change the AsnWriter class always sends the last "rented" array to
the garbage collector. Since arrays from the array pool are expected to be
gen-2 highly reused objects this has unfortunate consequences for both
the induced trickle allocation and Gen2 pressure.
Now it's IDisposable, and the Dispose implementation will return the rented array.
|
|
|
|
* Convert uses of the Dangerous APIs to use MemoryMarshal.GetReference
* Fix unresolved merge conflict.
* Add using directive
* Add missing using directives.
* Add references to System.Memory
|
|
TimeSpan.From* rounds to the millisecond, but the writer is 10000x as precise,
so make the reader be as precise as the writer.
For future work around cryptographic timestamps the microseconds and
hundred-nanoseconds might be relevant.
|
|
With this change there become 5 builds of the Pkcs package:
* netstandard
* Used by UWP
* EnvelopedCms: no
* SignedCms:
* RSA-PKCS1: yes
* RSA-PSS: limited verification, no signature
* ECDSA: yes
* DSA: no (not defined in netstandard20)
* The silent option to signing has no effect
* netcoreapp-Windows_NT
* Used by .NET Core on Windows
* EnvelopedCms: yes (same as .NET Core 1.0 implementaiton)
* SignedCms:
* RSA-PKCS1: yes
* RSA-PSS: limited verification, no signature
* ECDSA: yes
* DSA: yes (FIPS-186-3)
* The silent option to signing is respected
* netcoreapp
* Used by .NET Core on Linux, macOS
* EnvelopedCms: no
* SignedCms:
* RSA-PKCS1: yes
* RSA-PSS: limited verification, no signature
* ECDSA: yes
* DSA: yes (FIPS-186-3)
* The silent option to signing has no effect
* netfx
* The current state of .NET Framework is
* EnvelopedCms: yes
* SignedCms:
* RSA-PKCS1: yes
* RSA-PSS: no
* ECDSA: no
* DSA: FIPS-186-2 only
* The silent option to signing is respected
* netstandard-Windows_NT
* Probably not used by anything. Is the netcoreapp-Windows_NT build, without DSA.
For RSA-PSS, it is supported if all of
* the platform supports it
* MGF1 is used
* the message digest algorithm, PSS digest algorithm, and MGF1 digest algorithm all match
* the PSS salt size is the same as the digest size
* the standard PSS trailer identifier (1) is used
Since there is no API to indicate RSA-PKCS1 or RSA-PSS at signing time, only
RSA-PKCS1 signatures can be generated for RSA keys.
The SignedCms implementation for .NET Core does the CMS message
packing and unpacking directly (via the ASN.1 serializer), using the existing
system-based cryptographic primitives where crypto is done.
|
|
This enables serialization and deserialization of [StructLayout(LayoutKind.Sequential)] types to/from ASN.1 BER/CER/DER data streams.
Ambiguous types (like string) require attributes to identify their ASN.1 representation, and other attributes exist to optionally control the serialization mechanism (such as [OptionalValue], [ExpectedTag], [AnyValue]).
For background, see ITU-T-REC-X.680-201508 (ASN.1 language).
|
|
The AsnReader type can read any BER-encoded value for the types that it supports (for tag values up to int.MaxValue). It also understands the CER and DER restrictions, and when reading in those modes it will enforce the restrictions that those encoding rulesets dictate. Callers who want minimal validation can just read in BER mode.
The AsnWriter type mostly writes in DER (except where CER demands a different encoding). The only significant "BER-relaxation" it takes is that closing a SET OF value will not sort the contents.
Reference materials:
* ITU-T-REC-X.680-201508 (ASN.1 language, and some semantics behind the values)
* ITU-T-REC-X.690-201508 (the BER encoding family (BER, CER, DER))
|
|
Because our data is bounded within a .NET array it cannot exceed 2GB, so
anything that looks to be larger is a read error.
Additionally, multi-byte tags are fairly rare, and we would process one as a one
byte tag and a corrupt length, so detect that we're about to go invalid and stop
early.
|
|
* Moving PlatformDetection to Corefx.Private.TestUtilities assembly
The purpose of this change is to clean up all test projects instead of including the PlatformDetection code inside every test project, we’ll have it in the Corefx.Private.TestUtilities.
I have refactored the PlatformDetection to split the different implementation of Windows and Linux. If we need to do more refactoring there we can do it later as needed.
* Fix Linux BB
* Update the xunit package reference
* Fix wrong condition on one of the tests
* Update the ConditionalFact/Theory to use Type as a parameter
|
|
* Move AssertExtensions to Corefx.Private.TestUtilities
* Update csprojs
* Fix Linq.Expressions uapaot build
|
|
|
|
AssertExtensions (#21455)
* Registry
* Collections
* ComponentModel
* Configuration
* Data
* Globalization
* Drawing
* Diagnostics
* IO
* Linq
* Add System.Net param names in tests
* Move ArgumentExceptions in System.Private.Xml to AssertExtensions
* Add System.Reflection.* ArgumentException param names
* Add param names for System.Runtime* ArgumentExceptions
* Add ArgumentException param names to System.Security.*
* Add ArgumentException param names to System.Text.*
* Add param names to ArgumentExceptions in misc projects
* Add System.Threading.* ArgumentException param names
* Fix missing files
* Fixes for unix and netfx
* Fix more failures and revert a IdnaConformance tests to avoid merge conflicts with #21463
|
|
|
|
|
|
Removes unneeded Serializable attributes from enums and delegates. They
can be serialized without attributes and this will remove noise from
future serialization changes.
|
|
Bulk update to AssertExtensions.Throws for AOT support. This doesn't disable Assert.Throws.
|
|
Now instead of Use*Key a project can instead define the assembly key
in the project (genreally the common dir.pops for a project) using
the AssemblyKey property. The accepted values are Open, ECMA, MSFT,
Test.
This change allows for a repo to set the default key they want to use
for projects. In corefx we have switched the default to use the Open
key instead of the old BuildTools default of MSFT key.
As part of this update we are explicitly setting the AssemblyKey in
all the library projects (although it is really only necessary for
projects that aren't the default).
Also with this change we are updating all the new libraries that have
not yet shipped stable (compared to our 1.1 release) and making them
use the Open key. Which means that for prerelease dependencies there
might be some binary breaking changes to consume.
The following libraries ahven't shipped so there key is being
changed from MSFT to Open:
Microsoft.XmlSerializer.Generator
System.CodeDom
System.Configuration.ConfigurationManager
System.Data.Odbc
System.DirectoryServices
System.DirectoryServices.AccountManagement
System.DirectoryServices.Protocols
System.IO.Ports
System.Json
System.Memory
System.Net.HttpListener
System.Net.Mail
System.Net.ServicePoint
System.Net.WebClient
System.Net.WebProxy
System.Private.Xml
System.Private.Xml.Linq
System.Security.Cryptography.Xml
System.Security.Permissions
System.Transactions.Local
System.Web.HttpUtility
|
|
Conflicts:
netci.groovy
src/System.Net.Security/src/System/Net/Security/SecureChannel.cs
src/System.Security.Cryptography.X509Certificates/src/Internal/Cryptography/Pal.Unix/OpenSslX509Encoder.cs
src/System.Security.Cryptography.X509Certificates/src/Resources/Strings.resx
src/System.Security.Cryptography.X509Certificates/tests/Cert.cs
src/System.Security.Cryptography.X509Certificates/tests/CollectionImportTests.cs
src/System.Security.Cryptography.X509Certificates/tests/CollectionTests.cs
src/System.Security.Cryptography.X509Certificates/tests/PfxTests.cs
src/System.Security.Cryptography.X509Certificates/tests/X509StoreTests.cs
|
|
macOS (#16445)
Broken by this change:
* A lot of TLS CipherSuites have no metadata defined.
* macOS does not support version skipping in TLS. So `Tls | Tls12` is an invalid choice.
In this change:
General:
* All OSStatus related exceptions now look up the error message.
X509Certificates:
* X509Certificate moves to using SecCertificateRef from OpenSSL's X509.
* X509 metadata comes from a managed reader after being loaded by Security.framework,
due to the significant amount of data that has no public export in Apple's libraries.
* Significant code was factored out to be shared by OpenSSL and Apple implementations for X500DistinguishedName and X509Certficate2Collection.Find.
* Loading a PFX (or, rather, the private keys from a PFX) via Apple's platform
requires importing into a Keychain, and a Keychain requires a file on disk.
A temporary keychain is created during cert loading and erased when safe.
Like the perphemeral key load on Windows this can leak files due to
abnormal program termination.
* The X.509 My store for CurrentUser and LocalMachine are the default (user) and System keychains.
* The X.509 Root store is an interpretation of the Apple SecTrustSettings data.
* The X.509 Disallowed store hasn't been implemented yet, but should be a very small change.
* Other X.509 stores cannot be created due to keychain complexity.
HttpClient:
* Initialization no longer wakes up OpenSSL
SslStream:
* New implementation based on Apple SecureTransport.
* Currently has support for SNI (for AuthenticateAsClient)
|
|
|
|
|
|
* Cleanup netstandard conditions in csproj files
* Cleanup netstandard17 ifdefs
* Disable failing tests
|
|
Conflicts:
src/System.Security.Cryptography.Encoding/src/Configurations.props
src/System.Security.Cryptography.Encoding/src/System.Security.Cryptography.Encoding.csproj
|
|
Review all PlatformSpecific tests to ensure test coverage
|
|
Prepare uap package
|
|
|
|
The changes onclude some other minor clean up in the test project files
|
|
|
|
|
|
|
|
BuildConfigurations
|
|
Remove all cruft from projects related to building desktop configs which
now build in standard repo.
|
|
Exceptions for types missing from netstandard facade:
- System.Data.Common - DbColumn, DbDataReaderExtensions, IDbColumnSchemaGenerator
- System.Diagnostics.StackTrace - StackFrameExtensions
- System.Numerics.Vectors - Vector, Vector<T>
- System.Runtime.Serialization.Primitives - ISerializationSurrogateProvider
- System.Runtime.Serialization.Xml - DataContractSerializerExtensions
- System.Security.Cryptography.Cng - AesCng, TripleDESCng <link>
- System.Threading.Overlapped - PreAllocatedOverlapped, ThreadPoolBoundHandle
- System.Xml.XPath.XDocument - XDocumentExtensions
|
|
|
|
|
|
|
|
(#15373)
Removing netstandard configurations for things that are bellow netstandard
|