|
After feedback from Jan, we've already opened-sourced
a vetted C++ SHA1 algorithm in CoreClr, so rather than
impose a dependency on crypto at the lowest level,
we'll port that code into mrt100_app.dll.
Unfortunately, the actual act of *adding* a simple .cpp
file to MRT, let alone a new export, is harder than actually
implementing it, and requires touching TFS-only files.
So we'll add the import as a NYI stub as the first step,
then finish the work once it propagates to the CoreRt master branch
(that seems to be the most efficient work environment for
this kind of job.)
The new import converts a PK to a PKT by computing the
SHA1 and reverse-copying the last 8 bytes. Doing the
reverse-copy-8 in C++ prevents the non-FIPS-compliant SHA1
algorithm from turning into an attractive nuisance by
being exported directly from MRT.
SHA1.cpp and SHA1.h are verbatim copies of CoreClr's
versions, which we're committing now to establish
a diff history. Since adding a .cpp file is such a chore,
we'll include it in the build with the #if 0's" in the magic
places to keep the build system and file tracker
off the scent.
The "pbPublicKeyToken" can only be 8 bytes, so
strictly speaking, passing a length argument isn't
necessary but passing an unguarded buffer to C++
gets everyone looking at you like you have fleas
so we'll add the extra defense-in-depth parameter.
[tfs-changeset: 1630122]
|