Create new X509CertificateLoader #102167
Merged
Create new X509CertificateLoader #102167
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
The new certificate loader only loads one data type per method, unlike the previous loader mechanism (new X509Certiicate2(bytes, ...)). It also allows for caller configuration to control cost-of-work limits and some common usability gotchas around Windows PFX loading. This change adds the new loader, and changes the X509Certificate2 ctors to use it; a followup will mark the ctors as Obsolete and update usage in the dotnet/runtime codebase.
|
Note regarding the |
stephentoub
reviewed
May 13, 2024
src/libraries/Common/src/System/IO/MemoryMappedFiles/MemoryMappedFileMemoryManager.cs
Outdated
Show resolved
Hide resolved
stephentoub
reviewed
May 13, 2024
| set | ||
| { | ||
| if (value < 0) | ||
| throw new ArgumentOutOfRangeException(nameof(value), SR.ArgumentOutOfRange_NeedNonNegNum); |
There was a problem hiding this comment.
Earlier an ifdef was used to use ObjectDisposedException.ThrowIf if it's available. I assume we're not doing so here with AOORE just because there are a bunch of them and it'd be abnoxious?
There was a problem hiding this comment.
That was the reason, yeah; but looking at it now in this file it's just repeating a negative check, so making a helper seems reasonable (it'll get re-used)
There was a problem hiding this comment.
How "amusing"... I updated every instance except the one this comment was on. Fixed locally now.
stephentoub
reviewed
May 13, 2024
| { | ||
| if (!pfxAsn.VerifyMac(password, authSafeContents)) | ||
| { | ||
| password = password.ContainsNull() ? "".AsSpan() : default; |
There was a problem hiding this comment.
I'm not clear on the reasoning here. If it contains null we make it non-null and if it doesn't contain null we make it null?
There was a problem hiding this comment.
Yep. From the API perspective null and empty are the same thing, but from the algorithm perspective they're different. So if we got null, try again with empty, and if we got empty, try again with null.
vcsjones
reviewed
May 13, 2024
src/libraries/Common/src/System/IO/MemoryMappedFiles/MemoryMappedFileMemoryManager.cs
Outdated
Show resolved
Hide resolved
src/libraries/Common/src/System/Security/Cryptography/Helpers.cs
Outdated
Show resolved
Hide resolved
src/libraries/Common/src/System/Security/Cryptography/PasswordBasedEncryption.cs
Outdated
Show resolved
Hide resolved
src/libraries/Common/src/System/Security/Cryptography/PasswordBasedEncryption.cs
Outdated
Show resolved
Hide resolved
src/libraries/Common/src/System/Security/Cryptography/PasswordBasedEncryption.cs
Show resolved
Hide resolved
src/libraries/Microsoft.Bcl.Cryptography/src/System/Security/Cryptography/NetStandardShims.cs
Show resolved
Hide resolved
src/libraries/Microsoft.Bcl.Cryptography/src/System/Security/Cryptography/NetStandardShims.cs
Outdated
Show resolved
Hide resolved
...soft.Bcl.Cryptography/src/System/Security/Cryptography/PbeEncryptionAlgorithm.netstandard.cs
Outdated
Show resolved
Hide resolved
...ies/Microsoft.Bcl.Cryptography/src/System/Security/Cryptography/PbeParameters.netstandard.cs
Outdated
Show resolved
Hide resolved
src/libraries/Microsoft.Bcl.Cryptography/tests/X509Certificates/TestData.cs
Outdated
Show resolved
Hide resolved
vcsjones
reviewed
May 14, 2024
...em.Security.Cryptography/src/System/Security/Cryptography/X509Certificates/StorePal.macOS.cs
Show resolved
Hide resolved
...yptography/src/System/Security/Cryptography/X509Certificates/X509Certificate.LegacyLimits.cs
Outdated
Show resolved
Hide resolved
...yptography/src/System/Security/Cryptography/X509Certificates/X509Certificate.LegacyLimits.cs
Outdated
Show resolved
Hide resolved
...ptography/src/System/Security/Cryptography/X509Certificates/X509CertificateLoader.OpenSsl.cs
Outdated
Show resolved
Hide resolved
...ptography/src/System/Security/Cryptography/X509Certificates/X509CertificateLoader.OpenSsl.cs
Show resolved
Hide resolved
src/libraries/System.Security.Cryptography/tests/X509Certificates/CertLoaderTests.cs
Outdated
Show resolved
Hide resolved
src/libraries/System.Security.Cryptography/tests/X509Certificates/CertLoaderTests.cs
Outdated
Show resolved
Hide resolved
src/libraries/System.Security.Cryptography/tests/X509Certificates/CertLoaderTests.cs
Outdated
Show resolved
Hide resolved
src/libraries/System.Security.Cryptography/tests/X509Certificates/CollectionImportTests.cs
Outdated
Show resolved
Hide resolved
src/libraries/System.Security.Cryptography/tests/X509Certificates/CtorTests.cs
Outdated
Show resolved
Hide resolved
vcsjones
reviewed
May 15, 2024
...ies/Common/tests/System/Security/Cryptography/X509Certificates/X509CertificateLoaderTests.cs
Show resolved
Hide resolved
...ies/Common/tests/System/Security/Cryptography/X509Certificates/X509CertificateLoaderTests.cs
Outdated
Show resolved
Hide resolved
...ies/Common/tests/System/Security/Cryptography/X509Certificates/X509CertificateLoaderTests.cs
Outdated
Show resolved
Hide resolved
This was referenced Jun 7, 2024
vcsjones
reviewed
Jun 18, 2024
...ryptography/src/System/Security/Cryptography/X509Certificates/X509CertificateLoader.macOS.cs
Outdated
Show resolved
Hide resolved
vcsjones
reviewed
Jun 18, 2024
...Cryptography/src/System/Security/Cryptography/X509Certificates/X509CertificateLoader.Unix.cs
Outdated
Show resolved
Hide resolved
This was referenced Jun 19, 2024
|
/azp run runtime-androidemulator |
|
Azure Pipelines successfully started running 1 pipeline(s). |
|
/azp run runtime-androidemulator |
|
Azure Pipelines successfully started running 1 pipeline(s). |
3 tasks
|
/azp run runtime-androidemulator |
|
Azure Pipelines successfully started running 1 pipeline(s). |
|
/azp run runtime-ioslikesimulator |
|
Azure Pipelines successfully started running 1 pipeline(s). |
vcsjones
approved these changes
Jun 25, 2024
|
this is preventing code flow into azdo internal repo because the security scanner detects credentials. See also #104021 |
bartonjs
added
the
cryptographic-docs-impact
bartonjs
added
the
breaking-change
dotnet-policy-service
bot
added
the
needs-breaking-change-doc-created
|
Breaking change docs written. dotnet/docs#42613 |
bartonjs
removed
the
needs-breaking-change-doc-created
bartonjs
added
the
tracking
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
The new certificate loader only loads one data type per method, unlike the previous loader mechanism (new X509Certiicate2(bytes, ...)). It also allows for caller configuration to control cost-of-work limits and some common usability gotchas around Windows PFX loading.
This change adds the new loader, and changes the X509Certificate2 ctors to use it; a followup will mark the ctors as Obsolete and update usage in the dotnet/runtime codebase.
Contributes to #91763.