Commitedb5baf

N. Taylor Mullen

committed

Change SHA256 algorithm to work on FIPS-compliant machines.

1 parent6e5fd4f commitedb5bafCopy full SHA for edb5baf

File tree

3 files changed

+47

-8

lines changed

src/Microsoft.AspNetCore.Mvc.TagHelpers
- Cache
  - CacheTagKey.cs
- Internal
  - CryptographyAlgorithms.cs
  - FileVersionProvider.cs

3 files changed

+47

-8

lines changed

`‎src/Microsoft.AspNetCore.Mvc.TagHelpers/Cache/CacheTagKey.cs‎`

Lines changed: 8 additions & 7 deletions

Original file line number	Diff line number	Diff line change
`@@ -6,6 +6,7 @@`
`6`	`6`	`usingSystem.Security.Cryptography;`
`7`	`7`	`usingSystem.Text;`
`8`	`8`	`usingMicrosoft.AspNetCore.Http;`
	`9`	`+usingMicrosoft.AspNetCore.Mvc.TagHelpers.Internal;`
`9`	`10`	`usingMicrosoft.AspNetCore.Razor.TagHelpers;`
`10`	`11`	`usingMicrosoft.AspNetCore.Routing;`
`11`	`12`	`usingMicrosoft.Extensions.Internal;`
`@@ -151,10 +152,10 @@ public string GenerateHashedKey()`
`151`	`152`	`// The key is typically too long to be useful, so we use a cryptographic hash`
`152`	`153`	`// as the actual key (better randomization and key distribution, so small vary`
`153`	`154`	`// values will generate dramatically different keys).`
`154`		`-using(varsha=SHA256.Create())`
	`155`	`+using(varsha256=CryptographyAlgorithms.CreateSHA256())`
`155`	`156`	`{`
`156`	`157`	`varcontentBytes=Encoding.UTF8.GetBytes(key);`
`157`		`-varhashedBytes=sha.ComputeHash(contentBytes);`
	`158`	`+varhashedBytes=sha256.ComputeHash(contentBytes);`
`158`	`159`	`returnConvert.ToBase64String(hashedBytes);`
`159`	`160`	`}`
`160`	`161`	`}`
`@@ -183,14 +184,14 @@ public bool Equals(CacheTagKey other)`
`183`	`184`	`AreSame(_headers,other._headers)&&`
`184`	`185`	`AreSame(_queries,other._queries)&&`
`185`	`186`	`AreSame(_routeValues,other._routeValues)&&`
`186`		`-_varyByUser==other._varyByUser&&`
	`187`	`+_varyByUser==other._varyByUser&&`
`187`	`188`	`(!_varyByUser\|\|string.Equals(other._username,_username,StringComparison.Ordinal));`
`188`	`189`	`}`
`189`	`190`
`190`	`191`	`/// <inheritdoc />`
`191`	`192`	`publicoverrideintGetHashCode()`
`192`	`193`	`{`
`193`		`-// The hashcode is intentionally not using the computed`
	`194`	`+// The hashcode is intentionally not using the computed`
`194`	`195`	`// stringified key in order to prevent string allocations`
`195`	`196`	`// in the common case where it's not explicitly required.`
`196`	`197`
`@@ -219,7 +220,7 @@ public override int GetHashCode()`
`219`	`220`
`220`	`221`	`return_hashcode.Value;`
`221`	`222`	`}`
`222`		`-`
	`223`	`+`
`223`	`224`	`privatestaticIList<KeyValuePair<string,string>>ExtractCollection<TSourceCollection>(stringkeys,TSourceCollectioncollection,Func<TSourceCollection,string,string>accessor)`
`224`	`225`	`{`
`225`	`226`	`if(string.IsNullOrEmpty(keys))`
`@@ -244,7 +245,7 @@ private static IList<KeyValuePair<string, string>> ExtractCollection<TSourceColl`
`244`	`245`
`245`	`246`	`returnresult;`
`246`	`247`	`}`
`247`		`-`
	`248`	`+`
`248`	`249`	`privatestaticvoidAddStringCollection(`
`249`	`250`	`StringBuilderbuilder,`
`250`	`251`	`stringcollectionName,`
`@@ -275,7 +276,7 @@ private static void AddStringCollection(`
`275`	`276`	`.Append(CacheKeyTokenSeparator)`
`276`	`277`	`.Append(item.Value);`
`277`	`278`	`}`
`278`		`-`
	`279`	`+`
`279`	`280`	`builder.Append(")");`
`280`	`281`	`}`
`281`	`282`

`‎src/Microsoft.AspNetCore.Mvc.TagHelpers/Internal/CryptographyAlgorithms.cs‎`

Lines changed: 38 additions & 0 deletions

Original file line number	Diff line number	Diff line change
`@@ -0,0 +1,38 @@`
	`1`	`+// Copyright (c) .NET Foundation. All rights reserved.`
	`2`	`+// Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.`
	`3`	`+`
	`4`	`+usingSystem.Security.Cryptography;`
	`5`	`+`
	`6`	`+namespaceMicrosoft.AspNetCore.Mvc.TagHelpers.Internal`
	`7`	`+{`
	`8`	`+publicstaticclassCryptographyAlgorithms`
	`9`	`+{`
	`10`	`+#ifNETSTANDARD1_6`
	`11`	`+publicstaticSHA256CreateSHA256()`
	`12`	`+{`
	`13`	`+varsha256=SHA256.Create();`
	`14`	`+`
	`15`	`+returnsha256;`
	`16`	`+}`
	`17`	`+#else`
	`18`	`+publicstaticSHA256CreateSHA256()`
	`19`	`+{`
	`20`	`+SHA256sha256;`
	`21`	`+`
	`22`	`+try`
	`23`	`+{`
	`24`	`+sha256=SHA256.Create();`
	`25`	`+}`
	`26`	`+// SHA256.Create is documented to throw this exception on FIPS compliant machines.`
	`27`	`+// See: https://msdn.microsoft.com/en-us/library/z08hz7ad%28v=vs.110%29.aspx?f=255&MSPPError=-2147217396`
	`28`	`+catch(System.Reflection.TargetInvocationException)`
	`29`	`+{`
	`30`	`+// Fallback to a FIPS compliant SHA256 algorithm.`
	`31`	`+sha256=newSHA256CryptoServiceProvider();`
	`32`	`+}`
	`33`	`+`
	`34`	`+returnsha256;`
	`35`	`+}`
	`36`	`+#endif`
	`37`	`+}`
	`38`	`+}`

`‎src/Microsoft.AspNetCore.Mvc.TagHelpers/Internal/FileVersionProvider.cs‎`

Lines changed: 1 addition & 1 deletion

Original file line number	Diff line number	Diff line change
`@@ -111,7 +111,7 @@ public string AddFileVersionToPath(string path)`
`111`	`111`
`112`	`112`	`privatestaticstringGetHashForFile(IFileInfofileInfo)`
`113`	`113`	`{`
`114`		`-using(varsha256=SHA256.Create())`
	`114`	`+using(varsha256=CryptographyAlgorithms.CreateSHA256())`
`115`	`115`	`{`
`116`	`116`	`using(varreadStream=fileInfo.CreateReadStream())`
`117`	`117`	`{`

0 commit comments

Comments

(0)

Movatterモバイル変換

Navigation Menu

Search code, repositories, users, issues, pull requests...

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Commitedb5baf

File tree

3 files changed

3 files changed

`‎src/Microsoft.AspNetCore.Mvc.TagHelpers/Cache/CacheTagKey.cs‎`

`‎src/Microsoft.AspNetCore.Mvc.TagHelpers/Internal/CryptographyAlgorithms.cs‎`

`‎src/Microsoft.AspNetCore.Mvc.TagHelpers/Internal/FileVersionProvider.cs‎`

0 commit comments