Skip to content

[release/6.0] Fix re-initialization of hash objects on CNG. #62403

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
safern merged 2 commits into from
Dec 15, 2021
Merged

[release/6.0] Fix re-initialization of hash objects on CNG. #62403

safern merged 2 commits into from
Dec 15, 2021

Conversation

@github-actions
Copy link
Contributor

@github-actions github-actions bot commented Dec 4, 2021

Backport of #62397 to release/6.0

/cc @bartonjs @vcsjones

Customer Impact

Testing

Risk

@vcsjones
Fix re-initialization of hash objects on CNG.
1d2c30d 
In .NET 6, we added "real" support for Initialize on hash objects.
However, the Reset call would create a new hash object without the CNG
"resuable" flag. This led to the HashProvider's "_reusable" field and
the actual reusability of the hash instance to disagree.
@vcsjones
Fix whitespace
71af4f5
@ghost ghost added the area-System.Security label Dec 4, 2021
@ghost
Copy link

ghost commented Dec 4, 2021

Tagging subscribers to this area: @dotnet/area-system-security, @vcsjones, @krwq
See info in area-owners.md if you want to be subscribed.

Issue Details

Backport of #62397 to release/6.0

/cc @bartonjs @vcsjones

Customer Impact

Testing

Risk

Author: github-actions[bot]
Assignees: -
Labels:

area-System.Security
Milestone: -

@vcsjones
Copy link
Member

vcsjones commented Dec 5, 2021
edited
Loading

Customer Impact

Customer reported in #61417.

Customers using the HashAlgorithm.Initialize API in .NET 6.0 may get a CryptographicException on Windows 8+ because the underlying hash object can be put in to an invalid state unexpectedly. When Initialize is used to explicitly reset an in-progress hash, it re-created the hash handle that could not be automatically reset again.

Testing

Unit tests have been introduced to verify the behavior is correct and to prevent it from regressing in the future. Existing tests cover make sure existing scenarios didn’t regress.

Risk

Low. The affected code area is small and well tested. The change was simply to make sure a flag was correctly propagated during the reset.

@GrabYourPitchforks GrabYourPitchforks added the Servicing-consider Issue for next servicing release review label Dec 7, 2021
@danmoseley danmoseley added Servicing-approved Approved for servicing release and removed Servicing-consider Issue for next servicing release review labels Dec 8, 2021
@danmoseley
Copy link
Member

danmoseley commented Dec 8, 2021

approved by Steve. Will get merged when branch opens for 6.0.2 in a few days

@safern safern merged commit de46fa4 into release/6.0 Dec 15, 2021
@safern safern deleted the backport/pr-62397-to-release/6.0 branch December 15, 2021 19:10
@vcsjones vcsjones mentioned this pull request Dec 15, 2021
Closed
@ghost ghost locked as resolved and limited conversation to collaborators Jan 15, 2022
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.

Reviewers

@GrabYourPitchforks GrabYourPitchforks GrabYourPitchforks approved these changes

Assignees

No one assigned

Labels

area-System.Security Servicing-approved Approved for servicing release

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

5 participants

@vcsjones @danmoseley @GrabYourPitchforks @safern