From: Jeremy Barton Date: Thu, 30 Jun 2016 18:29:51 +0000 (-0700) Subject: Set KeySizeValue instead of doing gymnastics in LegalKeySizes. X-Git-Tag: submit/tizen/20210909.063632~11031^2~11833^2 X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=f835996af558a60b7337cc5075ef74512fd16af3;p=platform%2Fupstream%2Fdotnet%2Fruntime.git Set KeySizeValue instead of doing gymnastics in LegalKeySizes. Commit migrated from https://github.com/dotnet/corefx/commit/cc0354ca6be9462ae4c94822de5b614f6cf915b7 --- diff --git a/src/libraries/Common/src/System/Security/Cryptography/ECDsaCng.cs b/src/libraries/Common/src/System/Security/Cryptography/ECDsaCng.cs index ea199f2..aedf289 100644 --- a/src/libraries/Common/src/System/Security/Cryptography/ECDsaCng.cs +++ b/src/libraries/Common/src/System/Security/Cryptography/ECDsaCng.cs @@ -13,8 +13,6 @@ namespace System.Security.Cryptography #endif public sealed partial class ECDsaCng : ECDsa { - private bool _skipKeySizeCheck; - #if !NETNATIVE /// /// Create an ECDsaCng algorithm with a named curve. @@ -83,32 +81,13 @@ namespace System.Security.Cryptography // it could be outside of the bounds that we currently represent as "legal key sizes". // Since that is our view into the underlying component it can be detached from the // component's understanding. If it said it has opened a key, and this is the size, trust it. - _skipKeySizeCheck = true; - - try - { - // Set base.KeySize directly, since we don't want to free the key - // (which we would do if the keysize changed on import) - base.KeySize = newKeySize; - } - finally - { - _skipKeySizeCheck = false; - } + KeySizeValue = newKeySize; } public override KeySizes[] LegalKeySizes { get { - if (_skipKeySizeCheck) - { - // When size limitations are in bypass, accept any positive integer. - // Many of them may not make sense (like 1), but we're just assigning - // the field to whatever value was provided by the native component. - return new[] { new KeySizes(minSize: 1, maxSize: int.MaxValue, skipSize: 1) }; - } - // Return the three sizes that can be explicitly set (for backwards compatibility) return new[] { new KeySizes(minSize: 256, maxSize: 384, skipSize: 128), diff --git a/src/libraries/Common/src/System/Security/Cryptography/ECDsaOpenSsl.cs b/src/libraries/Common/src/System/Security/Cryptography/ECDsaOpenSsl.cs index 12e18ba..75b0cce 100644 --- a/src/libraries/Common/src/System/Security/Cryptography/ECDsaOpenSsl.cs +++ b/src/libraries/Common/src/System/Security/Cryptography/ECDsaOpenSsl.cs @@ -20,7 +20,6 @@ namespace System.Security.Cryptography internal const string ECDSA_P521_OID_VALUE = "1.3.132.0.35"; // Also called nistP521or secP521r1 private Lazy _key; - private bool _skipKeySizeCheck; /// /// Create an ECDsaOpenSsl algorithm with a named curve. @@ -78,37 +77,18 @@ namespace System.Security.Cryptography // it could be outside of the bounds that we currently represent as "legal key sizes". // Since that is our view into the underlying component it can be detached from the // component's understanding. If it said it has opened a key, and this is the size, trust it. - _skipKeySizeCheck = true; - - try - { - // Set base.KeySize directly, since we don't want to free the key - // (which we would do if the keysize changed on import) - base.KeySize = newKeySize; - } - finally - { - _skipKeySizeCheck = false; - } + KeySizeValue = newKeySize; } public override KeySizes[] LegalKeySizes { get { - if (_skipKeySizeCheck) - { - // When size limitations are in bypass, accept any positive integer. - // Many of them may not make sense (like 1), but we're just assigning - // the field to whatever value was provided by the native component. - return new[] { new KeySizes(minSize: 1, maxSize: int.MaxValue, skipSize: 1) }; - } - // Return the three sizes that can be explicitly set (for backwards compatibility) return new[] { - new KeySizes(minSize: 256, maxSize: 384, skipSize: 128), - new KeySizes(minSize: 521, maxSize: 521, skipSize: 0), - }; + new KeySizes(minSize: 256, maxSize: 384, skipSize: 128), + new KeySizes(minSize: 521, maxSize: 521, skipSize: 0), + }; } } diff --git a/src/libraries/Common/src/System/Security/Cryptography/RSACng.cs b/src/libraries/Common/src/System/Security/Cryptography/RSACng.cs index 24e95b8..83305d1 100644 --- a/src/libraries/Common/src/System/Security/Cryptography/RSACng.cs +++ b/src/libraries/Common/src/System/Security/Cryptography/RSACng.cs @@ -13,8 +13,6 @@ namespace System.Security.Cryptography #endif public sealed partial class RSACng : RSA { - private bool _skipKeySizeCheck; - /// /// Create an RSACng algorithm with a random 2048 bit key pair. /// @@ -40,14 +38,6 @@ namespace System.Security.Cryptography { get { - if (_skipKeySizeCheck) - { - // When size limitations are in bypass, accept any positive integer. - // Many of them may not make sense (like 1), but we're just assigning - // the field to whatever value was provided by the native component. - return new[] { new KeySizes(minSize: 1, maxSize: int.MaxValue, skipSize: 1) }; - } - // See https://msdn.microsoft.com/en-us/library/windows/desktop/bb931354(v=vs.85).aspx return new KeySizes[] { @@ -83,16 +73,7 @@ namespace System.Security.Cryptography // create a 384-bit RSA key, which we consider too small to be legal. It can also create // a 1032-bit RSA key, which we consider illegal because it doesn't match our 64-bit // alignment requirement. (In both cases Windows loads it just fine) - _skipKeySizeCheck = true; - - try - { - KeySize = newKeySize; - } - finally - { - _skipKeySizeCheck = false; - } + KeySizeValue = newKeySize; } } #if INTERNAL_ASYMMETRIC_IMPLEMENTATIONS diff --git a/src/libraries/Common/src/System/Security/Cryptography/RSAOpenSsl.cs b/src/libraries/Common/src/System/Security/Cryptography/RSAOpenSsl.cs index 89c84fe..23860a3 100644 --- a/src/libraries/Common/src/System/Security/Cryptography/RSAOpenSsl.cs +++ b/src/libraries/Common/src/System/Security/Cryptography/RSAOpenSsl.cs @@ -30,7 +30,6 @@ namespace System.Security.Cryptography private static readonly byte[] s_defaultExponent = { 0x01, 0x00, 0x01 }; private Lazy _key; - private bool _skipKeySizeCheck; public RSAOpenSsl() : this(2048) @@ -66,32 +65,13 @@ namespace System.Security.Cryptography // it could be outside of the bounds that we currently represent as "legal key sizes". // Since that is our view into the underlying component it can be detached from the // component's understanding. If it said it has opened a key, and this is the size, trust it. - _skipKeySizeCheck = true; - - try - { - // Set base.KeySize directly, since we don't want to free the key - // (which we would do if the keysize changed on import) - base.KeySize = newKeySize; - } - finally - { - _skipKeySizeCheck = false; - } + KeySizeValue = newKeySize; } public override KeySizes[] LegalKeySizes { get { - if (_skipKeySizeCheck) - { - // When size limitations are in bypass, accept any positive integer. - // Many of them may not make sense (like 1), but we're just assigning - // the field to whatever value was provided by the native component. - return new[] { new KeySizes(minSize: 1, maxSize: int.MaxValue, skipSize: 1) }; - } - // OpenSSL seems to accept answers of all sizes. // Choosing a non-multiple of 8 would make some calculations misalign // (like assertions of (output.Length * 8) == KeySize).