mono/linux-packaging-mono
0
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Imported Upstream version 4.3.2.467

Browse Source 
Former-commit-id: 9c2cb47f45fa221e661ab616387c9cda183f283d
This commit is contained in:
Xamarin Public Jenkins
2016-02-22 11:00:01 -05:00
parent f302175246
commit f3e3aab35a
4097 changed files with 122406 additions and 82300 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
external/referencesource/System.Configuration/System/Configuration/DateTimeConfigurationCollection.cs vendored
View File

@@ -89,4 +89,4 @@ namespace System.Configuration {
}
}
}
#endif
#endif

2
external/referencesource/System.Configuration/System/Configuration/DateTimeConfigurationElement.cs vendored
View File

@@ -82,4 +82,4 @@ namespace System.Configuration {
}
}
}
#endif
#endif

75
external/referencesource/System.Configuration/System/Configuration/FipsAwareEncryptedXml.cs vendored Normal file
View File

@@ -0,0 +1,75 @@
//------------------------------------------------------------------------------
// <copyright file="FipsAwareEncryptedXml.cs" company="Microsoft">
// Copyright (c) Microsoft Corporation. All rights reserved.
// </copyright>
//------------------------------------------------------------------------------
namespace System.Configuration {
using System.Collections;
using System.Security.Cryptography;
using System.Security.Cryptography.Xml;
using System.Xml;
//
// Extends EncryptedXml to use FIPS-certified symmetric algorithm
//
class FipsAwareEncryptedXml : EncryptedXml {
public FipsAwareEncryptedXml(XmlDocument doc)
: base(doc) {
}
// Override EncryptedXml.GetDecryptionKey to avoid calling into CryptoConfig.CreateFromName
// When detect AES, we need to return AesCryptoServiceProvider (FIPS certified) instead of AesManaged (FIPS obsolated)
public override SymmetricAlgorithm GetDecryptionKey(EncryptedData encryptedData, string symmetricAlgorithmUri) {
// If AES is used then assume FIPS is required
bool fipsRequired = IsAesDetected(encryptedData, symmetricAlgorithmUri);
if (fipsRequired) {
// Obtain the EncryptedKey
EncryptedKey ek = null;
foreach (var ki in encryptedData.KeyInfo) {
KeyInfoEncryptedKey kiEncKey = ki as KeyInfoEncryptedKey;
if (kiEncKey != null) {
ek = kiEncKey.EncryptedKey;
break;
}
}
// Got an EncryptedKey, decrypt it to get the AES key
if (ek != null) {
byte[] key = DecryptEncryptedKey(ek);
// Construct FIPS-certified AES provider
if (key != null) {
AesCryptoServiceProvider aes = new AesCryptoServiceProvider();
aes.Key = key;
return aes;
}
}
}
// Fallback to the base implementation
return base.GetDecryptionKey(encryptedData, symmetricAlgorithmUri);
}
private static bool IsAesDetected(EncryptedData encryptedData, string symmetricAlgorithmUri) {
if (encryptedData != null &&
encryptedData.KeyInfo != null &&
(symmetricAlgorithmUri != null || encryptedData.EncryptionMethod != null)) {
if (symmetricAlgorithmUri == null) {
symmetricAlgorithmUri = encryptedData.EncryptionMethod.KeyAlgorithm;
}
// Check if the Uri matches AES256
return string.Equals(symmetricAlgorithmUri, EncryptedXml.XmlEncAES256Url, StringComparison.InvariantCultureIgnoreCase);
}
return false;
}
}
}

65
external/referencesource/System.Configuration/System/Configuration/RSAProtectedConfigurationProvider.cs vendored
View File

@@ -32,7 +32,7 @@ namespace System.Configuration
xmlDocument.PreserveWhitespace = true;
xmlDocument.LoadXml(encryptedNode.OuterXml);
exml = new EncryptedXml(xmlDocument);
exml = new FipsAwareEncryptedXml(xmlDocument);
exml.AddKeyNameMapping(_KeyName, rsa);
exml.DecryptDocument();
rsa.Clear();
@@ -46,13 +46,11 @@ namespace System.Configuration
byte[] rgbOutput;
EncryptedData ed;
KeyInfoName kin;
SymmetricAlgorithm symAlg;
EncryptedKey ek;
KeyInfoEncryptedKey kek;
XmlElement inputElement;
RSACryptoServiceProvider rsa = GetCryptoServiceProvider(false, false);
// Encrypt the node with the new key
xmlDocument = new XmlDocument();
xmlDocument.PreserveWhitespace = true;
@@ -60,23 +58,20 @@ namespace System.Configuration
exml = new EncryptedXml(xmlDocument);
inputElement = xmlDocument.DocumentElement;
// Create a new 3DES key
symAlg = new TripleDESCryptoServiceProvider();
byte[] rgbKey1 = GetRandomKey();
symAlg.Key = rgbKey1;
symAlg.Mode = CipherMode.ECB;
symAlg.Padding = PaddingMode.PKCS7;
rgbOutput = exml.EncryptData(inputElement, symAlg, true);
ed = new EncryptedData();
ed.Type = EncryptedXml.XmlEncElementUrl;
ed.EncryptionMethod = new EncryptionMethod(EncryptedXml.XmlEncTripleDESUrl);
ed.KeyInfo = new KeyInfo();
using (SymmetricAlgorithm symAlg = GetSymAlgorithmProvider()) {
rgbOutput = exml.EncryptData(inputElement, symAlg, true);
ed = new EncryptedData();
ed.Type = EncryptedXml.XmlEncElementUrl;
ed.EncryptionMethod = GetSymEncryptionMethod();
ed.KeyInfo = new KeyInfo();
ek = new EncryptedKey();
ek.EncryptionMethod = new EncryptionMethod(EncryptedXml.XmlEncRSA15Url);
ek.KeyInfo = new KeyInfo();
ek.CipherData = new CipherData();
ek.CipherData.CipherValue = EncryptedXml.EncryptKey(symAlg.Key, rsa, UseOAEP);
}
ek = new EncryptedKey();
ek.EncryptionMethod = new EncryptionMethod(EncryptedXml.XmlEncRSA15Url);
ek.KeyInfo = new KeyInfo();
ek.CipherData = new CipherData();
ek.CipherData.CipherValue = EncryptedXml.EncryptKey(symAlg.Key, rsa, UseOAEP);
kin = new KeyInfoName();
kin.Value = _KeyName;
ek.KeyInfo.AddClause(kin);
@@ -85,6 +80,9 @@ namespace System.Configuration
ed.CipherData = new CipherData();
ed.CipherData.CipherValue = rgbOutput;
EncryptedXml.ReplaceElement(inputElement, ed, true);
rsa.Clear();
// Get node from the document
foreach (XmlNode node2 in xmlDocument.ChildNodes)
if (node2.NodeType == XmlNodeType.Element)
@@ -129,6 +127,8 @@ namespace System.Configuration
public string CspProviderName { get { return _CspProviderName; } }
public bool UseMachineContainer { get { return _UseMachineContainer; } }
public bool UseOAEP { get { return _UseOAEP; } }
public bool UseFIPS { get { return _UseFIPS; } }
public override void Initialize(string name, NameValueCollection configurationValues)
{
base.Initialize(name, configurationValues);
@@ -143,6 +143,7 @@ namespace System.Configuration
configurationValues.Remove("cspProviderName");
_UseMachineContainer = GetBooleanValue(configurationValues, "useMachineContainer", true);
_UseOAEP = GetBooleanValue(configurationValues, "useOAEP", false);
_UseFIPS = GetBooleanValue(configurationValues, "useFIPS", false);
if (configurationValues.Count > 0)
throw new ConfigurationErrorsException(SR.GetString(SR.Unrecognized_initialization_value, configurationValues.GetKey(0)));
}
@@ -153,6 +154,7 @@ namespace System.Configuration
private string _CspProviderName;
private bool _UseMachineContainer;
private bool _UseOAEP;
private bool _UseFIPS;
public RSAParameters RsaPublicKey { get { return GetCryptoServiceProvider(false, false).ExportParameters(false); } }
@@ -234,5 +236,30 @@ namespace System.Configuration
return false;
throw new ConfigurationErrorsException(SR.GetString(SR.Config_invalid_boolean_attribute, valueName));
}
private SymmetricAlgorithm GetSymAlgorithmProvider() {
SymmetricAlgorithm symAlg;
if (UseFIPS) {
// AesCryptoServiceProvider implementation is FIPS certified
symAlg = new AesCryptoServiceProvider();
}
else {
// Use the 3DES. FIPS obsolated 3DES
symAlg = new TripleDESCryptoServiceProvider();
byte[] rgbKey1 = GetRandomKey();
symAlg.Key = rgbKey1;
symAlg.Mode = CipherMode.ECB;
symAlg.Padding = PaddingMode.PKCS7;
}
return symAlg;
}
private EncryptionMethod GetSymEncryptionMethod() {
return UseFIPS ? new EncryptionMethod(EncryptedXml.XmlEncAES256Url) :
new EncryptionMethod(EncryptedXml.XmlEncTripleDESUrl);
}
}
}

13
external/referencesource/System.Configuration/System/Configuration/TypeUtil.cs vendored
View File

@@ -135,6 +135,7 @@ namespace System.Configuration {
ilGen.Emit(OpCodes.Ldarg_0); // stack = { type }
ilGen.Emit(OpCodes.Ldc_I4_1); // stack = { type, TRUE }
ilGen.Emit(OpCodes.Call, typeof(Activator).GetMethod("CreateInstance", new Type[] { typeof(Type), typeof(bool) })); // stack = { retVal }
PreventTailCall(ilGen); // stack = { retVal }
ilGen.Emit(OpCodes.Ret);
var createInstanceDel = (Func<Type, object>)dm.CreateDelegate(typeof(Func<Type, object>));
return createInstanceDel(targetType);
@@ -163,6 +164,7 @@ namespace System.Configuration {
ilGen.Emit(OpCodes.Ldarg_0); // stack = { type }
ilGen.Emit(OpCodes.Ldarg_1); // stack = { type, method }
ilGen.Emit(OpCodes.Call, typeof(Delegate).GetMethod("CreateDelegate", new Type[] { typeof(Type), typeof(MethodInfo) })); // stack = { retVal }
PreventTailCall(ilGen); // stack = { retVal }
ilGen.Emit(OpCodes.Ret);
var createDelegateDel = (Func<Type, MethodInfo, Delegate>)dm.CreateDelegate(typeof(Func<Type, MethodInfo, Delegate>));
return createDelegateDel(delegateType, targetMethod);
@@ -188,6 +190,17 @@ namespace System.Configuration {
return new DynamicMethod("temp-dynamic-method", returnType, parameterTypes, owner);
}
// DevDiv #736562: If a dynamic method tail-calls into Activator.CreateInstance or Delegate.CreateDelegate, it could
// modify stack frames in such a way that a stack walk fails when it should have succeeded. A volatile field read
// prevents reordering so ensures that the dynamic method cannot tail-call into these methods.
//
// Stack transitional behavior: unchanged.
private static void PreventTailCall(ILGenerator ilGen) {
ilGen.Emit(OpCodes.Volatile);
ilGen.Emit(OpCodes.Ldsfld, typeof(String).GetField("Empty"));
ilGen.Emit(OpCodes.Pop);
}
static internal ConstructorInfo GetConstructorWithReflectionPermission(Type type, Type baseType, bool throwOnError) {
type = VerifyAssignableType(baseType, type, throwOnError);
if (type == null) {