Change CrlBuilderTests to use a static RSA key with better support.#114804
Change CrlBuilderTests to use a static RSA key with better support.#114804bartonjs merged 1 commit intodotnet:mainfrom
Conversation
There was a problem hiding this comment.
Pull Request Overview
This PR updates the CrlBuilderTests to use a static RSA key with the common F5 exponent rather than the previously used big exponent key, addressing compatibility issues on some Android versions.
- Updated expected hex output values throughout the tests to match the new RSA key.
- Replaced the creation of RSA using TestData.RsaBigExponentParams with RSA.Create() followed by ImportFromPem(TestData.RsaPkcs8Key).
- Adjusted various expected byte arrays in test methods to reflect the new signature outputs.
Comments suppressed due to low confidence (3)
src/libraries/System.Security.Cryptography/tests/X509Certificates/CertificateCreation/CrlBuilderTests.cs:1478
- The RSA key creation was updated to use RSA.Create() followed by ImportFromPem(TestData.RsaPkcs8Key). Please ensure that TestData.RsaPkcs8Key is accurate and maintained alongside the updated expected outputs; consider adding an inline comment explaining the rationale for this change.
RSA rsa = RSA.Create(TestData.RsaBigExponentParams);
src/libraries/System.Security.Cryptography/tests/X509Certificates/CertificateCreation/CrlBuilderTests.cs:623
- Verify that the updated expected hex string reflects the correct output produced by the new RSA key and exponent F5; double-check that these values have been regenerated consistently.
"308201CA3081B3020101300D06092A864886F70D01010B05003025312330210603550403131A427...".HexToByteArray();
src/libraries/System.Security.Cryptography/tests/X509Certificates/CertificateCreation/CrlBuilderTests.cs:1158
- Ensure that the updated expected byte arrays for the CRL output fully cover all test scenarios after switching to the static RSA key; review the generated values for consistency with security expectations.
byte[] expected = ( ... ).HexToByteArray();
|
Tagging subscribers to this area: @dotnet/area-system-security, @bartonjs, @vcsjones |
|
/azp run runtime-libraries-mono outerloop |
|
Azure Pipelines successfully started running 1 pipeline(s). |
|
/ba-g None of the failing tests are the tests that were changed. |
2 participants
Change from using the "big exponent" key to some other key (which uses the normal exponent of F5), as not all versions of Android like big exponent keys.
Fixes #114772.