From 814e658f0d39d45f55fb095888ed57ee91c714c2 Mon Sep 17 00:00:00 2001 From: Keegan Caruso Date: Mon, 17 Jul 2023 13:35:17 -0700 Subject: [PATCH 1/2] SymmetricSecurityKey needs 32 bytes --- .../clients/csharp/Client/test/FunctionalTests/Startup.cs | 3 ++- src/SignalR/clients/ts/FunctionalTests/Startup.cs | 3 ++- .../Http.Connections/test/HttpConnectionDispatcherTests.cs | 5 +++-- src/SignalR/samples/JwtSample/Startup.cs | 2 +- 4 files changed, 8 insertions(+), 5 deletions(-) diff --git a/src/SignalR/clients/csharp/Client/test/FunctionalTests/Startup.cs b/src/SignalR/clients/csharp/Client/test/FunctionalTests/Startup.cs index 91286fa5378d..b20a20325aa2 100644 --- a/src/SignalR/clients/csharp/Client/test/FunctionalTests/Startup.cs +++ b/src/SignalR/clients/csharp/Client/test/FunctionalTests/Startup.cs @@ -5,6 +5,7 @@ using System.IdentityModel.Tokens.Jwt; using System.IO; using System.Security.Claims; +using System.Security.Cryptography; using Microsoft.AspNetCore.Authentication.JwtBearer; using Microsoft.AspNetCore.Authentication.Negotiate; using Microsoft.AspNetCore.Authorization; @@ -21,7 +22,7 @@ namespace Microsoft.AspNetCore.SignalR.Client.FunctionalTests; public class Startup { - private readonly SymmetricSecurityKey SecurityKey = new SymmetricSecurityKey(Guid.NewGuid().ToByteArray()); + private readonly SymmetricSecurityKey SecurityKey = new SymmetricSecurityKey(SHA256.HashData(Guid.NewGuid().ToByteArray())); private readonly JwtSecurityTokenHandler JwtTokenHandler = new JwtSecurityTokenHandler(); public void ConfigureServices(IServiceCollection services) diff --git a/src/SignalR/clients/ts/FunctionalTests/Startup.cs b/src/SignalR/clients/ts/FunctionalTests/Startup.cs index 9182753d6a2e..2dda5dc55538 100644 --- a/src/SignalR/clients/ts/FunctionalTests/Startup.cs +++ b/src/SignalR/clients/ts/FunctionalTests/Startup.cs @@ -5,6 +5,7 @@ using System.IdentityModel.Tokens.Jwt; using System.Reflection; using System.Security.Claims; +using System.Security.Cryptography; using Microsoft.AspNetCore.Authentication.JwtBearer; using Microsoft.AspNetCore.DataProtection; using Microsoft.AspNetCore.Http.Connections; @@ -19,7 +20,7 @@ namespace FunctionalTests; public class Startup { - private readonly SymmetricSecurityKey SecurityKey = new SymmetricSecurityKey(Guid.NewGuid().ToByteArray()); + private readonly SymmetricSecurityKey SecurityKey = new SymmetricSecurityKey(SHA256.HashData(Guid.NewGuid().ToByteArray())); private readonly JwtSecurityTokenHandler JwtTokenHandler = new JwtSecurityTokenHandler(); private int _numRedirects; diff --git a/src/SignalR/common/Http.Connections/test/HttpConnectionDispatcherTests.cs b/src/SignalR/common/Http.Connections/test/HttpConnectionDispatcherTests.cs index f083e9b6b897..d0ecdcf21560 100644 --- a/src/SignalR/common/Http.Connections/test/HttpConnectionDispatcherTests.cs +++ b/src/SignalR/common/Http.Connections/test/HttpConnectionDispatcherTests.cs @@ -10,6 +10,7 @@ using System.Net.Http; using System.Net.WebSockets; using System.Security.Claims; +using System.Security.Cryptography; using System.Security.Principal; using System.Text; using Microsoft.AspNetCore.Authentication; @@ -2988,7 +2989,7 @@ public async Task ConnectionClosedRequestedTriggeredOnAuthExpiration() [InlineData(HttpTransportType.WebSockets)] public async Task AuthenticationExpirationSetOnAuthenticatedConnectionWithJWT(HttpTransportType transportType) { - SymmetricSecurityKey SecurityKey = new SymmetricSecurityKey(Guid.NewGuid().ToByteArray()); + SymmetricSecurityKey SecurityKey = new SymmetricSecurityKey(SHA256.HashData(Guid.NewGuid().ToByteArray())); JwtSecurityTokenHandler JwtTokenHandler = new JwtSecurityTokenHandler(); using var host = CreateHost(services => @@ -3150,7 +3151,7 @@ public async Task AuthenticationExpirationSetOnAuthenticatedConnectionWithCookie [InlineData(HttpTransportType.WebSockets)] public async Task AuthenticationExpirationUsesCorrectScheme(HttpTransportType transportType) { - var SecurityKey = new SymmetricSecurityKey(Guid.NewGuid().ToByteArray()); + var SecurityKey = new SymmetricSecurityKey(SHA256.HashData(Guid.NewGuid().ToByteArray())); var JwtTokenHandler = new JwtSecurityTokenHandler(); using var host = CreateHost(services => diff --git a/src/SignalR/samples/JwtSample/Startup.cs b/src/SignalR/samples/JwtSample/Startup.cs index 18b1ae21ea35..cefde00a4cd0 100644 --- a/src/SignalR/samples/JwtSample/Startup.cs +++ b/src/SignalR/samples/JwtSample/Startup.cs @@ -11,7 +11,7 @@ namespace JwtSample; public class Startup { - private readonly SymmetricSecurityKey SecurityKey = new SymmetricSecurityKey(RandomNumberGenerator.GetBytes(16)); + private readonly SymmetricSecurityKey SecurityKey = new SymmetricSecurityKey(RandomNumberGenerator.GetBytes(32)); private readonly JwtSecurityTokenHandler JwtTokenHandler = new JwtSecurityTokenHandler(); public void ConfigureServices(IServiceCollection services) From 697d565124d5322113d7823def0d1f337cfad092 Mon Sep 17 00:00:00 2001 From: Safia Abdalla Date: Tue, 18 Jul 2023 08:25:45 -0700 Subject: [PATCH 2/2] Update source-build-externals dependencies --- eng/Version.Details.xml | 4 ++-- eng/Versions.props | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/eng/Version.Details.xml b/eng/Version.Details.xml index 1e062867fae0..5794d7ea0681 100644 --- a/eng/Version.Details.xml +++ b/eng/Version.Details.xml @@ -185,9 +185,9 @@ https://github.com/dotnet/runtime 5d54b08d5fc40d0b1c156f430a487a94c1e34f79 - + https://github.com/dotnet/source-build-externals - ac076c101e6fe5e8fbfbd0a0ab878bd3313d9138 + 844e2cd86e7525d7eb32358e63a0c554187eb26b diff --git a/eng/Versions.props b/eng/Versions.props index c6f87d65fcc7..b005e112e16c 100644 --- a/eng/Versions.props +++ b/eng/Versions.props @@ -163,7 +163,7 @@ 8.0.0-beta.23328.1 - 8.0.0-alpha.1.23329.1 + 8.0.0-alpha.1.23368.1 8.0.0-alpha.1.23356.4