Mark RNGCryptoServiceProvider as Obsolete (#52373)

* Mark RNGCryptoServiceProvider as Obsolete * Use the static methods on RandomNumberGenerator instead of Create() * Use RandomNumberGenerator.GetBytes() instead of RandomNumberGenerator.Create().GetBytes() * Revert "Use RandomNumberGenerator.GetBytes() instead of RandomNumberGenerator.Create().GetBytes()" This reverts commit 447f848. * Update src/libraries/System.IO.Pipes/tests/NamedPipeTests/NamedPipeTest.CurrentUserOnly.Windows.cs Co-authored-by: Jeremy Barton <jbarton@microsoft.com>
dotnet · May 8, 2021 · ebd695f · ebd695f
1 parent db85f31
commit ebd695f
Show file tree

Hide file tree

Showing 9 changed files with 18 additions and 9 deletions.
diff --git a/docs/project/list-of-diagnostics.md b/docs/project/list-of-diagnostics.md
@@ -76,6 +76,7 @@ The PR that reveals the implementation of the `<IncludeInternalObsoleteAttribute
 |  __`SYSLIB0019`__ | RuntimeEnvironment members SystemConfigurationFile, GetRuntimeInterfaceAsIntPtr, and GetRuntimeInterfaceAsObject are no longer supported and throw PlatformNotSupportedException. |
 |  __`SYSLIB0020`__ | JsonSerializerOptions.IgnoreNullValues is obsolete. To ignore null values when serializing, set DefaultIgnoreCondition to JsonIgnoreCondition.WhenWritingNull. |
 |  __`SYSLIB0022`__ | The Rijndael and RijndaelManaged types are obsolete. Use Aes instead. |
+|  __`SYSLIB0023`__ | RNGCryptoServiceProvider is obsolete. To generate a random number, use one of the RandomNumberGenerator static methods instead. |
 
 ## Analyzer Warnings
 

diff --git a/src/libraries/Common/src/System/Obsoletions.cs b/src/libraries/Common/src/System/Obsoletions.cs
@@ -74,5 +74,8 @@ internal static class Obsoletions
 
         internal const string RijndaelMessage = "The Rijndael and RijndaelManaged types are obsolete. Use Aes instead.";
         internal const string RijndaelDiagId = "SYSLIB0022";
+
+        internal const string RNGCryptoServiceProviderMessage = "RNGCryptoServiceProvider is obsolete. To generate a random number, use one of the RandomNumberGenerator static methods instead.";
+        internal const string RNGCryptoServiceProviderDiagId = "SYSLIB0023";
     }
 }
diff --git a/src/libraries/Directory.Build.targets b/src/libraries/Directory.Build.targets
@@ -21,8 +21,9 @@
          SYSLIB0004: Constrained Execution Region (CER).
          SYSLIB0017: Strong name signing.
          SYSLIB0022: Rijndael types.
+         SYSLIB0023: RNGCryptoServiceProvider.
     -->
-    <NoWarn Condition="'$(IsPartialFacadeAssembly)' == 'true'">$(NoWarn);SYSLIB0003;SYSLIB0004;SYSLIB0015;SYSLIB0017;SYSLIB0022</NoWarn>
+    <NoWarn Condition="'$(IsPartialFacadeAssembly)' == 'true'">$(NoWarn);SYSLIB0003;SYSLIB0004;SYSLIB0015;SYSLIB0017;SYSLIB0022;SYSLIB0023</NoWarn>
     <!-- Reset these properties back to blank, since they are defaulted by Microsoft.NET.Sdk -->
     <WarningsAsErrors Condition="'$(WarningsAsErrors)' == 'NU1605'" />
     <!-- Set the documentation output file globally. -->

diff --git a/src/libraries/System.IO.Pipes/tests/NamedPipeTests/NamedPipeTest.CurrentUserOnly.Windows.cs b/src/libraries/System.IO.Pipes/tests/NamedPipeTests/NamedPipeTest.CurrentUserOnly.Windows.cs
@@ -22,14 +22,10 @@ public class TestAccountImpersonator : IDisposable
         public TestAccountImpersonator()
         {
             string testAccountPassword;
-            using (RandomNumberGenerator rng = new RNGCryptoServiceProvider())
-            {
-                var randomBytes = new byte[33];
-                rng.GetBytes(randomBytes);
+            byte[] randomBytes = RandomNumberGenerator.GetBytes(33);
 
-                // Add special chars to ensure it satisfies password requirements.
-                testAccountPassword = Convert.ToBase64String(randomBytes) + "_-As@!%*(1)4#2";
-            }
+            // Add special chars to ensure it satisfies password requirements.
+            testAccountPassword = Convert.ToBase64String(randomBytes) + "_-As@!%*(1)4#2";
 
             DateTime accountExpirationDate = DateTime.UtcNow + TimeSpan.FromMinutes(2);
             using (var principalCtx = new PrincipalContext(ContextType.Machine))

diff --git a/src/libraries/System.Security.Cryptography.Csp/ref/System.Security.Cryptography.Csp.cs b/src/libraries/System.Security.Cryptography.Csp/ref/System.Security.Cryptography.Csp.cs
@@ -175,6 +175,7 @@ public RC2CryptoServiceProvider() { }
         public override void GenerateIV() { }
         public override void GenerateKey() { }
     }
+    [System.ObsoleteAttribute("RNGCryptoServiceProvider is obsolete. To generate a random number, use one of the RandomNumberGenerator static methods instead.", DiagnosticId = "SYSLIB0023", UrlFormat = "https://aka.ms/dotnet-warnings/{0}")]
     [System.ComponentModel.EditorBrowsableAttribute(System.ComponentModel.EditorBrowsableState.Never)]
     public sealed partial class RNGCryptoServiceProvider : System.Security.Cryptography.RandomNumberGenerator
     {

diff --git a/src/libraries/System.Security.Cryptography.Csp/src/System.Security.Cryptography.Csp.csproj b/src/libraries/System.Security.Cryptography.Csp/src/System.Security.Cryptography.Csp.csproj
@@ -27,6 +27,8 @@
     <Compile Include="Internal\Cryptography\Helpers.cs" />
     <Compile Include="$(CommonPath)Internal\Cryptography\Helpers.cs"
              Link="Internal\Cryptography\Helpers.cs" />
+    <Compile Include="$(CommonPath)System\Obsoletions.cs"
+             Link="Common\System\Obsoletions.cs" />
     <Compile Include="$(CommonPath)System\Security\Cryptography\KeySizeHelpers.cs"
              Link="Common\System\Security\Cryptography\KeySizeHelpers.cs" />
     <Compile Include="$(CommonPath)System\Security\Cryptography\CryptoPool.cs"

diff --git a/...em.Security.Cryptography.Csp/src/System/Security/Cryptography/RNGCryptoServiceProvider.cs b/...em.Security.Cryptography.Csp/src/System/Security/Cryptography/RNGCryptoServiceProvider.cs
@@ -5,6 +5,7 @@
 
 namespace System.Security.Cryptography
 {
+    [Obsolete(Obsoletions.RNGCryptoServiceProviderMessage, DiagnosticId = Obsoletions.RNGCryptoServiceProviderDiagId, UrlFormat = Obsoletions.SharedUrlFormat)]
     [EditorBrowsable(EditorBrowsableState.Never)]
     public sealed class RNGCryptoServiceProvider : RandomNumberGenerator
     {

diff --git a/src/libraries/System.Security.Cryptography.Csp/tests/RNGCryptoServiceProviderTests.cs b/src/libraries/System.Security.Cryptography.Csp/tests/RNGCryptoServiceProviderTests.cs
@@ -4,6 +4,8 @@
 using System.Linq;
 using Xunit;
 
+#pragma warning disable SYSLIB0023 // RNGCryptoServiceProvider is obsolete
+
 namespace System.Security.Cryptography.RNG.Tests
 {
     /// <summary>
@@ -120,3 +122,5 @@ public static void VerifyCtors()
         }
     }
 }
+
+#pragma warning restore SYSLIB0023
diff --git a/...es/System.Security.Principal.Windows/tests/WindowsIdentityImpersonatedTests.netcoreapp.cs b/...es/System.Security.Principal.Windows/tests/WindowsIdentityImpersonatedTests.netcoreapp.cs
@@ -128,7 +128,7 @@ public WindowsTestAccount(string userName)
     private void CreateUser()
     {
         string testAccountPassword;
-        using (RandomNumberGenerator rng = new RNGCryptoServiceProvider())
+        using (RandomNumberGenerator rng = RandomNumberGenerator.Create())
         {
             byte[] randomBytes = new byte[33];
             rng.GetBytes(randomBytes);