[release/6.0] Fix process aborts when using cryptographic primitives with empty input for Android #77283
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Backport of #61827 to release/6.0.
/cc @bartonjs @steveisok
Customer Impact
Reported by a customer is #77258. Customers that use HMAC APIs to append data, or use APIs that append HMAC data, and that data is empty will see a process crash (SIGABRT) in Android.
Some higher-level APIs such as HKDF or
ECDiffieHellman
will append empty data the HMAC. Customers using these APIs that do that have no reasonable work around.Testing
These changes have been present in .NET 7 for quite some time. Existing tests caught this behavior for .NET 7.
Risk
Low. The changes are well understood and isolated.
IMPORTANT: Is this backport for a servicing release? If so and this change touches code that ships in a NuGet package, please make certain that you have added any necessary package authoring and gotten it explicitly reviewed.