Change SHA256 algorithm to work on FIPS-compliant machines.

#95
aspnet · Aug 9, 2016 · 71b9187 · 71b9187
1 parent b086b5b
commit 71b9187
Show file tree

Hide file tree

Showing 2 changed files with 12 additions and 1 deletion.
diff --git a/src/Microsoft.AspNetCore.Antiforgery/Internal/AntiforgeryOptionsSetup.cs b/src/Microsoft.AspNetCore.Antiforgery/Internal/AntiforgeryOptionsSetup.cs
@@ -28,7 +28,14 @@ public static void ConfigureOptions(AntiforgeryOptions options, DataProtectionOp
 
         private static string ComputeCookieName(string applicationId)
         {
-            using (var sha256 = SHA256.Create())
+            HashAlgorithm sha256;
+#if NETSTANDARD1_3
+            sha256 = SHA256.Create();
+#else
+            sha256 = new SHA256Cng();
+#endif
+
+            using (sha256)
             {
                 var hash = sha256.ComputeHash(Encoding.UTF8.GetBytes(applicationId));
                 var subHash = hash.Take(8).ToArray();

diff --git a/src/Microsoft.AspNetCore.Antiforgery/Internal/AntiforgerySerializationContext.cs b/src/Microsoft.AspNetCore.Antiforgery/Internal/AntiforgerySerializationContext.cs
@@ -88,7 +88,11 @@ public SHA256 Sha256
             {
                 if (_sha256 == null)
                 {
+#if NETSTANDARD1_3
                     _sha256 = SHA256.Create();
+#else
+                    _sha256 = new SHA256Cng();
+#endif
                 }
 
                 return _sha256;