Skip to content
This repository has been archived by the owner on Jan 23, 2023. It is now read-only.
/ corefx Public archive

ProtectedData: add DataProtectionScope parameter check #30726

Closed
wants to merge 1 commit into from
Closed

ProtectedData: add DataProtectionScope parameter check #30726

wants to merge 1 commit into from

Conversation

MaximLipnin
Copy link
Contributor

Adds DataProtectionScope parameter value check to Protect and Unprotect methods.

@stephentoub
Copy link
Member

stephentoub commented Jun 28, 2018
edited
Loading

Thanks, but why? This check doesn't exist on the .NET Framework as far as I can tell, so this is introducing an exception that wasn't ever there before.

@stephentoub
Copy link
Member

cc: @bartonjs

@MaximLipnin
Copy link
Contributor Author

During the import ProtectedData type from CoreFX to Mono I faced a couple of failing unit test which check this parameter and expect ArgumentException on wrong value. There is no exactly the same check in .Net Framework but there are similar ones in other places (like here). CoreFX also has similar validations. So I thought it'd be acceptable for you.

@stephentoub
Copy link
Member

It sounds like the bug is actually in Mono, doing extra checks and throwing for something that the .NET Framework doesn't check or throw on. All the .NET Framework (and corefx) care about is whether the value is LocalMachine or not:
https://github.com/dotnet/corefx/pull/30726/files#diff-4c272c4c87c6d48b41762cd6b41cffd4R56
I think we should keep it that way.

@bartonjs
Copy link
Member

It sounds like the bug is actually in Mono

It's definitely in a grey area.

If someone wrote ProtectedData.Protect(data, entropy, (DataProtectionScope)3) then NetFX would have done a thing.

If we added more enum values in the future then their code would eventually encounter a behavioral difference.

If I had expectation of this API changing within the next 5-10 years then I'd say that adding the "don't give me unmapped states" check was reasonable future-proofing. Since it seems pretty well done and set, I think that adding an exception in CoreFX that isn't present in NetFX is just a source of aggravation during porting.

So I don't know if I'd say that the "bug" is in Mono over NetFX, but I think that in this specific case the better answer is that Mono relax their tests instead of us constrain CoreFX.

@stephentoub
Copy link
Member

@MaximLipnin, thanks for the interest in changing this. Given the feedback, I'm going to close this.

@MaximLipnin
Copy link
Contributor Author

@stephentoub @bartonjs Thank you for the clarification! I will resolve it on Mono side.

@MaximLipnin MaximLipnin deleted the check_data_scope_in_protected_data branch June 28, 2018 16:45
@MaximLipnin MaximLipnin mentioned this pull request Jun 29, 2018
Merged
@karelz karelz added this to the 3.0 milestone Jul 8, 2018
marek-safar pushed a commit to mono/mono that referenced this pull request Jul 9, 2018
@MaximLipnin @marek-safar
CoreFX import for ProtectedData type (Windows part) (#9375)
f602125 
As part of #7589 

- CoreFX import only for Windows platform (no support for non-Windows platforms, see https://github.com/dotnet/corefx/issues/22510)
- left Mono managed implementation for non-Windows platforms
- removed DataProtectionScope parameter value check (no such a check in CoreFX and NET Framework, see dotnet/corefx#30726) and couple of related unit tests
- added CoreFX xunit tests
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
3.0
Development

Successfully merging this pull request may close these issues.
4 participants
@MaximLipnin @stephentoub @bartonjs @karelz