Skip to content

[release/8.0-staging] Detect if RSA-384 is supported on the platform #120383

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Oct 4, 2025
Merged

[release/8.0-staging] Detect if RSA-384 is supported on the platform #120383

merged 1 commit into from
Oct 4, 2025

Conversation

vcsjones
Copy link
Member

@vcsjones vcsjones commented Oct 3, 2025

Backport of #120366 to release/8.0-staging

/cc @bartonjs

Customer Impact

  • Customer reported
  • Found internally

This is test-only reaction to a change in Windows. Tests started failing in Windows because a Windows Update caused RSA with a 384-bit modulus to fail.

Regression

  • Yes
  • No

Testing

This is test only change. Verified failing tests started passing again.

Risk

None. Test-only change.

@vcsjones vcsjones added this to the 8.0.x milestone Oct 3, 2025
@vcsjones vcsjones requested a review from bartonjs October 3, 2025 20:02
@vcsjones vcsjones self-assigned this Oct 3, 2025
@Copilot Copilot AI review requested due to automatic review settings October 3, 2025 20:02
Copilot
Copilot AI reviewed Oct 3, 2025
View reviewed changes
Copy link
Contributor

@Copilot Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull Request Overview

This PR replaces the previous hardcoded Windows version checking for RSA-384 support with a dynamic runtime detection system. The change was prompted by failing tests after a Windows Update caused RSA with 384-bit modulus to fail on previously supported Windows versions.

  • Consolidated RSA-384 support detection into a centralized PlatformSupport.IsRSA384Supported property
  • Removed duplicated version-checking code from multiple RSA provider classes
  • Added runtime capability testing by attempting to import known RSA-384 parameters

Reviewed Changes

Copilot reviewed 4 out of 4 changed files in this pull request and generated no comments.

File Description
DefaultRSAProvider.cs Simplified Supports384PrivateKey to use centralized platform support detection
RSACryptoServiceProviderProvider.cs Updated to use PlatformSupport.IsRSA384Supported instead of hardcoded true
RSACngProvider.cs Removed duplicate Windows version checking logic, now uses centralized detection
PlatformSupport.cs Added new IsRSA384Supported property with runtime detection logic and RSA-384 test parameters

@dotnet-policy-service
Copy link
Contributor

Tagging subscribers to this area: @dotnet/area-system-security, @bartonjs, @vcsjones
See info in area-owners.md if you want to be subscribed.

@bartonjs bartonjs added the Servicing-approved Approved for servicing release label Oct 3, 2025
@bartonjs
Copy link
Member

bartonjs commented Oct 3, 2025

Test-only change, tell mode.

@bartonjs bartonjs enabled auto-merge (squash) October 3, 2025 21:49
@jeffhandley jeffhandley mentioned this pull request Oct 4, 2025
Open
@bartonjs bartonjs merged commit 2238cc9 into dotnet:release/8.0-staging Oct 4, 2025
115 of 117 checks passed
@vcsjones vcsjones deleted the backport-120366-to-release/8.0-staging branch October 4, 2025 03:25
@vcsjones vcsjones added the test-enhancement Improvements of test source code label Oct 6, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

@jeffhandley jeffhandley jeffhandley approved these changes

@bartonjs bartonjs bartonjs approved these changes

Assignees

@vcsjones vcsjones

Labels

area-System.Security Servicing-approved Approved for servicing release test-enhancement Improvements of test source code

Projects

None yet

Milestone

8.0.x

Development

Successfully merging this pull request may close these issues.

3 participants

@vcsjones @bartonjs @jeffhandley