Mark RNGCryptoServiceProvider as Obsolete (#52373)

jeffhandley · bartonjs · web-flow · commit ebd695fee1cc · 2021-05-07T18:33:52.000-07:00
* Mark RNGCryptoServiceProvider as Obsolete * Use the static methods on RandomNumberGenerator instead of Create() * Use RandomNumberGenerator.GetBytes() instead of RandomNumberGenerator.Create().GetBytes() * Revert "Use RandomNumberGenerator.GetBytes() instead of RandomNumberGenerator.Create().GetBytes()" This reverts commit 447f848. * Update src/libraries/System.IO.Pipes/tests/NamedPipeTests/NamedPipeTest.CurrentUserOnly.Windows.cs Co-authored-by: Jeremy Barton <jbarton@microsoft.com>
diff --git a/docs/project/list-of-diagnostics.md b/docs/project/list-of-diagnostics.md
@@ -76,6 +76,7 @@ The PR that reveals the implementation of the `<IncludeInternalObsoleteAttribute
 |  __`SYSLIB0019`__ | RuntimeEnvironment members SystemConfigurationFile, GetRuntimeInterfaceAsIntPtr, and GetRuntimeInterfaceAsObject are no longer supported and throw PlatformNotSupportedException. |
 |  __`SYSLIB0020`__ | JsonSerializerOptions.IgnoreNullValues is obsolete. To ignore null values when serializing, set DefaultIgnoreCondition to JsonIgnoreCondition.WhenWritingNull. |
 |  __`SYSLIB0022`__ | The Rijndael and RijndaelManaged types are obsolete. Use Aes instead. |
+|  __`SYSLIB0023`__ | RNGCryptoServiceProvider is obsolete. To generate a random number, use one of the RandomNumberGenerator static methods instead. |
 
 ## Analyzer Warnings
 
diff --git a/src/libraries/Common/src/System/Obsoletions.cs b/src/libraries/Common/src/System/Obsoletions.cs
@@ -74,5 +74,8 @@ internal static class Obsoletions
 
         internal const string RijndaelMessage = "The Rijndael and RijndaelManaged types are obsolete. Use Aes instead.";
         internal const string RijndaelDiagId = "SYSLIB0022";
+
+        internal const string RNGCryptoServiceProviderMessage = "RNGCryptoServiceProvider is obsolete. To generate a random number, use one of the RandomNumberGenerator static methods instead.";
+        internal const string RNGCryptoServiceProviderDiagId = "SYSLIB0023";
     }
 }
diff --git a/src/libraries/Directory.Build.targets b/src/libraries/Directory.Build.targets
@@ -21,8 +21,9 @@
          SYSLIB0004: Constrained Execution Region (CER).
          SYSLIB0017: Strong name signing.
          SYSLIB0022: Rijndael types.
+         SYSLIB0023: RNGCryptoServiceProvider.
     -->
-    <NoWarn Condition="'$(IsPartialFacadeAssembly)' == 'true'">$(NoWarn);SYSLIB0003;SYSLIB0004;SYSLIB0015;SYSLIB0017;SYSLIB0022</NoWarn>
+    <NoWarn Condition="'$(IsPartialFacadeAssembly)' == 'true'">$(NoWarn);SYSLIB0003;SYSLIB0004;SYSLIB0015;SYSLIB0017;SYSLIB0022;SYSLIB0023</NoWarn>
     <!-- Reset these properties back to blank, since they are defaulted by Microsoft.NET.Sdk -->
     <WarningsAsErrors Condition="'$(WarningsAsErrors)' == 'NU1605'" />
     <!-- Set the documentation output file globally. -->
diff --git a/src/libraries/System.IO.Pipes/tests/NamedPipeTests/NamedPipeTest.CurrentUserOnly.Windows.cs b/src/libraries/System.IO.Pipes/tests/NamedPipeTests/NamedPipeTest.CurrentUserOnly.Windows.cs
@@ -22,14 +22,10 @@ public class TestAccountImpersonator : IDisposable
         public TestAccountImpersonator()
         {
             string testAccountPassword;
-            using (RandomNumberGenerator rng = new RNGCryptoServiceProvider())
-            {
-                var randomBytes = new byte[33];
-                rng.GetBytes(randomBytes);
+            byte[] randomBytes = RandomNumberGenerator.GetBytes(33);
 
-                // Add special chars to ensure it satisfies password requirements.
-                testAccountPassword = Convert.ToBase64String(randomBytes) + "_-As@!%*(1)4#2";
-            }
+            // Add special chars to ensure it satisfies password requirements.
+            testAccountPassword = Convert.ToBase64String(randomBytes) + "_-As@!%*(1)4#2";
 
             DateTime accountExpirationDate = DateTime.UtcNow + TimeSpan.FromMinutes(2);
             using (var principalCtx = new PrincipalContext(ContextType.Machine))
diff --git a/src/libraries/System.Security.Cryptography.Csp/ref/System.Security.Cryptography.Csp.cs b/src/libraries/System.Security.Cryptography.Csp/ref/System.Security.Cryptography.Csp.cs
@@ -175,6 +175,7 @@ public RC2CryptoServiceProvider() { }
         public override void GenerateIV() { }
         public override void GenerateKey() { }
     }
+    [System.ObsoleteAttribute("RNGCryptoServiceProvider is obsolete. To generate a random number, use one of the RandomNumberGenerator static methods instead.", DiagnosticId = "SYSLIB0023", UrlFormat = "https://aka.ms/dotnet-warnings/{0}")]
     [System.ComponentModel.EditorBrowsableAttribute(System.ComponentModel.EditorBrowsableState.Never)]
     public sealed partial class RNGCryptoServiceProvider : System.Security.Cryptography.RandomNumberGenerator
     {
diff --git a/src/libraries/System.Security.Cryptography.Csp/src/System.Security.Cryptography.Csp.csproj b/src/libraries/System.Security.Cryptography.Csp/src/System.Security.Cryptography.Csp.csproj
@@ -27,6 +27,8 @@
     <Compile Include="Internal\Cryptography\Helpers.cs" />
     <Compile Include="$(CommonPath)Internal\Cryptography\Helpers.cs"
              Link="Internal\Cryptography\Helpers.cs" />
+    <Compile Include="$(CommonPath)System\Obsoletions.cs"
+             Link="Common\System\Obsoletions.cs" />
     <Compile Include="$(CommonPath)System\Security\Cryptography\KeySizeHelpers.cs"
              Link="Common\System\Security\Cryptography\KeySizeHelpers.cs" />
     <Compile Include="$(CommonPath)System\Security\Cryptography\CryptoPool.cs"
diff --git a/src/libraries/System.Security.Cryptography.Csp/src/System/Security/Cryptography/RNGCryptoServiceProvider.cs b/src/libraries/System.Security.Cryptography.Csp/src/System/Security/Cryptography/RNGCryptoServiceProvider.cs
@@ -5,6 +5,7 @@
 
 namespace System.Security.Cryptography
 {
+    [Obsolete(Obsoletions.RNGCryptoServiceProviderMessage, DiagnosticId = Obsoletions.RNGCryptoServiceProviderDiagId, UrlFormat = Obsoletions.SharedUrlFormat)]
     [EditorBrowsable(EditorBrowsableState.Never)]
     public sealed class RNGCryptoServiceProvider : RandomNumberGenerator
     {
diff --git a/src/libraries/System.Security.Cryptography.Csp/tests/RNGCryptoServiceProviderTests.cs b/src/libraries/System.Security.Cryptography.Csp/tests/RNGCryptoServiceProviderTests.cs
@@ -4,6 +4,8 @@
 using System.Linq;
 using Xunit;
 
+#pragma warning disable SYSLIB0023 // RNGCryptoServiceProvider is obsolete
+
 namespace System.Security.Cryptography.RNG.Tests
 {
     /// <summary>
@@ -120,3 +122,5 @@ public static void VerifyCtors()
         }
     }
 }
+
+#pragma warning restore SYSLIB0023
diff --git a/src/libraries/System.Security.Principal.Windows/tests/WindowsIdentityImpersonatedTests.netcoreapp.cs b/src/libraries/System.Security.Principal.Windows/tests/WindowsIdentityImpersonatedTests.netcoreapp.cs
@@ -128,7 +128,7 @@ public WindowsTestAccount(string userName)
     private void CreateUser()
     {
         string testAccountPassword;
-        using (RandomNumberGenerator rng = new RNGCryptoServiceProvider())
+        using (RandomNumberGenerator rng = RandomNumberGenerator.Create())
         {
             byte[] randomBytes = new byte[33];
             rng.GetBytes(randomBytes);

Original file line number	Diff line number	Diff line change
`@@ -74,5 +74,8 @@ internal static class Obsoletions`
`74`	`74`
`75`	`75`	`internal const string RijndaelMessage = "The Rijndael and RijndaelManaged types are obsolete. Use Aes instead.";`
`76`	`76`	`internal const string RijndaelDiagId = "SYSLIB0022";`
	`77`	`+`
	`78`	`+ internal const string RNGCryptoServiceProviderMessage = "RNGCryptoServiceProvider is obsolete. To generate a random number, use one of the RandomNumberGenerator static methods instead.";`
	`79`	`+ internal const string RNGCryptoServiceProviderDiagId = "SYSLIB0023";`
`77`	`80`	`}`
`78`	`81`	`}`
Original file line number	Diff line number	Diff line change
`@@ -175,6 +175,7 @@ public RC2CryptoServiceProvider() { }`
`175`	`175`	`public override void GenerateIV() { }`
`176`	`176`	`public override void GenerateKey() { }`
`177`	`177`	`}`
	`178`	`+ [System.ObsoleteAttribute("RNGCryptoServiceProvider is obsolete. To generate a random number, use one of the RandomNumberGenerator static methods instead.", DiagnosticId = "SYSLIB0023", UrlFormat = "https://aka.ms/dotnet-warnings/{0}")]`
`178`	`179`	`[System.ComponentModel.EditorBrowsableAttribute(System.ComponentModel.EditorBrowsableState.Never)]`
`179`	`180`	`public sealed partial class RNGCryptoServiceProvider : System.Security.Cryptography.RandomNumberGenerator`
`180`	`181`	`{`
Original file line number	Diff line number	Diff line change
`@@ -5,6 +5,7 @@`
`5`	`5`
`6`	`6`	`namespace System.Security.Cryptography`
`7`	`7`	`{`
	`8`	`+ [Obsolete(Obsoletions.RNGCryptoServiceProviderMessage, DiagnosticId = Obsoletions.RNGCryptoServiceProviderDiagId, UrlFormat = Obsoletions.SharedUrlFormat)]`
`8`	`9`	`[EditorBrowsable(EditorBrowsableState.Never)]`
`9`	`10`	`public sealed class RNGCryptoServiceProvider : RandomNumberGenerator`
`10`	`11`	`{`
Original file line number	Diff line number	Diff line change
`@@ -4,6 +4,8 @@`
`4`	`4`	`using System.Linq;`
`5`	`5`	`using Xunit;`
`6`	`6`
	`7`	`+#pragma warning disable SYSLIB0023 // RNGCryptoServiceProvider is obsolete`
	`8`	`+`
`7`	`9`	`namespace System.Security.Cryptography.RNG.Tests`
`8`	`10`	`{`
`9`	`11`	`/// <summary>`
`@@ -120,3 +122,5 @@ public static void VerifyCtors()`
`120`	`122`	`}`
`121`	`123`	`}`
`122`	`124`	`}`
	`125`	`+`
	`126`	`+#pragma warning restore SYSLIB0023`
Original file line number	Diff line number	Diff line change
`@@ -128,7 +128,7 @@ public WindowsTestAccount(string userName)`
`128`	`128`	`private void CreateUser()`
`129`	`129`	`{`
`130`	`130`	`string testAccountPassword;`
`131`		`- using (RandomNumberGenerator rng = new RNGCryptoServiceProvider())`
	`131`	`+ using (RandomNumberGenerator rng = RandomNumberGenerator.Create())`
`132`	`132`	`{`
`133`	`133`	`byte[] randomBytes = new byte[33];`
`134`	`134`	`rng.GetBytes(randomBytes);`