AesGcm.IsSupported and AesCcm.IsSupported should not unconditionally return true for MacOS

In https://github.com/dotnet/runtime/pull/52030, `AesGcm.IsSupported` and `AesCcm.IsSupported` were introduced.

For macOS, these properties unconditionally return `true` even if there is no usable version of OpenSSL found on the system.

https://github.com/dotnet/runtime/blob/5a47690c4658580379a4a9cf9a375bad6bc27949/src/libraries/System.Security.Cryptography.Algorithms/src/System/Security/Cryptography/AesGcm.cs#L31

This leads to a somewhat bad experience. `IsSupported` will return `true`, but attempting to use `AesGcm` or `AesCcm` will result in a SIGABRT of the whole process, with the message "No usable version of libssl was found".

Ideally these properties would correctly handle OpenSSL not being available.

With ChaCha20Poly1305 the situation is slightly worse: The IsSupported property itself trigger the faulting behavior when it calls into the shim to ask if the current version of OpenSSL supports the algorithm.

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

AesGcm.IsSupported and AesCcm.IsSupported should not unconditionally return true for MacOS #52598

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

AesGcm.IsSupported and AesCcm.IsSupported should not unconditionally return true for MacOS #52598

Description

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions