Merge pull request #2213 from bartonjs/DeriveBytes1956

Properly reset HashAlgorithm objects using OpenSSL.

Author: stephentoub

src/Common/src/Interop/OSX/libcrypto/Interop.HMAC.cs

@@ -20,6 +20,12 @@ internal static unsafe int HMAC_Init(out HMAC_CTX ctx, byte* key, int key_len, I
             return Success;
         }
 
+        internal static int HMAC_Init_ex(ref HMAC_CTX ctx, byte[] key, int key_len, IntPtr md, IntPtr zero)
+        {
+            HMAC_Init_exNative(ref ctx, key, key_len, md, zero);
+            return Success;
+        }
+
         internal static unsafe int HMAC_Update(ref HMAC_CTX ctx, byte* data, int len)
         {
             HMAC_UpdateNative(ref ctx, data, len);
@@ -35,6 +41,9 @@ internal static unsafe int HMAC_Final(ref HMAC_CTX ctx, byte* md, ref uint len)
         [DllImport(Libraries.LibCrypto, EntryPoint = "HMAC_Init", ExactSpelling = true)]
         private extern static unsafe int HMAC_InitNative(out HMAC_CTX ctx, byte* key, int key_len, IntPtr md);
 
+        [DllImport(Libraries.LibCrypto, EntryPoint = "HMAC_Init_ex", ExactSpelling = true)]
+        private extern static void HMAC_Init_exNative(ref HMAC_CTX ctx, byte[] key, int key_len, IntPtr md, IntPtr zero);
+
         [DllImport(Libraries.LibCrypto, EntryPoint = "HMAC_Update", ExactSpelling = true)]
         private extern static unsafe int HMAC_UpdateNative(ref HMAC_CTX ctx, byte* data, int len);
 

src/Common/src/Interop/Unix/libcrypto/Interop.HMAC.cs

@@ -11,6 +11,9 @@ internal static partial class libcrypto
         [DllImport(Libraries.LibCrypto)]
         internal extern static unsafe int HMAC_Init(out HMAC_CTX ctx, byte* key, int key_len, IntPtr md);
 
+        [DllImport(Libraries.LibCrypto)]
+        internal extern static int HMAC_Init_ex(ref HMAC_CTX ctx, byte[] key, int key_len, IntPtr md, IntPtr zero);
+
         [DllImport(Libraries.LibCrypto)]
         internal extern static unsafe int HMAC_Update(ref HMAC_CTX ctx, byte* data, int len);
 

src/System.Security.Cryptography.DeriveBytes/tests/Rfc2898Tests.cs

@@ -207,7 +207,6 @@ public static void GetBytes_StreamLike()
         }
 
         [Fact]
-        [ActiveIssue(1956, PlatformID.AnyUnix)]
         public static void GetBytes_KnownValues_1()
         {
             TestKnownValue(
@@ -224,7 +223,6 @@ public static void GetBytes_KnownValues_1()
         }
 
         [Fact]
-        [ActiveIssue(1956, PlatformID.AnyUnix)]
         public static void GetBytes_KnownValues_2()
         {
             TestKnownValue(
@@ -241,7 +239,6 @@ public static void GetBytes_KnownValues_2()
         }
 
         [Fact]
-        [ActiveIssue(1956, PlatformID.AnyUnix)]
         public static void GetBytes_KnownValues_3()
         {
             TestKnownValue(
@@ -258,7 +255,6 @@ public static void GetBytes_KnownValues_3()
         }
 
         [Fact]
-        [ActiveIssue(1956, PlatformID.AnyUnix)]
         public static void GetBytes_KnownValues_4()
         {
             TestKnownValue(

src/System.Security.Cryptography.Hashing.Algorithms/src/Internal/Cryptography/HashProviderDispenser.Unix.cs

@@ -53,11 +53,13 @@ public static unsafe HashProvider CreateMacProvider(string hashAlgorithmId, byte
 
         private sealed class EvpHashProvider : HashProvider
         {
+            private readonly IntPtr _algorithmEvp;
             private readonly int _hashSize;
             private readonly SafeEvpMdCtxHandle _ctx;
 
             public EvpHashProvider(IntPtr algorithmEvp)
             {
+                _algorithmEvp = algorithmEvp;
                 Debug.Assert(algorithmEvp != IntPtr.Zero);
 
                 _hashSize = Interop.libcrypto.EVP_MD_size(algorithmEvp);
@@ -90,6 +92,9 @@ public sealed override unsafe byte[] FinalizeHashAndReset()
                 Check(Interop.libcrypto.EVP_DigestFinal_ex(_ctx, md, ref length));
                 Debug.Assert(length == _hashSize);
 
+                // Reset the algorithm provider.
+                Check(Interop.libcrypto.EVP_DigestInit_ex(_ctx, _algorithmEvp, IntPtr.Zero));
+
                 byte[] result = new byte[(int)length];
                 Marshal.Copy((IntPtr)md, result, 0, (int)length);
                 return result;
@@ -146,6 +151,10 @@ public sealed override unsafe byte[] FinalizeHashAndReset()
                 Check(Interop.libcrypto.HMAC_Final(ref _hmacCtx, md, ref length));
                 Debug.Assert(length == _hashSize);
 
+                // HMAC_Init_ex with all NULL values keeps the key and algorithm (and engine) intact,
+                // but resets the values for another computation.
+                Check(Interop.libcrypto.HMAC_Init_ex(ref _hmacCtx, null, 0, IntPtr.Zero, IntPtr.Zero));
+
                 byte[] result = new byte[(int)length];
                 Marshal.Copy((IntPtr)md, result, 0, (int)length);
                 return result;

src/System.Security.Cryptography.Hashing.Algorithms/tests/ReusabilityTests.cs

@@ -0,0 +1,41 @@
+// Copyright (c) Microsoft. All rights reserved.
+// Licensed under the MIT license. See LICENSE file in the project root for full license information.
+
+using System.Collections.Generic;
+using Xunit;
+
+namespace System.Security.Cryptography.Hashing.Algorithms.Tests
+{
+    public class ReusabilityTests
+    {
+        [Theory]
+        [MemberData("ReusabilityHashAlgorithms")]
+        public void TestReusability(HashAlgorithm hashAlgorithm)
+        {
+            using (hashAlgorithm)
+            {
+                byte[] input = { 8, 6, 7, 5, 3, 0, 9, };
+                byte[] hash1 = hashAlgorithm.ComputeHash(input);
+                byte[] hash2 = hashAlgorithm.ComputeHash(input);
+
+                Assert.Equal(hash1, hash2);
+            }
+        }
+
+        public static IEnumerable<object[]> ReusabilityHashAlgorithms()
+        {
+            return new[]
+            {
+                new object[] { MD5.Create(), },
+                new object[] { SHA1.Create(), },
+                new object[] { SHA256.Create(), },
+                new object[] { SHA384.Create(), },
+                new object[] { SHA512.Create(), },
+                new object[] { new HMACSHA1(), },
+                new object[] { new HMACSHA256(), },
+                new object[] { new HMACSHA384(), },
+                new object[] { new HMACSHA512(), },
+            };
+        }
+    }
+}

src/System.Security.Cryptography.Hashing.Algorithms/tests/System.Security.Cryptography.Hashing.Algorithms.Tests.csproj

@@ -29,6 +29,7 @@
     <Compile Include="HmacSha512Tests.cs" />
     <Compile Include="HmacTests.cs" />
     <Compile Include="MD5Tests.cs" />
+    <Compile Include="ReusabilityTests.cs" />
     <Compile Include="Rfc2202HmacTests.cs" />
     <Compile Include="Rfc4231HmacTests.cs" />
     <Compile Include="Sha1Tests.cs" />