Use new .NET 5.0 API to load RSA parameters.

bgrainger · bgrainger · commit b221a8c38ac5 · 2021-02-13T13:43:52.000-08:00
diff --git a/src/MySqlConnector/Core/ServerSession.cs b/src/MySqlConnector/Core/ServerSession.cs
@@ -664,6 +664,8 @@ private async Task<PayloadData> SendEncryptedPasswordAsync(
 			IOBehavior ioBehavior,
 			CancellationToken cancellationToken)
 		{
+			using var rsa = RSA.Create();
+#if NET461 || NET471 || NETSTANDARD1_3 || NETSTANDARD2_0 || NETSTANDARD2_1 || NETCOREAPP2_1 || NETCOREAPP3_1
 			// load the RSA public key
 			RSAParameters rsaParameters;
 			try
@@ -676,13 +678,23 @@ private async Task<PayloadData> SendEncryptedPasswordAsync(
 				throw new MySqlException(MySqlErrorCode.UnableToConnectToHost, "Couldn't load server's RSA public key; try using a secure connection instead.", ex);
 			}
 
+			rsa.ImportParameters(rsaParameters);
+#else
+			try
+			{
+				Utility.LoadRsaParameters(rsaPublicKey, rsa);
+			}
+			catch (Exception ex)
+			{
+				Log.Error(ex, "Session{0} couldn't load server's RSA public key", m_logArguments);
+				throw new MySqlException(MySqlErrorCode.UnableToConnectToHost, "Couldn't load server's RSA public key; try using a secure connection instead.", ex);
+			}
+#endif
+
 			// add NUL terminator to password
 			var passwordBytes = Encoding.UTF8.GetBytes(cs.Password);
 			Array.Resize(ref passwordBytes, passwordBytes.Length + 1);
 
-			using var rsa = RSA.Create();
-			rsa.ImportParameters(rsaParameters);
-
 			// XOR the password bytes with the challenge
 			AuthPluginData = Utility.TrimZeroByte(switchRequest.Data);
 			for (var i = 0; i < passwordBytes.Length; i++)
diff --git a/src/MySqlConnector/Utilities/Utility.cs b/src/MySqlConnector/Utilities/Utility.cs
@@ -82,9 +82,11 @@ public static unsafe void Convert(this Encoder encoder, ReadOnlySpan<char> chars
 		/// <summary>
 		/// Loads a RSA key from a PEM string.
 		/// </summary>
-		/// <param name="key">The key, in PEM format.</param>
-		/// <returns>An RSA key.</returns>
+#if NET45 || NET461 || NET471 || NETSTANDARD1_3 || NETSTANDARD2_0 || NETSTANDARD2_1 || NETCOREAPP2_1 || NETCOREAPP3_1
 		public static RSAParameters GetRsaParameters(string key)
+#else
+		public static void LoadRsaParameters(string key, RSA rsa)
+#endif
 		{
 			const string beginRsaPrivateKey = "-----BEGIN RSA PRIVATE KEY-----";
 			const string endRsaPrivateKey = "-----END RSA PRIVATE KEY-----";
@@ -134,7 +136,14 @@ public static RSAParameters GetRsaParameters(string key)
 			{
 				if (!System.Convert.TryFromBase64Chars(keyChars, bufferBytes, out var bytesWritten))
 					throw new FormatException("The input is not a valid Base-64 string.");
+#if NETSTANDARD2_1 || NETCOREAPP2_1 || NETCOREAPP3_1
 				return GetRsaParameters(bufferBytes.Slice(0, bytesWritten), isPrivate);
+#else
+				if (isPrivate)
+					rsa.ImportRSAPrivateKey(bufferBytes.Slice(0, bytesWritten), out var _);
+				else
+					rsa.ImportSubjectPublicKeyInfo(bufferBytes.Slice(0, bytesWritten), out var _);
+#endif
 			}
 			finally
 			{
@@ -144,6 +153,7 @@ public static RSAParameters GetRsaParameters(string key)
 #endif
 		}
 
+#if NET45 || NET461 || NET471 || NETSTANDARD1_3 || NETSTANDARD2_0 || NETSTANDARD2_1 || NETCOREAPP2_1 || NETCOREAPP3_1
 		// Derived from: https://stackoverflow.com/a/32243171/, https://stackoverflow.com/a/26978561/, http://luca.ntop.org/Teaching/Appunti/asn1.html
 		private static RSAParameters GetRsaParameters(ReadOnlySpan<byte> data, bool isPrivate)
 		{
@@ -247,6 +257,7 @@ private static RSAParameters GetRsaParameters(ReadOnlySpan<byte> data, bool isPr
 				InverseQ = iq.ToArray(),
 			};
 		}
+#endif
 
 		/// <summary>
 		/// Returns a new <see cref="ArraySegment{T}"/> that starts at index <paramref name="index"/> into <paramref name="arraySegment"/>.
diff --git a/tests/MySqlConnector.Tests/UtilityTests.cs b/tests/MySqlConnector.Tests/UtilityTests.cs
@@ -1,5 +1,6 @@
 using System;
 using System.Globalization;
+using System.Security.Cryptography;
 using System.Text;
 using MySqlConnector.Utilities;
 using Xunit;
@@ -90,7 +91,9 @@ public void ParseTimeSpanFails(string input)
 		[InlineData("pre", "post")]
 		public void DecodePublicKey(string pre, string post)
 		{
-			var parameters = Utility.GetRsaParameters(pre + c_publicKey + post);
+			using var rsa = RSA.Create();
+			Utility.LoadRsaParameters(pre + c_publicKey + post, rsa);
+			var parameters = rsa.ExportParameters(false);
 			Assert.Equal(s_modulus, parameters.Modulus);
 			Assert.Equal(s_exponent, parameters.Exponent);
 		}
@@ -102,7 +105,9 @@ public void DecodePublicKey(string pre, string post)
 		[InlineData("pre", "post")]
 		public void DecodePrivateKey(string pre, string post)
 		{
-			var parameters = Utility.GetRsaParameters(pre + c_privateKey + post);
+			using var rsa = RSA.Create();
+			Utility.LoadRsaParameters(pre + c_privateKey + post, rsa);
+			var parameters = rsa.ExportParameters(true);
 			Assert.Equal(s_modulus, parameters.Modulus);
 			Assert.Equal(s_exponent, parameters.Exponent);
 			Assert.Equal(s_d, parameters.D);
