Merge in 'release/6.0' changes

Author: dotnet-bot

eng/pipelines/common/restore-internal-tools.yml

@@ -1,5 +1,5 @@
 steps:
-  - task: NuGetAuthenticate@0
+  - task: NuGetAuthenticate@1
     inputs:
       nuGetServiceConnections: 'devdiv/dotnet-core-internal-tooling'
       forceReinstallCredentialProvider: true

eng/pipelines/installer/jobs/base-job.yml

@@ -344,7 +344,7 @@ jobs:
       displayName: Clean up old artifacts owned by root
 
   - ${{ if and(ne(variables['System.TeamProject'], 'public'), notin(variables['Build.Reason'], 'PullRequest')) }}:
-    - task: NuGetAuthenticate@0
+    - task: NuGetAuthenticate@1
 
     - ${{ if eq(parameters.osGroup, 'windows') }}:
       # NuGet's http cache lasts 30 minutes. If we're on a static machine, this may interfere with

eng/pipelines/official/jobs/prepare-signed-artifacts.yml

@@ -26,7 +26,7 @@ jobs:
     fetchDepth: 20
 
   - ${{ if eq(parameters.isOfficialBuild, true) }}:
-    - task: NuGetAuthenticate@0
+    - task: NuGetAuthenticate@1
 
   - task: MicroBuildSigningPlugin@2
     displayName: Install MicroBuild plugin for Signing

eng/pipelines/runtime.yml

@@ -492,40 +492,40 @@ jobs:
 #
 # Build the whole product using Mono for Android and run runtime tests with Android emulator
 #
-- template: /eng/pipelines/common/platform-matrix.yml
-  parameters:
-    jobTemplate: /eng/pipelines/common/global-build-job.yml
-    helixQueuesTemplate: /eng/pipelines/coreclr/templates/helix-queues-setup.yml
-    buildConfig: Release
-    runtimeFlavor: mono
-    platforms:
-    - Android_x64
-    variables:
-      - ${{ if and(eq(variables['System.TeamProject'], 'public'), eq(variables['Build.Reason'], 'PullRequest')) }}:
-        - name: _HelixSource
-          value: pr/dotnet/runtime/$(Build.SourceBranch)
-      - ${{ if and(eq(variables['System.TeamProject'], 'public'), ne(variables['Build.Reason'], 'PullRequest')) }}:
-        - name: _HelixSource
-          value: ci/dotnet/runtime/$(Build.SourceBranch)
-      - name: timeoutPerTestInMinutes
-        value: 60
-      - name: timeoutPerTestCollectionInMinutes
-        value: 180
-    jobParameters:
-      testGroup: innerloop
-      nameSuffix: AllSubsets_Mono_RuntimeTests
-      buildArgs: -s mono+libs -c $(_BuildConfig)
-      timeoutInMinutes: 240
-      condition: >-
-        or(
-          eq(dependencies.evaluate_paths.outputs['SetPathVars_runtimetests.containsChange'], true),
-          eq(dependencies.evaluate_paths.outputs['SetPathVars_mono.containsChange'], true),
-          eq(variables['isFullMatrix'], true))
-      # extra steps, run tests
-      extraStepsTemplate: /eng/pipelines/common/templates/runtimes/android-runtime-and-send-to-helix.yml
-      extraStepsParameters:
-        creator: dotnet-bot
-        testRunNamePrefixSuffix: Mono_$(_BuildConfig)
+#- template: /eng/pipelines/common/platform-matrix.yml
+#  parameters:
+#    jobTemplate: /eng/pipelines/common/global-build-job.yml
+#    helixQueuesTemplate: /eng/pipelines/coreclr/templates/helix-queues-setup.yml
+#    buildConfig: Release
+#    runtimeFlavor: mono
+#    platforms:
+#    - Android_x64
+#    variables:
+#      - ${{ if and(eq(variables['System.TeamProject'], 'public'), eq(variables['Build.Reason'], 'PullRequest')) }}:
+#        - name: _HelixSource
+#          value: pr/dotnet/runtime/$(Build.SourceBranch)
+#      - ${{ if and(eq(variables['System.TeamProject'], 'public'), ne(variables['Build.Reason'], 'PullRequest')) }}:
+#        - name: _HelixSource
+#          value: ci/dotnet/runtime/$(Build.SourceBranch)
+#      - name: timeoutPerTestInMinutes
+#        value: 60
+#      - name: timeoutPerTestCollectionInMinutes
+#        value: 180
+#    jobParameters:
+#      testGroup: innerloop
+#      nameSuffix: AllSubsets_Mono_RuntimeTests
+#      buildArgs: -s mono+libs -c $(_BuildConfig)
+#      timeoutInMinutes: 240
+#      condition: >-
+#        or(
+#          eq(dependencies.evaluate_paths.outputs['SetPathVars_runtimetests.containsChange'], true),
+#          eq(dependencies.evaluate_paths.outputs['SetPathVars_mono.containsChange'], true),
+#          eq(variables['isFullMatrix'], true))
+#      # extra steps, run tests
+#      extraStepsTemplate: /eng/pipelines/common/templates/runtimes/android-runtime-and-send-to-helix.yml
+#      extraStepsParameters:
+#        creator: dotnet-bot
+#        testRunNamePrefixSuffix: Mono_$(_BuildConfig)
 
 #
 # Build Mono and Installer on LLVMJIT mode

eng/testing/performance/performance-setup.ps1

@@ -48,7 +48,7 @@ if ($Internal) {
         "perftiger_crossgen" { $Queue = "Windows.10.Amd64.19H1.Tiger.Perf" }
         "perfowl" { $Queue = "Windows.10.Amd64.20H2.Owl.Perf" }
         "perfsurf" { $Queue = "Windows.10.Arm64.Perf.Surf" }
-        "perfpixel4a" { $Queue = "Windows.10.Amd64.Pixel.Perf" }
+        "perfpixel4a" { $Queue = "Windows.11.Amd64.Pixel.Perf" }
         Default { $Queue = "Windows.10.Amd64.19H1.Tiger.Perf" }
     }
     $PerfLabArguments = "--upload-to-perflab-container"

src/libraries/Common/src/Interop/Android/System.Security.Cryptography.Native.Android/Interop.Ssl.cs

@@ -87,6 +87,10 @@ internal static void SSLStreamSetTargetHost(
                 throw new SslException();
         }
 
+        [DllImport(Interop.Libraries.AndroidCryptoNative, EntryPoint = "AndroidCryptoNative_SSLStreamIsLocalCertificateUsed")]
+        [return: MarshalAs(UnmanagedType.U1)]
+        internal static extern bool SSLStreamIsLocalCertificateUsed(SafeSslHandle sslHandle);
+
         [DllImport(Interop.Libraries.AndroidCryptoNative, EntryPoint = "AndroidCryptoNative_SSLStreamRequestClientAuthentication")]
         internal static extern void SSLStreamRequestClientAuthentication(SafeSslHandle sslHandle);
 

src/libraries/Common/src/Interop/Windows/SspiCli/Interop.SSPI.cs

@@ -67,8 +67,10 @@ internal enum ContextAttribute
             SECPKG_ATTR_ISSUER_LIST_EX = 0x59,         // returns SecPkgContext_IssuerListInfoEx
             SECPKG_ATTR_CLIENT_CERT_POLICY = 0x60,     // sets    SecPkgCred_ClientCertCtlPolicy
             SECPKG_ATTR_CONNECTION_INFO = 0x5A,        // returns SecPkgContext_ConnectionInfo
+            SECPKG_ATTR_SESSION_INFO = 0x5D,           // sets    SecPkgContext_SessionInfo
             SECPKG_ATTR_CIPHER_INFO = 0x64,            // returns SecPkgContext_CipherInfo
-            SECPKG_ATTR_UI_INFO = 0x68, // sets SEcPkgContext_UiInfo
+            SECPKG_ATTR_REMOTE_CERT_CHAIN = 0x67,      // returns PCCERT_CONTEXT
+            SECPKG_ATTR_UI_INFO = 0x68,                // sets SEcPkgContext_UiInfo
         }
 
         // These values are defined within sspi.h as ISC_REQ_*, ISC_RET_*, ASC_REQ_* and ASC_RET_*.
@@ -330,6 +332,21 @@ internal unsafe struct SecPkgCred_ClientCertPolicy
             public char* pwszSslCtlIdentifier;
         }
 
+        [StructLayout(LayoutKind.Sequential)]
+        internal unsafe struct SecPkgContext_SessionInfo
+        {
+            public uint dwFlags;
+            public uint cbSessionId;
+            public fixed byte rgbSessionId[32];
+
+            [Flags]
+            public enum Flags
+            {
+                Zero = 0,
+                SSL_SESSION_RECONNECT = 0x01,
+            };
+        }
+
         [DllImport(Interop.Libraries.SspiCli, ExactSpelling = true, SetLastError = true)]
         internal static extern int EncryptMessage(
               ref CredHandle contextHandle,

src/libraries/Common/src/Interop/Windows/SspiCli/SSPIWrapper.cs

@@ -426,27 +426,41 @@ public static bool QueryBlittableContextAttributes<T>(ISSPIInterface secModule,
             }
         }
 
-        public static SafeFreeCertContext? QueryContextAttributes_SECPKG_ATTR_REMOTE_CERT_CONTEXT(ISSPIInterface secModule, SafeDeleteContext securityContext)
+        private static bool QueryCertContextAttribute(ISSPIInterface secModule, SafeDeleteContext securityContext, Interop.SspiCli.ContextAttribute attribute, out SafeFreeCertContext? certContext)
         {
             Span<IntPtr> buffer = stackalloc IntPtr[1];
             int errorCode = secModule.QueryContextAttributes(
                 securityContext,
-                Interop.SspiCli.ContextAttribute.SECPKG_ATTR_REMOTE_CERT_CONTEXT,
+                attribute,
                 MemoryMarshal.AsBytes(buffer),
                 typeof(SafeFreeCertContext),
                 out SafeHandle? sspiHandle);
 
-            if (errorCode != 0)
+            // certificate is not always present (e.g. on server when querying client certificate)
+            // but we still want to consider such case as a success.
+            bool success = errorCode == 0 || errorCode == (int)Interop.SECURITY_STATUS.NoCredentials;
+
+            if (!success)
             {
                 sspiHandle?.Dispose();
+                sspiHandle = null;
                 if (NetEventSource.Log.IsEnabled()) NetEventSource.Error(null, $"ERROR = {ErrorDescription(errorCode)}");
-                return null;
             }
 
-            var result = (SafeFreeCertContext)sspiHandle!;
-            return result;
+            certContext = sspiHandle as SafeFreeCertContext;
+            return success;
         }
 
+        public static bool QueryContextAttributes_SECPKG_ATTR_REMOTE_CERT_CONTEXT(ISSPIInterface secModule, SafeDeleteContext securityContext, out SafeFreeCertContext? certContext)
+            => QueryCertContextAttribute(secModule, securityContext, Interop.SspiCli.ContextAttribute.SECPKG_ATTR_REMOTE_CERT_CONTEXT, out certContext);
+
+        public static bool QueryContextAttributes_SECPKG_ATTR_LOCAL_CERT_CONTEXT(ISSPIInterface secModule, SafeDeleteContext securityContext, out SafeFreeCertContext? certContext)
+            => QueryCertContextAttribute(secModule, securityContext, Interop.SspiCli.ContextAttribute.SECPKG_ATTR_LOCAL_CERT_CONTEXT, out certContext);
+
+        public static bool QueryContextAttributes_SECPKG_ATTR_REMOTE_CERT_CHAIN(ISSPIInterface secModule, SafeDeleteContext securityContext, out SafeFreeCertContext? certContext)
+            => QueryCertContextAttribute(secModule, securityContext, Interop.SspiCli.ContextAttribute.SECPKG_ATTR_REMOTE_CERT_CHAIN, out certContext);
+
+
         public static bool QueryContextAttributes_SECPKG_ATTR_ISSUER_LIST_EX(ISSPIInterface secModule, SafeDeleteContext securityContext, ref Interop.SspiCli.SecPkgContext_IssuerListInfoEx ctx, out SafeHandle? sspiHandle)
         {
             Span<Interop.SspiCli.SecPkgContext_IssuerListInfoEx> buffer =

src/libraries/Common/src/Interop/Windows/SspiCli/SecuritySafeHandles.cs

@@ -5,6 +5,7 @@
 using System.Globalization;
 using System.Runtime.InteropServices;
 using System.Security.Authentication.ExtendedProtection;
+using System.Security.Cryptography.X509Certificates;
 using Microsoft.Win32.SafeHandles;
 
 namespace System.Net.Security
@@ -320,10 +321,15 @@ public static unsafe int AcquireCredentialsHandle(
 
     internal sealed class SafeFreeCredential_SECURITY : SafeFreeCredentials
     {
+#pragma warning disable 0649
+         // This is used only by SslStream but it is included elsewhere
+         public X509Certificate? LocalCertificate;
+ #pragma warning restore 0649
         public SafeFreeCredential_SECURITY() : base() { }
 
         protected override bool ReleaseHandle()
         {
+            LocalCertificate?.Dispose();
             return Interop.SspiCli.FreeCredentialsHandle(ref _handle) == 0;
         }
     }

src/libraries/Common/tests/System/Net/Http/HttpClientHandlerTest.ServerCertificates.cs

@@ -146,7 +146,8 @@ public async Task UseCallback_ValidCertificate_ExpectedValuesDuringCallback(Conf
             {
                 bool callbackCalled = false;
                 handler.CheckCertificateRevocationList = checkRevocation;
-                handler.ServerCertificateCustomValidationCallback = (request, cert, chain, errors) => {
+                handler.ServerCertificateCustomValidationCallback = (request, cert, chain, errors) =>
+                {
                     callbackCalled = true;
                     Assert.NotNull(request);
 
@@ -225,6 +226,7 @@ public async Task NoCallback_BadCertificate_ThrowsException(string url)
         }
 
         [OuterLoop("Uses external servers")]
+        [ActiveIssue("https://github.com/dotnet/runtime/issues/77726")]
         [ConditionalFact(nameof(ClientSupportsDHECipherSuites))]
         public async Task NoCallback_RevokedCertificate_NoRevocationChecking_Succeeds()
         {

src/libraries/Common/tests/System/Security/Cryptography/AlgorithmImplementations/RSA/EncryptDecrypt.cs

@@ -338,19 +338,10 @@ private void RsaCryptRoundtrip(RSAEncryptionPadding paddingMode, bool expectSucc
             Assert.Equal(TestData.HelloBytes, output);
         }
 
-        [ConditionalFact]
+        [ConditionalFact(nameof(PlatformSupportsEmptyRSAEncryption))]
         [SkipOnTargetFramework(TargetFrameworkMonikers.NetFramework)]
         public void RoundtripEmptyArray()
         {
-            if (OperatingSystem.IsIOS() && !OperatingSystem.IsIOSVersionAtLeast(13, 6))
-            {
-                throw new SkipTestException("iOS prior to 13.6 does not reliably support RSA encryption of empty data.");
-            }
-            if (OperatingSystem.IsTvOS() && !OperatingSystem.IsTvOSVersionAtLeast(14, 0))
-            {
-                throw new SkipTestException("tvOS prior to 14.0 does not reliably support RSA encryption of empty data.");
-            }
-
             using (RSA rsa = RSAFactory.Create(TestData.RSA2048Params))
             {
                 void RoundtripEmpty(RSAEncryptionPadding paddingMode)
@@ -701,6 +692,26 @@ public void NotSupportedValueMethods()
             }
         }
 
+        [ConditionalTheory]
+        [InlineData(new byte[] { 1, 2, 3, 4 })]
+        [InlineData(new byte[0])]
+        public void Decrypt_Pkcs1_ErrorsForInvalidPadding(byte[] data)
+        {
+            if (data.Length == 0 && !PlatformSupportsEmptyRSAEncryption)
+            {
+                throw new SkipTestException("Platform does not support RSA encryption of empty data.");
+            }
+
+            using (RSA rsa = RSAFactory.Create(TestData.RSA2048Params))
+            {
+                byte[] encrypted = Encrypt(rsa, data, RSAEncryptionPadding.Pkcs1);
+                encrypted[1] ^= 0xFF;
+
+                // PKCS#1, the data, and the key are all deterministic so this should always throw an exception.
+                Assert.ThrowsAny<CryptographicException>(() => Decrypt(rsa, encrypted, RSAEncryptionPadding.Pkcs1));
+            }
+        }
+
         public static IEnumerable<object[]> OaepPaddingModes
         {
             get
@@ -715,5 +726,23 @@ public static IEnumerable<object[]> OaepPaddingModes
                 }
             }
         }
+
+        public static bool PlatformSupportsEmptyRSAEncryption
+        {
+            get
+            {
+                if (OperatingSystem.IsIOS() && !OperatingSystem.IsIOSVersionAtLeast(13, 6))
+                {
+                    return false;
+                }
+
+                if (OperatingSystem.IsTvOS() && !OperatingSystem.IsTvOSVersionAtLeast(14, 0))
+                {
+                    return false;
+                }
+
+                return true;
+            }
+        }
     }
 }

src/libraries/Native/Unix/System.Security.Cryptography.Native/opensslshim.h

@@ -272,8 +272,10 @@ const EVP_CIPHER* EVP_chacha20_poly1305(void);
     REQUIRED_FUNCTION(ERR_peek_error) \
     REQUIRED_FUNCTION(ERR_peek_error_line) \
     REQUIRED_FUNCTION(ERR_peek_last_error) \
+    REQUIRED_FUNCTION(ERR_pop_to_mark) \
     FALLBACK_FUNCTION(ERR_put_error) \
     REQUIRED_FUNCTION(ERR_reason_error_string) \
+    REQUIRED_FUNCTION(ERR_set_mark) \
     LIGHTUP_FUNCTION(ERR_set_debug) \
     LIGHTUP_FUNCTION(ERR_set_error) \
     REQUIRED_FUNCTION(EVP_aes_128_cbc) \
@@ -328,6 +330,7 @@ const EVP_CIPHER* EVP_chacha20_poly1305(void);
     REQUIRED_FUNCTION(EVP_PKCS82PKEY) \
     REQUIRED_FUNCTION(EVP_PKEY2PKCS8) \
     REQUIRED_FUNCTION(EVP_PKEY_CTX_ctrl) \
+    REQUIRED_FUNCTION(EVP_PKEY_CTX_ctrl_str) \
     REQUIRED_FUNCTION(EVP_PKEY_CTX_free) \
     REQUIRED_FUNCTION(EVP_PKEY_CTX_get0_pkey) \
     REQUIRED_FUNCTION(EVP_PKEY_CTX_new) \
@@ -725,8 +728,10 @@ FOR_ALL_OPENSSL_FUNCTIONS
 #define ERR_peek_error_line ERR_peek_error_line_ptr
 #define ERR_peek_last_error ERR_peek_last_error_ptr
 #define ERR_put_error ERR_put_error_ptr
+#define ERR_pop_to_mark ERR_pop_to_mark_ptr
 #define ERR_reason_error_string ERR_reason_error_string_ptr
 #define ERR_set_debug ERR_set_debug_ptr
+#define ERR_set_mark ERR_set_mark_ptr
 #define ERR_set_error ERR_set_error_ptr
 #define EVP_aes_128_cbc EVP_aes_128_cbc_ptr
 #define EVP_aes_128_cfb8 EVP_aes_128_cfb8_ptr
@@ -780,6 +785,7 @@ FOR_ALL_OPENSSL_FUNCTIONS
 #define EVP_PKCS82PKEY EVP_PKCS82PKEY_ptr
 #define EVP_PKEY2PKCS8 EVP_PKEY2PKCS8_ptr
 #define EVP_PKEY_CTX_ctrl EVP_PKEY_CTX_ctrl_ptr
+#define EVP_PKEY_CTX_ctrl_str EVP_PKEY_CTX_ctrl_str_ptr
 #define EVP_PKEY_CTX_free EVP_PKEY_CTX_free_ptr
 #define EVP_PKEY_CTX_get0_pkey EVP_PKEY_CTX_get0_pkey_ptr
 #define EVP_PKEY_CTX_new EVP_PKEY_CTX_new_ptr

src/libraries/Native/Unix/System.Security.Cryptography.Native/pal_evp_pkey_rsa.c

@@ -63,6 +63,19 @@ static bool ConfigureEncryption(EVP_PKEY_CTX* ctx, RsaPaddingMode padding, const
         {
             return false;
         }
+
+        // OpenSSL 3.2 introduced a change where PKCS#1 RSA decryption does not fail for invalid padding.
+        // If the padding is invalid, the decryption operation returns random data.
+        // See https://github.com/openssl/openssl/pull/13817 for background.
+        // Some Linux distributions backported this change to previous versions of OpenSSL.
+        // Here we do a best-effort to set a flag to revert the behavior to failing if the padding is invalid.
+        ERR_set_mark();
+
+        EVP_PKEY_CTX_ctrl_str(ctx, "rsa_pkcs1_implicit_rejection", "0");
+
+        // Undo any changes to the error queue that may have occured while configuring implicit rejection if the
+        // current version does not support implicit rejection.
+        ERR_pop_to_mark();
     }
     else
     {

src/libraries/System.Net.Http/tests/FunctionalTests/HttpClientHandlerTest.Http3.cs

@@ -1013,6 +1013,13 @@ public async Task StatusCodes_ReceiveSuccess(HttpStatusCode statusCode, bool qpa
         [InlineData(1000)]
         public async Task EchoServerStreaming_DifferentMessageSize_Success(int messageSize)
         {
+            // Disable failing test in 6.0 branch, see https://github.com/dotnet/runtime/issues/95158
+            // The mock tests don't exist in newer releases -> no need to keep an active issue.
+            if (this.UseQuicImplementationProvider == QuicImplementationProviders.Mock)
+            {
+                return;
+            }
+
             int iters = 5;
             var message = new byte[messageSize];
             var readBuffer = new byte[5 * messageSize]; // bigger than message