Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[release/8.0] Support Windows based ECDSA SignedCms #91247

Merged
merged 1 commit into from
Aug 31, 2023
Merged

[release/8.0] Support Windows based ECDSA SignedCms #91247

merged 1 commit into from
Aug 31, 2023

Conversation

github-actions[bot]
Copy link
Contributor

@github-actions github-actions bot commented Aug 28, 2023
edited by jeffhandley
Loading

Backport of #91183 to release/8.0

/cc @jeffhandley @jborean93

Customer Impact

Reported by multiple customers at #77377. Customers that created a signed CMS using .NET Framework or Win32 APIs using an ECDSA key or certificate will not validate in .NET (Core). This hinders compatibility between .NET Framework / Win32 and .NET.

This change fixes the validation to be compatible with .NET Framework.

Testing

A unit test was introduced to verify the correct behavior and to prevent regressions.

Risk

Low. This is a small change that is not logically complex.

@jborean93
Support Windows based ECDSA SignedCms
ec8a993 
Supports SignedCms signatured with an ECDSA key created by the Windows
API or .NET Framework. These signatures store an EC public key OID
rather than a hash specific ECDSA OID used in newer versions of dotnet.

Fixes #77377
@ghost
Copy link

ghost commented Aug 28, 2023

Tagging subscribers to this area: @dotnet/area-system-security, @bartonjs, @vcsjones
See info in area-owners.md if you want to be subscribed.

Issue Details

Backport of #91183 to release/8.0

/cc @jeffhandley @jborean93

Customer Impact

Testing

Risk

IMPORTANT: If this backport is for a servicing release, please verify that:

  • The PR target branch is release/X.0-staging, not release/X.0.

  • If the change touches code that ships in a NuGet package, you have added the necessary package authoring and gotten it explicitly reviewed.

Author: github-actions[bot]
Assignees: -
Labels:

area-System.Security
Milestone: -

@vcsjones vcsjones added the Servicing-consider Issue for next servicing release review label Aug 29, 2023
@vcsjones vcsjones added this to the 8.0.0 milestone Aug 29, 2023
@build-analysis build-analysis bot mentioned this pull request Aug 29, 2023
Closed
@jeffhandley
Copy link
Member

Failures were from a known test issue (that is now fixed):

jeffschwMSFT
jeffschwMSFT approved these changes Aug 30, 2023
View reviewed changes
Copy link
Member

@jeffschwMSFT jeffschwMSFT left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

approved. once ready this can be merged.

@jeffschwMSFT jeffschwMSFT added Servicing-approved Approved for servicing release and removed Servicing-consider Issue for next servicing release review labels Aug 30, 2023
@carlossanlop carlossanlop merged commit a4c96df into release/8.0 Aug 31, 2023
107 of 111 checks passed
@carlossanlop carlossanlop deleted the backport/pr-91183-to-release/8.0 branch August 31, 2023 15:43
@radical radical mentioned this pull request Sep 26, 2023
Closed
@ghost ghost locked as resolved and limited conversation to collaborators Sep 30, 2023
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@vcsjones vcsjones vcsjones approved these changes

@jeffhandley jeffhandley jeffhandley approved these changes

@jeffschwMSFT jeffschwMSFT jeffschwMSFT approved these changes

Assignees
No one assigned
Labels
area-System.Security Servicing-approved Approved for servicing release
Projects
None yet
Milestone
8.0.0
Development

Successfully merging this pull request may close these issues.
5 participants
@jeffhandley @vcsjones @jeffschwMSFT @carlossanlop @jborean93