VSadov/Satori
1
0
Fork 0
mirror of https://github.com/VSadov/Satori.git synced 2025-06-10 18:11:04 +09:00
Code Activity

Credentials fix (#50230)

Browse source 
* Port of https://github.com/dotnet/corefx/pull/43051

* Shrink suppression file

* Fix another bugs

* Bump System.Net.TestData version

* Fix typo

* Revert casing in connection string

* Fix connection string case

* more fixes

* Change suppression messages

* Fix typo

* Remove false positive

* Fix usersecrets

Co-authored-by: Dan Moseley <danmose@microsoft.com>
This commit is contained in:
Jan Jahoda 2021-03-26 05:18:38 +01:00 committed by GitHub
parent e503be0f9c
commit 78f980384f
Signed by: github
GPG key ID: 4AEE18F83AFDEB23
30 changed files with 118 additions and 187 deletions
Download patch file Download diff file Expand all files Collapse all files

60
.config/CredScanSuppressions.json
View file

@ -2,13 +2,7 @@
"tool": "Credential Scanner",
"suppressions": [
{
"_justification": "Unit test containing connection strings under the test.",
"file": [
"src/libraries/System.Data.Common/tests/System/Data/Common/DbConnectionStringBuilderTest.cs"
]
},
{
"_justification": "Private key for testing purpose.",
"_justification": "Suppression approved. Private key for testing purpose.",
"file": [
"src/libraries/Common/tests/System/Security/Cryptography/AlgorithmImplementations/DSA/DSAKeyPemTests.cs",
"src/libraries/Common/tests/System/Security/Cryptography/AlgorithmImplementations/EC/ECKeyPemTests.cs",
@ -19,58 +13,6 @@
"-----BEGIN PRIVATE KEY-----",
"-----BEGIN * PRIVATE KEY-----"
]
},
{
"_justification": "Test credential for Uri testing",
"file": [
"src/libraries/System.Net.Http/tests/UnitTests/HttpEnvironmentProxyTest.cs",
"src/libraries/System.Private.Uri/tests/ExtendedFunctionalTests/UriRelativeResolutionTest.cs",
"src/libraries/System.Private.Uri/tests/FunctionalTests/UriBuilderRefreshTest.cs",
"src/libraries/System.Private.Uri/tests/FunctionalTests/UriBuilderTests.cs",
"src/libraries/System.Private.Uri/tests/FunctionalTests/UriRelativeResolutionTest.cs",
"src/libraries/System.Runtime/tests/System/Uri.CreateStringTests.cs"
],
"placeholder": [
"//*:;&$=123USERINFO@",
"//*:bar@",
"//*:bar1@",
"//*:password1@",
"//*:psw@",
"//*:userinfo2@"
]
},
{
"_justification": "Generic test password.",
"file": [
"src/libraries/Common/tests/System/Net/Configuration.Certificates.cs",
"src/libraries/Common/tests/System/Net/Http/HttpClientHandlerTest.Authentication.cs",
"src/libraries/Common/tests/System/Net/Http/HttpClientHandlerTest.cs",
"src/libraries/Common/tests/System/Net/Http/HttpClientHandlerTest.DefaultProxyCredentials.cs",
"src/libraries/Common/tests/System/Net/Http/PostScenarioTest.cs",
"src/libraries/Common/tests/System/Net/Prerequisites/Deployment/setup_certificates.ps1",
"src/libraries/System.Net.Http/tests/FunctionalTests/SocketsHttpHandlerTest.cs",
"src/libraries/System.Net.Http/tests/UnitTests/DigestAuthenticationTests.cs",
"src/libraries/System.Net.Http/tests/UnitTests/HttpEnvironmentProxyTest.cs",
"src/libraries/System.Net.Mail/tests/Functional/SmtpClientTest.cs",
"src/libraries/System.Security.Cryptography.Xml/tests/SignedXmlTest.cs",
"src/libraries/System.Security.Cryptography.Xml/tests/TestHelpers.cs",
"src/libraries/System.Security.Cryptography.Csp/tests/PasswordDeriveBytesTests.cs",
"src/libraries/System.Security.Cryptography.Csp/tests/TrimmingTests/PasswordDeriveBytesTest.cs",
"src/libraries/System.Security.Cryptography.Algorithms/tests/Rfc2898OneShotTests.cs"
],
"placeholder": [
"\"anotherpassword\"",
"\"bar\"",
"\"mono\"",
"\"password1\"",
"\"rightpassword\"",
"\"testcertificate\"",
"\"unused\"",
"\"wrongpassword\"",
"\"PasswordGoesHere\"",
"\"FakePasswordsAreHard\"",
"\"tired\""
]
}
]
}

4
src/libraries/Common/src/Interop/Windows/WinHttp/Interop.winhttp_types.cs
View file

@ -129,10 +129,10 @@ internal static partial class Interop
public const uint WINHTTP_AUTH_TARGET_PROXY = 0x00000001;
public const uint WINHTTP_OPTION_USERNAME = 0x1000;
// [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="It is property descriptor, not secret value.")]
// [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Suppression approved. It is property descriptor, not secret value.")]
public const uint WINHTTP_OPTION_PASSWORD = 0x1001;
public const uint WINHTTP_OPTION_PROXY_USERNAME = 0x1002;
// [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="It is property descriptor, not secret value.")]
// [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Suppression approved. It is property descriptor, not secret value.")]
public const uint WINHTTP_OPTION_PROXY_PASSWORD = 0x1003;
public const uint WINHTTP_OPTION_SERVER_SPN_USED = 106;

4
src/libraries/Common/tests/System/Net/Configuration.Certificates.cs
View file

@ -16,8 +16,8 @@ namespace System.Net.Test.Common
{
public static partial class Certificates
{
private const string CertificatePassword = "testcertificate";
private const string TestDataFolder = "TestData";
private const string CertificatePassword = "PLACEHOLDER";
private const string TestDataFolder = "TestDataCertificates";
private const int MutexTimeoutMs = 120_000;
private static readonly X509Certificate2 s_serverCertificate;

4
src/libraries/Common/tests/System/Net/Http/HttpClientHandlerTest.cs
View file

@ -306,7 +306,7 @@ namespace System.Net.Http.Functional.Tests
await LoopbackServerFactory.CreateServerAsync(async (server, url) =>
{
HttpClientHandler handler = CreateHttpClientHandler();
handler.Credentials = new NetworkCredential("unused", "unused");
handler.Credentials = new NetworkCredential("unused", "PLACEHOLDER");
using (HttpClient client = CreateHttpClient(handler))
{
Task<HttpResponseMessage> getResponseTask = client.GetAsync(url);
@ -630,7 +630,7 @@ namespace System.Net.Http.Functional.Tests
$"Accept-Patch:{fold} text/example;charset=utf-8{newline}" +
$"Accept-Ranges:{fold} bytes{newline}" +
$"Age: {fold}12{newline}" +
// [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test dummy authorization.")]
// [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Suppression approved. Unit test dummy authorization.")]
$"Authorization: Bearer 63123a47139a49829bcd8d03005ca9d7{newline}" +
$"Allow: {fold}GET, HEAD{newline}" +
$"Alt-Svc:{fold} http/1.1=\"http2.example.com:8001\"; ma=7200{newline}" +

2
src/libraries/Common/tests/System/Net/Http/PostScenarioTest.cs
View file

@ -23,7 +23,7 @@ namespace System.Net.Http.Functional.Tests
{
private const string ExpectedContent = "Test contest";
private const string UserName = "user1";
private const string Password = "password1";
private const string Password = "PLACEHOLDER";
public PostScenarioTest(ITestOutputHelper output) : base(output) { }

8
src/libraries/Common/tests/System/Net/Prerequisites/Deployment/setup_certificates.ps1
View file

@ -5,15 +5,15 @@
# Certificate configuration
$script:testDataUri = "https://github.com/dotnet/runtime-assets/archive/master.zip"
$script:testDataUri = "https://github.com/dotnet/runtime-assets/archive/main.zip"
$script:testData = "runtime-assets"
$script:certificatePath = "$($script:testData)\runtime-assets-master\System.Net.TestData"
$script:certificatePath = "$($script:testData)\src\System.Net.TestData\TestDataCertificates"
$script:clientPrivateKeyPath = Join-Path $script:certificatePath "testclient1_at_contoso.com.pfx"
$script:clientPrivateKeyPassword = "testcertificate"
$script:clientPrivateKeyPassword = "PLACEHOLDER"
$script:serverPrivateKeyPath = Join-Path $script:certificatePath "contoso.com.pfx"
$script:serverPrivateKeyPassword = "testcertificate"
$script:serverPrivateKeyPassword = "PLACEHOLDER"
Function GetFullPath($relativePath)
{

2
src/libraries/Common/tests/System/Security/Cryptography/AlgorithmImplementations/EC/ECKeyFileTests.cs
View file

@ -187,7 +187,7 @@ qtlbnispri1a/EghiaPQ0po=";
public void ReadNistP521EncryptedPkcs8_Pbes2_Aes128_Sha384_PasswordBytes()
{
// PBES2, PBKDF2 (SHA384), AES128
// [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test key.")]
// [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Suppression approved. Unit test key.")]
const string base64 = @"
MIIBXTBXBgkqhkiG9w0BBQ0wSjApBgkqhkiG9w0BBQwwHAQI/JyXWyp/t3kCAggA
MAwGCCqGSIb3DQIKBQAwHQYJYIZIAWUDBAECBBA3H8mbFK5afB5GzIemCCQkBIIB

6
src/libraries/Common/tests/System/Security/Cryptography/AlgorithmImplementations/RSA/RSAKeyFileTests.cs
View file

@ -765,7 +765,7 @@ RdMKfFP3he4C+CFyGGslffbxCaJhKebeuOil5xxlvP8aBPVNDtQfSS1HXHd1/Ikq
public static void ReadPbes2Rc2EncryptedDiminishedDP_PasswordBytes()
{
// PBES2: PBKDF2 + RC2-128
// [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test key.")]
// [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Suppression approved. Unit test key.")]
const string base64 = @"
MIIBrjBIBgkqhkiG9w0BBQ0wOzAeBgkqhkiG9w0BBQwwEQQIKZEFT76zCFECAggA
AgEQMBkGCCqGSIb3DQMCMA0CAToECE1Yyzk6++IPBIIBYDDvaYLkET8eudcYLQMf
@ -791,7 +791,7 @@ RdMKfFP3he4C+CFyGGslffbxCaJhKebeuOil5xxlvP8aBPVNDtQfSS1HXHd1/Ikq
[Fact]
public static void ReadEncryptedDiminishedDP_EmptyPassword()
{
// [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test key.")]
// [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Suppression approved. Unit test key.")]
const string base64 = @"
MIIBgTAbBgkqhkiG9w0BBQMwDgQIJtjMez/9Gg4CAggABIIBYElq9UOOphEPU3b7
G/mV8M1uEdjigidMPih3b9IIJhrjMAEix2IjS+brFL7KRQgucpZZoaFU1utvkUHg
@ -816,7 +816,7 @@ Dmw2pL/LzHORugcg9BxRkur91lenPNcLAvnke76tMGvSGkA82I9NpBDcGRK4cPie
[Fact]
public static void ReadEncryptedDiminishedDP_EmptyPasswordBytes()
{
// [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test key.")]
// [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Suppression approved. Unit test key.")]
const string base64 = @"
MIIBgTAbBgkqhkiG9w0BBQMwDgQIJtjMez/9Gg4CAggABIIBYElq9UOOphEPU3b7
G/mV8M1uEdjigidMPih3b9IIJhrjMAEix2IjS+brFL7KRQgucpZZoaFU1utvkUHg

6
src/libraries/Microsoft.Extensions.Configuration.UserSecrets/tests/ConfigurationExtensionTest.cs
View file

@ -125,12 +125,12 @@ namespace Microsoft.Extensions.Configuration.UserSecrets.Test
public void AddUserSecrets_With_SecretsId_Passed_Explicitly()
{
var userSecretsId = Guid.NewGuid().ToString();
SetSecret(userSecretsId, "Facebook:AppSecret", "value1");
SetSecret(userSecretsId, "Facebook:PLACEHOLDER", "value1");
var builder = new ConfigurationBuilder().AddUserSecrets(userSecretsId);
var configuration = builder.Build();
Assert.Equal("value1", configuration["Facebook:AppSecret"]);
Assert.Equal("value1", configuration["Facebook:PLACEHOLDER"]);
}
[Fact]
@ -141,7 +141,7 @@ namespace Microsoft.Extensions.Configuration.UserSecrets.Test
var builder = new ConfigurationBuilder().AddUserSecrets(userSecretsId);
var configuration = builder.Build();
Assert.Null(configuration["Facebook:AppSecret"]);
Assert.Null(configuration["Facebook:PLACEHOLDER"]);
Assert.False(File.Exists(secretFilePath));
}

62
src/libraries/System.Data.Common/tests/System/Data/Common/DbConnectionStringBuilderTest.cs
View file

@ -1691,17 +1691,17 @@ namespace System.Data.Tests.Common
sb["Data Source"] = "testdb";
sb["User ID"] = "someuser";
sb["Password"] = "abcdef";
Assert.Equal("Data Source=testdb;User ID=someuser;Password=abcdef",
sb["Password"] = "PLACEHOLDER";
Assert.Equal("Data Source=testdb;User ID=someuser;Password=PLACEHOLDER",
sb.ConnectionString);
sb["Password"] = "abcdef#";
Assert.Equal("Data Source=testdb;User ID=someuser;Password=abcdef#",
sb["Password"] = "PLACEHOLDER#";
Assert.Equal("Data Source=testdb;User ID=someuser;Password=PLACEHOLDER#",
sb.ConnectionString);
// an embedded single-quote value will result in the value being delimieted with double quotes
sb["Password"] = "abc\'def";
Assert.Equal("Data Source=testdb;User ID=someuser;Password=\"abc\'def\"",
sb["Password"] = "PLACEHOLDER\'def";
Assert.Equal("Data Source=testdb;User ID=someuser;Password=\"PLACEHOLDER\'def\"",
sb.ConnectionString);
// an embedded double-quote value will result in the value being delimieted with single quotes
@ -1717,39 +1717,39 @@ namespace System.Data.Tests.Common
sb.ConnectionString);
sb = new DbConnectionStringBuilder();
sb["PASSWORD"] = "abcdef1";
sb["PASSWORD"] = "PLACEHOLDERabcdef1";
sb["user id"] = "someuser";
sb["Data Source"] = "testdb";
Assert.Equal("PASSWORD=abcdef1;user id=someuser;Data Source=testdb",
Assert.Equal("PASSWORD=PLACEHOLDERabcdef1;user id=someuser;Data Source=testdb",
sb.ConnectionString);
// case is preserved for a keyword that was added the first time
sb = new DbConnectionStringBuilder();
sb["PassWord"] = "abcdef2";
sb["PassWord"] = "PLACEHOLDERabcdef2";
sb["uSER iD"] = "someuser";
sb["DaTa SoUrCe"] = "testdb";
Assert.Equal("PassWord=abcdef2;uSER iD=someuser;DaTa SoUrCe=testdb",
Assert.Equal("PassWord=PLACEHOLDERabcdef2;uSER iD=someuser;DaTa SoUrCe=testdb",
sb.ConnectionString);
sb["passWORD"] = "abc123";
Assert.Equal("PassWord=abc123;uSER iD=someuser;DaTa SoUrCe=testdb",
sb["passWORD"] = "PLACEHOLDERabc123";
Assert.Equal("PassWord=PLACEHOLDERabc123;uSER iD=someuser;DaTa SoUrCe=testdb",
sb.ConnectionString);
// embedded equal sign in the value will cause the value to be
// delimited with double-quotes
sb = new DbConnectionStringBuilder();
sb["Password"] = "abc=def";
sb["Password"] = "PLACEHOLDER=def";
sb["Data Source"] = "testdb";
sb["User ID"] = "someuser";
Assert.Equal("Password=\"abc=def\";Data Source=testdb;User ID=someuser",
Assert.Equal("Password=\"PLACEHOLDER=def\";Data Source=testdb;User ID=someuser",
sb.ConnectionString);
// embedded semicolon in the value will cause the value to be
// delimited with double-quotes
sb = new DbConnectionStringBuilder();
sb["Password"] = "abc;def";
sb["Password"] = "PLACEHOLDER;def";
sb["Data Source"] = "testdb";
sb["User ID"] = "someuser";
Assert.Equal("Password=\"abc;def\";Data Source=testdb;User ID=someuser",
Assert.Equal("Password=\"PLACEHOLDER;def\";Data Source=testdb;User ID=someuser",
sb.ConnectionString);
// more right parentheses then left parentheses - happily takes it
@ -1866,32 +1866,32 @@ namespace System.Data.Tests.Common
DbConnectionStringBuilder sb;
sb = new DbConnectionStringBuilder();
sb.ConnectionString = "User ID=SCOTT;Password=TiGeR;Data Source=" + dataSource;
sb.ConnectionString = "User ID=SCOTT;Password=PLACEHOLDER;Data Source=" + dataSource;
Assert.Equal(dataSource, sb["Data Source"]);
Assert.Equal("SCOTT", sb["User ID"]);
Assert.Equal("TiGeR", sb["Password"]);
Assert.Equal("PLACEHOLDER", sb["Password"]);
Assert.Equal(
"user id=SCOTT;password=TiGeR;data source=\"(DESCRIPTION=(ADDRESS=(PROTOCOL=" +
"user id=SCOTT;password=PLACEHOLDER;data source=\"(DESCRIPTION=(ADDRESS=(PROTOCOL=" +
"TCP)(HOST=192.168.1.101)(PORT=1521))(CONNECT_DATA=(SERVER=DEDICATED)" +
"(SERVICE_NAME=TESTDB)))\"", sb.ConnectionString);
sb = new DbConnectionStringBuilder(false);
sb.ConnectionString = "User ID=SCOTT;Password=TiGeR;Data Source=" + dataSource;
sb.ConnectionString = "User ID=SCOTT;Password=PLACEHOLDER;Data Source=" + dataSource;
Assert.Equal(dataSource, sb["Data Source"]);
Assert.Equal("SCOTT", sb["User ID"]);
Assert.Equal("TiGeR", sb["Password"]);
Assert.Equal("PLACEHOLDER", sb["Password"]);
Assert.Equal(
"user id=SCOTT;password=TiGeR;data source=\"(DESCRIPTION=(ADDRESS=(PROTOCOL=" +
"user id=SCOTT;password=PLACEHOLDER;data source=\"(DESCRIPTION=(ADDRESS=(PROTOCOL=" +
"TCP)(HOST=192.168.1.101)(PORT=1521))(CONNECT_DATA=(SERVER=DEDICATED)" +
"(SERVICE_NAME=TESTDB)))\"", sb.ConnectionString);
sb = new DbConnectionStringBuilder(true);
sb.ConnectionString = "User ID=SCOTT;Password=TiGeR;Data Source=" + dataSource;
sb.ConnectionString = "User ID=SCOTT;Password=PLACEHOLDER;Data Source=" + dataSource;
Assert.Equal(dataSource, sb["Data Source"]);
Assert.Equal("SCOTT", sb["User ID"]);
Assert.Equal("TiGeR", sb["Password"]);
Assert.Equal("PLACEHOLDER", sb["Password"]);
Assert.Equal(
"user id=SCOTT;password=TiGeR;data source=(DESCRIPTION=(ADDRESS=(PROTOCOL=" +
"user id=SCOTT;password=PLACEHOLDER;data source=(DESCRIPTION=(ADDRESS=(PROTOCOL=" +
"TCP)(HOST=192.168.1.101)(PORT=1521))(CONNECT_DATA=(SERVER=DEDICATED)" +
"(SERVICE_NAME=TESTDB)))", sb.ConnectionString);
}
@ -1902,24 +1902,24 @@ namespace System.Data.Tests.Common
DbConnectionStringBuilder sb;
sb = new DbConnectionStringBuilder();
sb.ConnectionString = "PassWord=abcdef2;uSER iD=someuser;DaTa SoUrCe=testdb";
sb.ConnectionString = "PassWord=PLACEHOLDER;user iD=someuser;DaTa SoUrCe=testdb";
sb["Integrated Security"] = "False";
Assert.Equal(
"password=abcdef2;user id=someuser;data source=testdb;Integrated Security=False",
"password=PLACEHOLDER;user id=someuser;data source=testdb;Integrated Security=False",
sb.ConnectionString);
sb = new DbConnectionStringBuilder(false);
sb.ConnectionString = "PassWord=abcdef2;uSER iD=someuser;DaTa SoUrCe=testdb";
sb.ConnectionString = "PassWord=PLACEHOLDER;uSER iD=someuser;DaTa SoUrCe=testdb";
sb["Integrated Security"] = "False";
Assert.Equal(
"password=abcdef2;user id=someuser;data source=testdb;Integrated Security=False",
"password=PLACEHOLDER;user id=someuser;data source=testdb;Integrated Security=False",
sb.ConnectionString);
sb = new DbConnectionStringBuilder(true);
sb.ConnectionString = "PassWord=abcdef2;uSER iD=someuser;DaTa SoUrCe=testdb";
sb.ConnectionString = "PassWord=PLACEHOLDER;uSER iD=someuser;DaTa SoUrCe=testdb";
sb["Integrated Security"] = "False";
Assert.Equal(
"password=abcdef2;user id=someuser;data source=testdb;Integrated Security=False",
"password=PLACEHOLDER;user id=someuser;data source=testdb;Integrated Security=False",
sb.ConnectionString);
}

2
src/libraries/System.DirectoryServices.AccountManagement/src/System/DirectoryServices/AccountManagement/constants.cs
View file

@ -93,7 +93,7 @@ namespace System.DirectoryServices.AccountManagement
// these two are not publicly exposed properties, but are used internally to track ResetPassword/ExpirePasswordNow
// operations against unpersisted principals, so that they can be performed once the principal has been Saved
// [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Not a password.")]
// [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Suppression approved. Not a password.")]
internal const string PwdInfoPassword = "AuthenticablePrincipal.PasswordInfo.Password";
internal const string PwdInfoExpireImmediately = "AuthenticablePrincipal.PasswordInfo.ExpireImmediately";
}

5
src/libraries/System.Net.Http.WinHttpHandler/tests/UnitTests/ClientCertificateHelper.cs
View file

@ -13,7 +13,6 @@ namespace System.Net.Http.WinHttpHandlerUnitTests
private readonly X509Certificate2 _cert_KeyUsageIncludesDigitalSignature_EKUIncludesClientAuth_PrivateKey =
new X509Certificate2(
Convert.FromBase64String(
// [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Dummy certificate for testing.")]
@"MIIKTgIBAzCCCgoGCSqGSIb3DQEHAaCCCfsEggn3MIIJ8zCCBgwGCSqGSIb3DQEHAaCCBf0EggX5
MIIF9TCCBfEGCyqGSIb3DQEMCgECoIIE/jCCBPowHAYKKoZIhvcNAQwBAzAOBAiHDatvDr8QBQIC
B9AEggTYv1r4ckwt7o6f6DCMHlb/zv4t7rPju+PP0PjoJ8kzPfj419aSeyPuE+65YH9WFDqafJed
@ -66,7 +65,6 @@ namespace System.Net.Http.WinHttpHandlerUnitTests
private readonly X509Certificate2 _cert_KeyUsageMissingDigitalSignature_EKUIncludesClientAuth_PrivateKey =
new X509Certificate2(
Convert.FromBase64String(
// [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Dummy certificate for testing.")]
@"MIIKTgIBAzCCCgoGCSqGSIb3DQEHAaCCCfsEggn3MIIJ8zCCBgwGCSqGSIb3DQEHAaCCBf0EggX5
MIIF9TCCBfEGCyqGSIb3DQEMCgECoIIE/jCCBPowHAYKKoZIhvcNAQwBAzAOBAiSNi65ZF5ZTQIC
B9AEggTYRTivDtzHOWRR+MobtGFEUu6d1PiIlF1Ic84FWvmFCcJShkBmg3cBqDilqtamAkDkga4h
@ -119,7 +117,6 @@ namespace System.Net.Http.WinHttpHandlerUnitTests
private readonly X509Certificate2 _cert_KeyUsageIncludesDigitalSignature_EKUMissingClientAuth_PrivateKey =
new X509Certificate2(
Convert.FromBase64String(
// [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Dummy certificate for testing.")]
@"MIIKRgIBAzCCCgIGCSqGSIb3DQEHAaCCCfMEggnvMIIJ6zCCBgQGCSqGSIb3DQEHAaCCBfUEggXx
MIIF7TCCBekGCyqGSIb3DQEMCgECoIIE9jCCBPIwHAYKKoZIhvcNAQwBAzAOBAhCUuNQ0RqfZQIC
B9AEggTQHCQRSiCiNI7egTvUaI1Z3tfeLwFWvG7B/za5v9fb97MExoyVQSDmUyUDTlVEcg3gVqJZ
@ -172,7 +169,6 @@ namespace System.Net.Http.WinHttpHandlerUnitTests
private readonly X509Certificate2 _cert_KeyUsageIncludesDigitalSignature_NoEKU_PrivateKey =
new X509Certificate2(
Convert.FromBase64String(
// [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Dummy certificate for testing.")]
@"MIIKPgIBAzCCCfoGCSqGSIb3DQEHAaCCCesEggnnMIIJ4zCCBgwGCSqGSIb3DQEHAaCCBf0EggX5
MIIF9TCCBfEGCyqGSIb3DQEMCgECoIIE/jCCBPowHAYKKoZIhvcNAQwBAzAOBAijQh1kbOZOYQIC
B9AEggTY+wDp3V31Lh7f8YrsqEsyGZ+GlYvFhLWvDASjisYJi5NlQ0ONbf0KOXHVSvBj3tVyuHm4
@ -225,7 +221,6 @@ namespace System.Net.Http.WinHttpHandlerUnitTests
private readonly X509Certificate2 _cert_KeyUsageIncludesDigitalSignature_EKUIncludesClientAuth_NoPrivateKey =
new X509Certificate2(
Convert.FromBase64String(
// [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Dummy certificate for testing.")]
@"MIIDFjCCAf6gAwIBAgIQTm8+EF94L4FJ0nBFl5LICzANBgkqhkiG9w0BAQsFADAb
MRkwFwYDVQQDDBB1c2VyQGV4YW1wbGUuY29tMCAXDTE1MTAwNTEwMDMwMFoYDzIx
MTUxMDA1MTAwMzAwWjAbMRkwFwYDVQQDDBB1c2VyQGV4YW1wbGUuY29tMIIBIjAN

2
src/libraries/System.Net.Http/tests/FunctionalTests/SocketsHttpHandlerTest.cs
View file

@ -704,7 +704,7 @@ namespace System.Net.Http.Functional.Tests
[Theory]
[InlineData("Age", "1")]
// [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test dummy authorisation header.")]
// [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Suppression approved. Unit test dummy authorisation header.")]
[InlineData("Authorization", "Basic YWxhZGRpbjpvcGVuc2VzYW1l")]
[InlineData("Cache-Control", "no-cache")]
[InlineData("Content-Encoding", "gzip")]

16
src/libraries/System.Net.Http/tests/UnitTests/Headers/CacheControlHeaderValueTest.cs
View file

@ -457,13 +457,13 @@ namespace System.Net.Http.Tests
expected = new CacheControlHeaderValue();
expected.Public = true;
expected.Private = true;
expected.PrivateHeaders.Add("token1");
expected.PrivateHeaders.Add("PLACEHOLDER");
expected.MustRevalidate = true;
expected.ProxyRevalidate = true;
expected.Extensions.Add(new NameValueHeaderValue("c", "d"));
expected.Extensions.Add(new NameValueHeaderValue("a", "b"));
CheckGetCacheControlLength(",public, , private=\"token1\", must-revalidate, c=d, proxy-revalidate, a=b", 0,
null, 72, expected);
CheckGetCacheControlLength(",public, , private=\"PLACEHOLDER\", must-revalidate, c=d, proxy-revalidate, a=b", 0,
null, 77, expected);
expected = new CacheControlHeaderValue();
expected.Private = true;
@ -491,11 +491,11 @@ namespace System.Net.Http.Tests
expected = new CacheControlHeaderValue();
expected.Private = true;
expected.PrivateHeaders.Add("token1");
expected.PrivateHeaders.Add("token2");
expected.PrivateHeaders.Add("PLACEHOLDER");
expected.NoCache = true;
expected.NoCacheHeaders.Add("token1");
expected.NoCacheHeaders.Add("token2");
CheckGetCacheControlLength("private=\"token2\", no-cache=\"token1, , token2,\"", 0, storeValue, 46,
CheckGetCacheControlLength("private=\"PLACEHOLDER\", no-cache=\"token1, , token2,\"", 0, storeValue, 51,
expected);
storeValue = new CacheControlHeaderValue();
@ -505,7 +505,7 @@ namespace System.Net.Http.Tests
expected = new CacheControlHeaderValue();
expected.Public = true;
expected.Private = true;
expected.PrivateHeaders.Add("token1");
expected.PrivateHeaders.Add("PLACEHOLDER");
expected.MustRevalidate = true;
expected.ProxyRevalidate = true;
expected.NoTransform = true;
@ -513,8 +513,8 @@ namespace System.Net.Http.Tests
expected.Extensions.Add(new NameValueHeaderValue("a", "\"b\""));
expected.Extensions.Add(new NameValueHeaderValue("c", "d"));
expected.Extensions.Add(new NameValueHeaderValue("x", "y")); // from store result
CheckGetCacheControlLength(",public, , private=\"token1\", must-revalidate, c=d, proxy-revalidate, a=\"b\"",
0, storeValue, 74, expected);
CheckGetCacheControlLength(",public, , private=\"PLACEHOLDER\", must-revalidate, c=d, proxy-revalidate, a=\"b\"",
0, storeValue, 79, expected);
storeValue = new CacheControlHeaderValue();
storeValue.MaxStale = true;

16
src/libraries/System.Net.Http/tests/UnitTests/HttpEnvironmentProxyTest.cs
View file

@ -133,11 +133,11 @@ namespace System.Net.Http.Tests
[InlineData("http://1.1.1.5:3005", "1.1.1.5", "3005", null, null)]
[InlineData("http://foo@1.1.1.5", "1.1.1.5", "80", "foo", "")]
[InlineData("http://[::1]:80", "[::1]", "80", null, null)]
[InlineData("foo:bar@[::1]:3128", "[::1]", "3128", "foo", "bar")]
[InlineData("foo:PLACEHOLDER@[::1]:3128", "[::1]", "3128", "foo", "PLACEHOLDER")]
[InlineData("foo:Pass$!#\\.$@127.0.0.1:3128", "127.0.0.1", "3128", "foo", "Pass$!#\\.$")]
[InlineData("[::1]", "[::1]", "80", null, null)]
[InlineData("domain\\foo:bar@1.1.1.1", "1.1.1.1", "80", "foo", "bar")]
[InlineData("domain%5Cfoo:bar@1.1.1.1", "1.1.1.1", "80", "foo", "bar")]
[InlineData("domain\\foo:PLACEHOLDER@1.1.1.1", "1.1.1.1", "80", "foo", "PLACEHOLDER")]
[InlineData("domain%5Cfoo:PLACEHOLDER@1.1.1.1", "1.1.1.1", "80", "foo", "PLACEHOLDER")]
[InlineData("HTTP://ABC.COM/", "abc.com", "80", null, null)]
[InlineData("http://10.30.62.64:7890/", "10.30.62.64", "7890", null, null)]
[InlineData("http://1.2.3.4:8888/foo", "1.2.3.4", "8888", null, null)]
@ -185,7 +185,7 @@ namespace System.Net.Http.Tests
{
IWebProxy p;
Environment.SetEnvironmentVariable("all_proxy", "http://foo:bar@1.1.1.1:3000");
Environment.SetEnvironmentVariable("all_proxy", "http://foo:PLACEHOLDER@1.1.1.1:3000");
Assert.True(HttpEnvironmentProxy.TryCreate(out p));
Assert.NotNull(p);
Assert.NotNull(p.Credentials);
@ -197,7 +197,7 @@ namespace System.Net.Http.Tests
Assert.NotNull(p.Credentials);
// Use different user for http and https
Environment.SetEnvironmentVariable("https_proxy", "http://foo1:bar1@1.1.1.1:3000");
Environment.SetEnvironmentVariable("https_proxy", "http://foo1:PLACEHOLDER1@1.1.1.1:3000");
Assert.True(HttpEnvironmentProxy.TryCreate(out p));
Assert.NotNull(p);
Uri u = p.GetProxy(fooHttp);
@ -218,7 +218,7 @@ namespace System.Net.Http.Tests
IWebProxy p;
Environment.SetEnvironmentVariable("no_proxy", ".test.com,, foo.com");
Environment.SetEnvironmentVariable("all_proxy", "http://foo:bar@1.1.1.1:3000");
Environment.SetEnvironmentVariable("all_proxy", "http://foo:PLACEHOLDER@1.1.1.1:3000");
Assert.True(HttpEnvironmentProxy.TryCreate(out p));
Assert.NotNull(p);
@ -242,7 +242,7 @@ namespace System.Net.Http.Tests
[MemberData(nameof(HttpProxyNoProxyEnvVarMemberData))]
public void HttpProxy_TryCreate_CaseInsensitiveVariables(string proxyEnvVar, string noProxyEnvVar)
{
string proxy = "http://foo:bar@1.1.1.1:3000";
string proxy = "http://foo:PLACEHOLDER@1.1.1.1:3000";
var options = new RemoteInvokeOptions();
options.StartInfo.EnvironmentVariables.Add(proxyEnvVar, proxy);
@ -275,7 +275,7 @@ namespace System.Net.Http.Tests
public void HttpProxy_TryCreateAndPossibleCgi_HttpProxyUpperCaseDisabledInCgi(
string proxyEnvVar, bool cgi, bool expectedProxyUse)
{
string proxy = "http://foo:bar@1.1.1.1:3000";
string proxy = "http://foo:PLACEHOLDER@1.1.1.1:3000";
var options = new RemoteInvokeOptions();
options.StartInfo.EnvironmentVariables.Add(proxyEnvVar, proxy);

2
src/libraries/System.Net.Requests/src/System/Net/FtpControlStream.cs
View file

@ -500,7 +500,7 @@ namespace System.Net
if (domainUserName.Length == 0 && password.Length == 0)
{
domainUserName = "anonymous";
// [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Anonymous FTP credential in production code.")]
// [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Suppression approved. Anonymous FTP credential in production code.")]
password = "anonymous@";
}

2
src/libraries/System.Net.Requests/src/System/Net/FtpWebRequest.cs
View file

@ -221,7 +221,7 @@ namespace System.Net
private LazyAsyncResult? _readAsyncResult;
private LazyAsyncResult? _requestCompleteAsyncResult;
// [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Anonymous FTP credential in production code.")]
// [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Suppression approved. Anonymous FTP credential in production code.")]
private static readonly NetworkCredential s_defaultFtpNetworkCredential = new NetworkCredential("anonymous", "anonymous@", string.Empty);
private const int s_DefaultTimeout = 100000; // 100 seconds
private static readonly TimerThread.Queue s_DefaultTimerQueue = TimerThread.GetOrCreateQueue(s_DefaultTimeout);

3
src/libraries/System.Net.WebSockets.Client/tests/ConnectTest.cs
View file

@ -226,8 +226,7 @@ namespace System.Net.WebSockets.Client.Tests
using (var clientSocket = new ClientWebSocket())
using (var cts = new CancellationTokenSource(TimeOutMilliseconds))
{
// [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test dummy authorisation header.")]
clientSocket.Options.SetRequestHeader("Authorization", "AWS4-HMAC-SHA256 Credential= AKIAXXXXXXXXXXXYSZA /20190301/us-east-2/neptune-db/aws4_request, SignedHeaders=host;x-amz-date, Signature=b8155de54d9faab00000000000000000000000000a07e0d7dda49902e4d9202");
clientSocket.Options.SetRequestHeader("Authorization", "AWS4-HMAC-SHA256 Credential=PLACEHOLDER /20190301/us-east-2/neptune-db/aws4_request, SignedHeaders=host;x-amz-date, Signature=b8155de54d9faab00000000000000000000000000a07e0d7dda49902e4d9202");
await clientSocket.ConnectAsync(uri, cts.Token);
}
}, server => server.AcceptConnectionAsync(async connection =>

16
src/libraries/System.Private.Uri/tests/ExtendedFunctionalTests/UriRelativeResolutionTest.cs
View file

@ -12,7 +12,7 @@ namespace System.PrivateUri.Tests
{
// See RFC 3986 Section 5.2.2 and 5.4 http://www.ietf.org/rfc/rfc3986.txt
private readonly Uri _fullBaseUri = new Uri("http://user:psw@host:9090/path1/path2/path3/fileA?query#fragment");
private readonly Uri _fullBaseUri = new Uri("http://user:PLACEHOLDER@host:9090/path1/path2/path3/fileA?query#fragment");
[Fact]
public void Uri_Relative_BaseVsAbsolute_ReturnsFullAbsolute()
@ -385,7 +385,7 @@ namespace System.PrivateUri.Tests
[Fact]
public void Uri_Relative_BaseMadeRelativeToSamePath_ReturnsQueryAndFragment()
{
Uri compareUri = new Uri("http://user:psw@host:9090/path1/path2/path3/fileA?AQuery#AFragment");
Uri compareUri = new Uri("http://user:PLACEHOLDER@host:9090/path1/path2/path3/fileA?AQuery#AFragment");
Uri relative = _fullBaseUri.MakeRelativeUri(compareUri);
string expectedResult = "?AQuery#AFragment"; // compareUri.GetParts(UriComponents.Query | UriComponents.Fragment,UriFormat.Unescaped);
@ -395,7 +395,7 @@ namespace System.PrivateUri.Tests
[Fact]
public void Uri_Relative_BaseMadeRelativeToLastSlash_ReturnsDotSlashPlusQueryAndFragment()
{
Uri compareUri = new Uri("http://user:psw@host:9090/path1/path2/path3/?AQuery#AFragment");
Uri compareUri = new Uri("http://user:PLACEHOLDER@host:9090/path1/path2/path3/?AQuery#AFragment");
Uri relative = _fullBaseUri.MakeRelativeUri(compareUri);
Uri reassembled = new Uri(_fullBaseUri, relative); // Symetric
@ -408,7 +408,7 @@ namespace System.PrivateUri.Tests
[Fact]
public void Uri_Relative_BaseMadeRelativeToLastSlash_ReturnsDotSlash()
{
Uri compareUri = new Uri("http://user:psw@host:9090/path1/path2/path3/");
Uri compareUri = new Uri("http://user:PLACEHOLDER@host:9090/path1/path2/path3/");
Uri relative = _fullBaseUri.MakeRelativeUri(compareUri);
Uri reassembled = new Uri(_fullBaseUri, relative); // Symetric
@ -420,7 +420,7 @@ namespace System.PrivateUri.Tests
[Fact]
public void Uri_Relative_BaseMadeRelativeToLastSlashWithExtra_ReturnsDotSlashPlusQueryAndFragment()
{
Uri compareUri = new Uri("http://user:psw@host:9090/path1/path2/path3/Path4/fileb?AQuery#AFragment");
Uri compareUri = new Uri("http://user:PLACEHOLDER@host:9090/path1/path2/path3/Path4/fileb?AQuery#AFragment");
Uri relative = _fullBaseUri.MakeRelativeUri(compareUri);
Uri reassembled = new Uri(_fullBaseUri, relative); // Symetric
@ -432,7 +432,7 @@ namespace System.PrivateUri.Tests
[Fact]
public void Uri_Relative_BaseMadeRelativeToSecondToLastSlash_ReturnsDoubleDotSlashPlusQueryAndFragment()
{
Uri compareUri = new Uri("http://user:psw@host:9090/path1/path2/?AQuery#AFragment");
Uri compareUri = new Uri("http://user:PLACEHOLDER@host:9090/path1/path2/?AQuery#AFragment");
Uri relative = _fullBaseUri.MakeRelativeUri(compareUri);
Uri reassembled = new Uri(_fullBaseUri, relative); // Symetric
@ -444,7 +444,7 @@ namespace System.PrivateUri.Tests
[Fact]
public void Uri_Relative_BaseMadeRelativeToThirdToLastSlash_ReturnsDoubleDoubleDotSlashPlusQueryAndFragment()
{
Uri compareUri = new Uri("http://user:psw@host:9090/path1/?AQuery#AFragment");
Uri compareUri = new Uri("http://user:PLACEHOLDER@host:9090/path1/?AQuery#AFragment");
Uri relative = _fullBaseUri.MakeRelativeUri(compareUri);
Uri reassembled = new Uri(_fullBaseUri, relative); // Symetric
@ -456,7 +456,7 @@ namespace System.PrivateUri.Tests
[Fact]
public void Uri_Relative_BaseMadeRelativeToEmptyPath_ReturnsTrippleDoubleDotSlashPlusQueryAndFragment()
{
Uri compareUri = new Uri("http://user:psw@host:9090/?AQuery#AFragment");
Uri compareUri = new Uri("http://user:PLACEHOLDER@host:9090/?AQuery#AFragment");
Uri relative = _fullBaseUri.MakeRelativeUri(compareUri);
Uri reassembled = new Uri(_fullBaseUri, relative); // Symetric

2
src/libraries/System.Private.Uri/tests/FunctionalTests/UriBuilderRefreshTest.cs
View file

@ -7,7 +7,7 @@ namespace System.PrivateUri.Tests
{
public class UriBuilderRefreshTest
{
private static readonly Uri s_starterUri = new Uri("http://user:psw@host:9090/path/file.txt?query#fragment");
private static readonly Uri s_starterUri = new Uri("http://user:PLACEHOLDER@host:9090/path/file.txt?query#fragment");
[Fact]
public void UriBuilder_ChangeScheme_Refreshed()

2
src/libraries/System.Private.Uri/tests/FunctionalTests/UriBuilderTests.cs
View file

@ -214,7 +214,7 @@ namespace System.PrivateUri.Tests
[InlineData(null, "")]
public void Password_Get_Set(string value, string expected)
{
var uriBuilder = new UriBuilder("http://userinfo1:userinfo2@domain/path?query#fragment");
var uriBuilder = new UriBuilder("http://userinfo1:PLACEHOLDER@domain/path?query#fragment");
uriBuilder.Password = value;
Assert.Equal(expected, uriBuilder.Password);

22
src/libraries/System.Private.Uri/tests/FunctionalTests/UriRelativeResolutionTest.cs
View file

@ -16,10 +16,10 @@ namespace System.PrivateUri.Tests
{
// See RFC 3986 Section 5.2.2 and 5.4 http://www.ietf.org/rfc/rfc3986.txt
private readonly Uri _fullBaseUri = new Uri("http://user:psw@host:9090/path1/path2/path3/fileA?query#fragment");
private const string FullBaseUriGetLeftPart_Path = "http://user:psw@host:9090/path1/path2/path3/fileA";
private const string FullBaseUriGetLeftPart_Authority = "http://user:psw@host:9090";
private const string FullBaseUriGetLeftPart_Query = "http://user:psw@host:9090/path1/path2/path3/fileA?query";
private readonly Uri _fullBaseUri = new Uri("http://user:PLACEHOLDER@host:9090/path1/path2/path3/fileA?query#fragment");
private const string FullBaseUriGetLeftPart_Path = "http://user:PLACEHOLDER@host:9090/path1/path2/path3/fileA";
private const string FullBaseUriGetLeftPart_Authority = "http://user:PLACEHOLDER@host:9090";
private const string FullBaseUriGetLeftPart_Query = "http://user:PLACEHOLDER@host:9090/path1/path2/path3/fileA?query";
[Fact]
public void Uri_Relative_BaseVsAbsolute_ReturnsFullAbsolute()
@ -525,7 +525,7 @@ namespace System.PrivateUri.Tests
[Fact]
public void Uri_Relative_BaseMadeRelativeToSamePath_ReturnsQueryAndFragment()
{
Uri compareUri = new Uri("http://user:psw@host:9090/path1/path2/path3/fileA?AQuery#AFragment");
Uri compareUri = new Uri("http://user:PLACEHOLDER@host:9090/path1/path2/path3/fileA?AQuery#AFragment");
Uri relative = _fullBaseUri.MakeRelativeUri(compareUri);
string expectedResult = "?AQuery#AFragment"; // compareUri.GetParts(UriComponents.Query | UriComponents.Fragment,UriFormat.Unescaped);
@ -535,7 +535,7 @@ namespace System.PrivateUri.Tests
[Fact]
public void Uri_Relative_BaseMadeRelativeToLastSlash_ReturnsDotSlashPlusQueryAndFragment()
{
Uri compareUri = new Uri("http://user:psw@host:9090/path1/path2/path3/?AQuery#AFragment");
Uri compareUri = new Uri("http://user:PLACEHOLDER@host:9090/path1/path2/path3/?AQuery#AFragment");
Uri relative = _fullBaseUri.MakeRelativeUri(compareUri);
Uri reassembled = new Uri(_fullBaseUri, relative); // Symetric
@ -548,7 +548,7 @@ namespace System.PrivateUri.Tests
[Fact]
public void Uri_Relative_BaseMadeRelativeToLastSlash_ReturnsDotSlash()
{
Uri compareUri = new Uri("http://user:psw@host:9090/path1/path2/path3/");
Uri compareUri = new Uri("http://user:PLACEHOLDER@host:9090/path1/path2/path3/");
Uri relative = _fullBaseUri.MakeRelativeUri(compareUri);
Uri reassembled = new Uri(_fullBaseUri, relative); // Symetric
@ -560,7 +560,7 @@ namespace System.PrivateUri.Tests
[Fact]
public void Uri_Relative_BaseMadeRelativeToLastSlashWithExtra_ReturnsDotSlashPlusQueryAndFragment()
{
Uri compareUri = new Uri("http://user:psw@host:9090/path1/path2/path3/Path4/fileb?AQuery#AFragment");
Uri compareUri = new Uri("http://user:PLACEHOLDER@host:9090/path1/path2/path3/Path4/fileb?AQuery#AFragment");
Uri relative = _fullBaseUri.MakeRelativeUri(compareUri);
Uri reassembled = new Uri(_fullBaseUri, relative); // Symetric
@ -572,7 +572,7 @@ namespace System.PrivateUri.Tests
[Fact]
public void Uri_Relative_BaseMadeRelativeToSecondToLastSlash_ReturnsDoubleDotSlashPlusQueryAndFragment()
{
Uri compareUri = new Uri("http://user:psw@host:9090/path1/path2/?AQuery#AFragment");
Uri compareUri = new Uri("http://user:PLACEHOLDER@host:9090/path1/path2/?AQuery#AFragment");
Uri relative = _fullBaseUri.MakeRelativeUri(compareUri);
Uri reassembled = new Uri(_fullBaseUri, relative); // Symetric
@ -584,7 +584,7 @@ namespace System.PrivateUri.Tests
[Fact]
public void Uri_Relative_BaseMadeRelativeToThirdToLastSlash_ReturnsDoubleDoubleDotSlashPlusQueryAndFragment()
{
Uri compareUri = new Uri("http://user:psw@host:9090/path1/?AQuery#AFragment");
Uri compareUri = new Uri("http://user:PLACEHOLDER@host:9090/path1/?AQuery#AFragment");
Uri relative = _fullBaseUri.MakeRelativeUri(compareUri);
Uri reassembled = new Uri(_fullBaseUri, relative); // Symetric
@ -596,7 +596,7 @@ namespace System.PrivateUri.Tests
[Fact]
public void Uri_Relative_BaseMadeRelativeToEmptyPath_ReturnsTrippleDoubleDotSlashPlusQueryAndFragment()
{
Uri compareUri = new Uri("http://user:psw@host:9090/?AQuery#AFragment");
Uri compareUri = new Uri("http://user:PLACEHOLDER@host:9090/?AQuery#AFragment");
Uri relative = _fullBaseUri.MakeRelativeUri(compareUri);
Uri reassembled = new Uri(_fullBaseUri, relative); // Symetric

2
src/libraries/System.Runtime/tests/System/Uri.CreateStringTests.cs
View file

@ -423,7 +423,7 @@ namespace System.Tests
yield return new object[] { "http://abc\u1234\u2345\u3456@host/", "http", "abc%E1%88%B4%E2%8D%85%E3%91%96", "host", UriHostNameType.Dns, 80, true, false };
yield return new object[] { "http://\u1234abc\u2345\u3456@host/", "http", "%E1%88%B4abc%E2%8D%85%E3%91%96", "host", UriHostNameType.Dns, 80, true, false };
yield return new object[] { "http://\u1234\u2345\u3456abc@host/", "http", "%E1%88%B4%E2%8D%85%E3%91%96abc", "host", UriHostNameType.Dns, 80, true, false };
yield return new object[] { "http://userinfo!~+-_*()[]:;&$=123USERINFO@host/", "http", "userinfo!~+-_*()[]:;&$=123USERINFO", "host", UriHostNameType.Dns, 80, true, false };
yield return new object[] { "http://userinfo!~+-_*()[]:;&$=123PLACEHOLDER@host/", "http", "userinfo!~+-_*()[]:;&$=123PLACEHOLDER", "host", UriHostNameType.Dns, 80, true, false };
yield return new object[] { "http://%68%65%6C%6C%6F@host/", "http", "hello", "host", UriHostNameType.Dns, 80, true, false };
yield return new object[] { "http://\u00A3@host/", "http", "%C2%A3", "host", UriHostNameType.Dns, 80, true, false };
yield return new object[] { "http://\u1234@host/", "http", "%E1%88%B4", "host", UriHostNameType.Dns, 80, true, false };

1
src/libraries/System.Security.Cryptography.Algorithms/tests/Rfc2898OneShotTests.cs
View file

@ -11,6 +11,7 @@ namespace System.Security.Cryptography.DeriveBytesTests
[SkipOnMono("Not supported on Browser", TestPlatforms.Browser)]
public static class Rfc2898OneShotTests
{
// [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Suppression approved. Password for testing.")]
private const string Password = "tired";
private static readonly byte[] s_passwordBytes = Encoding.UTF8.GetBytes(Password);

25
src/libraries/System.Security.Cryptography.Algorithms/tests/Rfc2898Tests.cs
View file

@ -551,47 +551,44 @@ namespace System.Security.Cryptography.DeriveBytesTests
{
CaseName = "SHA256 alternate",
HashAlgorithmName = "SHA256",
// [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test dummy credentials.")]
Password = "abcdefghij",
Password = "PLACEHOLDER",
Salt = ascii.GetBytes("abcdefghij"),
IterationCount = 1,
AnswerHex = (
// T-Block 1
"9545B9CCBF915299F09BC4E8922B34B042F32689C072539FAEA739FCA4E782" +
"9352784113E5E6DC21FC82ADA3A321D64962F760DF6EAA8E46CEEF4FAF6C6E" +
// T-Block 2
"27B792394D6C13DB121CD16683CD738CB1717C69B34EF2B29E32306D24FCDF"),
"EE6DB97E5852FC4C15FA7C52FACDEDE89B916BCC864028084A2CF0889F7F76"),
};
yield return new KnownValuesTestCase
{
CaseName = "SHA384 alternate",
HashAlgorithmName = "SHA384",
// [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test dummy credentials.")]
Password = "abcdefghij",
Password = "PLACEHOLDER",
Salt = ascii.GetBytes("abcdefghij"),
IterationCount = 1,
AnswerHex = (
// T-Block 1
"BB8CCC844224775A66E038E59B74B232232AE27C4BF9625BBF3E50317EDD9217BE7B7E07AA5697AF7D2617" +
"B9A10C6C82F36482D76C0C38C982C05F8BB21211ACBE1D1104B4F647DDEAEE179B92ACB0E00A304B791FD0" +
// T-Block 2
"AC02F63AA2B0EC9697B1801E70BD10A6B58CE5DE83DD18F4FFD2E8D9289716510AA0A170EF1D145F4B3247"),
"3C6A08364D0A47CD1F15E0E314800FF3AC9CF2E93B3F81A5EB67FE9F2FE6E86B0430B59902CCB5FD190E67"),
};
yield return new KnownValuesTestCase
{
CaseName = "SHA512 alternate",
HashAlgorithmName = "SHA512",
// [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test dummy credentials.")]
Password = "abcdefghij",
Password = "PLACEHOLDER",
Salt = ascii.GetBytes("abcdefghij"),
IterationCount = 1,
AnswerHex = (
// T-Block 1
"9D6E96B14A53207C759DBB456B2F038170AF03389096E6EEB2161B3868D3E5" +
"1265A25EF7D7433BF8718DB14F934B6054ACCEA283528AD11A669C7C85196F" +
"AD8CE08CFA8F932CF9FEDDCDB6E4BC6417D61F0465D408C0BFE9656E2C1C47" +
"1424537ADB2D9EBE4E4232F474EFEE2AF347F21A804F64CBC05474A6DCE0A5" +
// T-Block 2
"B5DFAA2185446D6218EBC2D4030A83A4353B302E698C8521B6B69F7D5612EF" +
"AF060798DF40183FE6B71F2D35C60FBE27DFE963EFEE52A5756323BA1A41F6"),
"078100F813C1F8388EC233C1397D5E18C6509B5483141EF836C15A34D6DC67" +
"A3C46A45798A2839CFD239749219E9F2EDAD3249EC8221AFB17C0028A4A0A5"),
};
}

2
src/libraries/System.Security.Cryptography.Pkcs/tests/Pkcs12/Pkcs12Documents.cs
View file

@ -222,7 +222,7 @@ namespace System.Security.Cryptography.Pkcs.Tests.Pkcs12
"2b0e03021a05000414c429b968eeca558cc2ec486f89b78c024bdecf2804" +
"087cbeafa8089685a102030927c1").HexToByteArray();
// [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test dummy credentials.")]
// [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Suppression approved. Unit test dummy credentials.")]
internal const string OracleWalletPassword = "123Wallet";
}
}

9
src/libraries/System.Security.Cryptography.X509Certificates/tests/ExportTests.cs
View file

@ -76,8 +76,7 @@ namespace System.Security.Cryptography.X509Certificates.Tests
[Fact]
public static void ExportAsPfxWithPassword()
{
// [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Password for testing purpose.")]
const string password = "Cotton";
const string password = "PLACEHOLDER";
using (X509Certificate2 c1 = new X509Certificate2(TestData.MsCertificate))
{
@ -95,8 +94,7 @@ namespace System.Security.Cryptography.X509Certificates.Tests
[Fact]
public static void ExportAsPfxVerifyPassword()
{
// [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Password for testing purpose.")]
const string password = "Cotton";
const string password = "PLACEHOLDER";
using (X509Certificate2 c1 = new X509Certificate2(TestData.MsCertificate))
{
@ -111,8 +109,7 @@ namespace System.Security.Cryptography.X509Certificates.Tests
using (var cert = new X509Certificate2(TestData.PfxData, TestData.PfxDataPassword, X509KeyStorageFlags.Exportable))
{
Assert.True(cert.HasPrivateKey, "cert.HasPrivateKey");
// [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Password for testing purpose.")]
const string password = "Cotton";
const string password = "PLACEHOLDER";
byte[] pfx = cert.Export(X509ContentType.Pkcs12, password);

4
src/libraries/System.Security.Cryptography.X509Certificates/tests/TestData.cs
View file

@ -153,7 +153,7 @@ tcCZhP5KEu6XKKc1GcTqbyA0vi92YyyZViUa36hhVrNqPxtpclir+lcnNgnlqg==
-----END CERTIFICATE-----
");
// [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test password.")]
// [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Suppression approved. Unit test password.")]
public const string PfxDataPassword = "12345";
public static SecureString CreatePfxDataPasswordSecureString()
@ -602,7 +602,7 @@ tcCZhP5KEu6XKKc1GcTqbyA0vi92YyyZViUa36hhVrNqPxtpclir+lcnNgnlqg==
? Dsa1024Pfx_RC2ContentEncryption
: Dsa1024Pfx_TripleDESContentEncryption;
// [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test password.")]
// [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Suppression approved. Unit test password.")]
public const string Dsa1024PfxPassword = "1234";
public static byte[] Dsa1024Cert = (

12
src/libraries/System.Security.Cryptography.Xml/tests/EncryptedXmlTest.cs
View file

@ -139,10 +139,10 @@ namespace System.Security.Cryptography.Xml.Tests
{
using (Aes aes = Aes.Create())
{
byte[] keydata = Convert.FromBase64String("o/ilseZu+keLBBWGGPlUHweqxIPc4gzZEFWr2nBt640=");
aes.Mode = CipherMode.CBC;
aes.KeySize = 256;
// [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test key.")]
aes.Key = Convert.FromBase64String("o/ilseZu+keLBBWGGPlUHweqxIPc4gzZEFWr2nBt640=");
aes.Key = keydata;
aes.Padding = PaddingMode.Zeros;
XmlDocument doc = new XmlDocument();
@ -171,11 +171,11 @@ namespace System.Security.Cryptography.Xml.Tests
using (Aes aes = Aes.Create())
{
byte[] keydata = Convert.FromBase64String("o/ilseZu+keLBBWGGPlUHweqxIPc4gzZEFWr2nBt640=");
aes.Mode = CipherMode.CBC;
aes.KeySize = 256;
aes.IV = Convert.FromBase64String("pBUM5P03rZ6AE4ZK5EyBrw==");
// [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test key.")]
aes.Key = Convert.FromBase64String("o/ilseZu+keLBBWGGPlUHweqxIPc4gzZEFWr2nBt640=");
aes.Key = keydata;
aes.Padding = PaddingMode.Zeros;
EncryptedXml exml = new EncryptedXml();
@ -203,10 +203,10 @@ namespace System.Security.Cryptography.Xml.Tests
{
using (Aes aes = Aes.Create())
{
byte[] keydata = Convert.FromBase64String("o/ilseZu+keLBBWGGPlUHweqxIPc4gzZEFWr2nBt640=");
aes.Mode = CipherMode.CBC;
aes.KeySize = 256;
// [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test key.")]
aes.Key = Convert.FromBase64String("o/ilseZu+keLBBWGGPlUHweqxIPc4gzZEFWr2nBt640=");
aes.Key = keydata;
aes.Padding = PaddingMode.Zeros;
XmlDocument doc = new XmlDocument();

2
src/libraries/System.Security.Cryptography.Xml/tests/TestHelpers.cs
View file

@ -185,7 +185,7 @@ namespace System.Security.Cryptography.Xml.Tests
}
private static readonly byte[] SamplePfx = Convert.FromBase64String(
// [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test dummy certificate.")]
// [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Suppression approved. Unit test dummy certificate.")]
@"MIIFpQIBAzCCBV8GCSqGSIb3DQEHAaCCBVAEggVMMIIFSDCCAl8GCSqGSIb3DQEHBqCCAlAwggJMAgEAMIICRQYJKoZIhvcNAQcBMBwGCiqGSIb3DQEMAQMwDgQIGTfVa4+vR1UCAgfQgIICGJuFE9alFWJFkaoeewKDIEnVwRxXfMsi8dcySYnp7jljEUQBfW/GIbOf7Lg2nHd0qxvxYI2YL4Zs+d0jWbqfNHamGFCMPe1dK957Z2PsKXR183vMSgnmlLAHktsIN+Gor7q1GbQ4ljfZkGqZ/rkgUsgsSYZSnJevP/uH0VnvxemljVJ7N7gKMYO0aqrca4qJ0O4YxBYyaerPFUOYunQlvk6DOF3SQXza5oFKcPGrSpE/9eQrnmm64BtbdnUE6qqEjfZfNa6MOD3vOnapLUBsel2TtVCu8tEl7I8FGxozTLXVTXOBkL3k7xLRS52ZtpbcU2JIhlDGpxeFXmjKYzdzHoL20iJubfdkUYtHwB0XjBKKLcI7jfgGgjNauaTLAx8FF+5O9s7Zbj2+SKWv56kqAwdX+iH21VgjAN9EByIXHb3p2ZOvy4ONDXTmfSn7jbuPLZTi+u6bxn2JOLf/gjEA8FiCuQDL9gF247bnUq08Z1uzuAUeaPL13U8mxwEuvCOXx5NEQIuf3cusnaH4+7uIhPk5tnfA5XOaABySetRjZhVN5dC5/g3KTwmaDamlW3Y7Az/NzAC4uKa2ny5jwYKBgHviEKOyJfLDKr5fOMRToOfgxvAdXZohQQTE1+TcBjp+eeV5koDfB1ReCKIRHugPZu5j9SCVcYanwFeJ5M4cEHZ9U1Ytsmzjh0fwV17D/hxQ4aS4VwVpOMypMIIC4QYJKoZIhvcNAQcBoIIC0gSCAs4wggLKMIICxgYLKoZIhvcNAQwKAQKgggKeMIICmjAcBgoqhkiG9w0BDAEDMA4ECBRdKqx022cfAgIH0ASCAnjZx9fvPCHizdH6apVzWWmfy/84HvDPjFOUV1TPehTnDPkNpF/uK/ya4jlbl4Kw0Zfknt5Xydl89SMXIWa2q+nWmxyG3XyfGqOAeBfJBSdCF5K3qkZZnzEfraKZZ5Hh8IEmK+ey45O6sltua6Xl5MRBmKLiwma7vX4ihXQTMfb0WlWDYCXZi85OeF0OlUjRWAwz4PeeiBK4nmI/vNmF1EzDVdZGkrrE8mot3Y4z6bvwqip2tUUbHuMnC+/1ikAcJzCOw4NpnEWCRtIJxgJ9es8E8CUfHESnWKe4nh6tJVJ15B8/7oF7N6j7oq4Oj346JthKoWWkzifNaH79A60/uFh08Rv7zrtJf6kedY6Ve2bR5lhWn0cv9Q6IaoqTmKKTmKJnjdQO9lKRCR6iI2OsYtXBropD8xhNNqsyfpNmP0G6wFiEZZxZjWOkZEJLUzFbH+Su+7l2l4FN9sM7k211/l3/3YF1QJHwZsgL98DZL4qE+nkuZQcdtOUx8QTyTOcVb3IzgCAwZm0rgdXQpJ9yRBgOC/6MnqaCPI0jJuavXF/a28GJWWGlazx7SWTrbzNVJ83ZhQ+pfPEPtMi3t0YVLLvapu3otgpiMkv4ew/ssXwYbg6xBWfotK+NG1cPwVFy9/V9+H5dpdvRI/le2QG0F5xCfCeKh/3AuNiMPEGoVUR5kj5cwFK6eskvt/+74ZenxfNPZ2Uttiw8DsqtTx1gxhcSZeU5YWpO7O78RaYE4Ll4kPbbvIaR18Napb6NKP846z02zvaw+feXARLe0HUY58TlmUjSX3MZRK4PEdyMIQ/URyPimj4rImaDfFrKPAHIjqT3EKv+KuNs8TEVMBMGCSqGSIb3DQEJFTEGBAQBAAAAMD0wITAJBgUrDgMCGgUABBRZOo132cuo2zNyy+SH2c+pN4OGmQQU2nQao3je7DTj2G6Gge8pooPf2ncCAgfQ");
public static X509Certificate2 GetSampleX509Certificate()