Runtime: HKDF: Expand and DeriveKey throw invalid exceptions when outputLength is negative
Methods Expand and DeriveKey of the System.Security.Cryptography.HKDF class throw invalid exceptions when the argument outputLength has negative value.
In this example Expand throws ArgumentOutOfRangeException with the message Output keying material length can be at most 8160 bytes (255 * hash length).:
HKDF.Expand(HashAlgorithmName.SHA256, prk: new byte[32], outputLength: -1);
Instead the exception message should say that outputLength can't be negative (or that it must be positive - depends on whether 0 is considered a valid input).
Here DeriveKey throws OverflowException with the message Arithmetic operation resulted in an overflow.:
HKDF.DeriveKey(HashAlgorithmName.SHA256, ikm: new byte[32], outputLength: -1);
Instead the type of exception should be ArgumentOutOfRangeExceptionand the message should say that the outputLength can't be negative (or that it must be positive - depends on whether 0 is considered a valid input).
Windows 10 x64 Pro, dotnet 5.0.0-preview.8.
andreimilto
All 11 comments
Tagging subscribers to this area: @bartonjs, @vcsjones, @krwq, @jeffhandley
See info in area-owners.md if you want to be subscribed.
![msftbot[bot] picture](https://avatars2.githubusercontent.com/in/26612?v=4&s=40)
msftbot[bot]
on 15 Sep 2020
It's not blocking release but I think we should fix at least fix OverflowException to correctly throw ArgumentOutOfRangeException for 5.0 (the call if it will be included in 5.0 doesn't belong to me but will make a patch and see what happens)
krwq
on 15 Sep 2020
Zero doesn't really make sense, I'm fine with making it throw AOORE.
bartonjs
on 15 Sep 2020
I did a preemptive bar check on this and determined it won't meet the bar for 5.0.0 (since there are workarounds); moving to 6.0.0. Thanks for reporting this, @andreimilto!
jeffhandley
on 16 Sep 2020
You're welcome, @jeffhandley!
andreimilto
on 16 Sep 2020
Note to anyone picking this up: it probably makes sense to fix #42230 in the same pull request.
vcsjones
on 17 Sep 2020
Hi, I am a first-time contributor and I would love to take a shot at this.
tonycimaglia
on 17 Sep 2020
@tonycimaglia Excellent!
Have a look at the Workflow Guide for instructions about getting dotnet/runtime building and running locally, the OS table has a link to building requirements. If everything is set up correctly, you should be able to do build.cmd -rc Release -s clr+libs at the repository root. (Substitute build.cmd for build.sh if you are on macOS / Linux). You need to do this build from the command line once before the Visual Studio solution files will work.
If you plan to develop and test in Visual Studio, see the Visual Studio Workflow for some info on getting tests running.
Also, take a look at the Building Libraries for more info about building and testing libraries from the Command Line.
The HKDF implementation is here:
and the tests are here:
Before you start making changes it'd be a good idea to make sure that all of the tests in 'System.Security.Cryptography.Algorithms' are green.
vcsjones
on 17 Sep 2020
@vcsjones do you mind assigning these issues to me so no one else picks them up?
tonycimaglia
on 17 Sep 2020
@bartonjs / @krwq (I don't have assign rights)
vcsjones
on 17 Sep 2020
Here's an example of another method checking that a parameter is positive:
For testing ArgumentExceptions and derived exceptions, we have a custom assertion helper that should be used that also asserts the ParamName of the exception. Here is an example:
It's new-ish so it isn't used consistently in all of the unit tests, but it should be used going forward.
vcsjones
on 17 Sep 2020
Related issues
jchannon
路
3Comments
iCodeWebApps
路
3Comments
v0l
路
3Comments
matty-hall
路
3Comments
aggieben
路
3Comments
Most helpful comment
@tonycimaglia Excellent!
Have a look at the Workflow Guide for instructions about getting dotnet/runtime building and running locally, the OS table has a link to building requirements. If everything is set up correctly, you should be able to do
build.cmd -rc Release -s clr+libsat the repository root. (Substitutebuild.cmdforbuild.shif you are on macOS / Linux). You need to do this build from the command line once before the Visual Studio solution files will work.If you plan to develop and test in Visual Studio, see the Visual Studio Workflow for some info on getting tests running.
Also, take a look at the Building Libraries for more info about building and testing libraries from the Command Line.
The HKDF implementation is here:
https://github.com/dotnet/runtime/blob/a1f9226e7b7689aa153861b7bb5011e6f272ccc2/src/libraries/System.Security.Cryptography.Algorithms/src/System/Security/Cryptography/HKDF.cs#L49-L51
and the tests are here:
https://github.com/dotnet/runtime/blob/a1f9226e7b7689aa153861b7bb5011e6f272ccc2/src/libraries/System.Security.Cryptography.Algorithms/tests/HKDFTests.cs#L13
Before you start making changes it'd be a good idea to make sure that all of the tests in 'System.Security.Cryptography.Algorithms' are green.