From 5cded920c05a6b7789591487e0a862937724f42f Mon Sep 17 00:00:00 2001 From: Jan Jahoda Date: Wed, 17 Jun 2020 14:48:51 +0200 Subject: [PATCH 1/9] Suppress initial cred issues --- eng/common/internal-feed-operations.ps1 | 1 + eng/common/internal-feed-operations.sh | 1 + .../Common/src/Interop/Windows/WinHttp/Interop.winhttp_types.cs | 2 ++ 3 files changed, 4 insertions(+) diff --git a/eng/common/internal-feed-operations.ps1 b/eng/common/internal-feed-operations.ps1 index db0baac9a44592..41295b2a570714 100644 --- a/eng/common/internal-feed-operations.ps1 +++ b/eng/common/internal-feed-operations.ps1 @@ -63,6 +63,7 @@ function SetupCredProvider { } if (($endpoints | Measure-Object).Count -gt 0) { + # [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Endpoint code example")] # Create the JSON object. It should look like '{"endpointCredentials": [{"endpoint":"http://example.index.json", "username":"optional", "password":"accesstoken"}]}' $endpointCredentials = @{endpointCredentials=$endpoints} | ConvertTo-Json -Compress diff --git a/eng/common/internal-feed-operations.sh b/eng/common/internal-feed-operations.sh index 5941ea28335869..3e280c17176aa7 100755 --- a/eng/common/internal-feed-operations.sh +++ b/eng/common/internal-feed-operations.sh @@ -62,6 +62,7 @@ function SetupCredProvider { endpoints+=']' if [ ${#endpoints} -gt 2 ]; then + # [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Endpoint code example")] # Create the JSON object. It should look like '{"endpointCredentials": [{"endpoint":"http://example.index.json", "username":"optional", "password":"accesstoken"}]}' local endpointCredentials="{\"endpointCredentials\": "$endpoints"}" diff --git a/src/libraries/Common/src/Interop/Windows/WinHttp/Interop.winhttp_types.cs b/src/libraries/Common/src/Interop/Windows/WinHttp/Interop.winhttp_types.cs index 3948b540f6179a..2824a20773a23a 100644 --- a/src/libraries/Common/src/Interop/Windows/WinHttp/Interop.winhttp_types.cs +++ b/src/libraries/Common/src/Interop/Windows/WinHttp/Interop.winhttp_types.cs @@ -129,7 +129,9 @@ internal partial class WinHttp public const uint WINHTTP_AUTH_TARGET_SERVER = 0x00000000; public const uint WINHTTP_AUTH_TARGET_PROXY = 0x00000001; + // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="It is property descriptor, not secret value.")] public const uint WINHTTP_OPTION_USERNAME = 0x1000; + // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="It is property descriptor, not secret value.")] public const uint WINHTTP_OPTION_PASSWORD = 0x1001; public const uint WINHTTP_OPTION_PROXY_USERNAME = 0x1002; public const uint WINHTTP_OPTION_PROXY_PASSWORD = 0x1003; From fac0d23194b28c9c0681bee44c4460b3328a6ee6 Mon Sep 17 00:00:00 2001 From: Jan Jahoda Date: Thu, 18 Jun 2020 15:31:12 +0200 Subject: [PATCH 2/9] Another bunch of supresses --- .../Windows/WinHttp/Interop.winhttp_types.cs | 2 +- .../tests/System/Net/Configuration.Certificates.cs | 1 + .../Http/HttpClientHandlerTest.Authentication.cs | 5 ++++- ...HttpClientHandlerTest.DefaultProxyCredentials.cs | 4 ++++ .../System/Net/Http/HttpClientHandlerTest.Proxy.cs | 2 ++ .../HttpClientHandlerTest.ServerCertificates.cs | 1 + .../tests/System/Net/Http/HttpClientHandlerTest.cs | 2 ++ .../tests/System/Net/Http/PostScenarioTest.cs | 2 ++ .../Prerequisites/Deployment/setup_certificates.ps1 | 2 ++ .../AlgorithmImplementations/DSA/DSAKeyPemTests.cs | 2 +- .../tests/ProcessStartInfoTests.cs | 1 + .../AccountManagement/constants.cs | 1 + .../tests/PrincipalTest.cs | 4 ++-- .../tests/UserPrincipalTest.cs | 4 ++-- .../tests/UnitTests/ClientCertificateHelper.cs | 5 +++++ .../tests/FunctionalTests/SocketsHttpHandlerTest.cs | 4 ++++ .../tests/UnitTests/DigestAuthenticationTests.cs | 3 +++ .../tests/UnitTests/HttpEnvironmentProxyTest.cs | 5 +++++ .../tests/Functional/SmtpClientTest.cs | 2 ++ .../src/System/Net/FtpControlStream.cs | 1 + .../src/System/Net/FtpWebRequest.cs | 1 + .../tests/ConnectTest.cs | 1 + .../UriRelativeResolutionTest.cs | 8 ++++++++ .../tests/FunctionalTests/UriBuilderRefreshTest.cs | 1 + .../tests/FunctionalTests/UriBuilderTests.cs | 8 ++++++++ .../FunctionalTests/UriRelativeResolutionTest.cs | 13 ++++++++++++- .../tests/System/Uri.CreateStringTests.cs | 4 ++++ .../tests/Rfc2898Tests.cs | 3 +++ .../tests/Pkcs12/Pkcs12Documents.cs | 1 + .../tests/ExportTests.cs | 3 +++ .../tests/EncryptedXmlTest.cs | 6 ++++-- .../tests/SignedXmlTest.cs | 6 ++++++ .../tests/TestHelpers.cs | 2 ++ 33 files changed, 100 insertions(+), 10 deletions(-) diff --git a/src/libraries/Common/src/Interop/Windows/WinHttp/Interop.winhttp_types.cs b/src/libraries/Common/src/Interop/Windows/WinHttp/Interop.winhttp_types.cs index 2824a20773a23a..6333451a91b6d9 100644 --- a/src/libraries/Common/src/Interop/Windows/WinHttp/Interop.winhttp_types.cs +++ b/src/libraries/Common/src/Interop/Windows/WinHttp/Interop.winhttp_types.cs @@ -129,11 +129,11 @@ internal partial class WinHttp public const uint WINHTTP_AUTH_TARGET_SERVER = 0x00000000; public const uint WINHTTP_AUTH_TARGET_PROXY = 0x00000001; - // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="It is property descriptor, not secret value.")] public const uint WINHTTP_OPTION_USERNAME = 0x1000; // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="It is property descriptor, not secret value.")] public const uint WINHTTP_OPTION_PASSWORD = 0x1001; public const uint WINHTTP_OPTION_PROXY_USERNAME = 0x1002; + // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="It is property descriptor, not secret value.")] public const uint WINHTTP_OPTION_PROXY_PASSWORD = 0x1003; public const uint WINHTTP_OPTION_SERVER_SPN_USED = 106; diff --git a/src/libraries/Common/tests/System/Net/Configuration.Certificates.cs b/src/libraries/Common/tests/System/Net/Configuration.Certificates.cs index 02462be7c6e61b..a22acb89287de2 100644 --- a/src/libraries/Common/tests/System/Net/Configuration.Certificates.cs +++ b/src/libraries/Common/tests/System/Net/Configuration.Certificates.cs @@ -16,6 +16,7 @@ public static partial class Configuration { public static partial class Certificates { + // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test dummy password.")] private const string CertificatePassword = "testcertificate"; private const string TestDataFolder = "TestData"; private const int MutexTimeoutMs = 120_000; diff --git a/src/libraries/Common/tests/System/Net/Http/HttpClientHandlerTest.Authentication.cs b/src/libraries/Common/tests/System/Net/Http/HttpClientHandlerTest.Authentication.cs index 9c2c1e2c74e53e..cbb9f692ff9118 100644 --- a/src/libraries/Common/tests/System/Net/Http/HttpClientHandlerTest.Authentication.cs +++ b/src/libraries/Common/tests/System/Net/Http/HttpClientHandlerTest.Authentication.cs @@ -136,7 +136,10 @@ await LoopbackServer.CreateServerAsync(async (server, url) => { HttpClientHandler handler = CreateHttpClientHandler(); Task serverTask = server.AcceptConnectionPerformAuthenticationAndCloseAsync(authenticateHeader); - await TestHelper.WhenAllCompletedOrAnyFailed(CreateAndValidateRequest(handler, url, HttpStatusCode.Unauthorized, new NetworkCredential("wronguser", "wrongpassword")), serverTask); + + // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test dummy credentials.")] + var credentials = new NetworkCredential("wronguser", "wrongpassword"); + await TestHelper.WhenAllCompletedOrAnyFailed(CreateAndValidateRequest(handler, url, HttpStatusCode.Unauthorized, credentials), serverTask); }, options); } diff --git a/src/libraries/Common/tests/System/Net/Http/HttpClientHandlerTest.DefaultProxyCredentials.cs b/src/libraries/Common/tests/System/Net/Http/HttpClientHandlerTest.DefaultProxyCredentials.cs index ccd32f66a6ad5e..318c873fae6411 100644 --- a/src/libraries/Common/tests/System/Net/Http/HttpClientHandlerTest.DefaultProxyCredentials.cs +++ b/src/libraries/Common/tests/System/Net/Http/HttpClientHandlerTest.DefaultProxyCredentials.cs @@ -38,6 +38,7 @@ public void SetGet_Roundtrips() { using (HttpClientHandler handler = CreateHttpClientHandler()) { + // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test dummy credentials.")] var creds = new NetworkCredential("username", "password", "domain"); handler.DefaultProxyCredentials = null; @@ -54,7 +55,9 @@ public void SetGet_Roundtrips() [Fact] public async Task ProxyExplicitlyProvided_DefaultCredentials_Ignored() { + // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test dummy credentials.")] var explicitProxyCreds = new NetworkCredential("rightusername", "rightpassword"); + // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test dummy credentials.")] var defaultSystemProxyCreds = new NetworkCredential("wrongusername", "wrongpassword"); string expectCreds = "Basic " + Convert.ToBase64String(Encoding.UTF8.GetBytes($"{explicitProxyCreds.UserName}:{explicitProxyCreds.Password}")); @@ -90,6 +93,7 @@ await server.AcceptConnectionSendResponseAndCloseAsync( public async Task ProxySetViaEnvironmentVariable_DefaultProxyCredentialsUsed(bool useProxy) { const string ExpectedUsername = "rightusername"; + // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test dummy credentials.")] const string ExpectedPassword = "rightpassword"; LoopbackServer.Options options = new LoopbackServer.Options { IsProxy = true, Username = ExpectedUsername, Password = ExpectedPassword }; diff --git a/src/libraries/Common/tests/System/Net/Http/HttpClientHandlerTest.Proxy.cs b/src/libraries/Common/tests/System/Net/Http/HttpClientHandlerTest.Proxy.cs index 83443ae607a44c..eafacdf0b7b7eb 100644 --- a/src/libraries/Common/tests/System/Net/Http/HttpClientHandlerTest.Proxy.cs +++ b/src/libraries/Common/tests/System/Net/Http/HttpClientHandlerTest.Proxy.cs @@ -263,7 +263,9 @@ public async Task Proxy_SendSecureRequestThruProxy_ConnectTunnelUsed() [ConditionalFact(typeof(PlatformDetection), nameof(PlatformDetection.IsNotWindowsNanoServer))] public async Task ProxyAuth_Digest_Succeeds() { + // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test dummy credentials.")] const string expectedUsername = "testusername"; + // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test dummy credentials.")] const string expectedPassword = "testpassword"; const string authHeader = "Proxy-Authenticate: Digest realm=\"NetCore\", nonce=\"PwOnWgAAAAAAjnbW438AAJSQi1kAAAAA\", qop=\"auth\", stale=false\r\n"; LoopbackServer.Options options = new LoopbackServer.Options { IsProxy = true, Username = expectedUsername, Password = expectedPassword }; diff --git a/src/libraries/Common/tests/System/Net/Http/HttpClientHandlerTest.ServerCertificates.cs b/src/libraries/Common/tests/System/Net/Http/HttpClientHandlerTest.ServerCertificates.cs index 85e33a99767592..851e7360d8c740 100644 --- a/src/libraries/Common/tests/System/Net/Http/HttpClientHandlerTest.ServerCertificates.cs +++ b/src/libraries/Common/tests/System/Net/Http/HttpClientHandlerTest.ServerCertificates.cs @@ -112,6 +112,7 @@ public async Task UseCallback_HaveCredsAndUseAuthenticatedCustomProxyAndPostToSe handler.ServerCertificateCustomValidationCallback = TestHelper.AllowAllCertificates; handler.Proxy = new WebProxy(proxyServer.Uri) { + // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test dummy credentials.")] Credentials = new NetworkCredential("rightusername", "rightpassword") }; diff --git a/src/libraries/Common/tests/System/Net/Http/HttpClientHandlerTest.cs b/src/libraries/Common/tests/System/Net/Http/HttpClientHandlerTest.cs index 3852af097f9444..00ed3a751fbfbd 100644 --- a/src/libraries/Common/tests/System/Net/Http/HttpClientHandlerTest.cs +++ b/src/libraries/Common/tests/System/Net/Http/HttpClientHandlerTest.cs @@ -583,6 +583,7 @@ public async Task GetAsync_ServerNeedsNonStandardAuthAndSetCredential_StatusCode await LoopbackServerFactory.CreateServerAsync(async (server, url) => { HttpClientHandler handler = CreateHttpClientHandler(); + // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test dummy credentials.")] handler.Credentials = new NetworkCredential("unused", "unused"); using (HttpClient client = CreateHttpClient(handler)) { @@ -1009,6 +1010,7 @@ await LoopbackServer.CreateClientAndServerAsync(async uri => $"Accept-Patch:{fold} text/example;charset=utf-8{newline}" + $"Accept-Ranges:{fold} bytes{newline}" + $"Age: {fold}12{newline}" + + // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test dummy authorization.")] $"Authorization: Bearer 63123a47139a49829bcd8d03005ca9d7{newline}" + $"Allow: {fold}GET, HEAD{newline}" + $"Alt-Svc:{fold} http/1.1=\"http2.example.com:8001\"; ma=7200{newline}" + diff --git a/src/libraries/Common/tests/System/Net/Http/PostScenarioTest.cs b/src/libraries/Common/tests/System/Net/Http/PostScenarioTest.cs index 34de8fffac58f2..f4241fbd89679d 100644 --- a/src/libraries/Common/tests/System/Net/Http/PostScenarioTest.cs +++ b/src/libraries/Common/tests/System/Net/Http/PostScenarioTest.cs @@ -23,7 +23,9 @@ namespace System.Net.Http.Functional.Tests public abstract class PostScenarioTest : HttpClientHandlerTestBase { private const string ExpectedContent = "Test contest"; + // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test dummy credentials.")] private const string UserName = "user1"; + // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test dummy credentials.")] private const string Password = "password1"; public PostScenarioTest(ITestOutputHelper output) : base(output) { } diff --git a/src/libraries/Common/tests/System/Net/Prerequisites/Deployment/setup_certificates.ps1 b/src/libraries/Common/tests/System/Net/Prerequisites/Deployment/setup_certificates.ps1 index c5d1012f4d828a..8e49a0df45cce2 100644 --- a/src/libraries/Common/tests/System/Net/Prerequisites/Deployment/setup_certificates.ps1 +++ b/src/libraries/Common/tests/System/Net/Prerequisites/Deployment/setup_certificates.ps1 @@ -11,9 +11,11 @@ $script:testData = "runtime-assets" $script:certificatePath = "$($script:testData)\runtime-assets-master\System.Net.TestData" $script:clientPrivateKeyPath = Join-Path $script:certificatePath "testclient1_at_contoso.com.pfx" +#[SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Dummy certificate password for testing.")] $script:clientPrivateKeyPassword = "testcertificate" $script:serverPrivateKeyPath = Join-Path $script:certificatePath "contoso.com.pfx" +#[SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Dummy certificate password for testing.")] $script:serverPrivateKeyPassword = "testcertificate" Function GetFullPath($relativePath) diff --git a/src/libraries/Common/tests/System/Security/Cryptography/AlgorithmImplementations/DSA/DSAKeyPemTests.cs b/src/libraries/Common/tests/System/Security/Cryptography/AlgorithmImplementations/DSA/DSAKeyPemTests.cs index 6029383756cacb..fae449c12e69b6 100644 --- a/src/libraries/Common/tests/System/Security/Cryptography/AlgorithmImplementations/DSA/DSAKeyPemTests.cs +++ b/src/libraries/Common/tests/System/Security/Cryptography/AlgorithmImplementations/DSA/DSAKeyPemTests.cs @@ -29,7 +29,7 @@ public static void ImportFromPem_NoPem() public static void ImportFromPem_Pkcs8UnEncrypted_Simple() { using (DSA dsa = DSAFactory.Create()) - { + { string pem = @" -----BEGIN PRIVATE KEY----- MIHGAgEAMIGoBgcqhkjOOAQBMIGcAkEA1qi38cr3ppZNB2Y/xpHSL2q81Vw3rvWN diff --git a/src/libraries/System.Diagnostics.Process/tests/ProcessStartInfoTests.cs b/src/libraries/System.Diagnostics.Process/tests/ProcessStartInfoTests.cs index d5b30b3579160e..a553e110169940 100644 --- a/src/libraries/System.Diagnostics.Process/tests/ProcessStartInfoTests.cs +++ b/src/libraries/System.Diagnostics.Process/tests/ProcessStartInfoTests.cs @@ -355,6 +355,7 @@ public void TestWorkingDirectoryPropertyInChildProcess() [ConditionalFact(typeof(RemoteExecutor), nameof(RemoteExecutor.IsSupported)), PlatformSpecific(TestPlatforms.Windows), OuterLoop] // Uses P/Invokes, Requires admin privileges public void TestUserCredentialsPropertiesOnWindows() { + // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test dummy credentials.")] string username = "test", password = "PassWord123!!"; try { diff --git a/src/libraries/System.DirectoryServices.AccountManagement/src/System/DirectoryServices/AccountManagement/constants.cs b/src/libraries/System.DirectoryServices.AccountManagement/src/System/DirectoryServices/AccountManagement/constants.cs index 983705cbe0fbf6..4cf6aeb55ec2b6 100644 --- a/src/libraries/System.DirectoryServices.AccountManagement/src/System/DirectoryServices/AccountManagement/constants.cs +++ b/src/libraries/System.DirectoryServices.AccountManagement/src/System/DirectoryServices/AccountManagement/constants.cs @@ -96,6 +96,7 @@ private PropertyNames() { } // these two are not publicly exposed properties, but are used internally to track ResetPassword/ExpirePasswordNow // operations against unpersisted principals, so that they can be performed once the principal has been Saved + // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Not a password.")] internal const string PwdInfoPassword = "AuthenticablePrincipal.PasswordInfo.Password"; internal const string PwdInfoExpireImmediately = "AuthenticablePrincipal.PasswordInfo.ExpireImmediately"; } diff --git a/src/libraries/System.DirectoryServices.AccountManagement/tests/PrincipalTest.cs b/src/libraries/System.DirectoryServices.AccountManagement/tests/PrincipalTest.cs index 893ab0d83bec98..6b98b73188dae4 100644 --- a/src/libraries/System.DirectoryServices.AccountManagement/tests/PrincipalTest.cs +++ b/src/libraries/System.DirectoryServices.AccountManagement/tests/PrincipalTest.cs @@ -16,8 +16,8 @@ public abstract class PrincipalTest : IDisposable private void RefreshContext() { - string username = "Administrator"; - string password = "Adrumble@6"; + // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test dummy credentials.")] + string username = "Administrator", password = "Adrumble@6"; string OU = "Tests"; string baseDomain = WindowsIdentity.GetCurrent().Name.Split(new char[] { '\\' })[1] + "-TEST"; diff --git a/src/libraries/System.DirectoryServices.AccountManagement/tests/UserPrincipalTest.cs b/src/libraries/System.DirectoryServices.AccountManagement/tests/UserPrincipalTest.cs index 458d0acf0dff24..5cb60c89b9b546 100644 --- a/src/libraries/System.DirectoryServices.AccountManagement/tests/UserPrincipalTest.cs +++ b/src/libraries/System.DirectoryServices.AccountManagement/tests/UserPrincipalTest.cs @@ -32,8 +32,8 @@ public void UserPrincipalConstructorTest() public void ComputedUACCheck() { - string username = "Administrator"; - string password = "Adrumble@6"; + // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test dummy credentials.")] + string username = "Administrator", password = "Adrumble@6"; //TODO: don't assume it exists, create it if its not string OU = "TestNull"; string baseDomain =WindowsIdentity.GetCurrent().Name.Split(new char[] { '\\' })[1] + "-TEST"; diff --git a/src/libraries/System.Net.Http.WinHttpHandler/tests/UnitTests/ClientCertificateHelper.cs b/src/libraries/System.Net.Http.WinHttpHandler/tests/UnitTests/ClientCertificateHelper.cs index 3d99da45b1e3bd..e81d07d3a9d32f 100644 --- a/src/libraries/System.Net.Http.WinHttpHandler/tests/UnitTests/ClientCertificateHelper.cs +++ b/src/libraries/System.Net.Http.WinHttpHandler/tests/UnitTests/ClientCertificateHelper.cs @@ -14,6 +14,7 @@ public class ClientCertificateHelper private readonly X509Certificate2 _cert_KeyUsageIncludesDigitalSignature_EKUIncludesClientAuth_PrivateKey = new X509Certificate2( Convert.FromBase64String( + // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Dummy certificate for testing.")] @"MIIKTgIBAzCCCgoGCSqGSIb3DQEHAaCCCfsEggn3MIIJ8zCCBgwGCSqGSIb3DQEHAaCCBf0EggX5 MIIF9TCCBfEGCyqGSIb3DQEMCgECoIIE/jCCBPowHAYKKoZIhvcNAQwBAzAOBAiHDatvDr8QBQIC B9AEggTYv1r4ckwt7o6f6DCMHlb/zv4t7rPju+PP0PjoJ8kzPfj419aSeyPuE+65YH9WFDqafJed @@ -66,6 +67,7 @@ public class ClientCertificateHelper private readonly X509Certificate2 _cert_KeyUsageMissingDigitalSignature_EKUIncludesClientAuth_PrivateKey = new X509Certificate2( Convert.FromBase64String( + // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Dummy certificate for testing.")] @"MIIKTgIBAzCCCgoGCSqGSIb3DQEHAaCCCfsEggn3MIIJ8zCCBgwGCSqGSIb3DQEHAaCCBf0EggX5 MIIF9TCCBfEGCyqGSIb3DQEMCgECoIIE/jCCBPowHAYKKoZIhvcNAQwBAzAOBAiSNi65ZF5ZTQIC B9AEggTYRTivDtzHOWRR+MobtGFEUu6d1PiIlF1Ic84FWvmFCcJShkBmg3cBqDilqtamAkDkga4h @@ -118,6 +120,7 @@ public class ClientCertificateHelper private readonly X509Certificate2 _cert_KeyUsageIncludesDigitalSignature_EKUMissingClientAuth_PrivateKey = new X509Certificate2( Convert.FromBase64String( + // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Dummy certificate for testing.")] @"MIIKRgIBAzCCCgIGCSqGSIb3DQEHAaCCCfMEggnvMIIJ6zCCBgQGCSqGSIb3DQEHAaCCBfUEggXx MIIF7TCCBekGCyqGSIb3DQEMCgECoIIE9jCCBPIwHAYKKoZIhvcNAQwBAzAOBAhCUuNQ0RqfZQIC B9AEggTQHCQRSiCiNI7egTvUaI1Z3tfeLwFWvG7B/za5v9fb97MExoyVQSDmUyUDTlVEcg3gVqJZ @@ -170,6 +173,7 @@ public class ClientCertificateHelper private readonly X509Certificate2 _cert_KeyUsageIncludesDigitalSignature_NoEKU_PrivateKey = new X509Certificate2( Convert.FromBase64String( + // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Dummy certificate for testing.")] @"MIIKPgIBAzCCCfoGCSqGSIb3DQEHAaCCCesEggnnMIIJ4zCCBgwGCSqGSIb3DQEHAaCCBf0EggX5 MIIF9TCCBfEGCyqGSIb3DQEMCgECoIIE/jCCBPowHAYKKoZIhvcNAQwBAzAOBAijQh1kbOZOYQIC B9AEggTY+wDp3V31Lh7f8YrsqEsyGZ+GlYvFhLWvDASjisYJi5NlQ0ONbf0KOXHVSvBj3tVyuHm4 @@ -222,6 +226,7 @@ public class ClientCertificateHelper private readonly X509Certificate2 _cert_KeyUsageIncludesDigitalSignature_EKUIncludesClientAuth_NoPrivateKey = new X509Certificate2( Convert.FromBase64String( + // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Dummy certificate for testing.")] @"MIIDFjCCAf6gAwIBAgIQTm8+EF94L4FJ0nBFl5LICzANBgkqhkiG9w0BAQsFADAb MRkwFwYDVQQDDBB1c2VyQGV4YW1wbGUuY29tMCAXDTE1MTAwNTEwMDMwMFoYDzIx MTUxMDA1MTAwMzAwWjAbMRkwFwYDVQQDDBB1c2VyQGV4YW1wbGUuY29tMIIBIjAN diff --git a/src/libraries/System.Net.Http/tests/FunctionalTests/SocketsHttpHandlerTest.cs b/src/libraries/System.Net.Http/tests/FunctionalTests/SocketsHttpHandlerTest.cs index de27cbc5d92c12..9447e6623d01a9 100644 --- a/src/libraries/System.Net.Http/tests/FunctionalTests/SocketsHttpHandlerTest.cs +++ b/src/libraries/System.Net.Http/tests/FunctionalTests/SocketsHttpHandlerTest.cs @@ -672,6 +672,7 @@ await TestHelper.WhenAllCompletedOrAnyFailed( [Theory] [InlineData("Age", "1")] + // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test dummy authorisation header.")] [InlineData("Authorization", "Basic YWxhZGRpbjpvcGVuc2VzYW1l")] [InlineData("Cache-Control", "no-cache")] [InlineData("Content-Encoding", "gzip")] @@ -1720,6 +1721,7 @@ public async Task ProxyAuth_SameConnection_Succeeds() using (var handler = new HttpClientHandler()) { + // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test dummy credentials.")] handler.Proxy = new UseSpecifiedUriWebProxy(proxyUrl, new NetworkCredential("abc", "def")); using (HttpClient client = CreateHttpClient(handler)) @@ -2052,7 +2054,9 @@ await Assert.ThrowsAnyAsync(() => Assert.Throws(expectedExceptionType, () => handler.AllowAutoRedirect = false); Assert.Throws(expectedExceptionType, () => handler.AutomaticDecompression = DecompressionMethods.GZip); Assert.Throws(expectedExceptionType, () => handler.CookieContainer = new CookieContainer()); + // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test dummy credentials.")] Assert.Throws(expectedExceptionType, () => handler.Credentials = new NetworkCredential("anotheruser", "anotherpassword")); + // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test dummy credentials.")] Assert.Throws(expectedExceptionType, () => handler.DefaultProxyCredentials = new NetworkCredential("anotheruser", "anotherpassword")); Assert.Throws(expectedExceptionType, () => handler.MaxAutomaticRedirections = 2); Assert.Throws(expectedExceptionType, () => handler.MaxConnectionsPerServer = 2); diff --git a/src/libraries/System.Net.Http/tests/UnitTests/DigestAuthenticationTests.cs b/src/libraries/System.Net.Http/tests/UnitTests/DigestAuthenticationTests.cs index c801659447f36e..8e23c033d91058 100644 --- a/src/libraries/System.Net.Http/tests/UnitTests/DigestAuthenticationTests.cs +++ b/src/libraries/System.Net.Http/tests/UnitTests/DigestAuthenticationTests.cs @@ -50,6 +50,7 @@ public static IEnumerable DigestResponse_Challenge_TestData() [InlineData("realm=\"NetCore\", qop=\"auth\", stale=false", false)] public async Task DigestResponse_AuthToken_Handling(string response, bool expectedResult) { + // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test dummy credentials.")] NetworkCredential credential = new NetworkCredential("foo", "bar"); AuthenticationHelper.DigestResponse digestResponse = new AuthenticationHelper.DigestResponse(response); HttpRequestMessage request = new HttpRequestMessage(HttpMethod.Get, "http://microsoft.com/"); @@ -66,6 +67,7 @@ public async Task DigestResponse_AuthToken_Handling(string response, bool expect [InlineData("\uD834\uDD1E", "username*=utf-8''%F0%9D%84%9E")] public async Task DigestResponse_UserName_Encoding(string username, string encodedUserName) { + // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test dummy credentials.")] NetworkCredential credential = new NetworkCredential(username, "bar"); AuthenticationHelper.DigestResponse digestResponse = new AuthenticationHelper.DigestResponse("realm=\"NetCore\", nonce=\"qMRqWgAAAAAQMjIABgAAAFwEiEwAAAAA\""); HttpRequestMessage request = new HttpRequestMessage(HttpMethod.Get, "http://microsoft.com/"); @@ -89,6 +91,7 @@ public static IEnumerable DigestResponse_ShouldSendQop_TestData() [MemberData(nameof(DigestResponse_ShouldSendQop_TestData))] public async Task DigestResponse_ShouldSendQop(string response, string match, string doesNotMatch, int fieldCount) { + // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test dummy credentials.")] NetworkCredential credential = new NetworkCredential("foo", "bar"); AuthenticationHelper.DigestResponse digestResponse = new AuthenticationHelper.DigestResponse(response); HttpRequestMessage request = new HttpRequestMessage(HttpMethod.Get, "http://microsoft.com/"); diff --git a/src/libraries/System.Net.Http/tests/UnitTests/HttpEnvironmentProxyTest.cs b/src/libraries/System.Net.Http/tests/UnitTests/HttpEnvironmentProxyTest.cs index 9d76bfa61b78f9..7edf07a8b9bd76 100644 --- a/src/libraries/System.Net.Http/tests/UnitTests/HttpEnvironmentProxyTest.cs +++ b/src/libraries/System.Net.Http/tests/UnitTests/HttpEnvironmentProxyTest.cs @@ -185,6 +185,7 @@ public void HttpProxy_CredentialParsing_Basic() { IWebProxy p; + // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test dummy credentials.")] Environment.SetEnvironmentVariable("all_proxy", "http://foo:bar@1.1.1.1:3000"); Assert.True(HttpEnvironmentProxy.TryCreate(out p)); Assert.NotNull(p); @@ -197,6 +198,7 @@ public void HttpProxy_CredentialParsing_Basic() Assert.NotNull(p.Credentials); // Use different user for http and https + // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test dummy credentials.")] Environment.SetEnvironmentVariable("https_proxy", "http://foo1:bar1@1.1.1.1:3000"); Assert.True(HttpEnvironmentProxy.TryCreate(out p)); Assert.NotNull(p); @@ -218,6 +220,7 @@ public void HttpProxy_Exceptions_Match() IWebProxy p; Environment.SetEnvironmentVariable("no_proxy", ".test.com,, foo.com"); + // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test dummy credentials.")] Environment.SetEnvironmentVariable("all_proxy", "http://foo:bar@1.1.1.1:3000"); Assert.True(HttpEnvironmentProxy.TryCreate(out p)); Assert.NotNull(p); @@ -242,6 +245,7 @@ public static IEnumerable HttpProxyNoProxyEnvVarMemberData() [MemberData(nameof(HttpProxyNoProxyEnvVarMemberData))] public void HttpProxy_TryCreate_CaseInsensitiveVariables(string proxyEnvVar, string noProxyEnvVar) { + // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test dummy credentials.")] string proxy = "http://foo:bar@1.1.1.1:3000"; var options = new RemoteInvokeOptions(); @@ -275,6 +279,7 @@ public static IEnumerable HttpProxyCgiEnvVarMemberData() public void HttpProxy_TryCreateAndPossibleCgi_HttpProxyUpperCaseDisabledInCgi( string proxyEnvVar, bool cgi, bool expectedProxyUse) { + // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test dummy credentials.")] string proxy = "http://foo:bar@1.1.1.1:3000"; var options = new RemoteInvokeOptions(); diff --git a/src/libraries/System.Net.Mail/tests/Functional/SmtpClientTest.cs b/src/libraries/System.Net.Mail/tests/Functional/SmtpClientTest.cs index ddcb811b8b5c65..502cac85167ac7 100644 --- a/src/libraries/System.Net.Mail/tests/Functional/SmtpClientTest.cs +++ b/src/libraries/System.Net.Mail/tests/Functional/SmtpClientTest.cs @@ -293,6 +293,7 @@ public void TestMailDelivery() { using var server = new LoopbackSmtpServer(); using SmtpClient client = server.CreateClient(); + // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test dummy credentials.")] client.Credentials = new NetworkCredential("Foo", "Bar"); MailMessage msg = new MailMessage("foo@example.com", "bar@example.com", "hello", "howdydoo"); @@ -505,6 +506,7 @@ public async Task SendMail_SendQUITOnDispose(bool asyncSend) using (SmtpClient client = server.CreateClient()) { + // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test dummy credentials.")] client.Credentials = new NetworkCredential("Foo", "Bar"); MailMessage msg = new MailMessage("foo@example.com", "bar@example.com", "hello", "howdydoo"); if (asyncSend) diff --git a/src/libraries/System.Net.Requests/src/System/Net/FtpControlStream.cs b/src/libraries/System.Net.Requests/src/System/Net/FtpControlStream.cs index 3cd68e4ad068b5..bad555c50dfcdd 100644 --- a/src/libraries/System.Net.Requests/src/System/Net/FtpControlStream.cs +++ b/src/libraries/System.Net.Requests/src/System/Net/FtpControlStream.cs @@ -500,6 +500,7 @@ protected override PipelineEntry[] BuildCommandsList(WebRequest req) if (domainUserName.Length == 0 && password.Length == 0) { domainUserName = "anonymous"; + // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test dummy credentials.")] password = "anonymous@"; } diff --git a/src/libraries/System.Net.Requests/src/System/Net/FtpWebRequest.cs b/src/libraries/System.Net.Requests/src/System/Net/FtpWebRequest.cs index de94b5c088de6f..b295345c97d63b 100644 --- a/src/libraries/System.Net.Requests/src/System/Net/FtpWebRequest.cs +++ b/src/libraries/System.Net.Requests/src/System/Net/FtpWebRequest.cs @@ -221,6 +221,7 @@ public sealed class FtpWebRequest : WebRequest private LazyAsyncResult? _readAsyncResult; private LazyAsyncResult? _requestCompleteAsyncResult; + // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test dummy credentials.")] private static readonly NetworkCredential s_defaultFtpNetworkCredential = new NetworkCredential("anonymous", "anonymous@", string.Empty); private const int s_DefaultTimeout = 100000; // 100 seconds private static readonly TimerThread.Queue s_DefaultTimerQueue = TimerThread.GetOrCreateQueue(s_DefaultTimeout); diff --git a/src/libraries/System.Net.WebSockets.Client/tests/ConnectTest.cs b/src/libraries/System.Net.WebSockets.Client/tests/ConnectTest.cs index 20e555143f83dd..7722df14ea31b4 100644 --- a/src/libraries/System.Net.WebSockets.Client/tests/ConnectTest.cs +++ b/src/libraries/System.Net.WebSockets.Client/tests/ConnectTest.cs @@ -215,6 +215,7 @@ await LoopbackServer.CreateClientAndServerAsync(async uri => using (var clientSocket = new ClientWebSocket()) using (var cts = new CancellationTokenSource(TimeOutMilliseconds)) { + // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test dummy authorisation header.")] clientSocket.Options.SetRequestHeader("Authorization", "AWS4-HMAC-SHA256 Credential= AKIAXXXXXXXXXXXYSZA /20190301/us-east-2/neptune-db/aws4_request, SignedHeaders=host;x-amz-date, Signature=b8155de54d9faab00000000000000000000000000a07e0d7dda49902e4d9202"); await clientSocket.ConnectAsync(uri, cts.Token); } diff --git a/src/libraries/System.Private.Uri/tests/ExtendedFunctionalTests/UriRelativeResolutionTest.cs b/src/libraries/System.Private.Uri/tests/ExtendedFunctionalTests/UriRelativeResolutionTest.cs index d1082b049615b1..50617477e0b77e 100644 --- a/src/libraries/System.Private.Uri/tests/ExtendedFunctionalTests/UriRelativeResolutionTest.cs +++ b/src/libraries/System.Private.Uri/tests/ExtendedFunctionalTests/UriRelativeResolutionTest.cs @@ -13,6 +13,7 @@ public class UriRelativeResolutionTest { // See RFC 3986 Section 5.2.2 and 5.4 http://www.ietf.org/rfc/rfc3986.txt + // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test dummy credentials.")] private readonly Uri _fullBaseUri = new Uri("http://user:psw@host:9090/path1/path2/path3/fileA?query#fragment"); [Fact] @@ -386,6 +387,7 @@ public void Uri_Relative_BaseVsSlashTrippleDotSlash_ReturnsSlashTrippleDotSlash( [Fact] public void Uri_Relative_BaseMadeRelativeToSamePath_ReturnsQueryAndFragment() { + // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test dummy credentials.")] Uri compareUri = new Uri("http://user:psw@host:9090/path1/path2/path3/fileA?AQuery#AFragment"); Uri relative = _fullBaseUri.MakeRelativeUri(compareUri); @@ -396,6 +398,7 @@ public void Uri_Relative_BaseMadeRelativeToSamePath_ReturnsQueryAndFragment() [Fact] public void Uri_Relative_BaseMadeRelativeToLastSlash_ReturnsDotSlashPlusQueryAndFragment() { + // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test dummy credentials.")] Uri compareUri = new Uri("http://user:psw@host:9090/path1/path2/path3/?AQuery#AFragment"); Uri relative = _fullBaseUri.MakeRelativeUri(compareUri); Uri reassembled = new Uri(_fullBaseUri, relative); // Symetric @@ -409,6 +412,7 @@ public void Uri_Relative_BaseMadeRelativeToLastSlash_ReturnsDotSlashPlusQueryAnd [Fact] public void Uri_Relative_BaseMadeRelativeToLastSlash_ReturnsDotSlash() { + // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test dummy credentials.")] Uri compareUri = new Uri("http://user:psw@host:9090/path1/path2/path3/"); Uri relative = _fullBaseUri.MakeRelativeUri(compareUri); Uri reassembled = new Uri(_fullBaseUri, relative); // Symetric @@ -421,6 +425,7 @@ public void Uri_Relative_BaseMadeRelativeToLastSlash_ReturnsDotSlash() [Fact] public void Uri_Relative_BaseMadeRelativeToLastSlashWithExtra_ReturnsDotSlashPlusQueryAndFragment() { + // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test dummy credentials.")] Uri compareUri = new Uri("http://user:psw@host:9090/path1/path2/path3/Path4/fileb?AQuery#AFragment"); Uri relative = _fullBaseUri.MakeRelativeUri(compareUri); Uri reassembled = new Uri(_fullBaseUri, relative); // Symetric @@ -433,6 +438,7 @@ public void Uri_Relative_BaseMadeRelativeToLastSlashWithExtra_ReturnsDotSlashPlu [Fact] public void Uri_Relative_BaseMadeRelativeToSecondToLastSlash_ReturnsDoubleDotSlashPlusQueryAndFragment() { + // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test dummy credentials.")] Uri compareUri = new Uri("http://user:psw@host:9090/path1/path2/?AQuery#AFragment"); Uri relative = _fullBaseUri.MakeRelativeUri(compareUri); Uri reassembled = new Uri(_fullBaseUri, relative); // Symetric @@ -445,6 +451,7 @@ public void Uri_Relative_BaseMadeRelativeToSecondToLastSlash_ReturnsDoubleDotSla [Fact] public void Uri_Relative_BaseMadeRelativeToThirdToLastSlash_ReturnsDoubleDoubleDotSlashPlusQueryAndFragment() { + // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test dummy credentials.")] Uri compareUri = new Uri("http://user:psw@host:9090/path1/?AQuery#AFragment"); Uri relative = _fullBaseUri.MakeRelativeUri(compareUri); Uri reassembled = new Uri(_fullBaseUri, relative); // Symetric @@ -457,6 +464,7 @@ public void Uri_Relative_BaseMadeRelativeToThirdToLastSlash_ReturnsDoubleDoubleD [Fact] public void Uri_Relative_BaseMadeRelativeToEmptyPath_ReturnsTrippleDoubleDotSlashPlusQueryAndFragment() { + // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test dummy credentials.")] Uri compareUri = new Uri("http://user:psw@host:9090/?AQuery#AFragment"); Uri relative = _fullBaseUri.MakeRelativeUri(compareUri); Uri reassembled = new Uri(_fullBaseUri, relative); // Symetric diff --git a/src/libraries/System.Private.Uri/tests/FunctionalTests/UriBuilderRefreshTest.cs b/src/libraries/System.Private.Uri/tests/FunctionalTests/UriBuilderRefreshTest.cs index 945691d37c6e99..4f957b75f27bfd 100644 --- a/src/libraries/System.Private.Uri/tests/FunctionalTests/UriBuilderRefreshTest.cs +++ b/src/libraries/System.Private.Uri/tests/FunctionalTests/UriBuilderRefreshTest.cs @@ -8,6 +8,7 @@ namespace System.PrivateUri.Tests { public class UriBuilderRefreshTest { + // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test dummy credentials.")] private static readonly Uri s_starterUri = new Uri("http://user:psw@host:9090/path/file.txt?query#fragment"); [Fact] diff --git a/src/libraries/System.Private.Uri/tests/FunctionalTests/UriBuilderTests.cs b/src/libraries/System.Private.Uri/tests/FunctionalTests/UriBuilderTests.cs index 7939295cb430cc..8b1390a49a15da 100644 --- a/src/libraries/System.Private.Uri/tests/FunctionalTests/UriBuilderTests.cs +++ b/src/libraries/System.Private.Uri/tests/FunctionalTests/UriBuilderTests.cs @@ -215,6 +215,7 @@ public void UserName_Get_Set(string value, string expected) [InlineData(null, "")] public void Password_Get_Set(string value, string expected) { + // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test dummy credentials.")] var uriBuilder = new UriBuilder("http://userinfo1:userinfo2@domain/path?query#fragment"); uriBuilder.Password = value; Assert.Equal(expected, uriBuilder.Password); @@ -324,12 +325,19 @@ public static IEnumerable Equals_TestData() yield return new object[] { new UriBuilder(), new UriBuilder(), true }; yield return new object[] { new UriBuilder(), null, false }; + // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test dummy credentials.")] yield return new object[] { new UriBuilder("http://username:password@domain.com:80/path/file?query#fragment"), new UriBuilder("http://username:password@domain.com:80/path/file?query#fragment"), true }; + // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test dummy credentials.")] yield return new object[] { new UriBuilder("http://username:password@domain.com:80/path/file?query#fragment"), new UriBuilder("http://domain.com:80/path/file?query#fragment"), true }; // Ignores userinfo + // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test dummy credentials.")] yield return new object[] { new UriBuilder("http://username:password@domain.com:80/path/file?query#fragment"), new UriBuilder("http://username:password@domain.com:80/path/file?query#fragment2"), true }; // Ignores fragment + // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test dummy credentials.")] yield return new object[] { new UriBuilder("http://username:password@domain.com:80/path/file?query#fragment"), new UriBuilder("http://username:password@host.com:80/path/file?query#fragment"), false }; + // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test dummy credentials.")] yield return new object[] { new UriBuilder("http://username:password@domain.com:80/path/file?query#fragment"), new UriBuilder("http://username:password@domain.com:90/path/file?query#fragment"), false }; + // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test dummy credentials.")] yield return new object[] { new UriBuilder("http://username:password@domain.com:80/path/file?query#fragment"), new UriBuilder("http://username:password@domain.com:80/path2/file?query#fragment"), false }; + // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test dummy credentials.")] yield return new object[] { new UriBuilder("http://username:password@domain.com:80/path/file?query#fragment"), new UriBuilder("http://username:password@domain.com:80/path/file?query2#fragment"), false }; yield return new object[] { new UriBuilder("unknown:"), new UriBuilder("unknown:"), true }; diff --git a/src/libraries/System.Private.Uri/tests/FunctionalTests/UriRelativeResolutionTest.cs b/src/libraries/System.Private.Uri/tests/FunctionalTests/UriRelativeResolutionTest.cs index fc96d188eb932a..2142d71f3481b0 100644 --- a/src/libraries/System.Private.Uri/tests/FunctionalTests/UriRelativeResolutionTest.cs +++ b/src/libraries/System.Private.Uri/tests/FunctionalTests/UriRelativeResolutionTest.cs @@ -17,14 +17,18 @@ public class UriRelativeResolutionTest { // See RFC 3986 Section 5.2.2 and 5.4 http://www.ietf.org/rfc/rfc3986.txt + // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test dummy credentials.")] private readonly Uri _fullBaseUri = new Uri("http://user:psw@host:9090/path1/path2/path3/fileA?query#fragment"); + // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test dummy credentials.")] private const string FullBaseUriGetLeftPart_Path = "http://user:psw@host:9090/path1/path2/path3/fileA"; + // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test dummy credentials.")] private const string FullBaseUriGetLeftPart_Authority = "http://user:psw@host:9090"; + // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test dummy credentials.")] private const string FullBaseUriGetLeftPart_Query = "http://user:psw@host:9090/path1/path2/path3/fileA?query"; [Fact] public void Uri_Relative_BaseVsAbsolute_ReturnsFullAbsolute() - { + { string absolute = "http://username:password@hostname:8080/p1/p2/p3/p4/file1?AQuery#TheFragment"; Uri resolved = new Uri(_fullBaseUri, absolute); @@ -526,6 +530,7 @@ public void Uri_Relative_BaseVsSlashTrippleDotSlash_ReturnsSlashTrippleDotSlash( [Fact] public void Uri_Relative_BaseMadeRelativeToSamePath_ReturnsQueryAndFragment() { + // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test dummy credentials.")] Uri compareUri = new Uri("http://user:psw@host:9090/path1/path2/path3/fileA?AQuery#AFragment"); Uri relative = _fullBaseUri.MakeRelativeUri(compareUri); @@ -536,6 +541,7 @@ public void Uri_Relative_BaseMadeRelativeToSamePath_ReturnsQueryAndFragment() [Fact] public void Uri_Relative_BaseMadeRelativeToLastSlash_ReturnsDotSlashPlusQueryAndFragment() { + // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test dummy credentials.")] Uri compareUri = new Uri("http://user:psw@host:9090/path1/path2/path3/?AQuery#AFragment"); Uri relative = _fullBaseUri.MakeRelativeUri(compareUri); Uri reassembled = new Uri(_fullBaseUri, relative); // Symetric @@ -549,6 +555,7 @@ public void Uri_Relative_BaseMadeRelativeToLastSlash_ReturnsDotSlashPlusQueryAnd [Fact] public void Uri_Relative_BaseMadeRelativeToLastSlash_ReturnsDotSlash() { + // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test dummy credentials.")] Uri compareUri = new Uri("http://user:psw@host:9090/path1/path2/path3/"); Uri relative = _fullBaseUri.MakeRelativeUri(compareUri); Uri reassembled = new Uri(_fullBaseUri, relative); // Symetric @@ -561,6 +568,7 @@ public void Uri_Relative_BaseMadeRelativeToLastSlash_ReturnsDotSlash() [Fact] public void Uri_Relative_BaseMadeRelativeToLastSlashWithExtra_ReturnsDotSlashPlusQueryAndFragment() { + // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test dummy credentials.")] Uri compareUri = new Uri("http://user:psw@host:9090/path1/path2/path3/Path4/fileb?AQuery#AFragment"); Uri relative = _fullBaseUri.MakeRelativeUri(compareUri); Uri reassembled = new Uri(_fullBaseUri, relative); // Symetric @@ -573,6 +581,7 @@ public void Uri_Relative_BaseMadeRelativeToLastSlashWithExtra_ReturnsDotSlashPlu [Fact] public void Uri_Relative_BaseMadeRelativeToSecondToLastSlash_ReturnsDoubleDotSlashPlusQueryAndFragment() { + // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test dummy credentials.")] Uri compareUri = new Uri("http://user:psw@host:9090/path1/path2/?AQuery#AFragment"); Uri relative = _fullBaseUri.MakeRelativeUri(compareUri); Uri reassembled = new Uri(_fullBaseUri, relative); // Symetric @@ -585,6 +594,7 @@ public void Uri_Relative_BaseMadeRelativeToSecondToLastSlash_ReturnsDoubleDotSla [Fact] public void Uri_Relative_BaseMadeRelativeToThirdToLastSlash_ReturnsDoubleDoubleDotSlashPlusQueryAndFragment() { + // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test dummy credentials.")] Uri compareUri = new Uri("http://user:psw@host:9090/path1/?AQuery#AFragment"); Uri relative = _fullBaseUri.MakeRelativeUri(compareUri); Uri reassembled = new Uri(_fullBaseUri, relative); // Symetric @@ -597,6 +607,7 @@ public void Uri_Relative_BaseMadeRelativeToThirdToLastSlash_ReturnsDoubleDoubleD [Fact] public void Uri_Relative_BaseMadeRelativeToEmptyPath_ReturnsTrippleDoubleDotSlashPlusQueryAndFragment() { + // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test dummy credentials.")] Uri compareUri = new Uri("http://user:psw@host:9090/?AQuery#AFragment"); Uri relative = _fullBaseUri.MakeRelativeUri(compareUri); Uri reassembled = new Uri(_fullBaseUri, relative); // Symetric diff --git a/src/libraries/System.Runtime/tests/System/Uri.CreateStringTests.cs b/src/libraries/System.Runtime/tests/System/Uri.CreateStringTests.cs index eda4e43dfb65e3..2c0c174d15b158 100644 --- a/src/libraries/System.Runtime/tests/System/Uri.CreateStringTests.cs +++ b/src/libraries/System.Runtime/tests/System/Uri.CreateStringTests.cs @@ -121,7 +121,9 @@ public static IEnumerable Scheme_Authority_TestData() yield return new object[] { "http://@host:90#fragment", "http", "", "host", UriHostNameType.Dns, 90, false, false }; yield return new object[] { "http://userinfo@host:90#fragment", "http", "userinfo", "host", UriHostNameType.Dns, 90, false, false }; yield return new object[] { "http://userinfo@host#fragment", "http", "userinfo", "host", UriHostNameType.Dns, 80, true, false }; + // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test dummy credentials.")] yield return new object[] { "http://user:password@host", "http", "user:password", "host", UriHostNameType.Dns, 80, true, false }; + // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test dummy credentials.")] yield return new object[] { "http://user:80@host:90", "http", "user:80", "host", UriHostNameType.Dns, 90, false, false }; yield return new object[] { "http://host:0", "http", "", "host", UriHostNameType.Dns, 0, false, false }; yield return new object[] { "http://host:80", "http", "", "host", UriHostNameType.Dns, 80, true, false }; @@ -363,6 +365,7 @@ public static IEnumerable Scheme_Authority_TestData() yield return new object[] { "telnet://host/", "telnet", "", "host", UriHostNameType.Dns, 23, true, false }; yield return new object[] { "telnet://host:80", "telnet", "", "host", UriHostNameType.Dns, 80, false, false }; yield return new object[] { "telnet://userinfo@host/", "telnet", "userinfo", "host", UriHostNameType.Dns, 23, true, false }; + // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test dummy credentials.")] yield return new object[] { "telnet://username:password@host/", "telnet", "username:password", "host", UriHostNameType.Dns, 23, true, false }; yield return new object[] { "telnet://host?query#fragment", "telnet", "", "host", UriHostNameType.Dns, 23, true, false }; yield return new object[] { "telnet://host#fragment", "telnet", "", "host", UriHostNameType.Dns, 23, true, false }; @@ -424,6 +427,7 @@ public static IEnumerable Scheme_Authority_TestData() yield return new object[] { "http://abc\u1234\u2345\u3456@host/", "http", "abc%E1%88%B4%E2%8D%85%E3%91%96", "host", UriHostNameType.Dns, 80, true, false }; yield return new object[] { "http://\u1234abc\u2345\u3456@host/", "http", "%E1%88%B4abc%E2%8D%85%E3%91%96", "host", UriHostNameType.Dns, 80, true, false }; yield return new object[] { "http://\u1234\u2345\u3456abc@host/", "http", "%E1%88%B4%E2%8D%85%E3%91%96abc", "host", UriHostNameType.Dns, 80, true, false }; + // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test dummy credentials.")] yield return new object[] { "http://userinfo!~+-_*()[]:;&$=123USERINFO@host/", "http", "userinfo!~+-_*()[]:;&$=123USERINFO", "host", UriHostNameType.Dns, 80, true, false }; yield return new object[] { "http://%68%65%6C%6C%6F@host/", "http", "hello", "host", UriHostNameType.Dns, 80, true, false }; yield return new object[] { "http://\u00A3@host/", "http", "%C2%A3", "host", UriHostNameType.Dns, 80, true, false }; diff --git a/src/libraries/System.Security.Cryptography.Algorithms/tests/Rfc2898Tests.cs b/src/libraries/System.Security.Cryptography.Algorithms/tests/Rfc2898Tests.cs index c1d89620d93eba..a3950d255e4c42 100644 --- a/src/libraries/System.Security.Cryptography.Algorithms/tests/Rfc2898Tests.cs +++ b/src/libraries/System.Security.Cryptography.Algorithms/tests/Rfc2898Tests.cs @@ -501,6 +501,7 @@ private static IEnumerable GetKnownValuesTestCases() { CaseName = "SHA256 alternate", HashAlgorithmName = "SHA256", + // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test dummy credentials.")] Password = "abcdefghij", Salt = ascii.GetBytes("abcdefghij"), IterationCount = 1, @@ -515,6 +516,7 @@ private static IEnumerable GetKnownValuesTestCases() { CaseName = "SHA384 alternate", HashAlgorithmName = "SHA384", + // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test dummy credentials.")] Password = "abcdefghij", Salt = ascii.GetBytes("abcdefghij"), IterationCount = 1, @@ -529,6 +531,7 @@ private static IEnumerable GetKnownValuesTestCases() { CaseName = "SHA512 alternate", HashAlgorithmName = "SHA512", + // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test dummy credentials.")] Password = "abcdefghij", Salt = ascii.GetBytes("abcdefghij"), IterationCount = 1, diff --git a/src/libraries/System.Security.Cryptography.Pkcs/tests/Pkcs12/Pkcs12Documents.cs b/src/libraries/System.Security.Cryptography.Pkcs/tests/Pkcs12/Pkcs12Documents.cs index 57128eb6a3f150..64f393250b5458 100644 --- a/src/libraries/System.Security.Cryptography.Pkcs/tests/Pkcs12/Pkcs12Documents.cs +++ b/src/libraries/System.Security.Cryptography.Pkcs/tests/Pkcs12/Pkcs12Documents.cs @@ -137,6 +137,7 @@ internal static class Pkcs12Documents "21300906052B0E03021A050004148B12EE39C54B03EF4C1B0C2D8A3A9624D629" + "285A0408E398C69C57E4782102020400").HexToByteArray(); + // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test dummy credentials.")] internal const string OracleWalletPassword = "123Wallet"; } } diff --git a/src/libraries/System.Security.Cryptography.X509Certificates/tests/ExportTests.cs b/src/libraries/System.Security.Cryptography.X509Certificates/tests/ExportTests.cs index 30a1b19bb6893b..6a4b154a50cdd1 100644 --- a/src/libraries/System.Security.Cryptography.X509Certificates/tests/ExportTests.cs +++ b/src/libraries/System.Security.Cryptography.X509Certificates/tests/ExportTests.cs @@ -66,6 +66,7 @@ public static void ExportAsPfx() [Fact] public static void ExportAsPfxWithPassword() { + // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test dummy credentials.")] const string password = "Cotton"; using (X509Certificate2 c1 = new X509Certificate2(TestData.MsCertificate)) @@ -84,6 +85,7 @@ public static void ExportAsPfxWithPassword() [Fact] public static void ExportAsPfxVerifyPassword() { + // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test dummy credentials.")] const string password = "Cotton"; using (X509Certificate2 c1 = new X509Certificate2(TestData.MsCertificate)) @@ -100,6 +102,7 @@ public static void ExportAsPfxWithPrivateKeyVerifyPassword() { Assert.True(cert.HasPrivateKey, "cert.HasPrivateKey"); + // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test dummy credentials.")] const string password = "Cotton"; byte[] pfx = cert.Export(X509ContentType.Pkcs12, password); diff --git a/src/libraries/System.Security.Cryptography.Xml/tests/EncryptedXmlTest.cs b/src/libraries/System.Security.Cryptography.Xml/tests/EncryptedXmlTest.cs index e20ab891c0901a..6e21de2067b47e 100644 --- a/src/libraries/System.Security.Cryptography.Xml/tests/EncryptedXmlTest.cs +++ b/src/libraries/System.Security.Cryptography.Xml/tests/EncryptedXmlTest.cs @@ -145,6 +145,7 @@ public void Sample2() { aes.Mode = CipherMode.CBC; aes.KeySize = 256; + // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test dummy credentials.")] aes.Key = Convert.FromBase64String("o/ilseZu+keLBBWGGPlUHweqxIPc4gzZEFWr2nBt640="); aes.Padding = PaddingMode.Zeros; @@ -177,6 +178,7 @@ public void RoundtripSample1() aes.Mode = CipherMode.CBC; aes.KeySize = 256; aes.IV = Convert.FromBase64String("pBUM5P03rZ6AE4ZK5EyBrw=="); + // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test dummy credentials.")] aes.Key = Convert.FromBase64String("o/ilseZu+keLBBWGGPlUHweqxIPc4gzZEFWr2nBt640="); aes.Padding = PaddingMode.Zeros; @@ -207,8 +209,8 @@ public void RoundtripSample1() { aes.Mode = CipherMode.CBC; aes.KeySize = 256; - aes.Key = Convert.FromBase64String( - "o/ilseZu+keLBBWGGPlUHweqxIPc4gzZEFWr2nBt640="); + // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test dummy credentials.")] + aes.Key = Convert.FromBase64String("o/ilseZu+keLBBWGGPlUHweqxIPc4gzZEFWr2nBt640="); aes.Padding = PaddingMode.Zeros; XmlDocument doc = new XmlDocument(); diff --git a/src/libraries/System.Security.Cryptography.Xml/tests/SignedXmlTest.cs b/src/libraries/System.Security.Cryptography.Xml/tests/SignedXmlTest.cs index 844225413bc388..4317167154ff94 100644 --- a/src/libraries/System.Security.Cryptography.Xml/tests/SignedXmlTest.cs +++ b/src/libraries/System.Security.Cryptography.Xml/tests/SignedXmlTest.cs @@ -661,6 +661,7 @@ public void DigestValue_CRLF() Assert.Equal("IKbfdK2/DMfXyezCf5QggVCXfk8=", Convert.ToBase64String(digest)); + // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test dummy credentials.")] X509Certificate2 cert = new X509Certificate2(_pkcs12, "mono"); SignedXml signedXml = new SignedXml(doc); signedXml.SigningKey = cert.PrivateKey; @@ -720,6 +721,7 @@ public void DigestValue_LF() Assert.Equal("e3dsi1xK8FAx1vsug7J203JbEAU=", Convert.ToBase64String(digest)); + // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test dummy credentials.")] X509Certificate2 cert = new X509Certificate2(_pkcs12, "mono"); SignedXml signedXml = new SignedXml(doc); signedXml.SigningKey = cert.PrivateKey; @@ -762,6 +764,7 @@ public void DigestValue_LF() [Fact] public void SignedXML_CRLF_Invalid() { + // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test dummy credentials.")] X509Certificate2 cert = new X509Certificate2(_pkcs12, "mono"); XmlDocument doc = new XmlDocument(); @@ -825,6 +828,7 @@ public void SignedXML_CRLF_Invalid() [Fact] public void SignedXML_CRLF_Valid() { + // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test dummy credentials.")] X509Certificate2 cert = new X509Certificate2(_pkcs12, "mono"); XmlDocument doc = CreateSignedXml(cert, SignedXml.XmlDsigExcC14NTransformUrl, "\r\n"); @@ -882,6 +886,7 @@ public void SignedXML_CRLF_Valid() [Fact] public void SignedXML_LF_Valid() { + // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test dummy credentials.")] X509Certificate2 cert = new X509Certificate2(_pkcs12, "mono"); XmlDocument doc = CreateSignedXml(cert, SignedXml.XmlDsigExcC14NTransformUrl, "\n"); @@ -940,6 +945,7 @@ public void SignedXML_LF_Valid() public void MultipleX509Certificates() { XmlDocument doc = null; + // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test dummy credentials.")] X509Certificate2 cert = new X509Certificate2(_pkcs12, "mono"); doc = CreateSignedXml(cert, SignedXml.XmlDsigExcC14NTransformUrl, "\n"); diff --git a/src/libraries/System.Security.Cryptography.Xml/tests/TestHelpers.cs b/src/libraries/System.Security.Cryptography.Xml/tests/TestHelpers.cs index 266bbfefd4234f..145d9e51c55159 100644 --- a/src/libraries/System.Security.Cryptography.Xml/tests/TestHelpers.cs +++ b/src/libraries/System.Security.Cryptography.Xml/tests/TestHelpers.cs @@ -186,10 +186,12 @@ public static IEnumerable GetSymmetricAlgorithms(bool } private static readonly byte[] SamplePfx = Convert.FromBase64String( + // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test dummy certificate.")] @"MIIFpQIBAzCCBV8GCSqGSIb3DQEHAaCCBVAEggVMMIIFSDCCAl8GCSqGSIb3DQEHBqCCAlAwggJMAgEAMIICRQYJKoZIhvcNAQcBMBwGCiqGSIb3DQEMAQMwDgQIGTfVa4+vR1UCAgfQgIICGJuFE9alFWJFkaoeewKDIEnVwRxXfMsi8dcySYnp7jljEUQBfW/GIbOf7Lg2nHd0qxvxYI2YL4Zs+d0jWbqfNHamGFCMPe1dK957Z2PsKXR183vMSgnmlLAHktsIN+Gor7q1GbQ4ljfZkGqZ/rkgUsgsSYZSnJevP/uH0VnvxemljVJ7N7gKMYO0aqrca4qJ0O4YxBYyaerPFUOYunQlvk6DOF3SQXza5oFKcPGrSpE/9eQrnmm64BtbdnUE6qqEjfZfNa6MOD3vOnapLUBsel2TtVCu8tEl7I8FGxozTLXVTXOBkL3k7xLRS52ZtpbcU2JIhlDGpxeFXmjKYzdzHoL20iJubfdkUYtHwB0XjBKKLcI7jfgGgjNauaTLAx8FF+5O9s7Zbj2+SKWv56kqAwdX+iH21VgjAN9EByIXHb3p2ZOvy4ONDXTmfSn7jbuPLZTi+u6bxn2JOLf/gjEA8FiCuQDL9gF247bnUq08Z1uzuAUeaPL13U8mxwEuvCOXx5NEQIuf3cusnaH4+7uIhPk5tnfA5XOaABySetRjZhVN5dC5/g3KTwmaDamlW3Y7Az/NzAC4uKa2ny5jwYKBgHviEKOyJfLDKr5fOMRToOfgxvAdXZohQQTE1+TcBjp+eeV5koDfB1ReCKIRHugPZu5j9SCVcYanwFeJ5M4cEHZ9U1Ytsmzjh0fwV17D/hxQ4aS4VwVpOMypMIIC4QYJKoZIhvcNAQcBoIIC0gSCAs4wggLKMIICxgYLKoZIhvcNAQwKAQKgggKeMIICmjAcBgoqhkiG9w0BDAEDMA4ECBRdKqx022cfAgIH0ASCAnjZx9fvPCHizdH6apVzWWmfy/84HvDPjFOUV1TPehTnDPkNpF/uK/ya4jlbl4Kw0Zfknt5Xydl89SMXIWa2q+nWmxyG3XyfGqOAeBfJBSdCF5K3qkZZnzEfraKZZ5Hh8IEmK+ey45O6sltua6Xl5MRBmKLiwma7vX4ihXQTMfb0WlWDYCXZi85OeF0OlUjRWAwz4PeeiBK4nmI/vNmF1EzDVdZGkrrE8mot3Y4z6bvwqip2tUUbHuMnC+/1ikAcJzCOw4NpnEWCRtIJxgJ9es8E8CUfHESnWKe4nh6tJVJ15B8/7oF7N6j7oq4Oj346JthKoWWkzifNaH79A60/uFh08Rv7zrtJf6kedY6Ve2bR5lhWn0cv9Q6IaoqTmKKTmKJnjdQO9lKRCR6iI2OsYtXBropD8xhNNqsyfpNmP0G6wFiEZZxZjWOkZEJLUzFbH+Su+7l2l4FN9sM7k211/l3/3YF1QJHwZsgL98DZL4qE+nkuZQcdtOUx8QTyTOcVb3IzgCAwZm0rgdXQpJ9yRBgOC/6MnqaCPI0jJuavXF/a28GJWWGlazx7SWTrbzNVJ83ZhQ+pfPEPtMi3t0YVLLvapu3otgpiMkv4ew/ssXwYbg6xBWfotK+NG1cPwVFy9/V9+H5dpdvRI/le2QG0F5xCfCeKh/3AuNiMPEGoVUR5kj5cwFK6eskvt/+74ZenxfNPZ2Uttiw8DsqtTx1gxhcSZeU5YWpO7O78RaYE4Ll4kPbbvIaR18Napb6NKP846z02zvaw+feXARLe0HUY58TlmUjSX3MZRK4PEdyMIQ/URyPimj4rImaDfFrKPAHIjqT3EKv+KuNs8TEVMBMGCSqGSIb3DQEJFTEGBAQBAAAAMD0wITAJBgUrDgMCGgUABBRZOo132cuo2zNyy+SH2c+pN4OGmQQU2nQao3je7DTj2G6Gge8pooPf2ncCAgfQ"); public static X509Certificate2 GetSampleX509Certificate() { + // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test dummy credentials.")] return new X509Certificate2(SamplePfx, "mono"); } From e838ec39fcf5d33a473aff98a28d08ccda81aeff Mon Sep 17 00:00:00 2001 From: Jan Jahoda Date: Thu, 18 Jun 2020 15:40:01 +0200 Subject: [PATCH 3/9] Clean up --- .../System/Net/Http/HttpClientHandlerTest.Authentication.cs | 2 -- .../Cryptography/AlgorithmImplementations/DSA/DSAKeyPemTests.cs | 2 +- .../tests/FunctionalTests/UriRelativeResolutionTest.cs | 2 +- 3 files changed, 2 insertions(+), 4 deletions(-) diff --git a/src/libraries/Common/tests/System/Net/Http/HttpClientHandlerTest.Authentication.cs b/src/libraries/Common/tests/System/Net/Http/HttpClientHandlerTest.Authentication.cs index cbb9f692ff9118..84de16add67f2c 100644 --- a/src/libraries/Common/tests/System/Net/Http/HttpClientHandlerTest.Authentication.cs +++ b/src/libraries/Common/tests/System/Net/Http/HttpClientHandlerTest.Authentication.cs @@ -137,8 +137,6 @@ await LoopbackServer.CreateServerAsync(async (server, url) => HttpClientHandler handler = CreateHttpClientHandler(); Task serverTask = server.AcceptConnectionPerformAuthenticationAndCloseAsync(authenticateHeader); - // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test dummy credentials.")] - var credentials = new NetworkCredential("wronguser", "wrongpassword"); await TestHelper.WhenAllCompletedOrAnyFailed(CreateAndValidateRequest(handler, url, HttpStatusCode.Unauthorized, credentials), serverTask); }, options); } diff --git a/src/libraries/Common/tests/System/Security/Cryptography/AlgorithmImplementations/DSA/DSAKeyPemTests.cs b/src/libraries/Common/tests/System/Security/Cryptography/AlgorithmImplementations/DSA/DSAKeyPemTests.cs index fae449c12e69b6..6029383756cacb 100644 --- a/src/libraries/Common/tests/System/Security/Cryptography/AlgorithmImplementations/DSA/DSAKeyPemTests.cs +++ b/src/libraries/Common/tests/System/Security/Cryptography/AlgorithmImplementations/DSA/DSAKeyPemTests.cs @@ -29,7 +29,7 @@ public static void ImportFromPem_NoPem() public static void ImportFromPem_Pkcs8UnEncrypted_Simple() { using (DSA dsa = DSAFactory.Create()) - { + { string pem = @" -----BEGIN PRIVATE KEY----- MIHGAgEAMIGoBgcqhkjOOAQBMIGcAkEA1qi38cr3ppZNB2Y/xpHSL2q81Vw3rvWN diff --git a/src/libraries/System.Private.Uri/tests/FunctionalTests/UriRelativeResolutionTest.cs b/src/libraries/System.Private.Uri/tests/FunctionalTests/UriRelativeResolutionTest.cs index 2142d71f3481b0..8555ffb5fe9ff8 100644 --- a/src/libraries/System.Private.Uri/tests/FunctionalTests/UriRelativeResolutionTest.cs +++ b/src/libraries/System.Private.Uri/tests/FunctionalTests/UriRelativeResolutionTest.cs @@ -28,7 +28,7 @@ public class UriRelativeResolutionTest [Fact] public void Uri_Relative_BaseVsAbsolute_ReturnsFullAbsolute() - { + { string absolute = "http://username:password@hostname:8080/p1/p2/p3/p4/file1?AQuery#TheFragment"; Uri resolved = new Uri(_fullBaseUri, absolute); From c371aae4946a49cae48d79eb4f9ada87b4755fed Mon Sep 17 00:00:00 2001 From: Jan Jahoda Date: Thu, 25 Jun 2020 14:58:31 +0200 Subject: [PATCH 4/9] Another bunch of supresses --- .config/CredScanSuppressions.json | 36 +------------------ .../DSA/DSAKeyPemTests.cs | 8 +++++ .../EC/ECKeyFileTests.cs | 1 + .../EC/ECKeyPemTests.cs | 6 ++++ .../RSA/RSAKeyFileTests.cs | 3 ++ .../RSA/RSAKeyPemTests.cs | 15 +++++++- 6 files changed, 33 insertions(+), 36 deletions(-) diff --git a/.config/CredScanSuppressions.json b/.config/CredScanSuppressions.json index da14baee20e321..98370c3d1c0b50 100644 --- a/.config/CredScanSuppressions.json +++ b/.config/CredScanSuppressions.json @@ -3,45 +3,11 @@ "suppressions": [ { "file": [ - "/eng/common/internal-feed-operations.ps1", - "/eng/common/internal-feed-operations.sh", - "/src/libraries/Common/src/Interop/Windows/WinHttp/Interop.winhttp_types.cs", "/src/libraries/Common/src/System/Security/Cryptography/EccSecurityTransforms.cs", - "/src/libraries/Common/tests/System/Net/Configuration.Certificates.cs", - "/src/libraries/Common/tests/System/Net/Http/HttpClientHandlerTest.Authentication.cs", - "/src/libraries/Common/tests/System/Net/Http/HttpClientHandlerTest.cs", - "/src/libraries/Common/tests/System/Net/Http/HttpClientHandlerTest.DefaultProxyCredentials.cs", - "/src/libraries/Common/tests/System/Net/Http/HttpClientHandlerTest.Proxy.cs", - "/src/libraries/Common/tests/System/Net/Http/HttpClientHandlerTest.ServerCertificates.cs", - "/src/libraries/Common/tests/System/Net/Http/PostScenarioTest.cs", - "/src/libraries/Common/tests/System/Net/Prerequisites/Deployment/setup_certificates.ps1", "/src/libraries/Common/tests/System/Security/Cryptography/AlgorithmImplementations/EC/ECKeyFileTests.cs", "/src/libraries/Common/tests/System/Security/Cryptography/AlgorithmImplementations/EC/ECKeyFileTests.LimitedPrivate.cs", "/src/libraries/Common/tests/System/Security/Cryptography/AlgorithmImplementations/RSA/RSAKeyFileTests.cs", - "/src/libraries/Common/tests/System/Security/Cryptography/AlgorithmImplementations/RSA/RSAKeyPemTests.cs", - "/src/libraries/System.Data.Common/tests/System/Data/Common/DbConnectionStringBuilderTest.cs", - "/src/libraries/System.Diagnostics.Process/tests/ProcessStartInfoTests.cs", - "/src/libraries/System.DirectoryServices.AccountManagement/src/System/DirectoryServices/AccountManagement/constants.cs", - "/src/libraries/System.DirectoryServices.AccountManagement/tests/PrincipalTest.cs", - "/src/libraries/System.DirectoryServices.AccountManagement/tests/UserPrincipalTest.cs", - "/src/libraries/System.Net.Http/tests/FunctionalTests/SocketsHttpHandlerTest.cs", - "/src/libraries/System.Net.Http/tests/UnitTests/DigestAuthenticationTests.cs", - "/src/libraries/System.Net.Http/tests/UnitTests/HttpEnvironmentProxyTest.cs", - "/src/libraries/System.Net.Mail/tests/Functional/SmtpClientTest.cs", - "/src/libraries/System.Net.Requests/src/System/Net/FtpControlStream.cs", - "/src/libraries/System.Net.Requests/src/System/Net/FtpWebRequest.cs", - "/src/libraries/System.Net.WebSockets.Client/tests/ConnectTest.cs", - "/src/libraries/System.Private.Uri/tests/ExtendedFunctionalTests/UriRelativeResolutionTest.cs", - "/src/libraries/System.Private.Uri/tests/FunctionalTests/UriBuilderRefreshTest.cs", - "/src/libraries/System.Private.Uri/tests/FunctionalTests/UriBuilderTests.cs", - "/src/libraries/System.Private.Uri/tests/FunctionalTests/UriRelativeResolutionTest.cs", - "/src/libraries/System.Runtime/tests/System/Uri.CreateStringTests.cs", - "/src/libraries/System.Security.Cryptography.Algorithms/tests/Rfc2898Tests.cs", - "/src/libraries/System.Security.Cryptography.Pkcs/tests/Pkcs12/Pkcs12Documents.cs", - "/src/libraries/System.Security.Cryptography.X509Certificates/tests/ExportTests.cs", - "/src/libraries/System.Security.Cryptography.Xml/tests/EncryptedXmlTest.cs", - "/src/libraries/System.Security.Cryptography.Xml/tests/SignedXmlTest.cs", - "/src/libraries/System.Security.Cryptography.Xml/tests/TestHelpers.cs" + "/src/libraries/Common/tests/System/Security/Cryptography/AlgorithmImplementations/RSA/RSAKeyPemTests.cs" ], "_justification": "Mostly test files. Other files contain harmless examples or constants." }, diff --git a/src/libraries/Common/tests/System/Security/Cryptography/AlgorithmImplementations/DSA/DSAKeyPemTests.cs b/src/libraries/Common/tests/System/Security/Cryptography/AlgorithmImplementations/DSA/DSAKeyPemTests.cs index 6029383756cacb..b7a7005f33bb73 100644 --- a/src/libraries/Common/tests/System/Security/Cryptography/AlgorithmImplementations/DSA/DSAKeyPemTests.cs +++ b/src/libraries/Common/tests/System/Security/Cryptography/AlgorithmImplementations/DSA/DSAKeyPemTests.cs @@ -30,6 +30,7 @@ public static void ImportFromPem_Pkcs8UnEncrypted_Simple() { using (DSA dsa = DSAFactory.Create()) { + // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test dummy certificate.")] string pem = @" -----BEGIN PRIVATE KEY----- MIHGAgEAMIGoBgcqhkjOOAQBMIGcAkEA1qi38cr3ppZNB2Y/xpHSL2q81Vw3rvWN @@ -50,6 +51,7 @@ public static void ImportFromPem_Pkcs8UnEncrypted_IgnoresUnrelatedAlgorithm() { using (DSA dsa = DSAFactory.Create()) { + // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test dummy certificate.")] string pem = @" -----BEGIN EC PRIVATE KEY----- MHcCAQEEIHChLC2xaEXtVv9oz8IaRys/BNfWhRv2NJ8tfVs0UrOKoAoGCCqGSM49 @@ -75,6 +77,7 @@ public static void ImportFromPem_Pkcs8_UnrelatedPrecedingPem() { using (DSA dsa = DSAFactory.Create()) { + // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test dummy certificate.")] string pem = @" -----BEGIN CERTIFICATE----- MII= @@ -98,6 +101,7 @@ public static void ImportFromPem_Pkcs8_PrecedingMalformedPem() { using (DSA dsa = DSAFactory.Create()) { + // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test dummy certificate.")] string pem = @" -----BEGIN CERTIFICATE----- $$$ BAD PEM @@ -142,6 +146,7 @@ public static void ImportFromPem_Pkcs8_AmbiguousKey_Pkcs8() { using (DSA dsa = DSAFactory.Create()) { + // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test dummy certificate.")] string pem = @" -----BEGIN PRIVATE KEY----- MIHGAgEAMIGoBgcqhkjOOAQBMIGcAkEA1qi38cr3ppZNB2Y/xpHSL2q81Vw3rvWN @@ -167,6 +172,7 @@ public static void ImportFromPem_Pkcs8_AmbiguousKey_Spki() { using (DSA dsa = DSAFactory.Create()) { + // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test dummy certificate.")] string pem = @" -----BEGIN PUBLIC KEY----- MIHxMIGoBgcqhkjOOAQBMIGcAkEA1qi38cr3ppZNB2Y/xpHSL2q81Vw3rvWNIHRn @@ -193,6 +199,7 @@ public static void ImportFromPem_Pkcs8_AmbiguousKey_EncryptedPkcs8() { using (DSA dsa = DSAFactory.Create()) { + // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test dummy certificate.")] string pem = @" -----BEGIN ENCRYPTED PRIVATE KEY----- MIIBIDBLBgkqhkiG9w0BBQ0wPjApBgkqhkiG9w0BBQwwHAQIkM/kCKe6rYsCAggA @@ -356,6 +363,7 @@ public static void ImportFromEncryptedPem_Pkcs8_NoEncryptedPem() { using (DSA dsa = DSAFactory.Create()) { + // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test dummy certificate.")] string pem = @" -----BEGIN PRIVATE KEY----- MIHGAgEAMIGoBgcqhkjOOAQBMIGcAkEA1qi38cr3ppZNB2Y/xpHSL2q81Vw3rvWN diff --git a/src/libraries/Common/tests/System/Security/Cryptography/AlgorithmImplementations/EC/ECKeyFileTests.cs b/src/libraries/Common/tests/System/Security/Cryptography/AlgorithmImplementations/EC/ECKeyFileTests.cs index 80b0d5adab4edc..611b09e5aed6ab 100644 --- a/src/libraries/Common/tests/System/Security/Cryptography/AlgorithmImplementations/EC/ECKeyFileTests.cs +++ b/src/libraries/Common/tests/System/Security/Cryptography/AlgorithmImplementations/EC/ECKeyFileTests.cs @@ -177,6 +177,7 @@ public void ReadNistP521EncryptedPkcs8_Pbes2_Aes128_Sha384() public void ReadNistP521EncryptedPkcs8_Pbes2_Aes128_Sha384_PasswordBytes() { // PBES2, PBKDF2 (SHA384), AES128 + // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test dummy certificate.")] const string base64 = @" MIIBXTBXBgkqhkiG9w0BBQ0wSjApBgkqhkiG9w0BBQwwHAQI/JyXWyp/t3kCAggA MAwGCCqGSIb3DQIKBQAwHQYJYIZIAWUDBAECBBA3H8mbFK5afB5GzIemCCQkBIIB diff --git a/src/libraries/Common/tests/System/Security/Cryptography/AlgorithmImplementations/EC/ECKeyPemTests.cs b/src/libraries/Common/tests/System/Security/Cryptography/AlgorithmImplementations/EC/ECKeyPemTests.cs index b07c29c6b45441..6b15cd2dde79b8 100644 --- a/src/libraries/Common/tests/System/Security/Cryptography/AlgorithmImplementations/EC/ECKeyPemTests.cs +++ b/src/libraries/Common/tests/System/Security/Cryptography/AlgorithmImplementations/EC/ECKeyPemTests.cs @@ -32,6 +32,7 @@ public void ImportFromPem_ECPrivateKey_Simple() { using (TAlg key = CreateKey()) { + // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test dummy certificate.")] key.ImportFromPem(@" -----BEGIN EC PRIVATE KEY----- MHcCAQEEIHChLC2xaEXtVv9oz8IaRys/BNfWhRv2NJ8tfVs0UrOKoAoGCCqGSM49 @@ -49,6 +50,7 @@ public void ImportFromPem_ECPrivateKey_IgnoresUnrelatedAlgorithm() { using (TAlg key = CreateKey()) { + // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test dummy certificate.")] key.ImportFromPem(@" -----BEGIN RSA PRIVATE KEY----- MIIBOwIBAAJBALc/WfXui9VeJLf/AprRaoVDyW0lPlQxm5NTLEHDwUd7idstLzPX @@ -75,6 +77,7 @@ public void ImportFromPem_Pkcs8_Simple() { using (TAlg key = CreateKey()) { + // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test dummy certificate.")] key.ImportFromPem(@" -----BEGIN PRIVATE KEY----- MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgcKEsLbFoRe1W/2jP @@ -92,6 +95,7 @@ public void ImportFromPem_Pkcs8_IgnoresUnrelatedAlgorithm() { using (TAlg key = CreateKey()) { + // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test dummy certificate.")] key.ImportFromPem(@" -----BEGIN RSA PRIVATE KEY----- MIIBOwIBAAJBALc/WfXui9VeJLf/AprRaoVDyW0lPlQxm5NTLEHDwUd7idstLzPX @@ -165,6 +169,7 @@ public void ImportFromPem_Spki_IgnoresUnrelatedAlgorithms() { using (TAlg key = CreateKey()) { + // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test dummy certificate.")] key.ImportFromPem(@" -----BEGIN RSA PRIVATE KEY----- MIIBOwIBAAJBALc/WfXui9VeJLf/AprRaoVDyW0lPlQxm5NTLEHDwUd7idstLzPX @@ -411,6 +416,7 @@ public void ImportFromEncryptedPem_UnencryptedPem_ThrowsNoPem() { using (TAlg key = CreateKey()) { + // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test dummy certificate.")] string pem = @" -----BEGIN PRIVATE KEY----- MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgcKEsLbFoRe1W/2jP diff --git a/src/libraries/Common/tests/System/Security/Cryptography/AlgorithmImplementations/RSA/RSAKeyFileTests.cs b/src/libraries/Common/tests/System/Security/Cryptography/AlgorithmImplementations/RSA/RSAKeyFileTests.cs index 7e73ce658193ea..b5590853e38c3f 100644 --- a/src/libraries/Common/tests/System/Security/Cryptography/AlgorithmImplementations/RSA/RSAKeyFileTests.cs +++ b/src/libraries/Common/tests/System/Security/Cryptography/AlgorithmImplementations/RSA/RSAKeyFileTests.cs @@ -764,6 +764,7 @@ public static void ReadPbes2Rc2EncryptedDiminishedDP() public static void ReadPbes2Rc2EncryptedDiminishedDP_PasswordBytes() { // PBES2: PBKDF2 + RC2-128 + // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test dummy certificate.")] const string base64 = @" MIIBrjBIBgkqhkiG9w0BBQ0wOzAeBgkqhkiG9w0BBQwwEQQIKZEFT76zCFECAggA AgEQMBkGCCqGSIb3DQMCMA0CAToECE1Yyzk6++IPBIIBYDDvaYLkET8eudcYLQMf @@ -789,6 +790,7 @@ public static void ReadPbes2Rc2EncryptedDiminishedDP_PasswordBytes() [Fact] public static void ReadEncryptedDiminishedDP_EmptyPassword() { + // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test dummy certificate.")] const string base64 = @" MIIBgTAbBgkqhkiG9w0BBQMwDgQIJtjMez/9Gg4CAggABIIBYElq9UOOphEPU3b7 G/mV8M1uEdjigidMPih3b9IIJhrjMAEix2IjS+brFL7KRQgucpZZoaFU1utvkUHg @@ -813,6 +815,7 @@ public static void ReadEncryptedDiminishedDP_EmptyPassword() [Fact] public static void ReadEncryptedDiminishedDP_EmptyPasswordBytes() { + // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test dummy certificate.")] const string base64 = @" MIIBgTAbBgkqhkiG9w0BBQMwDgQIJtjMez/9Gg4CAggABIIBYElq9UOOphEPU3b7 G/mV8M1uEdjigidMPih3b9IIJhrjMAEix2IjS+brFL7KRQgucpZZoaFU1utvkUHg diff --git a/src/libraries/Common/tests/System/Security/Cryptography/AlgorithmImplementations/RSA/RSAKeyPemTests.cs b/src/libraries/Common/tests/System/Security/Cryptography/AlgorithmImplementations/RSA/RSAKeyPemTests.cs index 37c90271b66a74..c7042abec861bc 100644 --- a/src/libraries/Common/tests/System/Security/Cryptography/AlgorithmImplementations/RSA/RSAKeyPemTests.cs +++ b/src/libraries/Common/tests/System/Security/Cryptography/AlgorithmImplementations/RSA/RSAKeyPemTests.cs @@ -29,8 +29,9 @@ public static void ImportFromPem_NoPem() public static void ImportFromPem_RSAPrivateKey_Simple() { using (RSA rsa = RSAFactory.Create()) - { + { string pem = @" + // [SuppressMessage(\"Microsoft.Security\", \"CS002:SecretInNextLine\", Justification=\"Unit test dummy certificate.\")] -----BEGIN RSA PRIVATE KEY----- MIIBOwIBAAJBALc/WfXui9VeJLf/AprRaoVDyW0lPlQxm5NTLEHDwUd7idstLzPX uah0WEjgao5oO1BEUR4byjYlJ+F89Cs4BhUCAwEAAQJBAK/m8jYvnK9exaSR+DAh @@ -53,6 +54,7 @@ public static void ImportFromPem_Pkcs8UnEncrypted_Simple() { using (RSA rsa = RSAFactory.Create()) { + // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test dummy certificate.")] string pem = @" -----BEGIN PRIVATE KEY----- MIIBVQIBADANBgkqhkiG9w0BAQEFAASCAT8wggE7AgEAAkEAtz9Z9e6L1V4kt/8C @@ -77,6 +79,7 @@ public static void ImportFromPem_Pkcs8UnEncrypted_UnrelatedAlgorithmIsIgnored() { using (RSA rsa = RSAFactory.Create()) { + // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test dummy certificate.")] string pem = @" -----BEGIN EC PRIVATE KEY----- MHcCAQEEIHChLC2xaEXtVv9oz8IaRys/BNfWhRv2NJ8tfVs0UrOKoAoGCCqGSM49 @@ -123,6 +126,7 @@ public static void ImportFromPem_SubjectPublicKeyInfo_IgnoresUnrelatedAlgorithm( { using (RSA rsa = RSAFactory.Create()) { + // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test dummy certificate.")] string pem = @" -----BEGIN EC PRIVATE KEY----- MHcCAQEEIHChLC2xaEXtVv9oz8IaRys/BNfWhRv2NJ8tfVs0UrOKoAoGCCqGSM49 @@ -163,6 +167,7 @@ public static void ImportFromPem_RSAPrivateKey_PrecedingUnrelatedPem() { using (RSA rsa = RSAFactory.Create()) { + // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test dummy certificate.")] string pem = @" -----BEGIN CERTIFICATE----- MIICTzCCAgmgAwIBAgIJAMQtYhFJ0+5jMA0GCSqGSIb3DQEBBQUAMIGSMQswCQYD @@ -200,6 +205,7 @@ public static void ImportFromPem_RSAPrivateKey_PrecedingMalformedPem() { using (RSA rsa = RSAFactory.Create()) { + // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test dummy certificate.")] string pem = @" -----BEGIN CERTIFICATE----- $$ I AM NOT A PEM @@ -225,6 +231,7 @@ public static void ImportFromPem_RSAPrivateKey_IgnoresOtherAlgorithms() { using (RSA rsa = RSAFactory.Create()) { + // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test dummy certificate.")] string pem = @" -----BEGIN EC PRIVATE KEY----- MHcCAQEEIHChLC2xaEXtVv9oz8IaRys/BNfWhRv2NJ8tfVs0UrOKoAoGCCqGSM49 @@ -252,6 +259,7 @@ public static void ImportFromPem_RSAPrivateKey_AmbiguousKey_RSAPrivateKey() { using (RSA rsa = RSAFactory.Create()) { + // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test dummy certificate.")] string pem = @" -----BEGIN RSA PRIVATE KEY----- MII= @@ -275,6 +283,7 @@ public static void ImportFromPem_RSAPrivateKey_AmbiguousKey_SubjectPublicKeyInfo { using (RSA rsa = RSAFactory.Create()) { + // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test dummy certificate.")] string pem = @" -----BEGIN PUBLIC KEY----- MII= @@ -298,6 +307,7 @@ public static void ImportFromPem_RSAPrivateKey_AmbiguousKey_RSAPublicKey() { using (RSA rsa = RSAFactory.Create()) { + // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test dummy certificate.")] string pem = @" -----BEGIN RSA PUBLIC KEY----- MII= @@ -321,6 +331,7 @@ public static void ImportFromPem_RSAPrivateKey_AmbiguousKey_EncryptedPkcs8() { using (RSA rsa = RSAFactory.Create()) { + // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test dummy certificate.")] string pem = @" -----BEGIN ENCRYPTED PRIVATE KEY----- MII= @@ -367,6 +378,7 @@ public static void ImportFromPem_Pkcs8AlgorithmMismatch_Throws() { using (RSA rsa = RSAFactory.Create()) { + // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test dummy certificate.")] string pem = @" The below PEM is a 1024-bit DSA key. -----BEGIN PRIVATE KEY----- @@ -487,6 +499,7 @@ public static void ImportFromEncryptedPem_NoEncryptedPem() { using (RSA rsa = RSAFactory.Create()) { + // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test dummy certificate.")] string pem = @" -----BEGIN PRIVATE KEY----- MIIBVQIBADANBgkqhkiG9w0BAQEFAASCAT8wggE7AgEAAkEAtz9Z9e6L1V4kt/8C From 186991ead02f456f14eeacd1dc911dc8fa9ba1be Mon Sep 17 00:00:00 2001 From: Jan Jahoda Date: Wed, 15 Jul 2020 16:16:16 +0200 Subject: [PATCH 5/9] Revert to suppression messages --- .config/CredScanSuppressions.json | 72 +++++++++++++++---- .../System/Net/Configuration.Certificates.cs | 3 +- .../HttpClientHandlerTest.Authentication.cs | 3 +- ...ientHandlerTest.DefaultProxyCredentials.cs | 4 -- .../Net/Http/HttpClientHandlerTest.Proxy.cs | 6 +- ...ttpClientHandlerTest.ServerCertificates.cs | 3 +- .../System/Net/Http/HttpClientHandlerTest.cs | 1 - .../tests/System/Net/Http/PostScenarioTest.cs | 6 +- .../Deployment/setup_certificates.ps1 | 16 ++--- .../DSA/DSAKeyPemTests.cs | 8 --- .../EC/ECKeyPemTests.cs | 14 ++-- .../RSA/RSAKeyPemTests.cs | 15 +--- .../FunctionalTests/SocketsHttpHandlerTest.cs | 9 +-- .../UnitTests/DigestAuthenticationTests.cs | 9 +-- .../UnitTests/HttpEnvironmentProxyTest.cs | 17 ++--- .../tests/Functional/SmtpClientTest.cs | 10 ++- .../UriRelativeResolutionTest.cs | 9 --- .../FunctionalTests/UriBuilderRefreshTest.cs | 3 +- .../tests/FunctionalTests/UriBuilderTests.cs | 8 --- .../UriRelativeResolutionTest.cs | 11 --- .../tests/System/Uri.CreateStringTests.cs | 4 -- .../tests/ExportTests.cs | 9 +-- .../tests/EncryptedXmlTest.cs | 2 +- .../tests/SignedXmlTest.cs | 6 -- .../tests/TestHelpers.cs | 3 +- 25 files changed, 100 insertions(+), 151 deletions(-) diff --git a/.config/CredScanSuppressions.json b/.config/CredScanSuppressions.json index 98370c3d1c0b50..5c0875fcebd554 100644 --- a/.config/CredScanSuppressions.json +++ b/.config/CredScanSuppressions.json @@ -1,15 +1,61 @@ { - "tool": "Credential Scanner", - "suppressions": [ - { - "file": [ - "/src/libraries/Common/src/System/Security/Cryptography/EccSecurityTransforms.cs", - "/src/libraries/Common/tests/System/Security/Cryptography/AlgorithmImplementations/EC/ECKeyFileTests.cs", - "/src/libraries/Common/tests/System/Security/Cryptography/AlgorithmImplementations/EC/ECKeyFileTests.LimitedPrivate.cs", - "/src/libraries/Common/tests/System/Security/Cryptography/AlgorithmImplementations/RSA/RSAKeyFileTests.cs", - "/src/libraries/Common/tests/System/Security/Cryptography/AlgorithmImplementations/RSA/RSAKeyPemTests.cs" - ], - "_justification": "Mostly test files. Other files contain harmless examples or constants." - }, - ] + "tool": "Credential Scanner", + "suppressions": [ + { + "_justification": "Unit test containing connection strings under the test.", + "file": [ + "src/libraries/System.Data.Common/tests/System/Data/Common/DbConnectionStringBuilderTest.cs" + ] + }, + { + "_justification": "Private key for testing purpose.", + "file": [ + "src/libraries/Common/tests/System/Security/Cryptography/AlgorithmImplementations/DSA/DSAKeyPemTests.cs", + "src/libraries/Common/tests/System/Security/Cryptography/AlgorithmImplementations/EC/ECKeyPemTests.cs", + "src/libraries/Common/tests/System/Security/Cryptography/AlgorithmImplementations/RSA/RSAKeyPemTests.cs", + "src/libraries/System.Security.Cryptography.X509Certificates/tests/TestData.cs" + ], + "placeholder": [ + "-----BEGIN PRIVATE KEY-----", + "-----BEGIN * PRIVATE KEY-----" + ] + }, + { + "_justification": "Test credential for Uri testing", + "file": [ + "src/libraries/System.Private.Uri/tests/ExtendedFunctionalTests/UriRelativeResolutionTest.cs", + "src/libraries/System.Private.Uri/tests/FunctionalTests/UriBuilderTests.cs", + "src/libraries/System.Private.Uri/tests/FunctionalTests/UriRelativeResolutionTest.cs", + "src/libraries/System.Runtime/tests/System/Uri.CreateStringTests.cs" + ], + "placeholder": [ + "//user:psw@", + "//userinfo1:userinfo2@", + "//userinfo!~+-_*()[]:;&$=123USERINFO@" + ] + }, + { + "_justification": "Generic test password.", + "file": [ + "src/libraries/Common/tests/System/Net/Configuration.Certificates.cs", + "src/libraries/Common/tests/System/Net/Http/HttpClientHandlerTest.Authentication.cs", + "src/libraries/Common/tests/System/Net/Http/HttpClientHandlerTest.cs", + "src/libraries/Common/tests/System/Net/Http/HttpClientHandlerTest.DefaultProxyCredentials.cs", + "src/libraries/Common/tests/System/Net/Prerequisites/Deployment/setup_certificates.ps1", + "src/libraries/System.Net.Http/tests/UnitTests/HttpEnvironmentProxyTest.cs", + "src/libraries/System.Security.Cryptography.Xml/tests/SignedXmlTest.cs", + "src/libraries/System.Security.Cryptography.Xml/tests/TestHelpers.cs" + ], + "placeholder": [ + "\"rightpassword\"", + "\"wrongpassword\"", + "\"mono\"", + "\"unused\"", + "\"testcertificate\"", + "\"password1\"", + "//*:password1@" + /* Credential Scanner already consider "password", "WRONGPASSWORD" as false positive in some cases, hence they are not in this list. */ + ] + } + ] } diff --git a/src/libraries/Common/tests/System/Net/Configuration.Certificates.cs b/src/libraries/Common/tests/System/Net/Configuration.Certificates.cs index 0b5cda18fe9d34..67a6abf1249859 100644 --- a/src/libraries/Common/tests/System/Net/Configuration.Certificates.cs +++ b/src/libraries/Common/tests/System/Net/Configuration.Certificates.cs @@ -15,7 +15,6 @@ public static partial class Configuration { public static partial class Certificates { - // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test dummy password.")] private const string CertificatePassword = "testcertificate"; private const string TestDataFolder = "TestData"; private const int MutexTimeoutMs = 120_000; @@ -63,7 +62,7 @@ static Certificates() } } } - + // These Get* methods make a copy of the certificates so that consumers own the lifetime of the // certificates handed back. Consumers are expected to dispose of their certs when done with them. diff --git a/src/libraries/Common/tests/System/Net/Http/HttpClientHandlerTest.Authentication.cs b/src/libraries/Common/tests/System/Net/Http/HttpClientHandlerTest.Authentication.cs index 30a186fceaa1bf..a5a6ea002efe70 100644 --- a/src/libraries/Common/tests/System/Net/Http/HttpClientHandlerTest.Authentication.cs +++ b/src/libraries/Common/tests/System/Net/Http/HttpClientHandlerTest.Authentication.cs @@ -188,8 +188,7 @@ await LoopbackServer.CreateServerAsync(async (server, url) => { HttpClientHandler handler = CreateHttpClientHandler(); Task serverTask = server.AcceptConnectionPerformAuthenticationAndCloseAsync(authenticateHeader); - - await TestHelper.WhenAllCompletedOrAnyFailed(CreateAndValidateRequest(handler, url, HttpStatusCode.Unauthorized, credentials), serverTask); + await TestHelper.WhenAllCompletedOrAnyFailed(CreateAndValidateRequest(handler, url, HttpStatusCode.Unauthorized, new NetworkCredential("wronguser", "wrongpassword")), serverTask); }, options); } diff --git a/src/libraries/Common/tests/System/Net/Http/HttpClientHandlerTest.DefaultProxyCredentials.cs b/src/libraries/Common/tests/System/Net/Http/HttpClientHandlerTest.DefaultProxyCredentials.cs index 720bad294783ac..5db0b7b25b8105 100644 --- a/src/libraries/Common/tests/System/Net/Http/HttpClientHandlerTest.DefaultProxyCredentials.cs +++ b/src/libraries/Common/tests/System/Net/Http/HttpClientHandlerTest.DefaultProxyCredentials.cs @@ -37,7 +37,6 @@ public void SetGet_Roundtrips() { using (HttpClientHandler handler = CreateHttpClientHandler()) { - // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test dummy credentials.")] var creds = new NetworkCredential("username", "password", "domain"); handler.DefaultProxyCredentials = null; @@ -54,9 +53,7 @@ public void SetGet_Roundtrips() [Fact] public async Task ProxyExplicitlyProvided_DefaultCredentials_Ignored() { - // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test dummy credentials.")] var explicitProxyCreds = new NetworkCredential("rightusername", "rightpassword"); - // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test dummy credentials.")] var defaultSystemProxyCreds = new NetworkCredential("wrongusername", "wrongpassword"); string expectCreds = "Basic " + Convert.ToBase64String(Encoding.UTF8.GetBytes($"{explicitProxyCreds.UserName}:{explicitProxyCreds.Password}")); @@ -92,7 +89,6 @@ await server.AcceptConnectionSendResponseAndCloseAsync( public async Task ProxySetViaEnvironmentVariable_DefaultProxyCredentialsUsed(bool useProxy) { const string ExpectedUsername = "rightusername"; - // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test dummy credentials.")] const string ExpectedPassword = "rightpassword"; LoopbackServer.Options options = new LoopbackServer.Options { IsProxy = true, Username = ExpectedUsername, Password = ExpectedPassword }; diff --git a/src/libraries/Common/tests/System/Net/Http/HttpClientHandlerTest.Proxy.cs b/src/libraries/Common/tests/System/Net/Http/HttpClientHandlerTest.Proxy.cs index 72511104f16309..2580ea977b29a5 100644 --- a/src/libraries/Common/tests/System/Net/Http/HttpClientHandlerTest.Proxy.cs +++ b/src/libraries/Common/tests/System/Net/Http/HttpClientHandlerTest.Proxy.cs @@ -261,10 +261,8 @@ public async Task Proxy_SendSecureRequestThruProxy_ConnectTunnelUsed() [ConditionalFact(typeof(PlatformDetection), nameof(PlatformDetection.IsNotWindowsNanoServer))] public async Task ProxyAuth_Digest_Succeeds() { - // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test dummy credentials.")] - const string expectedUsername = "testusername"; - // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test dummy credentials.")] - const string expectedPassword = "testpassword"; + const string expectedUsername = "user"; + const string expectedPassword = "password"; const string authHeader = "Proxy-Authenticate: Digest realm=\"NetCore\", nonce=\"PwOnWgAAAAAAjnbW438AAJSQi1kAAAAA\", qop=\"auth\", stale=false\r\n"; LoopbackServer.Options options = new LoopbackServer.Options { IsProxy = true, Username = expectedUsername, Password = expectedPassword }; var proxyCreds = new NetworkCredential(expectedUsername, expectedPassword); diff --git a/src/libraries/Common/tests/System/Net/Http/HttpClientHandlerTest.ServerCertificates.cs b/src/libraries/Common/tests/System/Net/Http/HttpClientHandlerTest.ServerCertificates.cs index bcf6f24e2f97f6..d04b1d7aee6860 100644 --- a/src/libraries/Common/tests/System/Net/Http/HttpClientHandlerTest.ServerCertificates.cs +++ b/src/libraries/Common/tests/System/Net/Http/HttpClientHandlerTest.ServerCertificates.cs @@ -108,8 +108,7 @@ public async Task UseCallback_HaveCredsAndUseAuthenticatedCustomProxyAndPostToSe handler.ServerCertificateCustomValidationCallback = TestHelper.AllowAllCertificates; handler.Proxy = new WebProxy(proxyServer.Uri) { - // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test dummy credentials.")] - Credentials = new NetworkCredential("rightusername", "rightpassword") + Credentials = new NetworkCredential("user", "password") }; const string content = "This is a test"; diff --git a/src/libraries/Common/tests/System/Net/Http/HttpClientHandlerTest.cs b/src/libraries/Common/tests/System/Net/Http/HttpClientHandlerTest.cs index bee4cd6ec296eb..2aa3c26ee16b13 100644 --- a/src/libraries/Common/tests/System/Net/Http/HttpClientHandlerTest.cs +++ b/src/libraries/Common/tests/System/Net/Http/HttpClientHandlerTest.cs @@ -579,7 +579,6 @@ public async Task GetAsync_ServerNeedsNonStandardAuthAndSetCredential_StatusCode await LoopbackServerFactory.CreateServerAsync(async (server, url) => { HttpClientHandler handler = CreateHttpClientHandler(); - // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test dummy credentials.")] handler.Credentials = new NetworkCredential("unused", "unused"); using (HttpClient client = CreateHttpClient(handler)) { diff --git a/src/libraries/Common/tests/System/Net/Http/PostScenarioTest.cs b/src/libraries/Common/tests/System/Net/Http/PostScenarioTest.cs index e2592f948c0890..e10d7415bcfe0a 100644 --- a/src/libraries/Common/tests/System/Net/Http/PostScenarioTest.cs +++ b/src/libraries/Common/tests/System/Net/Http/PostScenarioTest.cs @@ -22,10 +22,8 @@ namespace System.Net.Http.Functional.Tests public abstract class PostScenarioTest : HttpClientHandlerTestBase { private const string ExpectedContent = "Test contest"; - // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test dummy credentials.")] - private const string UserName = "user1"; - // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test dummy credentials.")] - private const string Password = "password1"; + private const string UserName = "user"; + private const string Password = "password"; public PostScenarioTest(ITestOutputHelper output) : base(output) { } diff --git a/src/libraries/Common/tests/System/Net/Prerequisites/Deployment/setup_certificates.ps1 b/src/libraries/Common/tests/System/Net/Prerequisites/Deployment/setup_certificates.ps1 index db9689168be06d..17a7ac349641ad 100644 --- a/src/libraries/Common/tests/System/Net/Prerequisites/Deployment/setup_certificates.ps1 +++ b/src/libraries/Common/tests/System/Net/Prerequisites/Deployment/setup_certificates.ps1 @@ -5,16 +5,14 @@ # Certificate configuration -$script:testDataUri = "https://github.com/dotnet/runtime-assets/archive/master.zip" +$script:testDataUri = "https://github.com/dotnet/runtime-assets/archive/master.zip" $script:testData = "runtime-assets" $script:certificatePath = "$($script:testData)\runtime-assets-master\System.Net.TestData" $script:clientPrivateKeyPath = Join-Path $script:certificatePath "testclient1_at_contoso.com.pfx" -#[SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Dummy certificate password for testing.")] $script:clientPrivateKeyPassword = "testcertificate" $script:serverPrivateKeyPath = Join-Path $script:certificatePath "contoso.com.pfx" -#[SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Dummy certificate password for testing.")] $script:serverPrivateKeyPassword = "testcertificate" Function GetFullPath($relativePath) @@ -26,9 +24,9 @@ Function DeleteTestData { if (Test-Path $script:testData) { - rmdir $script:testData -Recurse -Force + rmdir $script:testData -Recurse -Force } - + del ($testData + ".zip") -ErrorAction SilentlyContinue } @@ -43,7 +41,7 @@ Function LoadCertificateAndRoot($fileName, $password) { $privateCerts = New-Object System.Security.Cryptography.X509Certificates.X509Certificate2Collection $fullPath = GetFullPath $fileName - + $privateCerts.Import($fullPath, $password, ("MachineKeySet", "PersistKeySet", "Exportable")) $privateKeyCert = $null @@ -108,12 +106,12 @@ Function RemoveCertificates($filename, $password) Write-Host "Acquiring test data." DownloadTestData ($private, $root) = LoadCertificateAndRoot $fileName $password - + Write-Host -ForegroundColor DarkGray "`tRemoving root certificate: $($root.Subject)" dir Cert:\LocalMachine\Root | where {$_.Subject -eq $root.Subject} | foreach { rm (Join-Path Cert:\LocalMachine\Root $_.Thumbprint) } Write-Host -ForegroundColor DarkGray "`tRemoving private key certificate: $($private.Subject)" dir Cert:\LocalMachine\My | where {$_.Subject -eq $private.Subject} | foreach { rm (Join-Path Cert:\LocalMachine\My $_.Thumbprint) -DeleteKey } - + DeleteTestData } @@ -127,4 +125,4 @@ Function RemoveServerCertificates { Write-Host -ForegroundColor Cyan "Removing Server Certificates" RemoveCertificates $script:serverPrivateKeyPath $script:serverPrivateKeyPassword -} \ No newline at end of file +} diff --git a/src/libraries/Common/tests/System/Security/Cryptography/AlgorithmImplementations/DSA/DSAKeyPemTests.cs b/src/libraries/Common/tests/System/Security/Cryptography/AlgorithmImplementations/DSA/DSAKeyPemTests.cs index 6b4c490e2b9a84..53edb8235ff214 100644 --- a/src/libraries/Common/tests/System/Security/Cryptography/AlgorithmImplementations/DSA/DSAKeyPemTests.cs +++ b/src/libraries/Common/tests/System/Security/Cryptography/AlgorithmImplementations/DSA/DSAKeyPemTests.cs @@ -29,7 +29,6 @@ public static void ImportFromPem_Pkcs8UnEncrypted_Simple() { using (DSA dsa = DSAFactory.Create()) { - // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test dummy certificate.")] string pem = @" -----BEGIN PRIVATE KEY----- MIHGAgEAMIGoBgcqhkjOOAQBMIGcAkEA1qi38cr3ppZNB2Y/xpHSL2q81Vw3rvWN @@ -50,7 +49,6 @@ public static void ImportFromPem_Pkcs8UnEncrypted_IgnoresUnrelatedAlgorithm() { using (DSA dsa = DSAFactory.Create()) { - // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test dummy certificate.")] string pem = @" -----BEGIN EC PRIVATE KEY----- MHcCAQEEIHChLC2xaEXtVv9oz8IaRys/BNfWhRv2NJ8tfVs0UrOKoAoGCCqGSM49 @@ -76,7 +74,6 @@ public static void ImportFromPem_Pkcs8_UnrelatedPrecedingPem() { using (DSA dsa = DSAFactory.Create()) { - // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test dummy certificate.")] string pem = @" -----BEGIN CERTIFICATE----- MII= @@ -100,7 +97,6 @@ public static void ImportFromPem_Pkcs8_PrecedingMalformedPem() { using (DSA dsa = DSAFactory.Create()) { - // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test dummy certificate.")] string pem = @" -----BEGIN CERTIFICATE----- $$$ BAD PEM @@ -145,7 +141,6 @@ public static void ImportFromPem_Pkcs8_AmbiguousKey_Pkcs8() { using (DSA dsa = DSAFactory.Create()) { - // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test dummy certificate.")] string pem = @" -----BEGIN PRIVATE KEY----- MIHGAgEAMIGoBgcqhkjOOAQBMIGcAkEA1qi38cr3ppZNB2Y/xpHSL2q81Vw3rvWN @@ -171,7 +166,6 @@ public static void ImportFromPem_Pkcs8_AmbiguousKey_Spki() { using (DSA dsa = DSAFactory.Create()) { - // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test dummy certificate.")] string pem = @" -----BEGIN PUBLIC KEY----- MIHxMIGoBgcqhkjOOAQBMIGcAkEA1qi38cr3ppZNB2Y/xpHSL2q81Vw3rvWNIHRn @@ -198,7 +192,6 @@ public static void ImportFromPem_Pkcs8_AmbiguousKey_EncryptedPkcs8() { using (DSA dsa = DSAFactory.Create()) { - // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test dummy certificate.")] string pem = @" -----BEGIN ENCRYPTED PRIVATE KEY----- MIIBIDBLBgkqhkiG9w0BBQ0wPjApBgkqhkiG9w0BBQwwHAQIkM/kCKe6rYsCAggA @@ -362,7 +355,6 @@ public static void ImportFromEncryptedPem_Pkcs8_NoEncryptedPem() { using (DSA dsa = DSAFactory.Create()) { - // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test dummy certificate.")] string pem = @" -----BEGIN PRIVATE KEY----- MIHGAgEAMIGoBgcqhkjOOAQBMIGcAkEA1qi38cr3ppZNB2Y/xpHSL2q81Vw3rvWN diff --git a/src/libraries/Common/tests/System/Security/Cryptography/AlgorithmImplementations/EC/ECKeyPemTests.cs b/src/libraries/Common/tests/System/Security/Cryptography/AlgorithmImplementations/EC/ECKeyPemTests.cs index d9de126a0258de..712797a37a34d4 100644 --- a/src/libraries/Common/tests/System/Security/Cryptography/AlgorithmImplementations/EC/ECKeyPemTests.cs +++ b/src/libraries/Common/tests/System/Security/Cryptography/AlgorithmImplementations/EC/ECKeyPemTests.cs @@ -31,9 +31,8 @@ public void ImportFromPem_ECPrivateKey_Simple() { using (TAlg key = CreateKey()) { - // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test dummy certificate.")] - key.ImportFromPem(@" ------BEGIN EC PRIVATE KEY----- + key.ImportFromPem( +@"-----BEGIN EC PRIVATE KEY----- MHcCAQEEIHChLC2xaEXtVv9oz8IaRys/BNfWhRv2NJ8tfVs0UrOKoAoGCCqGSM49 AwEHoUQDQgAEgQHs5HRkpurXDPaabivT2IaRoyYtIsuk92Ner/JmgKjYoSumHVmS NfZ9nLTVjxeD08pD548KWrqmJAeZNsDDqQ== @@ -49,9 +48,8 @@ public void ImportFromPem_ECPrivateKey_IgnoresUnrelatedAlgorithm() { using (TAlg key = CreateKey()) { - // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test dummy certificate.")] - key.ImportFromPem(@" ------BEGIN RSA PRIVATE KEY----- + key.ImportFromPem( +@"-----BEGIN RSA PRIVATE KEY----- MIIBOwIBAAJBALc/WfXui9VeJLf/AprRaoVDyW0lPlQxm5NTLEHDwUd7idstLzPX uah0WEjgao5oO1BEUR4byjYlJ+F89Cs4BhUCAwEAAQJBAK/m8jYvnK9exaSR+DAh Ij12ip5pB+HOFOdhCbS/coNoIowa6WJGrd3Np1m9BBhouWloF8UB6Iu8/e/wAg+F @@ -76,7 +74,6 @@ public void ImportFromPem_Pkcs8_Simple() { using (TAlg key = CreateKey()) { - // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test dummy certificate.")] key.ImportFromPem(@" -----BEGIN PRIVATE KEY----- MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgcKEsLbFoRe1W/2jP @@ -94,7 +91,6 @@ public void ImportFromPem_Pkcs8_IgnoresUnrelatedAlgorithm() { using (TAlg key = CreateKey()) { - // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test dummy certificate.")] key.ImportFromPem(@" -----BEGIN RSA PRIVATE KEY----- MIIBOwIBAAJBALc/WfXui9VeJLf/AprRaoVDyW0lPlQxm5NTLEHDwUd7idstLzPX @@ -168,7 +164,6 @@ public void ImportFromPem_Spki_IgnoresUnrelatedAlgorithms() { using (TAlg key = CreateKey()) { - // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test dummy certificate.")] key.ImportFromPem(@" -----BEGIN RSA PRIVATE KEY----- MIIBOwIBAAJBALc/WfXui9VeJLf/AprRaoVDyW0lPlQxm5NTLEHDwUd7idstLzPX @@ -415,7 +410,6 @@ public void ImportFromEncryptedPem_UnencryptedPem_ThrowsNoPem() { using (TAlg key = CreateKey()) { - // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test dummy certificate.")] string pem = @" -----BEGIN PRIVATE KEY----- MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgcKEsLbFoRe1W/2jP diff --git a/src/libraries/Common/tests/System/Security/Cryptography/AlgorithmImplementations/RSA/RSAKeyPemTests.cs b/src/libraries/Common/tests/System/Security/Cryptography/AlgorithmImplementations/RSA/RSAKeyPemTests.cs index 15f597d87661ef..35d082065ae50f 100644 --- a/src/libraries/Common/tests/System/Security/Cryptography/AlgorithmImplementations/RSA/RSAKeyPemTests.cs +++ b/src/libraries/Common/tests/System/Security/Cryptography/AlgorithmImplementations/RSA/RSAKeyPemTests.cs @@ -28,9 +28,8 @@ public static void ImportFromPem_NoPem() public static void ImportFromPem_RSAPrivateKey_Simple() { using (RSA rsa = RSAFactory.Create()) - { + { string pem = @" - // [SuppressMessage(\"Microsoft.Security\", \"CS002:SecretInNextLine\", Justification=\"Unit test dummy certificate.\")] -----BEGIN RSA PRIVATE KEY----- MIIBOwIBAAJBALc/WfXui9VeJLf/AprRaoVDyW0lPlQxm5NTLEHDwUd7idstLzPX uah0WEjgao5oO1BEUR4byjYlJ+F89Cs4BhUCAwEAAQJBAK/m8jYvnK9exaSR+DAh @@ -53,7 +52,6 @@ public static void ImportFromPem_Pkcs8UnEncrypted_Simple() { using (RSA rsa = RSAFactory.Create()) { - // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test dummy certificate.")] string pem = @" -----BEGIN PRIVATE KEY----- MIIBVQIBADANBgkqhkiG9w0BAQEFAASCAT8wggE7AgEAAkEAtz9Z9e6L1V4kt/8C @@ -78,7 +76,6 @@ public static void ImportFromPem_Pkcs8UnEncrypted_UnrelatedAlgorithmIsIgnored() { using (RSA rsa = RSAFactory.Create()) { - // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test dummy certificate.")] string pem = @" -----BEGIN EC PRIVATE KEY----- MHcCAQEEIHChLC2xaEXtVv9oz8IaRys/BNfWhRv2NJ8tfVs0UrOKoAoGCCqGSM49 @@ -125,7 +122,6 @@ public static void ImportFromPem_SubjectPublicKeyInfo_IgnoresUnrelatedAlgorithm( { using (RSA rsa = RSAFactory.Create()) { - // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test dummy certificate.")] string pem = @" -----BEGIN EC PRIVATE KEY----- MHcCAQEEIHChLC2xaEXtVv9oz8IaRys/BNfWhRv2NJ8tfVs0UrOKoAoGCCqGSM49 @@ -166,7 +162,6 @@ public static void ImportFromPem_RSAPrivateKey_PrecedingUnrelatedPem() { using (RSA rsa = RSAFactory.Create()) { - // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test dummy certificate.")] string pem = @" -----BEGIN CERTIFICATE----- MIICTzCCAgmgAwIBAgIJAMQtYhFJ0+5jMA0GCSqGSIb3DQEBBQUAMIGSMQswCQYD @@ -204,7 +199,6 @@ public static void ImportFromPem_RSAPrivateKey_PrecedingMalformedPem() { using (RSA rsa = RSAFactory.Create()) { - // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test dummy certificate.")] string pem = @" -----BEGIN CERTIFICATE----- $$ I AM NOT A PEM @@ -230,7 +224,6 @@ public static void ImportFromPem_RSAPrivateKey_IgnoresOtherAlgorithms() { using (RSA rsa = RSAFactory.Create()) { - // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test dummy certificate.")] string pem = @" -----BEGIN EC PRIVATE KEY----- MHcCAQEEIHChLC2xaEXtVv9oz8IaRys/BNfWhRv2NJ8tfVs0UrOKoAoGCCqGSM49 @@ -258,7 +251,6 @@ public static void ImportFromPem_RSAPrivateKey_AmbiguousKey_RSAPrivateKey() { using (RSA rsa = RSAFactory.Create()) { - // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test dummy certificate.")] string pem = @" -----BEGIN RSA PRIVATE KEY----- MII= @@ -282,7 +274,6 @@ public static void ImportFromPem_RSAPrivateKey_AmbiguousKey_SubjectPublicKeyInfo { using (RSA rsa = RSAFactory.Create()) { - // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test dummy certificate.")] string pem = @" -----BEGIN PUBLIC KEY----- MII= @@ -306,7 +297,6 @@ public static void ImportFromPem_RSAPrivateKey_AmbiguousKey_RSAPublicKey() { using (RSA rsa = RSAFactory.Create()) { - // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test dummy certificate.")] string pem = @" -----BEGIN RSA PUBLIC KEY----- MII= @@ -330,7 +320,6 @@ public static void ImportFromPem_RSAPrivateKey_AmbiguousKey_EncryptedPkcs8() { using (RSA rsa = RSAFactory.Create()) { - // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test dummy certificate.")] string pem = @" -----BEGIN ENCRYPTED PRIVATE KEY----- MII= @@ -377,7 +366,6 @@ public static void ImportFromPem_Pkcs8AlgorithmMismatch_Throws() { using (RSA rsa = RSAFactory.Create()) { - // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test dummy certificate.")] string pem = @" The below PEM is a 1024-bit DSA key. -----BEGIN PRIVATE KEY----- @@ -498,7 +486,6 @@ public static void ImportFromEncryptedPem_NoEncryptedPem() { using (RSA rsa = RSAFactory.Create()) { - // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test dummy certificate.")] string pem = @" -----BEGIN PRIVATE KEY----- MIIBVQIBADANBgkqhkiG9w0BAQEFAASCAT8wggE7AgEAAkEAtz9Z9e6L1V4kt/8C diff --git a/src/libraries/System.Net.Http/tests/FunctionalTests/SocketsHttpHandlerTest.cs b/src/libraries/System.Net.Http/tests/FunctionalTests/SocketsHttpHandlerTest.cs index 17bd180dd9736f..c6fc15ff54b11e 100644 --- a/src/libraries/System.Net.Http/tests/FunctionalTests/SocketsHttpHandlerTest.cs +++ b/src/libraries/System.Net.Http/tests/FunctionalTests/SocketsHttpHandlerTest.cs @@ -1520,8 +1520,7 @@ public async Task ProxyAuth_SameConnection_Succeeds() using (var handler = new HttpClientHandler()) { - // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test dummy credentials.")] - handler.Proxy = new UseSpecifiedUriWebProxy(proxyUrl, new NetworkCredential("abc", "def")); + handler.Proxy = new UseSpecifiedUriWebProxy(proxyUrl, new NetworkCredential("abc", "password")); using (HttpClient client = CreateHttpClient(handler)) { @@ -1853,10 +1852,8 @@ await Assert.ThrowsAnyAsync(() => Assert.Throws(expectedExceptionType, () => handler.AllowAutoRedirect = false); Assert.Throws(expectedExceptionType, () => handler.AutomaticDecompression = DecompressionMethods.GZip); Assert.Throws(expectedExceptionType, () => handler.CookieContainer = new CookieContainer()); - // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test dummy credentials.")] - Assert.Throws(expectedExceptionType, () => handler.Credentials = new NetworkCredential("anotheruser", "anotherpassword")); - // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test dummy credentials.")] - Assert.Throws(expectedExceptionType, () => handler.DefaultProxyCredentials = new NetworkCredential("anotheruser", "anotherpassword")); + Assert.Throws(expectedExceptionType, () => handler.Credentials = new NetworkCredential("anotheruser", "password")); + Assert.Throws(expectedExceptionType, () => handler.DefaultProxyCredentials = new NetworkCredential("anotheruser", "password")); Assert.Throws(expectedExceptionType, () => handler.MaxAutomaticRedirections = 2); Assert.Throws(expectedExceptionType, () => handler.MaxConnectionsPerServer = 2); Assert.Throws(expectedExceptionType, () => handler.MaxResponseHeadersLength = 2); diff --git a/src/libraries/System.Net.Http/tests/UnitTests/DigestAuthenticationTests.cs b/src/libraries/System.Net.Http/tests/UnitTests/DigestAuthenticationTests.cs index d948768cc12a37..0603d39a1a6715 100644 --- a/src/libraries/System.Net.Http/tests/UnitTests/DigestAuthenticationTests.cs +++ b/src/libraries/System.Net.Http/tests/UnitTests/DigestAuthenticationTests.cs @@ -50,8 +50,7 @@ public static IEnumerable DigestResponse_Challenge_TestData() [InlineData("realm=\"NetCore\", qop=\"auth\", stale=false", false)] public async Task DigestResponse_AuthToken_Handling(string response, bool expectedResult) { - // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test dummy credentials.")] - NetworkCredential credential = new NetworkCredential("foo", "bar"); + NetworkCredential credential = new NetworkCredential("user", "password"); AuthenticationHelper.DigestResponse digestResponse = new AuthenticationHelper.DigestResponse(response); HttpRequestMessage request = new HttpRequestMessage(HttpMethod.Get, "http://microsoft.com/"); string parameter = await AuthenticationHelper.GetDigestTokenForCredential(credential, request, digestResponse).ConfigureAwait(false); @@ -67,8 +66,7 @@ public async Task DigestResponse_AuthToken_Handling(string response, bool expect [InlineData("\uD834\uDD1E", "username*=utf-8''%F0%9D%84%9E")] public async Task DigestResponse_UserName_Encoding(string username, string encodedUserName) { - // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test dummy credentials.")] - NetworkCredential credential = new NetworkCredential(username, "bar"); + NetworkCredential credential = new NetworkCredential(username, "password"); AuthenticationHelper.DigestResponse digestResponse = new AuthenticationHelper.DigestResponse("realm=\"NetCore\", nonce=\"qMRqWgAAAAAQMjIABgAAAFwEiEwAAAAA\""); HttpRequestMessage request = new HttpRequestMessage(HttpMethod.Get, "http://microsoft.com/"); string parameter = await AuthenticationHelper.GetDigestTokenForCredential(credential, request, digestResponse).ConfigureAwait(false); @@ -91,8 +89,7 @@ public static IEnumerable DigestResponse_ShouldSendQop_TestData() [MemberData(nameof(DigestResponse_ShouldSendQop_TestData))] public async Task DigestResponse_ShouldSendQop(string response, string match, string doesNotMatch, int fieldCount) { - // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test dummy credentials.")] - NetworkCredential credential = new NetworkCredential("foo", "bar"); + NetworkCredential credential = new NetworkCredential("user", "password"); AuthenticationHelper.DigestResponse digestResponse = new AuthenticationHelper.DigestResponse(response); HttpRequestMessage request = new HttpRequestMessage(HttpMethod.Get, "http://microsoft.com/"); string parameter = await AuthenticationHelper.GetDigestTokenForCredential(credential, request, digestResponse).ConfigureAwait(false); diff --git a/src/libraries/System.Net.Http/tests/UnitTests/HttpEnvironmentProxyTest.cs b/src/libraries/System.Net.Http/tests/UnitTests/HttpEnvironmentProxyTest.cs index 9ef96627dae360..7ed5a7227f181f 100644 --- a/src/libraries/System.Net.Http/tests/UnitTests/HttpEnvironmentProxyTest.cs +++ b/src/libraries/System.Net.Http/tests/UnitTests/HttpEnvironmentProxyTest.cs @@ -184,21 +184,19 @@ public void HttpProxy_CredentialParsing_Basic() { IWebProxy p; - // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test dummy credentials.")] - Environment.SetEnvironmentVariable("all_proxy", "http://foo:bar@1.1.1.1:3000"); + Environment.SetEnvironmentVariable("all_proxy", "http://user:password@1.1.1.1:3000"); Assert.True(HttpEnvironmentProxy.TryCreate(out p)); Assert.NotNull(p); Assert.NotNull(p.Credentials); // Use user only without password. - Environment.SetEnvironmentVariable("all_proxy", "http://foo@1.1.1.1:3000"); + Environment.SetEnvironmentVariable("all_proxy", "http://user@1.1.1.1:3000"); Assert.True(HttpEnvironmentProxy.TryCreate(out p)); Assert.NotNull(p); Assert.NotNull(p.Credentials); // Use different user for http and https - // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test dummy credentials.")] - Environment.SetEnvironmentVariable("https_proxy", "http://foo1:bar1@1.1.1.1:3000"); + Environment.SetEnvironmentVariable("https_proxy", "http://user1:password1@1.1.1.1:3000"); Assert.True(HttpEnvironmentProxy.TryCreate(out p)); Assert.NotNull(p); Uri u = p.GetProxy(fooHttp); @@ -219,8 +217,7 @@ public void HttpProxy_Exceptions_Match() IWebProxy p; Environment.SetEnvironmentVariable("no_proxy", ".test.com,, foo.com"); - // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test dummy credentials.")] - Environment.SetEnvironmentVariable("all_proxy", "http://foo:bar@1.1.1.1:3000"); + Environment.SetEnvironmentVariable("all_proxy", "http://user:password@1.1.1.1:3000"); Assert.True(HttpEnvironmentProxy.TryCreate(out p)); Assert.NotNull(p); @@ -244,8 +241,7 @@ public static IEnumerable HttpProxyNoProxyEnvVarMemberData() [MemberData(nameof(HttpProxyNoProxyEnvVarMemberData))] public void HttpProxy_TryCreate_CaseInsensitiveVariables(string proxyEnvVar, string noProxyEnvVar) { - // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test dummy credentials.")] - string proxy = "http://foo:bar@1.1.1.1:3000"; + string proxy = "http://user:password@1.1.1.1:3000"; var options = new RemoteInvokeOptions(); options.StartInfo.EnvironmentVariables.Add(proxyEnvVar, proxy); @@ -278,8 +274,7 @@ public static IEnumerable HttpProxyCgiEnvVarMemberData() public void HttpProxy_TryCreateAndPossibleCgi_HttpProxyUpperCaseDisabledInCgi( string proxyEnvVar, bool cgi, bool expectedProxyUse) { - // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test dummy credentials.")] - string proxy = "http://foo:bar@1.1.1.1:3000"; + string proxy = "http://user:password@1.1.1.1:3000"; var options = new RemoteInvokeOptions(); options.StartInfo.EnvironmentVariables.Add(proxyEnvVar, proxy); diff --git a/src/libraries/System.Net.Mail/tests/Functional/SmtpClientTest.cs b/src/libraries/System.Net.Mail/tests/Functional/SmtpClientTest.cs index d96ae852ea7445..020a5b45bc8248 100644 --- a/src/libraries/System.Net.Mail/tests/Functional/SmtpClientTest.cs +++ b/src/libraries/System.Net.Mail/tests/Functional/SmtpClientTest.cs @@ -293,8 +293,7 @@ public void TestMailDelivery() { using var server = new LoopbackSmtpServer(); using SmtpClient client = server.CreateClient(); - // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test dummy credentials.")] - client.Credentials = new NetworkCredential("Foo", "Bar"); + client.Credentials = new NetworkCredential("user", "password"); MailMessage msg = new MailMessage("foo@example.com", "bar@example.com", "hello", "howdydoo"); client.Send(msg); @@ -304,8 +303,8 @@ public void TestMailDelivery() Assert.Equal("hello", server.Message.Subject); Assert.Equal("howdydoo", server.Message.Body); Assert.Equal(GetClientDomain(), server.ClientDomain); - Assert.Equal("Foo", server.Username); - Assert.Equal("Bar", server.Password); + Assert.Equal("user", server.Username); + Assert.Equal("password", server.Password); Assert.Equal("LOGIN", server.AuthMethodUsed, StringComparer.OrdinalIgnoreCase); } @@ -506,8 +505,7 @@ public async Task SendMail_SendQUITOnDispose(bool asyncSend) using (SmtpClient client = server.CreateClient()) { - // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test dummy credentials.")] - client.Credentials = new NetworkCredential("Foo", "Bar"); + client.Credentials = new NetworkCredential("user", "password"); MailMessage msg = new MailMessage("foo@example.com", "bar@example.com", "hello", "howdydoo"); if (asyncSend) { diff --git a/src/libraries/System.Private.Uri/tests/ExtendedFunctionalTests/UriRelativeResolutionTest.cs b/src/libraries/System.Private.Uri/tests/ExtendedFunctionalTests/UriRelativeResolutionTest.cs index 595bccbc4ea12b..0f1dc77af66d51 100644 --- a/src/libraries/System.Private.Uri/tests/ExtendedFunctionalTests/UriRelativeResolutionTest.cs +++ b/src/libraries/System.Private.Uri/tests/ExtendedFunctionalTests/UriRelativeResolutionTest.cs @@ -11,8 +11,6 @@ namespace System.PrivateUri.Tests public class UriRelativeResolutionTest { // See RFC 3986 Section 5.2.2 and 5.4 http://www.ietf.org/rfc/rfc3986.txt - - // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test dummy credentials.")] private readonly Uri _fullBaseUri = new Uri("http://user:psw@host:9090/path1/path2/path3/fileA?query#fragment"); [Fact] @@ -386,7 +384,6 @@ public void Uri_Relative_BaseVsSlashTrippleDotSlash_ReturnsSlashTrippleDotSlash( [Fact] public void Uri_Relative_BaseMadeRelativeToSamePath_ReturnsQueryAndFragment() { - // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test dummy credentials.")] Uri compareUri = new Uri("http://user:psw@host:9090/path1/path2/path3/fileA?AQuery#AFragment"); Uri relative = _fullBaseUri.MakeRelativeUri(compareUri); @@ -397,7 +394,6 @@ public void Uri_Relative_BaseMadeRelativeToSamePath_ReturnsQueryAndFragment() [Fact] public void Uri_Relative_BaseMadeRelativeToLastSlash_ReturnsDotSlashPlusQueryAndFragment() { - // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test dummy credentials.")] Uri compareUri = new Uri("http://user:psw@host:9090/path1/path2/path3/?AQuery#AFragment"); Uri relative = _fullBaseUri.MakeRelativeUri(compareUri); Uri reassembled = new Uri(_fullBaseUri, relative); // Symetric @@ -411,7 +407,6 @@ public void Uri_Relative_BaseMadeRelativeToLastSlash_ReturnsDotSlashPlusQueryAnd [Fact] public void Uri_Relative_BaseMadeRelativeToLastSlash_ReturnsDotSlash() { - // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test dummy credentials.")] Uri compareUri = new Uri("http://user:psw@host:9090/path1/path2/path3/"); Uri relative = _fullBaseUri.MakeRelativeUri(compareUri); Uri reassembled = new Uri(_fullBaseUri, relative); // Symetric @@ -424,7 +419,6 @@ public void Uri_Relative_BaseMadeRelativeToLastSlash_ReturnsDotSlash() [Fact] public void Uri_Relative_BaseMadeRelativeToLastSlashWithExtra_ReturnsDotSlashPlusQueryAndFragment() { - // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test dummy credentials.")] Uri compareUri = new Uri("http://user:psw@host:9090/path1/path2/path3/Path4/fileb?AQuery#AFragment"); Uri relative = _fullBaseUri.MakeRelativeUri(compareUri); Uri reassembled = new Uri(_fullBaseUri, relative); // Symetric @@ -437,7 +431,6 @@ public void Uri_Relative_BaseMadeRelativeToLastSlashWithExtra_ReturnsDotSlashPlu [Fact] public void Uri_Relative_BaseMadeRelativeToSecondToLastSlash_ReturnsDoubleDotSlashPlusQueryAndFragment() { - // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test dummy credentials.")] Uri compareUri = new Uri("http://user:psw@host:9090/path1/path2/?AQuery#AFragment"); Uri relative = _fullBaseUri.MakeRelativeUri(compareUri); Uri reassembled = new Uri(_fullBaseUri, relative); // Symetric @@ -450,7 +443,6 @@ public void Uri_Relative_BaseMadeRelativeToSecondToLastSlash_ReturnsDoubleDotSla [Fact] public void Uri_Relative_BaseMadeRelativeToThirdToLastSlash_ReturnsDoubleDoubleDotSlashPlusQueryAndFragment() { - // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test dummy credentials.")] Uri compareUri = new Uri("http://user:psw@host:9090/path1/?AQuery#AFragment"); Uri relative = _fullBaseUri.MakeRelativeUri(compareUri); Uri reassembled = new Uri(_fullBaseUri, relative); // Symetric @@ -463,7 +455,6 @@ public void Uri_Relative_BaseMadeRelativeToThirdToLastSlash_ReturnsDoubleDoubleD [Fact] public void Uri_Relative_BaseMadeRelativeToEmptyPath_ReturnsTrippleDoubleDotSlashPlusQueryAndFragment() { - // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test dummy credentials.")] Uri compareUri = new Uri("http://user:psw@host:9090/?AQuery#AFragment"); Uri relative = _fullBaseUri.MakeRelativeUri(compareUri); Uri reassembled = new Uri(_fullBaseUri, relative); // Symetric diff --git a/src/libraries/System.Private.Uri/tests/FunctionalTests/UriBuilderRefreshTest.cs b/src/libraries/System.Private.Uri/tests/FunctionalTests/UriBuilderRefreshTest.cs index d6cee754e27f7a..cc52c49e562ff3 100644 --- a/src/libraries/System.Private.Uri/tests/FunctionalTests/UriBuilderRefreshTest.cs +++ b/src/libraries/System.Private.Uri/tests/FunctionalTests/UriBuilderRefreshTest.cs @@ -7,8 +7,7 @@ namespace System.PrivateUri.Tests { public class UriBuilderRefreshTest { - // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test dummy credentials.")] - private static readonly Uri s_starterUri = new Uri("http://user:psw@host:9090/path/file.txt?query#fragment"); + private static readonly Uri s_starterUri = new Uri("http://user:password@host:9090/path/file.txt?query#fragment"); [Fact] public void UriBuilder_ChangeScheme_Refreshed() diff --git a/src/libraries/System.Private.Uri/tests/FunctionalTests/UriBuilderTests.cs b/src/libraries/System.Private.Uri/tests/FunctionalTests/UriBuilderTests.cs index bd1ec6bb31b261..cbfbaf38104b91 100644 --- a/src/libraries/System.Private.Uri/tests/FunctionalTests/UriBuilderTests.cs +++ b/src/libraries/System.Private.Uri/tests/FunctionalTests/UriBuilderTests.cs @@ -214,7 +214,6 @@ public void UserName_Get_Set(string value, string expected) [InlineData(null, "")] public void Password_Get_Set(string value, string expected) { - // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test dummy credentials.")] var uriBuilder = new UriBuilder("http://userinfo1:userinfo2@domain/path?query#fragment"); uriBuilder.Password = value; Assert.Equal(expected, uriBuilder.Password); @@ -324,19 +323,12 @@ public static IEnumerable Equals_TestData() yield return new object[] { new UriBuilder(), new UriBuilder(), true }; yield return new object[] { new UriBuilder(), null, false }; - // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test dummy credentials.")] yield return new object[] { new UriBuilder("http://username:password@domain.com:80/path/file?query#fragment"), new UriBuilder("http://username:password@domain.com:80/path/file?query#fragment"), true }; - // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test dummy credentials.")] yield return new object[] { new UriBuilder("http://username:password@domain.com:80/path/file?query#fragment"), new UriBuilder("http://domain.com:80/path/file?query#fragment"), true }; // Ignores userinfo - // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test dummy credentials.")] yield return new object[] { new UriBuilder("http://username:password@domain.com:80/path/file?query#fragment"), new UriBuilder("http://username:password@domain.com:80/path/file?query#fragment2"), true }; // Ignores fragment - // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test dummy credentials.")] yield return new object[] { new UriBuilder("http://username:password@domain.com:80/path/file?query#fragment"), new UriBuilder("http://username:password@host.com:80/path/file?query#fragment"), false }; - // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test dummy credentials.")] yield return new object[] { new UriBuilder("http://username:password@domain.com:80/path/file?query#fragment"), new UriBuilder("http://username:password@domain.com:90/path/file?query#fragment"), false }; - // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test dummy credentials.")] yield return new object[] { new UriBuilder("http://username:password@domain.com:80/path/file?query#fragment"), new UriBuilder("http://username:password@domain.com:80/path2/file?query#fragment"), false }; - // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test dummy credentials.")] yield return new object[] { new UriBuilder("http://username:password@domain.com:80/path/file?query#fragment"), new UriBuilder("http://username:password@domain.com:80/path/file?query2#fragment"), false }; yield return new object[] { new UriBuilder("unknown:"), new UriBuilder("unknown:"), true }; diff --git a/src/libraries/System.Private.Uri/tests/FunctionalTests/UriRelativeResolutionTest.cs b/src/libraries/System.Private.Uri/tests/FunctionalTests/UriRelativeResolutionTest.cs index 385a4f1d5a3c23..ba545259aba1ef 100644 --- a/src/libraries/System.Private.Uri/tests/FunctionalTests/UriRelativeResolutionTest.cs +++ b/src/libraries/System.Private.Uri/tests/FunctionalTests/UriRelativeResolutionTest.cs @@ -16,13 +16,9 @@ public class UriRelativeResolutionTest { // See RFC 3986 Section 5.2.2 and 5.4 http://www.ietf.org/rfc/rfc3986.txt - // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test dummy credentials.")] private readonly Uri _fullBaseUri = new Uri("http://user:psw@host:9090/path1/path2/path3/fileA?query#fragment"); - // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test dummy credentials.")] private const string FullBaseUriGetLeftPart_Path = "http://user:psw@host:9090/path1/path2/path3/fileA"; - // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test dummy credentials.")] private const string FullBaseUriGetLeftPart_Authority = "http://user:psw@host:9090"; - // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test dummy credentials.")] private const string FullBaseUriGetLeftPart_Query = "http://user:psw@host:9090/path1/path2/path3/fileA?query"; [Fact] @@ -529,7 +525,6 @@ public void Uri_Relative_BaseVsSlashTrippleDotSlash_ReturnsSlashTrippleDotSlash( [Fact] public void Uri_Relative_BaseMadeRelativeToSamePath_ReturnsQueryAndFragment() { - // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test dummy credentials.")] Uri compareUri = new Uri("http://user:psw@host:9090/path1/path2/path3/fileA?AQuery#AFragment"); Uri relative = _fullBaseUri.MakeRelativeUri(compareUri); @@ -540,7 +535,6 @@ public void Uri_Relative_BaseMadeRelativeToSamePath_ReturnsQueryAndFragment() [Fact] public void Uri_Relative_BaseMadeRelativeToLastSlash_ReturnsDotSlashPlusQueryAndFragment() { - // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test dummy credentials.")] Uri compareUri = new Uri("http://user:psw@host:9090/path1/path2/path3/?AQuery#AFragment"); Uri relative = _fullBaseUri.MakeRelativeUri(compareUri); Uri reassembled = new Uri(_fullBaseUri, relative); // Symetric @@ -554,7 +548,6 @@ public void Uri_Relative_BaseMadeRelativeToLastSlash_ReturnsDotSlashPlusQueryAnd [Fact] public void Uri_Relative_BaseMadeRelativeToLastSlash_ReturnsDotSlash() { - // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test dummy credentials.")] Uri compareUri = new Uri("http://user:psw@host:9090/path1/path2/path3/"); Uri relative = _fullBaseUri.MakeRelativeUri(compareUri); Uri reassembled = new Uri(_fullBaseUri, relative); // Symetric @@ -567,7 +560,6 @@ public void Uri_Relative_BaseMadeRelativeToLastSlash_ReturnsDotSlash() [Fact] public void Uri_Relative_BaseMadeRelativeToLastSlashWithExtra_ReturnsDotSlashPlusQueryAndFragment() { - // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test dummy credentials.")] Uri compareUri = new Uri("http://user:psw@host:9090/path1/path2/path3/Path4/fileb?AQuery#AFragment"); Uri relative = _fullBaseUri.MakeRelativeUri(compareUri); Uri reassembled = new Uri(_fullBaseUri, relative); // Symetric @@ -580,7 +572,6 @@ public void Uri_Relative_BaseMadeRelativeToLastSlashWithExtra_ReturnsDotSlashPlu [Fact] public void Uri_Relative_BaseMadeRelativeToSecondToLastSlash_ReturnsDoubleDotSlashPlusQueryAndFragment() { - // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test dummy credentials.")] Uri compareUri = new Uri("http://user:psw@host:9090/path1/path2/?AQuery#AFragment"); Uri relative = _fullBaseUri.MakeRelativeUri(compareUri); Uri reassembled = new Uri(_fullBaseUri, relative); // Symetric @@ -593,7 +584,6 @@ public void Uri_Relative_BaseMadeRelativeToSecondToLastSlash_ReturnsDoubleDotSla [Fact] public void Uri_Relative_BaseMadeRelativeToThirdToLastSlash_ReturnsDoubleDoubleDotSlashPlusQueryAndFragment() { - // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test dummy credentials.")] Uri compareUri = new Uri("http://user:psw@host:9090/path1/?AQuery#AFragment"); Uri relative = _fullBaseUri.MakeRelativeUri(compareUri); Uri reassembled = new Uri(_fullBaseUri, relative); // Symetric @@ -606,7 +596,6 @@ public void Uri_Relative_BaseMadeRelativeToThirdToLastSlash_ReturnsDoubleDoubleD [Fact] public void Uri_Relative_BaseMadeRelativeToEmptyPath_ReturnsTrippleDoubleDotSlashPlusQueryAndFragment() { - // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test dummy credentials.")] Uri compareUri = new Uri("http://user:psw@host:9090/?AQuery#AFragment"); Uri relative = _fullBaseUri.MakeRelativeUri(compareUri); Uri reassembled = new Uri(_fullBaseUri, relative); // Symetric diff --git a/src/libraries/System.Runtime/tests/System/Uri.CreateStringTests.cs b/src/libraries/System.Runtime/tests/System/Uri.CreateStringTests.cs index eb938d2db4fcc8..7190397886121f 100644 --- a/src/libraries/System.Runtime/tests/System/Uri.CreateStringTests.cs +++ b/src/libraries/System.Runtime/tests/System/Uri.CreateStringTests.cs @@ -120,9 +120,7 @@ public static IEnumerable Scheme_Authority_TestData() yield return new object[] { "http://@host:90#fragment", "http", "", "host", UriHostNameType.Dns, 90, false, false }; yield return new object[] { "http://userinfo@host:90#fragment", "http", "userinfo", "host", UriHostNameType.Dns, 90, false, false }; yield return new object[] { "http://userinfo@host#fragment", "http", "userinfo", "host", UriHostNameType.Dns, 80, true, false }; - // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test dummy credentials.")] yield return new object[] { "http://user:password@host", "http", "user:password", "host", UriHostNameType.Dns, 80, true, false }; - // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test dummy credentials.")] yield return new object[] { "http://user:80@host:90", "http", "user:80", "host", UriHostNameType.Dns, 90, false, false }; yield return new object[] { "http://host:0", "http", "", "host", UriHostNameType.Dns, 0, false, false }; yield return new object[] { "http://host:80", "http", "", "host", UriHostNameType.Dns, 80, true, false }; @@ -364,7 +362,6 @@ public static IEnumerable Scheme_Authority_TestData() yield return new object[] { "telnet://host/", "telnet", "", "host", UriHostNameType.Dns, 23, true, false }; yield return new object[] { "telnet://host:80", "telnet", "", "host", UriHostNameType.Dns, 80, false, false }; yield return new object[] { "telnet://userinfo@host/", "telnet", "userinfo", "host", UriHostNameType.Dns, 23, true, false }; - // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test dummy credentials.")] yield return new object[] { "telnet://username:password@host/", "telnet", "username:password", "host", UriHostNameType.Dns, 23, true, false }; yield return new object[] { "telnet://host?query#fragment", "telnet", "", "host", UriHostNameType.Dns, 23, true, false }; yield return new object[] { "telnet://host#fragment", "telnet", "", "host", UriHostNameType.Dns, 23, true, false }; @@ -426,7 +423,6 @@ public static IEnumerable Scheme_Authority_TestData() yield return new object[] { "http://abc\u1234\u2345\u3456@host/", "http", "abc%E1%88%B4%E2%8D%85%E3%91%96", "host", UriHostNameType.Dns, 80, true, false }; yield return new object[] { "http://\u1234abc\u2345\u3456@host/", "http", "%E1%88%B4abc%E2%8D%85%E3%91%96", "host", UriHostNameType.Dns, 80, true, false }; yield return new object[] { "http://\u1234\u2345\u3456abc@host/", "http", "%E1%88%B4%E2%8D%85%E3%91%96abc", "host", UriHostNameType.Dns, 80, true, false }; - // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test dummy credentials.")] yield return new object[] { "http://userinfo!~+-_*()[]:;&$=123USERINFO@host/", "http", "userinfo!~+-_*()[]:;&$=123USERINFO", "host", UriHostNameType.Dns, 80, true, false }; yield return new object[] { "http://%68%65%6C%6C%6F@host/", "http", "hello", "host", UriHostNameType.Dns, 80, true, false }; yield return new object[] { "http://\u00A3@host/", "http", "%C2%A3", "host", UriHostNameType.Dns, 80, true, false }; diff --git a/src/libraries/System.Security.Cryptography.X509Certificates/tests/ExportTests.cs b/src/libraries/System.Security.Cryptography.X509Certificates/tests/ExportTests.cs index 80d30b3be1a826..998e5bf86e5823 100644 --- a/src/libraries/System.Security.Cryptography.X509Certificates/tests/ExportTests.cs +++ b/src/libraries/System.Security.Cryptography.X509Certificates/tests/ExportTests.cs @@ -76,8 +76,7 @@ public static void ExportAsPfx() [Fact] public static void ExportAsPfxWithPassword() { - // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test dummy credentials.")] - const string password = "Cotton"; + const string password = "password"; using (X509Certificate2 c1 = new X509Certificate2(TestData.MsCertificate)) { @@ -95,8 +94,7 @@ public static void ExportAsPfxWithPassword() [Fact] public static void ExportAsPfxVerifyPassword() { - // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test dummy credentials.")] - const string password = "Cotton"; + const string password = "password"; using (X509Certificate2 c1 = new X509Certificate2(TestData.MsCertificate)) { @@ -112,8 +110,7 @@ public static void ExportAsPfxWithPrivateKeyVerifyPassword() { Assert.True(cert.HasPrivateKey, "cert.HasPrivateKey"); - // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test dummy credentials.")] - const string password = "Cotton"; + const string password = "password"; byte[] pfx = cert.Export(X509ContentType.Pkcs12, password); diff --git a/src/libraries/System.Security.Cryptography.Xml/tests/EncryptedXmlTest.cs b/src/libraries/System.Security.Cryptography.Xml/tests/EncryptedXmlTest.cs index 7456b8513906b9..b6c1d8168a7392 100644 --- a/src/libraries/System.Security.Cryptography.Xml/tests/EncryptedXmlTest.cs +++ b/src/libraries/System.Security.Cryptography.Xml/tests/EncryptedXmlTest.cs @@ -141,7 +141,7 @@ public void Sample2() { aes.Mode = CipherMode.CBC; aes.KeySize = 256; - // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test dummy credentials.")] + // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test dummy credentials.")] aes.Key = Convert.FromBase64String("o/ilseZu+keLBBWGGPlUHweqxIPc4gzZEFWr2nBt640="); aes.Padding = PaddingMode.Zeros; diff --git a/src/libraries/System.Security.Cryptography.Xml/tests/SignedXmlTest.cs b/src/libraries/System.Security.Cryptography.Xml/tests/SignedXmlTest.cs index c115193109577a..600b4747b38d65 100644 --- a/src/libraries/System.Security.Cryptography.Xml/tests/SignedXmlTest.cs +++ b/src/libraries/System.Security.Cryptography.Xml/tests/SignedXmlTest.cs @@ -658,7 +658,6 @@ public void DigestValue_CRLF() Assert.Equal("IKbfdK2/DMfXyezCf5QggVCXfk8=", Convert.ToBase64String(digest)); - // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test dummy credentials.")] X509Certificate2 cert = new X509Certificate2(_pkcs12, "mono"); SignedXml signedXml = new SignedXml(doc); signedXml.SigningKey = cert.PrivateKey; @@ -718,7 +717,6 @@ public void DigestValue_LF() Assert.Equal("e3dsi1xK8FAx1vsug7J203JbEAU=", Convert.ToBase64String(digest)); - // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test dummy credentials.")] X509Certificate2 cert = new X509Certificate2(_pkcs12, "mono"); SignedXml signedXml = new SignedXml(doc); signedXml.SigningKey = cert.PrivateKey; @@ -761,7 +759,6 @@ public void DigestValue_LF() [Fact] public void SignedXML_CRLF_Invalid() { - // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test dummy credentials.")] X509Certificate2 cert = new X509Certificate2(_pkcs12, "mono"); XmlDocument doc = new XmlDocument(); @@ -825,7 +822,6 @@ public void SignedXML_CRLF_Invalid() [Fact] public void SignedXML_CRLF_Valid() { - // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test dummy credentials.")] X509Certificate2 cert = new X509Certificate2(_pkcs12, "mono"); XmlDocument doc = CreateSignedXml(cert, SignedXml.XmlDsigExcC14NTransformUrl, "\r\n"); @@ -883,7 +879,6 @@ public void SignedXML_CRLF_Valid() [Fact] public void SignedXML_LF_Valid() { - // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test dummy credentials.")] X509Certificate2 cert = new X509Certificate2(_pkcs12, "mono"); XmlDocument doc = CreateSignedXml(cert, SignedXml.XmlDsigExcC14NTransformUrl, "\n"); @@ -942,7 +937,6 @@ public void SignedXML_LF_Valid() public void MultipleX509Certificates() { XmlDocument doc = null; - // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test dummy credentials.")] X509Certificate2 cert = new X509Certificate2(_pkcs12, "mono"); doc = CreateSignedXml(cert, SignedXml.XmlDsigExcC14NTransformUrl, "\n"); diff --git a/src/libraries/System.Security.Cryptography.Xml/tests/TestHelpers.cs b/src/libraries/System.Security.Cryptography.Xml/tests/TestHelpers.cs index c61c92fc142a09..4cdcd7d483346e 100644 --- a/src/libraries/System.Security.Cryptography.Xml/tests/TestHelpers.cs +++ b/src/libraries/System.Security.Cryptography.Xml/tests/TestHelpers.cs @@ -185,12 +185,11 @@ public static IEnumerable GetSymmetricAlgorithms(bool } private static readonly byte[] SamplePfx = Convert.FromBase64String( - // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test dummy certificate.")] + // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test dummy certificate.")] @"MIIFpQIBAzCCBV8GCSqGSIb3DQEHAaCCBVAEggVMMIIFSDCCAl8GCSqGSIb3DQEHBqCCAlAwggJMAgEAMIICRQYJKoZIhvcNAQcBMBwGCiqGSIb3DQEMAQMwDgQIGTfVa4+vR1UCAgfQgIICGJuFE9alFWJFkaoeewKDIEnVwRxXfMsi8dcySYnp7jljEUQBfW/GIbOf7Lg2nHd0qxvxYI2YL4Zs+d0jWbqfNHamGFCMPe1dK957Z2PsKXR183vMSgnmlLAHktsIN+Gor7q1GbQ4ljfZkGqZ/rkgUsgsSYZSnJevP/uH0VnvxemljVJ7N7gKMYO0aqrca4qJ0O4YxBYyaerPFUOYunQlvk6DOF3SQXza5oFKcPGrSpE/9eQrnmm64BtbdnUE6qqEjfZfNa6MOD3vOnapLUBsel2TtVCu8tEl7I8FGxozTLXVTXOBkL3k7xLRS52ZtpbcU2JIhlDGpxeFXmjKYzdzHoL20iJubfdkUYtHwB0XjBKKLcI7jfgGgjNauaTLAx8FF+5O9s7Zbj2+SKWv56kqAwdX+iH21VgjAN9EByIXHb3p2ZOvy4ONDXTmfSn7jbuPLZTi+u6bxn2JOLf/gjEA8FiCuQDL9gF247bnUq08Z1uzuAUeaPL13U8mxwEuvCOXx5NEQIuf3cusnaH4+7uIhPk5tnfA5XOaABySetRjZhVN5dC5/g3KTwmaDamlW3Y7Az/NzAC4uKa2ny5jwYKBgHviEKOyJfLDKr5fOMRToOfgxvAdXZohQQTE1+TcBjp+eeV5koDfB1ReCKIRHugPZu5j9SCVcYanwFeJ5M4cEHZ9U1Ytsmzjh0fwV17D/hxQ4aS4VwVpOMypMIIC4QYJKoZIhvcNAQcBoIIC0gSCAs4wggLKMIICxgYLKoZIhvcNAQwKAQKgggKeMIICmjAcBgoqhkiG9w0BDAEDMA4ECBRdKqx022cfAgIH0ASCAnjZx9fvPCHizdH6apVzWWmfy/84HvDPjFOUV1TPehTnDPkNpF/uK/ya4jlbl4Kw0Zfknt5Xydl89SMXIWa2q+nWmxyG3XyfGqOAeBfJBSdCF5K3qkZZnzEfraKZZ5Hh8IEmK+ey45O6sltua6Xl5MRBmKLiwma7vX4ihXQTMfb0WlWDYCXZi85OeF0OlUjRWAwz4PeeiBK4nmI/vNmF1EzDVdZGkrrE8mot3Y4z6bvwqip2tUUbHuMnC+/1ikAcJzCOw4NpnEWCRtIJxgJ9es8E8CUfHESnWKe4nh6tJVJ15B8/7oF7N6j7oq4Oj346JthKoWWkzifNaH79A60/uFh08Rv7zrtJf6kedY6Ve2bR5lhWn0cv9Q6IaoqTmKKTmKJnjdQO9lKRCR6iI2OsYtXBropD8xhNNqsyfpNmP0G6wFiEZZxZjWOkZEJLUzFbH+Su+7l2l4FN9sM7k211/l3/3YF1QJHwZsgL98DZL4qE+nkuZQcdtOUx8QTyTOcVb3IzgCAwZm0rgdXQpJ9yRBgOC/6MnqaCPI0jJuavXF/a28GJWWGlazx7SWTrbzNVJ83ZhQ+pfPEPtMi3t0YVLLvapu3otgpiMkv4ew/ssXwYbg6xBWfotK+NG1cPwVFy9/V9+H5dpdvRI/le2QG0F5xCfCeKh/3AuNiMPEGoVUR5kj5cwFK6eskvt/+74ZenxfNPZ2Uttiw8DsqtTx1gxhcSZeU5YWpO7O78RaYE4Ll4kPbbvIaR18Napb6NKP846z02zvaw+feXARLe0HUY58TlmUjSX3MZRK4PEdyMIQ/URyPimj4rImaDfFrKPAHIjqT3EKv+KuNs8TEVMBMGCSqGSIb3DQEJFTEGBAQBAAAAMD0wITAJBgUrDgMCGgUABBRZOo132cuo2zNyy+SH2c+pN4OGmQQU2nQao3je7DTj2G6Gge8pooPf2ncCAgfQ"); public static X509Certificate2 GetSampleX509Certificate() { - // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test dummy credentials.")] return new X509Certificate2(SamplePfx, "mono"); } From 24846a50646851ddb18c0a369b145faae6cab64a Mon Sep 17 00:00:00 2001 From: Jan Jahoda Date: Wed, 15 Jul 2020 16:26:20 +0200 Subject: [PATCH 6/9] Clean up --- .../tests/System/Net/Configuration.Certificates.cs | 2 +- .../Deployment/setup_certificates.ps1 | 14 +++++++------- .../AlgorithmImplementations/EC/ECKeyPemTests.cs | 8 ++++---- .../UriRelativeResolutionTest.cs | 1 + 4 files changed, 13 insertions(+), 12 deletions(-) diff --git a/src/libraries/Common/tests/System/Net/Configuration.Certificates.cs b/src/libraries/Common/tests/System/Net/Configuration.Certificates.cs index 67a6abf1249859..c0f114a82d35b7 100644 --- a/src/libraries/Common/tests/System/Net/Configuration.Certificates.cs +++ b/src/libraries/Common/tests/System/Net/Configuration.Certificates.cs @@ -62,7 +62,7 @@ static Certificates() } } } - + // These Get* methods make a copy of the certificates so that consumers own the lifetime of the // certificates handed back. Consumers are expected to dispose of their certs when done with them. diff --git a/src/libraries/Common/tests/System/Net/Prerequisites/Deployment/setup_certificates.ps1 b/src/libraries/Common/tests/System/Net/Prerequisites/Deployment/setup_certificates.ps1 index 17a7ac349641ad..a41139dff18a15 100644 --- a/src/libraries/Common/tests/System/Net/Prerequisites/Deployment/setup_certificates.ps1 +++ b/src/libraries/Common/tests/System/Net/Prerequisites/Deployment/setup_certificates.ps1 @@ -5,7 +5,7 @@ # Certificate configuration -$script:testDataUri = "https://github.com/dotnet/runtime-assets/archive/master.zip" +$script:testDataUri = "https://github.com/dotnet/runtime-assets/archive/master.zip" $script:testData = "runtime-assets" $script:certificatePath = "$($script:testData)\runtime-assets-master\System.Net.TestData" @@ -24,9 +24,9 @@ Function DeleteTestData { if (Test-Path $script:testData) { - rmdir $script:testData -Recurse -Force + rmdir $script:testData -Recurse -Force } - + del ($testData + ".zip") -ErrorAction SilentlyContinue } @@ -41,7 +41,7 @@ Function LoadCertificateAndRoot($fileName, $password) { $privateCerts = New-Object System.Security.Cryptography.X509Certificates.X509Certificate2Collection $fullPath = GetFullPath $fileName - + $privateCerts.Import($fullPath, $password, ("MachineKeySet", "PersistKeySet", "Exportable")) $privateKeyCert = $null @@ -106,12 +106,12 @@ Function RemoveCertificates($filename, $password) Write-Host "Acquiring test data." DownloadTestData ($private, $root) = LoadCertificateAndRoot $fileName $password - + Write-Host -ForegroundColor DarkGray "`tRemoving root certificate: $($root.Subject)" dir Cert:\LocalMachine\Root | where {$_.Subject -eq $root.Subject} | foreach { rm (Join-Path Cert:\LocalMachine\Root $_.Thumbprint) } Write-Host -ForegroundColor DarkGray "`tRemoving private key certificate: $($private.Subject)" dir Cert:\LocalMachine\My | where {$_.Subject -eq $private.Subject} | foreach { rm (Join-Path Cert:\LocalMachine\My $_.Thumbprint) -DeleteKey } - + DeleteTestData } @@ -125,4 +125,4 @@ Function RemoveServerCertificates { Write-Host -ForegroundColor Cyan "Removing Server Certificates" RemoveCertificates $script:serverPrivateKeyPath $script:serverPrivateKeyPassword -} +} \ No newline at end of file diff --git a/src/libraries/Common/tests/System/Security/Cryptography/AlgorithmImplementations/EC/ECKeyPemTests.cs b/src/libraries/Common/tests/System/Security/Cryptography/AlgorithmImplementations/EC/ECKeyPemTests.cs index 712797a37a34d4..79d99867576e7f 100644 --- a/src/libraries/Common/tests/System/Security/Cryptography/AlgorithmImplementations/EC/ECKeyPemTests.cs +++ b/src/libraries/Common/tests/System/Security/Cryptography/AlgorithmImplementations/EC/ECKeyPemTests.cs @@ -31,8 +31,8 @@ public void ImportFromPem_ECPrivateKey_Simple() { using (TAlg key = CreateKey()) { - key.ImportFromPem( -@"-----BEGIN EC PRIVATE KEY----- + key.ImportFromPem(@" +-----BEGIN EC PRIVATE KEY----- MHcCAQEEIHChLC2xaEXtVv9oz8IaRys/BNfWhRv2NJ8tfVs0UrOKoAoGCCqGSM49 AwEHoUQDQgAEgQHs5HRkpurXDPaabivT2IaRoyYtIsuk92Ner/JmgKjYoSumHVmS NfZ9nLTVjxeD08pD548KWrqmJAeZNsDDqQ== @@ -48,8 +48,8 @@ public void ImportFromPem_ECPrivateKey_IgnoresUnrelatedAlgorithm() { using (TAlg key = CreateKey()) { - key.ImportFromPem( -@"-----BEGIN RSA PRIVATE KEY----- + key.ImportFromPem(@" +-----BEGIN RSA PRIVATE KEY----- MIIBOwIBAAJBALc/WfXui9VeJLf/AprRaoVDyW0lPlQxm5NTLEHDwUd7idstLzPX uah0WEjgao5oO1BEUR4byjYlJ+F89Cs4BhUCAwEAAQJBAK/m8jYvnK9exaSR+DAh Ij12ip5pB+HOFOdhCbS/coNoIowa6WJGrd3Np1m9BBhouWloF8UB6Iu8/e/wAg+F diff --git a/src/libraries/System.Private.Uri/tests/ExtendedFunctionalTests/UriRelativeResolutionTest.cs b/src/libraries/System.Private.Uri/tests/ExtendedFunctionalTests/UriRelativeResolutionTest.cs index 0f1dc77af66d51..85f11a3ead40cd 100644 --- a/src/libraries/System.Private.Uri/tests/ExtendedFunctionalTests/UriRelativeResolutionTest.cs +++ b/src/libraries/System.Private.Uri/tests/ExtendedFunctionalTests/UriRelativeResolutionTest.cs @@ -11,6 +11,7 @@ namespace System.PrivateUri.Tests public class UriRelativeResolutionTest { // See RFC 3986 Section 5.2.2 and 5.4 http://www.ietf.org/rfc/rfc3986.txt + private readonly Uri _fullBaseUri = new Uri("http://user:psw@host:9090/path1/path2/path3/fileA?query#fragment"); [Fact] From 3fe5e246a0494662c7695ddf899f56f11d4f03ad Mon Sep 17 00:00:00 2001 From: Jan Jahoda Date: Thu, 16 Jul 2020 15:56:28 +0200 Subject: [PATCH 7/9] Apply suggestions from code review Co-authored-by: Jeremy Barton --- .../AlgorithmImplementations/EC/ECKeyFileTests.cs | 2 +- .../AlgorithmImplementations/RSA/RSAKeyFileTests.cs | 6 +++--- .../tests/EncryptedXmlTest.cs | 6 +++--- 3 files changed, 7 insertions(+), 7 deletions(-) diff --git a/src/libraries/Common/tests/System/Security/Cryptography/AlgorithmImplementations/EC/ECKeyFileTests.cs b/src/libraries/Common/tests/System/Security/Cryptography/AlgorithmImplementations/EC/ECKeyFileTests.cs index 9e5a30b6022245..3683a95a8df04a 100644 --- a/src/libraries/Common/tests/System/Security/Cryptography/AlgorithmImplementations/EC/ECKeyFileTests.cs +++ b/src/libraries/Common/tests/System/Security/Cryptography/AlgorithmImplementations/EC/ECKeyFileTests.cs @@ -176,7 +176,7 @@ public void ReadNistP521EncryptedPkcs8_Pbes2_Aes128_Sha384() public void ReadNistP521EncryptedPkcs8_Pbes2_Aes128_Sha384_PasswordBytes() { // PBES2, PBKDF2 (SHA384), AES128 - // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test dummy certificate.")] + // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test key.")] const string base64 = @" MIIBXTBXBgkqhkiG9w0BBQ0wSjApBgkqhkiG9w0BBQwwHAQI/JyXWyp/t3kCAggA MAwGCCqGSIb3DQIKBQAwHQYJYIZIAWUDBAECBBA3H8mbFK5afB5GzIemCCQkBIIB diff --git a/src/libraries/Common/tests/System/Security/Cryptography/AlgorithmImplementations/RSA/RSAKeyFileTests.cs b/src/libraries/Common/tests/System/Security/Cryptography/AlgorithmImplementations/RSA/RSAKeyFileTests.cs index 5e6181275b4f9a..2412438f866c6e 100644 --- a/src/libraries/Common/tests/System/Security/Cryptography/AlgorithmImplementations/RSA/RSAKeyFileTests.cs +++ b/src/libraries/Common/tests/System/Security/Cryptography/AlgorithmImplementations/RSA/RSAKeyFileTests.cs @@ -763,7 +763,7 @@ public static void ReadPbes2Rc2EncryptedDiminishedDP() public static void ReadPbes2Rc2EncryptedDiminishedDP_PasswordBytes() { // PBES2: PBKDF2 + RC2-128 - // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test dummy certificate.")] + // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test key.")] const string base64 = @" MIIBrjBIBgkqhkiG9w0BBQ0wOzAeBgkqhkiG9w0BBQwwEQQIKZEFT76zCFECAggA AgEQMBkGCCqGSIb3DQMCMA0CAToECE1Yyzk6++IPBIIBYDDvaYLkET8eudcYLQMf @@ -789,7 +789,7 @@ public static void ReadPbes2Rc2EncryptedDiminishedDP_PasswordBytes() [Fact] public static void ReadEncryptedDiminishedDP_EmptyPassword() { - // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test dummy certificate.")] + // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test key.")] const string base64 = @" MIIBgTAbBgkqhkiG9w0BBQMwDgQIJtjMez/9Gg4CAggABIIBYElq9UOOphEPU3b7 G/mV8M1uEdjigidMPih3b9IIJhrjMAEix2IjS+brFL7KRQgucpZZoaFU1utvkUHg @@ -814,7 +814,7 @@ public static void ReadEncryptedDiminishedDP_EmptyPassword() [Fact] public static void ReadEncryptedDiminishedDP_EmptyPasswordBytes() { - // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test dummy certificate.")] + // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test key.")] const string base64 = @" MIIBgTAbBgkqhkiG9w0BBQMwDgQIJtjMez/9Gg4CAggABIIBYElq9UOOphEPU3b7 G/mV8M1uEdjigidMPih3b9IIJhrjMAEix2IjS+brFL7KRQgucpZZoaFU1utvkUHg diff --git a/src/libraries/System.Security.Cryptography.Xml/tests/EncryptedXmlTest.cs b/src/libraries/System.Security.Cryptography.Xml/tests/EncryptedXmlTest.cs index b6c1d8168a7392..f547ba74dda2ed 100644 --- a/src/libraries/System.Security.Cryptography.Xml/tests/EncryptedXmlTest.cs +++ b/src/libraries/System.Security.Cryptography.Xml/tests/EncryptedXmlTest.cs @@ -141,7 +141,7 @@ public void Sample2() { aes.Mode = CipherMode.CBC; aes.KeySize = 256; - // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test dummy credentials.")] + // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test key.")] aes.Key = Convert.FromBase64String("o/ilseZu+keLBBWGGPlUHweqxIPc4gzZEFWr2nBt640="); aes.Padding = PaddingMode.Zeros; @@ -174,7 +174,7 @@ public void RoundtripSample1() aes.Mode = CipherMode.CBC; aes.KeySize = 256; aes.IV = Convert.FromBase64String("pBUM5P03rZ6AE4ZK5EyBrw=="); - // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test dummy credentials.")] + // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test key.")] aes.Key = Convert.FromBase64String("o/ilseZu+keLBBWGGPlUHweqxIPc4gzZEFWr2nBt640="); aes.Padding = PaddingMode.Zeros; @@ -205,7 +205,7 @@ public void RoundtripSample1() { aes.Mode = CipherMode.CBC; aes.KeySize = 256; - // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test dummy credentials.")] + // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test key.")] aes.Key = Convert.FromBase64String("o/ilseZu+keLBBWGGPlUHweqxIPc4gzZEFWr2nBt640="); aes.Padding = PaddingMode.Zeros; From 921d9f08cfba826b7c7095137c4e49fe55d1e3df Mon Sep 17 00:00:00 2001 From: Jan Jahoda Date: Fri, 17 Jul 2020 10:38:27 +0200 Subject: [PATCH 8/9] Revert passwords literals --- .config/CredScanSuppressions.json | 27 ++++++++++++------- .../tests/System/Net/Http/PostScenarioTest.cs | 4 +-- .../FunctionalTests/SocketsHttpHandlerTest.cs | 4 +-- .../UnitTests/DigestAuthenticationTests.cs | 6 ++--- .../UnitTests/HttpEnvironmentProxyTest.cs | 12 ++++----- .../tests/Functional/SmtpClientTest.cs | 8 +++--- .../FunctionalTests/UriBuilderRefreshTest.cs | 2 +- .../tests/ExportTests.cs | 10 ++++--- 8 files changed, 42 insertions(+), 31 deletions(-) diff --git a/.config/CredScanSuppressions.json b/.config/CredScanSuppressions.json index 5c0875fcebd554..984a86f68e69e6 100644 --- a/.config/CredScanSuppressions.json +++ b/.config/CredScanSuppressions.json @@ -23,15 +23,20 @@ { "_justification": "Test credential for Uri testing", "file": [ + "src/libraries/System.Net.Http/tests/UnitTests/HttpEnvironmentProxyTest.cs", "src/libraries/System.Private.Uri/tests/ExtendedFunctionalTests/UriRelativeResolutionTest.cs", + "src/libraries/System.Private.Uri/tests/FunctionalTests/UriBuilderRefreshTest.cs", "src/libraries/System.Private.Uri/tests/FunctionalTests/UriBuilderTests.cs", "src/libraries/System.Private.Uri/tests/FunctionalTests/UriRelativeResolutionTest.cs", "src/libraries/System.Runtime/tests/System/Uri.CreateStringTests.cs" ], "placeholder": [ - "//user:psw@", - "//userinfo1:userinfo2@", - "//userinfo!~+-_*()[]:;&$=123USERINFO@" + "//*:;&$=123USERINFO@", + "//*:bar@", + "//*:bar1@", + "//*:password1@", + "//*:psw@", + "//*:userinfo2@" ] }, { @@ -41,20 +46,24 @@ "src/libraries/Common/tests/System/Net/Http/HttpClientHandlerTest.Authentication.cs", "src/libraries/Common/tests/System/Net/Http/HttpClientHandlerTest.cs", "src/libraries/Common/tests/System/Net/Http/HttpClientHandlerTest.DefaultProxyCredentials.cs", + "src/libraries/Common/tests/System/Net/Http/PostScenarioTest.cs", "src/libraries/Common/tests/System/Net/Prerequisites/Deployment/setup_certificates.ps1", + "src/libraries/System.Net.Http/tests/FunctionalTests/SocketsHttpHandlerTest.cs", + "src/libraries/System.Net.Http/tests/UnitTests/DigestAuthenticationTests.cs", "src/libraries/System.Net.Http/tests/UnitTests/HttpEnvironmentProxyTest.cs", + "src/libraries/System.Net.Mail/tests/Functional/SmtpClientTest.cs", "src/libraries/System.Security.Cryptography.Xml/tests/SignedXmlTest.cs", "src/libraries/System.Security.Cryptography.Xml/tests/TestHelpers.cs" ], "placeholder": [ - "\"rightpassword\"", - "\"wrongpassword\"", + "\"anotherpassword\"", + "\"bar\"", "\"mono\"", - "\"unused\"", - "\"testcertificate\"", "\"password1\"", - "//*:password1@" - /* Credential Scanner already consider "password", "WRONGPASSWORD" as false positive in some cases, hence they are not in this list. */ + "\"rightpassword\"", + "\"testcertificate\"", + "\"unused\"", + "\"wrongpassword\"" ] } ] diff --git a/src/libraries/Common/tests/System/Net/Http/PostScenarioTest.cs b/src/libraries/Common/tests/System/Net/Http/PostScenarioTest.cs index e10d7415bcfe0a..f547766ed5d208 100644 --- a/src/libraries/Common/tests/System/Net/Http/PostScenarioTest.cs +++ b/src/libraries/Common/tests/System/Net/Http/PostScenarioTest.cs @@ -22,8 +22,8 @@ namespace System.Net.Http.Functional.Tests public abstract class PostScenarioTest : HttpClientHandlerTestBase { private const string ExpectedContent = "Test contest"; - private const string UserName = "user"; - private const string Password = "password"; + private const string UserName = "user1"; + private const string Password = "password1"; public PostScenarioTest(ITestOutputHelper output) : base(output) { } diff --git a/src/libraries/System.Net.Http/tests/FunctionalTests/SocketsHttpHandlerTest.cs b/src/libraries/System.Net.Http/tests/FunctionalTests/SocketsHttpHandlerTest.cs index c6fc15ff54b11e..ae32a02a0ef3bb 100644 --- a/src/libraries/System.Net.Http/tests/FunctionalTests/SocketsHttpHandlerTest.cs +++ b/src/libraries/System.Net.Http/tests/FunctionalTests/SocketsHttpHandlerTest.cs @@ -1852,8 +1852,8 @@ await Assert.ThrowsAnyAsync(() => Assert.Throws(expectedExceptionType, () => handler.AllowAutoRedirect = false); Assert.Throws(expectedExceptionType, () => handler.AutomaticDecompression = DecompressionMethods.GZip); Assert.Throws(expectedExceptionType, () => handler.CookieContainer = new CookieContainer()); - Assert.Throws(expectedExceptionType, () => handler.Credentials = new NetworkCredential("anotheruser", "password")); - Assert.Throws(expectedExceptionType, () => handler.DefaultProxyCredentials = new NetworkCredential("anotheruser", "password")); + Assert.Throws(expectedExceptionType, () => handler.Credentials = new NetworkCredential("anotheruser", "anotherpassword")); + Assert.Throws(expectedExceptionType, () => handler.DefaultProxyCredentials = new NetworkCredential("anotheruser", "anotherpassword")); Assert.Throws(expectedExceptionType, () => handler.MaxAutomaticRedirections = 2); Assert.Throws(expectedExceptionType, () => handler.MaxConnectionsPerServer = 2); Assert.Throws(expectedExceptionType, () => handler.MaxResponseHeadersLength = 2); diff --git a/src/libraries/System.Net.Http/tests/UnitTests/DigestAuthenticationTests.cs b/src/libraries/System.Net.Http/tests/UnitTests/DigestAuthenticationTests.cs index 0603d39a1a6715..036aa2bba8aaf3 100644 --- a/src/libraries/System.Net.Http/tests/UnitTests/DigestAuthenticationTests.cs +++ b/src/libraries/System.Net.Http/tests/UnitTests/DigestAuthenticationTests.cs @@ -50,7 +50,7 @@ public static IEnumerable DigestResponse_Challenge_TestData() [InlineData("realm=\"NetCore\", qop=\"auth\", stale=false", false)] public async Task DigestResponse_AuthToken_Handling(string response, bool expectedResult) { - NetworkCredential credential = new NetworkCredential("user", "password"); + NetworkCredential credential = new NetworkCredential("foo", "bar"); AuthenticationHelper.DigestResponse digestResponse = new AuthenticationHelper.DigestResponse(response); HttpRequestMessage request = new HttpRequestMessage(HttpMethod.Get, "http://microsoft.com/"); string parameter = await AuthenticationHelper.GetDigestTokenForCredential(credential, request, digestResponse).ConfigureAwait(false); @@ -66,7 +66,7 @@ public async Task DigestResponse_AuthToken_Handling(string response, bool expect [InlineData("\uD834\uDD1E", "username*=utf-8''%F0%9D%84%9E")] public async Task DigestResponse_UserName_Encoding(string username, string encodedUserName) { - NetworkCredential credential = new NetworkCredential(username, "password"); + NetworkCredential credential = new NetworkCredential(username, "bar"); AuthenticationHelper.DigestResponse digestResponse = new AuthenticationHelper.DigestResponse("realm=\"NetCore\", nonce=\"qMRqWgAAAAAQMjIABgAAAFwEiEwAAAAA\""); HttpRequestMessage request = new HttpRequestMessage(HttpMethod.Get, "http://microsoft.com/"); string parameter = await AuthenticationHelper.GetDigestTokenForCredential(credential, request, digestResponse).ConfigureAwait(false); @@ -89,7 +89,7 @@ public static IEnumerable DigestResponse_ShouldSendQop_TestData() [MemberData(nameof(DigestResponse_ShouldSendQop_TestData))] public async Task DigestResponse_ShouldSendQop(string response, string match, string doesNotMatch, int fieldCount) { - NetworkCredential credential = new NetworkCredential("user", "password"); + NetworkCredential credential = new NetworkCredential("foo", "bar"); AuthenticationHelper.DigestResponse digestResponse = new AuthenticationHelper.DigestResponse(response); HttpRequestMessage request = new HttpRequestMessage(HttpMethod.Get, "http://microsoft.com/"); string parameter = await AuthenticationHelper.GetDigestTokenForCredential(credential, request, digestResponse).ConfigureAwait(false); diff --git a/src/libraries/System.Net.Http/tests/UnitTests/HttpEnvironmentProxyTest.cs b/src/libraries/System.Net.Http/tests/UnitTests/HttpEnvironmentProxyTest.cs index 7ed5a7227f181f..c0ddb1e504b5a0 100644 --- a/src/libraries/System.Net.Http/tests/UnitTests/HttpEnvironmentProxyTest.cs +++ b/src/libraries/System.Net.Http/tests/UnitTests/HttpEnvironmentProxyTest.cs @@ -184,19 +184,19 @@ public void HttpProxy_CredentialParsing_Basic() { IWebProxy p; - Environment.SetEnvironmentVariable("all_proxy", "http://user:password@1.1.1.1:3000"); + Environment.SetEnvironmentVariable("all_proxy", "http://foo:bar@1.1.1.1:3000"); Assert.True(HttpEnvironmentProxy.TryCreate(out p)); Assert.NotNull(p); Assert.NotNull(p.Credentials); // Use user only without password. - Environment.SetEnvironmentVariable("all_proxy", "http://user@1.1.1.1:3000"); + Environment.SetEnvironmentVariable("all_proxy", "http://foo@1.1.1.1:3000"); Assert.True(HttpEnvironmentProxy.TryCreate(out p)); Assert.NotNull(p); Assert.NotNull(p.Credentials); // Use different user for http and https - Environment.SetEnvironmentVariable("https_proxy", "http://user1:password1@1.1.1.1:3000"); + Environment.SetEnvironmentVariable("https_proxy", "http://foo1:bar1@1.1.1.1:3000"); Assert.True(HttpEnvironmentProxy.TryCreate(out p)); Assert.NotNull(p); Uri u = p.GetProxy(fooHttp); @@ -217,7 +217,7 @@ public void HttpProxy_Exceptions_Match() IWebProxy p; Environment.SetEnvironmentVariable("no_proxy", ".test.com,, foo.com"); - Environment.SetEnvironmentVariable("all_proxy", "http://user:password@1.1.1.1:3000"); + Environment.SetEnvironmentVariable("all_proxy", "http://foo:bar@1.1.1.1:3000"); Assert.True(HttpEnvironmentProxy.TryCreate(out p)); Assert.NotNull(p); @@ -241,7 +241,7 @@ public static IEnumerable HttpProxyNoProxyEnvVarMemberData() [MemberData(nameof(HttpProxyNoProxyEnvVarMemberData))] public void HttpProxy_TryCreate_CaseInsensitiveVariables(string proxyEnvVar, string noProxyEnvVar) { - string proxy = "http://user:password@1.1.1.1:3000"; + string proxy = "http://foo:bar@1.1.1.1:3000"; var options = new RemoteInvokeOptions(); options.StartInfo.EnvironmentVariables.Add(proxyEnvVar, proxy); @@ -274,7 +274,7 @@ public static IEnumerable HttpProxyCgiEnvVarMemberData() public void HttpProxy_TryCreateAndPossibleCgi_HttpProxyUpperCaseDisabledInCgi( string proxyEnvVar, bool cgi, bool expectedProxyUse) { - string proxy = "http://user:password@1.1.1.1:3000"; + string proxy = "http://foo:bar@1.1.1.1:3000"; var options = new RemoteInvokeOptions(); options.StartInfo.EnvironmentVariables.Add(proxyEnvVar, proxy); diff --git a/src/libraries/System.Net.Mail/tests/Functional/SmtpClientTest.cs b/src/libraries/System.Net.Mail/tests/Functional/SmtpClientTest.cs index 020a5b45bc8248..3d55574f0cab38 100644 --- a/src/libraries/System.Net.Mail/tests/Functional/SmtpClientTest.cs +++ b/src/libraries/System.Net.Mail/tests/Functional/SmtpClientTest.cs @@ -293,7 +293,7 @@ public void TestMailDelivery() { using var server = new LoopbackSmtpServer(); using SmtpClient client = server.CreateClient(); - client.Credentials = new NetworkCredential("user", "password"); + client.Credentials = new NetworkCredential("foo", "bar"); MailMessage msg = new MailMessage("foo@example.com", "bar@example.com", "hello", "howdydoo"); client.Send(msg); @@ -303,8 +303,8 @@ public void TestMailDelivery() Assert.Equal("hello", server.Message.Subject); Assert.Equal("howdydoo", server.Message.Body); Assert.Equal(GetClientDomain(), server.ClientDomain); - Assert.Equal("user", server.Username); - Assert.Equal("password", server.Password); + Assert.Equal("foo", server.Username); + Assert.Equal("bar", server.Password); Assert.Equal("LOGIN", server.AuthMethodUsed, StringComparer.OrdinalIgnoreCase); } @@ -505,7 +505,7 @@ public async Task SendMail_SendQUITOnDispose(bool asyncSend) using (SmtpClient client = server.CreateClient()) { - client.Credentials = new NetworkCredential("user", "password"); + client.Credentials = new NetworkCredential("Foo", "Bar"); MailMessage msg = new MailMessage("foo@example.com", "bar@example.com", "hello", "howdydoo"); if (asyncSend) { diff --git a/src/libraries/System.Private.Uri/tests/FunctionalTests/UriBuilderRefreshTest.cs b/src/libraries/System.Private.Uri/tests/FunctionalTests/UriBuilderRefreshTest.cs index cc52c49e562ff3..93a12c42604773 100644 --- a/src/libraries/System.Private.Uri/tests/FunctionalTests/UriBuilderRefreshTest.cs +++ b/src/libraries/System.Private.Uri/tests/FunctionalTests/UriBuilderRefreshTest.cs @@ -7,7 +7,7 @@ namespace System.PrivateUri.Tests { public class UriBuilderRefreshTest { - private static readonly Uri s_starterUri = new Uri("http://user:password@host:9090/path/file.txt?query#fragment"); + private static readonly Uri s_starterUri = new Uri("http://user:psw@host:9090/path/file.txt?query#fragment"); [Fact] public void UriBuilder_ChangeScheme_Refreshed() diff --git a/src/libraries/System.Security.Cryptography.X509Certificates/tests/ExportTests.cs b/src/libraries/System.Security.Cryptography.X509Certificates/tests/ExportTests.cs index 998e5bf86e5823..7f0455ea74d7c5 100644 --- a/src/libraries/System.Security.Cryptography.X509Certificates/tests/ExportTests.cs +++ b/src/libraries/System.Security.Cryptography.X509Certificates/tests/ExportTests.cs @@ -76,7 +76,8 @@ public static void ExportAsPfx() [Fact] public static void ExportAsPfxWithPassword() { - const string password = "password"; + // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Password for testing purpose.")] + const string password = "Cotton"; using (X509Certificate2 c1 = new X509Certificate2(TestData.MsCertificate)) { @@ -94,7 +95,8 @@ public static void ExportAsPfxWithPassword() [Fact] public static void ExportAsPfxVerifyPassword() { - const string password = "password"; + // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Password for testing purpose.")] + const string password = "Cotton"; using (X509Certificate2 c1 = new X509Certificate2(TestData.MsCertificate)) { @@ -109,8 +111,8 @@ public static void ExportAsPfxWithPrivateKeyVerifyPassword() using (var cert = new X509Certificate2(TestData.PfxData, TestData.PfxDataPassword, X509KeyStorageFlags.Exportable)) { Assert.True(cert.HasPrivateKey, "cert.HasPrivateKey"); - - const string password = "password"; + // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Password for testing purpose.")] + const string password = "Cotton"; byte[] pfx = cert.Export(X509ContentType.Pkcs12, password); From b2fe3e2abdaddd3e63476ac07f8d94dca6da7554 Mon Sep 17 00:00:00 2001 From: Jan Jahoda Date: Wed, 22 Jul 2020 10:58:09 +0200 Subject: [PATCH 9/9] Fix suppression justification comment --- .../System.Net.Requests/src/System/Net/FtpControlStream.cs | 2 +- .../System.Net.Requests/src/System/Net/FtpWebRequest.cs | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/src/libraries/System.Net.Requests/src/System/Net/FtpControlStream.cs b/src/libraries/System.Net.Requests/src/System/Net/FtpControlStream.cs index 9158a9d60cb9b5..4fb863569a6b65 100644 --- a/src/libraries/System.Net.Requests/src/System/Net/FtpControlStream.cs +++ b/src/libraries/System.Net.Requests/src/System/Net/FtpControlStream.cs @@ -499,7 +499,7 @@ protected override PipelineEntry[] BuildCommandsList(WebRequest req) if (domainUserName.Length == 0 && password.Length == 0) { domainUserName = "anonymous"; - // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test dummy credentials.")] + // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Anonymous FTP credential in production code.")] password = "anonymous@"; } diff --git a/src/libraries/System.Net.Requests/src/System/Net/FtpWebRequest.cs b/src/libraries/System.Net.Requests/src/System/Net/FtpWebRequest.cs index d80f2051ef18b2..dacc4b7cf96219 100644 --- a/src/libraries/System.Net.Requests/src/System/Net/FtpWebRequest.cs +++ b/src/libraries/System.Net.Requests/src/System/Net/FtpWebRequest.cs @@ -220,7 +220,7 @@ public sealed class FtpWebRequest : WebRequest private LazyAsyncResult? _readAsyncResult; private LazyAsyncResult? _requestCompleteAsyncResult; - // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Unit test dummy credentials.")] + // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Anonymous FTP credential in production code.")] private static readonly NetworkCredential s_defaultFtpNetworkCredential = new NetworkCredential("anonymous", "anonymous@", string.Empty); private const int s_DefaultTimeout = 100000; // 100 seconds private static readonly TimerThread.Queue s_DefaultTimerQueue = TimerThread.GetOrCreateQueue(s_DefaultTimeout);