From 16b612a72db771a921259b5aba7f27563b2ccd35 Mon Sep 17 00:00:00 2001
From: Jeff Handley <jeff.handley@microsoft.com>
Date: Thu, 6 May 2021 02:03:55 -0700
Subject: [PATCH 1/5] Mark RNGCryptoServiceProvider as Obsolete

---
 docs/project/list-of-diagnostics.md                       | 1 +
 src/libraries/Common/src/System/Obsoletions.cs            | 3 +++
 src/libraries/Directory.Build.targets                     | 8 ++++++--
 .../NamedPipeTest.CurrentUserOnly.Windows.cs              | 2 +-
 .../ref/System.Security.Cryptography.Csp.cs               | 1 +
 .../src/System.Security.Cryptography.Csp.csproj           | 2 ++
 .../Security/Cryptography/RNGCryptoServiceProvider.cs     | 1 +
 .../tests/RNGCryptoServiceProviderTests.cs                | 4 ++++
 .../tests/WindowsIdentityImpersonatedTests.netcoreapp.cs  | 2 +-
 9 files changed, 20 insertions(+), 4 deletions(-)

diff --git a/docs/project/list-of-diagnostics.md b/docs/project/list-of-diagnostics.md
index f12b4ef549192a..246d178d0be7c9 100644
--- a/docs/project/list-of-diagnostics.md
+++ b/docs/project/list-of-diagnostics.md
@@ -70,6 +70,7 @@ The PR that reveals the implementation of the `<IncludeInternalObsoleteAttribute
 |  __`SYSLIB0018`__ | ReflectionOnly loading is not supported and throws PlatformNotSupportedException. |
 |  __`SYSLIB0019`__ | RuntimeEnvironment members SystemConfigurationFile, GetRuntimeInterfaceAsIntPtr, and GetRuntimeInterfaceAsObject are no longer supported and throw PlatformNotSupportedException. |
 |  __`SYSLIB0020`__ | JsonSerializerOptions.IgnoreNullValues is obsolete. To ignore null values when serializing, set DefaultIgnoreCondition to JsonIgnoreCondition.WhenWritingNull. |
+|  __`SYSLIB0023`__ | RNGCryptoServiceProvider is obsolete. Use RandomNumberGenerator.Create() instead. |
 
 ## Analyzer Warnings
 
diff --git a/src/libraries/Common/src/System/Obsoletions.cs b/src/libraries/Common/src/System/Obsoletions.cs
index 7d5346ef79b6bf..efa22950b5981f 100644
--- a/src/libraries/Common/src/System/Obsoletions.cs
+++ b/src/libraries/Common/src/System/Obsoletions.cs
@@ -71,5 +71,8 @@ internal static class Obsoletions
 
         internal const string JsonSerializerOptionsIgnoreNullValuesMessage = "JsonSerializerOptions.IgnoreNullValues is obsolete. To ignore null values when serializing, set DefaultIgnoreCondition to JsonIgnoreCondition.WhenWritingNull.";
         internal const string JsonSerializerOptionsIgnoreNullValuesDiagId = "SYSLIB0020";
+
+        internal const string RNGCryptoServiceProviderMessage = "RNGCryptoServiceProvider is obsolete. Use RandomNumberGenerator.Create() instead.";
+        internal const string RNGCryptoServiceProviderDiagId = "SYSLIB0023";
     }
 }
diff --git a/src/libraries/Directory.Build.targets b/src/libraries/Directory.Build.targets
index 0da22fa69cc5fa..9f1ea7523ee464 100644
--- a/src/libraries/Directory.Build.targets
+++ b/src/libraries/Directory.Build.targets
@@ -17,8 +17,12 @@
     <NoWarn Condition="'$(TargetFrameworkIdentifier)' == '.NETFramework' or '$(TargetFrameworkIdentifier)' == '.NETStandard' or ('$(TargetFrameworkIdentifier)' == '.NETCoreApp' and $([MSBuild]::VersionLessThan($(TargetFrameworkVersion), '3.0')))">$(NoWarn);nullable</NoWarn>
     <NoWarn Condition="'$(GeneratePlatformNotSupportedAssembly)' == 'true' or '$(GeneratePlatformNotSupportedAssemblyMessage)' != ''">$(NoWarn);nullable;CA1052</NoWarn>
     <!-- Ignore Obsolete errors within the generated shims that type-forward types.
-         SYSLIB0003: Code Access Security (CAS). SYSLIB0004: Constrained Execution Region (CER). SYSLIB0017: Strong name signing. -->
-    <NoWarn Condition="'$(IsPartialFacadeAssembly)' == 'true'">$(NoWarn);SYSLIB0003;SYSLIB0004;SYSLIB0015;SYSLIB0017</NoWarn>
+         SYSLIB0003: Code Access Security (CAS).
+         SYSLIB0004: Constrained Execution Region (CER).
+         SYSLIB0017: Strong name signing.
+         SYSLIB0023: RNGCryptoServiceProvider.
+    -->
+    <NoWarn Condition="'$(IsPartialFacadeAssembly)' == 'true'">$(NoWarn);SYSLIB0003;SYSLIB0004;SYSLIB0015;SYSLIB0017;SYSLIB0023</NoWarn>
     <!-- Reset these properties back to blank, since they are defaulted by Microsoft.NET.Sdk -->
     <WarningsAsErrors Condition="'$(WarningsAsErrors)' == 'NU1605'" />
     <!-- Set the documentation output file globally. -->
diff --git a/src/libraries/System.IO.Pipes/tests/NamedPipeTests/NamedPipeTest.CurrentUserOnly.Windows.cs b/src/libraries/System.IO.Pipes/tests/NamedPipeTests/NamedPipeTest.CurrentUserOnly.Windows.cs
index 08c45dee85cef0..a95bc722603ba2 100644
--- a/src/libraries/System.IO.Pipes/tests/NamedPipeTests/NamedPipeTest.CurrentUserOnly.Windows.cs
+++ b/src/libraries/System.IO.Pipes/tests/NamedPipeTests/NamedPipeTest.CurrentUserOnly.Windows.cs
@@ -22,7 +22,7 @@ public class TestAccountImpersonator : IDisposable
         public TestAccountImpersonator()
         {
             string testAccountPassword;
-            using (RandomNumberGenerator rng = new RNGCryptoServiceProvider())
+            using (RandomNumberGenerator rng = RandomNumberGenerator.Create())
             {
                 var randomBytes = new byte[33];
                 rng.GetBytes(randomBytes);
diff --git a/src/libraries/System.Security.Cryptography.Csp/ref/System.Security.Cryptography.Csp.cs b/src/libraries/System.Security.Cryptography.Csp/ref/System.Security.Cryptography.Csp.cs
index a992ffcf0392fb..0a889696cf46ab 100644
--- a/src/libraries/System.Security.Cryptography.Csp/ref/System.Security.Cryptography.Csp.cs
+++ b/src/libraries/System.Security.Cryptography.Csp/ref/System.Security.Cryptography.Csp.cs
@@ -175,6 +175,7 @@ public RC2CryptoServiceProvider() { }
         public override void GenerateIV() { }
         public override void GenerateKey() { }
     }
+    [System.ObsoleteAttribute("RNGCryptoServiceProvider is obsolete. Use RandomNumberGenerator.Create() instead.", DiagnosticId = "SYSLIB0023", UrlFormat = "https://aka.ms/dotnet-warnings/{0}")]
     [System.ComponentModel.EditorBrowsableAttribute(System.ComponentModel.EditorBrowsableState.Never)]
     public sealed partial class RNGCryptoServiceProvider : System.Security.Cryptography.RandomNumberGenerator
     {
diff --git a/src/libraries/System.Security.Cryptography.Csp/src/System.Security.Cryptography.Csp.csproj b/src/libraries/System.Security.Cryptography.Csp/src/System.Security.Cryptography.Csp.csproj
index da68c42443e032..2e8119ae25704b 100644
--- a/src/libraries/System.Security.Cryptography.Csp/src/System.Security.Cryptography.Csp.csproj
+++ b/src/libraries/System.Security.Cryptography.Csp/src/System.Security.Cryptography.Csp.csproj
@@ -27,6 +27,8 @@
     <Compile Include="Internal\Cryptography\Helpers.cs" />
     <Compile Include="$(CommonPath)Internal\Cryptography\Helpers.cs"
              Link="Internal\Cryptography\Helpers.cs" />
+    <Compile Include="$(CommonPath)System\Obsoletions.cs"
+             Link="Common\System\Obsoletions.cs" />
     <Compile Include="$(CommonPath)System\Security\Cryptography\KeySizeHelpers.cs"
              Link="Common\System\Security\Cryptography\KeySizeHelpers.cs" />
     <Compile Include="$(CommonPath)System\Security\Cryptography\CryptoPool.cs"
diff --git a/src/libraries/System.Security.Cryptography.Csp/src/System/Security/Cryptography/RNGCryptoServiceProvider.cs b/src/libraries/System.Security.Cryptography.Csp/src/System/Security/Cryptography/RNGCryptoServiceProvider.cs
index 46766f1ecfd307..fee72fec9c7eaa 100644
--- a/src/libraries/System.Security.Cryptography.Csp/src/System/Security/Cryptography/RNGCryptoServiceProvider.cs
+++ b/src/libraries/System.Security.Cryptography.Csp/src/System/Security/Cryptography/RNGCryptoServiceProvider.cs
@@ -5,6 +5,7 @@
 
 namespace System.Security.Cryptography
 {
+    [Obsolete(Obsoletions.RNGCryptoServiceProviderMessage, DiagnosticId = Obsoletions.RNGCryptoServiceProviderDiagId, UrlFormat = Obsoletions.SharedUrlFormat)]
     [EditorBrowsable(EditorBrowsableState.Never)]
     public sealed class RNGCryptoServiceProvider : RandomNumberGenerator
     {
diff --git a/src/libraries/System.Security.Cryptography.Csp/tests/RNGCryptoServiceProviderTests.cs b/src/libraries/System.Security.Cryptography.Csp/tests/RNGCryptoServiceProviderTests.cs
index 1262d3f47fe163..676d5fc2b66251 100644
--- a/src/libraries/System.Security.Cryptography.Csp/tests/RNGCryptoServiceProviderTests.cs
+++ b/src/libraries/System.Security.Cryptography.Csp/tests/RNGCryptoServiceProviderTests.cs
@@ -4,6 +4,8 @@
 using System.Linq;
 using Xunit;
 
+#pragma warning disable SYSLIB0023 // RNGCryptoServiceProvider is obsolete
+
 namespace System.Security.Cryptography.RNG.Tests
 {
     /// <summary>
@@ -120,3 +122,5 @@ public static void VerifyCtors()
         }
     }
 }
+
+#pragma warning restore SYSLIB0023
diff --git a/src/libraries/System.Security.Principal.Windows/tests/WindowsIdentityImpersonatedTests.netcoreapp.cs b/src/libraries/System.Security.Principal.Windows/tests/WindowsIdentityImpersonatedTests.netcoreapp.cs
index 02846c7bffab77..868afcc8c1a4f5 100644
--- a/src/libraries/System.Security.Principal.Windows/tests/WindowsIdentityImpersonatedTests.netcoreapp.cs
+++ b/src/libraries/System.Security.Principal.Windows/tests/WindowsIdentityImpersonatedTests.netcoreapp.cs
@@ -128,7 +128,7 @@ public WindowsTestAccount(string userName)
     private void CreateUser()
     {
         string testAccountPassword;
-        using (RandomNumberGenerator rng = new RNGCryptoServiceProvider())
+        using (RandomNumberGenerator rng = RandomNumberGenerator.Create())
         {
             byte[] randomBytes = new byte[33];
             rng.GetBytes(randomBytes);

From 62521ee6836dff965cf4f507942c84aa037a6767 Mon Sep 17 00:00:00 2001
From: Jeff Handley <jeff.handley@microsoft.com>
Date: Thu, 6 May 2021 18:43:19 -0700
Subject: [PATCH 2/5] Use the static methods on RandomNumberGenerator instead
 of Create()

---
 docs/project/list-of-diagnostics.md                    |  2 +-
 src/libraries/Common/src/System/Obsoletions.cs         |  2 +-
 .../NamedPipeTest.CurrentUserOnly.Windows.cs           | 10 +++-------
 .../ref/System.Security.Cryptography.Csp.cs            |  2 +-
 4 files changed, 6 insertions(+), 10 deletions(-)

diff --git a/docs/project/list-of-diagnostics.md b/docs/project/list-of-diagnostics.md
index dbec31f9e7335b..78509d235f7bc8 100644
--- a/docs/project/list-of-diagnostics.md
+++ b/docs/project/list-of-diagnostics.md
@@ -76,7 +76,7 @@ The PR that reveals the implementation of the `<IncludeInternalObsoleteAttribute
 |  __`SYSLIB0019`__ | RuntimeEnvironment members SystemConfigurationFile, GetRuntimeInterfaceAsIntPtr, and GetRuntimeInterfaceAsObject are no longer supported and throw PlatformNotSupportedException. |
 |  __`SYSLIB0020`__ | JsonSerializerOptions.IgnoreNullValues is obsolete. To ignore null values when serializing, set DefaultIgnoreCondition to JsonIgnoreCondition.WhenWritingNull. |
 |  __`SYSLIB0022`__ | The Rijndael and RijndaelManaged types are obsolete. Use Aes instead. |
-|  __`SYSLIB0023`__ | RNGCryptoServiceProvider is obsolete. Use RandomNumberGenerator.Create() instead. |
+|  __`SYSLIB0023`__ | RNGCryptoServiceProvider is obsolete. To generate a random number, use one of the RandomNumberGenerator static methods instead. |
 
 ## Analyzer Warnings
 
diff --git a/src/libraries/Common/src/System/Obsoletions.cs b/src/libraries/Common/src/System/Obsoletions.cs
index 52eaa920230508..e2946bf0ab298f 100644
--- a/src/libraries/Common/src/System/Obsoletions.cs
+++ b/src/libraries/Common/src/System/Obsoletions.cs
@@ -75,7 +75,7 @@ internal static class Obsoletions
         internal const string RijndaelMessage = "The Rijndael and RijndaelManaged types are obsolete. Use Aes instead.";
         internal const string RijndaelDiagId = "SYSLIB0022";
 
-        internal const string RNGCryptoServiceProviderMessage = "RNGCryptoServiceProvider is obsolete. Use RandomNumberGenerator.Create() instead.";
+        internal const string RNGCryptoServiceProviderMessage = "RNGCryptoServiceProvider is obsolete. To generate a random number, use one of the RandomNumberGenerator static methods instead.";
         internal const string RNGCryptoServiceProviderDiagId = "SYSLIB0023";
     }
 }
diff --git a/src/libraries/System.IO.Pipes/tests/NamedPipeTests/NamedPipeTest.CurrentUserOnly.Windows.cs b/src/libraries/System.IO.Pipes/tests/NamedPipeTests/NamedPipeTest.CurrentUserOnly.Windows.cs
index a95bc722603ba2..deed0e9d069b15 100644
--- a/src/libraries/System.IO.Pipes/tests/NamedPipeTests/NamedPipeTest.CurrentUserOnly.Windows.cs
+++ b/src/libraries/System.IO.Pipes/tests/NamedPipeTests/NamedPipeTest.CurrentUserOnly.Windows.cs
@@ -22,14 +22,10 @@ public class TestAccountImpersonator : IDisposable
         public TestAccountImpersonator()
         {
             string testAccountPassword;
-            using (RandomNumberGenerator rng = RandomNumberGenerator.Create())
-            {
-                var randomBytes = new byte[33];
-                rng.GetBytes(randomBytes);
+            var randomBytes = RandomNumberGenerator.GetBytes(33);
 
-                // Add special chars to ensure it satisfies password requirements.
-                testAccountPassword = Convert.ToBase64String(randomBytes) + "_-As@!%*(1)4#2";
-            }
+            // Add special chars to ensure it satisfies password requirements.
+            testAccountPassword = Convert.ToBase64String(randomBytes) + "_-As@!%*(1)4#2";
 
             DateTime accountExpirationDate = DateTime.UtcNow + TimeSpan.FromMinutes(2);
             using (var principalCtx = new PrincipalContext(ContextType.Machine))
diff --git a/src/libraries/System.Security.Cryptography.Csp/ref/System.Security.Cryptography.Csp.cs b/src/libraries/System.Security.Cryptography.Csp/ref/System.Security.Cryptography.Csp.cs
index 0a889696cf46ab..b6e86143204103 100644
--- a/src/libraries/System.Security.Cryptography.Csp/ref/System.Security.Cryptography.Csp.cs
+++ b/src/libraries/System.Security.Cryptography.Csp/ref/System.Security.Cryptography.Csp.cs
@@ -175,7 +175,7 @@ public RC2CryptoServiceProvider() { }
         public override void GenerateIV() { }
         public override void GenerateKey() { }
     }
-    [System.ObsoleteAttribute("RNGCryptoServiceProvider is obsolete. Use RandomNumberGenerator.Create() instead.", DiagnosticId = "SYSLIB0023", UrlFormat = "https://aka.ms/dotnet-warnings/{0}")]
+    [System.ObsoleteAttribute("RNGCryptoServiceProvider is obsolete. To generate a random number, use one of the RandomNumberGenerator static methods instead.", DiagnosticId = "SYSLIB0023", UrlFormat = "https://aka.ms/dotnet-warnings/{0}")]
     [System.ComponentModel.EditorBrowsableAttribute(System.ComponentModel.EditorBrowsableState.Never)]
     public sealed partial class RNGCryptoServiceProvider : System.Security.Cryptography.RandomNumberGenerator
     {

From 447f8485a08f831f34d00597a30800ac36f034ef Mon Sep 17 00:00:00 2001
From: Jeff Handley <jeff.handley@microsoft.com>
Date: Thu, 6 May 2021 18:58:31 -0700
Subject: [PATCH 3/5] Use RandomNumberGenerator.GetBytes() instead of
 RandomNumberGenerator.Create().GetBytes()

---
 ...owsIdentityImpersonatedTests.netcoreapp.cs | 89 +++++++++----------
 1 file changed, 42 insertions(+), 47 deletions(-)

diff --git a/src/libraries/System.Security.Principal.Windows/tests/WindowsIdentityImpersonatedTests.netcoreapp.cs b/src/libraries/System.Security.Principal.Windows/tests/WindowsIdentityImpersonatedTests.netcoreapp.cs
index 868afcc8c1a4f5..b47921dfa84976 100644
--- a/src/libraries/System.Security.Principal.Windows/tests/WindowsIdentityImpersonatedTests.netcoreapp.cs
+++ b/src/libraries/System.Security.Principal.Windows/tests/WindowsIdentityImpersonatedTests.netcoreapp.cs
@@ -127,62 +127,57 @@ public WindowsTestAccount(string userName)
 
     private void CreateUser()
     {
-        string testAccountPassword;
-        using (RandomNumberGenerator rng = RandomNumberGenerator.Create())
-        {
-            byte[] randomBytes = new byte[33];
-            rng.GetBytes(randomBytes);
+        byte[] randomBytes = RandomNumberGenerator.GetBytes(33);
 
-            // Add special chars to ensure it satisfies password requirements.
-            testAccountPassword = Convert.ToBase64String(randomBytes) + "_-As@!%*(1)4#2";
+        // Add special chars to ensure it satisfies password requirements.
+        string testAccountPassword = Convert.ToBase64String(randomBytes) + "_-As@!%*(1)4#2";
 
-            USER_INFO_1 userInfo = new USER_INFO_1
-            {
-                usri1_name = _userName,
-                usri1_password = testAccountPassword,
-                usri1_priv = 1
-            };
+        USER_INFO_1 userInfo = new USER_INFO_1
+        {
+            usri1_name = _userName,
+            usri1_password = testAccountPassword,
+            usri1_priv = 1
+        };
 
-            // Create user and remove/create if already exists
-            uint result = NetUserAdd(null, 1, ref userInfo, out uint param_err);
+        // Create user and remove/create if already exists
+        uint result = NetUserAdd(null, 1, ref userInfo, out uint param_err);
 
-            // error codes https://docs.microsoft.com/en-us/windows/desktop/netmgmt/network-management-error-codes
-            // 0 == NERR_Success
-            if (result == 2224) // NERR_UserExists
+        // error codes https://docs.microsoft.com/en-us/windows/desktop/netmgmt/network-management-error-codes
+        // 0 == NERR_Success
+        if (result == 2224) // NERR_UserExists
+        {
+            result = NetUserDel(null, userInfo.usri1_name);
+            if (result != 0)
             {
-                result = NetUserDel(null, userInfo.usri1_name);
-                if (result != 0)
-                {
-                    throw new Win32Exception((int)result);
-                }
-                result = NetUserAdd(null, 1, ref userInfo, out param_err);
-                if (result != 0)
-                {
-                    throw new Win32Exception((int)result);
-                }
+                throw new Win32Exception((int)result);
             }
-
-            const int LOGON32_PROVIDER_DEFAULT = 0;
-            const int LOGON32_LOGON_INTERACTIVE = 2;
-
-            if (!LogonUser(_userName, ".", testAccountPassword, LOGON32_LOGON_INTERACTIVE, LOGON32_PROVIDER_DEFAULT, out _accountTokenHandle))
+            result = NetUserAdd(null, 1, ref userInfo, out param_err);
+            if (result != 0)
             {
-                _accountTokenHandle = null;
-                throw new Exception($"Failed to get SafeAccessTokenHandle for test account {_userName}", new Win32Exception());
+                throw new Win32Exception((int)result);
             }
+        }
 
-            bool gotRef = false;
-            try
-            {
-                _accountTokenHandle.DangerousAddRef(ref gotRef);
-                IntPtr logonToken = _accountTokenHandle.DangerousGetHandle();
-                AccountName = new WindowsIdentity(logonToken).Name;
-            }
-            finally
-            {
-                if (gotRef)
-                    _accountTokenHandle.DangerousRelease();
-            }
+        const int LOGON32_PROVIDER_DEFAULT = 0;
+        const int LOGON32_LOGON_INTERACTIVE = 2;
+
+        if (!LogonUser(_userName, ".", testAccountPassword, LOGON32_LOGON_INTERACTIVE, LOGON32_PROVIDER_DEFAULT, out _accountTokenHandle))
+        {
+            _accountTokenHandle = null;
+            throw new Exception($"Failed to get SafeAccessTokenHandle for test account {_userName}", new Win32Exception());
+        }
+
+        bool gotRef = false;
+        try
+        {
+            _accountTokenHandle.DangerousAddRef(ref gotRef);
+            IntPtr logonToken = _accountTokenHandle.DangerousGetHandle();
+            AccountName = new WindowsIdentity(logonToken).Name;
+        }
+        finally
+        {
+            if (gotRef)
+                _accountTokenHandle.DangerousRelease();
         }
     }
 

From 2665a3ac2f923bd0b122b9f75de42e392066b8b9 Mon Sep 17 00:00:00 2001
From: Jeff Handley <jeff.handley@microsoft.com>
Date: Thu, 6 May 2021 19:28:08 -0700
Subject: [PATCH 4/5] Revert "Use RandomNumberGenerator.GetBytes() instead of
 RandomNumberGenerator.Create().GetBytes()"

This reverts commit 447f8485a08f831f34d00597a30800ac36f034ef.
---
 ...owsIdentityImpersonatedTests.netcoreapp.cs | 89 ++++++++++---------
 1 file changed, 47 insertions(+), 42 deletions(-)

diff --git a/src/libraries/System.Security.Principal.Windows/tests/WindowsIdentityImpersonatedTests.netcoreapp.cs b/src/libraries/System.Security.Principal.Windows/tests/WindowsIdentityImpersonatedTests.netcoreapp.cs
index b47921dfa84976..868afcc8c1a4f5 100644
--- a/src/libraries/System.Security.Principal.Windows/tests/WindowsIdentityImpersonatedTests.netcoreapp.cs
+++ b/src/libraries/System.Security.Principal.Windows/tests/WindowsIdentityImpersonatedTests.netcoreapp.cs
@@ -127,57 +127,62 @@ public WindowsTestAccount(string userName)
 
     private void CreateUser()
     {
-        byte[] randomBytes = RandomNumberGenerator.GetBytes(33);
-
-        // Add special chars to ensure it satisfies password requirements.
-        string testAccountPassword = Convert.ToBase64String(randomBytes) + "_-As@!%*(1)4#2";
-
-        USER_INFO_1 userInfo = new USER_INFO_1
+        string testAccountPassword;
+        using (RandomNumberGenerator rng = RandomNumberGenerator.Create())
         {
-            usri1_name = _userName,
-            usri1_password = testAccountPassword,
-            usri1_priv = 1
-        };
+            byte[] randomBytes = new byte[33];
+            rng.GetBytes(randomBytes);
 
-        // Create user and remove/create if already exists
-        uint result = NetUserAdd(null, 1, ref userInfo, out uint param_err);
+            // Add special chars to ensure it satisfies password requirements.
+            testAccountPassword = Convert.ToBase64String(randomBytes) + "_-As@!%*(1)4#2";
 
-        // error codes https://docs.microsoft.com/en-us/windows/desktop/netmgmt/network-management-error-codes
-        // 0 == NERR_Success
-        if (result == 2224) // NERR_UserExists
-        {
-            result = NetUserDel(null, userInfo.usri1_name);
-            if (result != 0)
+            USER_INFO_1 userInfo = new USER_INFO_1
             {
-                throw new Win32Exception((int)result);
-            }
-            result = NetUserAdd(null, 1, ref userInfo, out param_err);
-            if (result != 0)
+                usri1_name = _userName,
+                usri1_password = testAccountPassword,
+                usri1_priv = 1
+            };
+
+            // Create user and remove/create if already exists
+            uint result = NetUserAdd(null, 1, ref userInfo, out uint param_err);
+
+            // error codes https://docs.microsoft.com/en-us/windows/desktop/netmgmt/network-management-error-codes
+            // 0 == NERR_Success
+            if (result == 2224) // NERR_UserExists
             {
-                throw new Win32Exception((int)result);
+                result = NetUserDel(null, userInfo.usri1_name);
+                if (result != 0)
+                {
+                    throw new Win32Exception((int)result);
+                }
+                result = NetUserAdd(null, 1, ref userInfo, out param_err);
+                if (result != 0)
+                {
+                    throw new Win32Exception((int)result);
+                }
             }
-        }
 
-        const int LOGON32_PROVIDER_DEFAULT = 0;
-        const int LOGON32_LOGON_INTERACTIVE = 2;
+            const int LOGON32_PROVIDER_DEFAULT = 0;
+            const int LOGON32_LOGON_INTERACTIVE = 2;
 
-        if (!LogonUser(_userName, ".", testAccountPassword, LOGON32_LOGON_INTERACTIVE, LOGON32_PROVIDER_DEFAULT, out _accountTokenHandle))
-        {
-            _accountTokenHandle = null;
-            throw new Exception($"Failed to get SafeAccessTokenHandle for test account {_userName}", new Win32Exception());
-        }
+            if (!LogonUser(_userName, ".", testAccountPassword, LOGON32_LOGON_INTERACTIVE, LOGON32_PROVIDER_DEFAULT, out _accountTokenHandle))
+            {
+                _accountTokenHandle = null;
+                throw new Exception($"Failed to get SafeAccessTokenHandle for test account {_userName}", new Win32Exception());
+            }
 
-        bool gotRef = false;
-        try
-        {
-            _accountTokenHandle.DangerousAddRef(ref gotRef);
-            IntPtr logonToken = _accountTokenHandle.DangerousGetHandle();
-            AccountName = new WindowsIdentity(logonToken).Name;
-        }
-        finally
-        {
-            if (gotRef)
-                _accountTokenHandle.DangerousRelease();
+            bool gotRef = false;
+            try
+            {
+                _accountTokenHandle.DangerousAddRef(ref gotRef);
+                IntPtr logonToken = _accountTokenHandle.DangerousGetHandle();
+                AccountName = new WindowsIdentity(logonToken).Name;
+            }
+            finally
+            {
+                if (gotRef)
+                    _accountTokenHandle.DangerousRelease();
+            }
         }
     }
 

From df830c2957eff1aed5cd8d0cd1b4a4e6b7e4accb Mon Sep 17 00:00:00 2001
From: Jeremy Barton <jbarton@microsoft.com>
Date: Fri, 7 May 2021 08:53:44 -0700
Subject: [PATCH 5/5] Update
 src/libraries/System.IO.Pipes/tests/NamedPipeTests/NamedPipeTest.CurrentUserOnly.Windows.cs

---
 .../NamedPipeTests/NamedPipeTest.CurrentUserOnly.Windows.cs     | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/libraries/System.IO.Pipes/tests/NamedPipeTests/NamedPipeTest.CurrentUserOnly.Windows.cs b/src/libraries/System.IO.Pipes/tests/NamedPipeTests/NamedPipeTest.CurrentUserOnly.Windows.cs
index deed0e9d069b15..439454502655d8 100644
--- a/src/libraries/System.IO.Pipes/tests/NamedPipeTests/NamedPipeTest.CurrentUserOnly.Windows.cs
+++ b/src/libraries/System.IO.Pipes/tests/NamedPipeTests/NamedPipeTest.CurrentUserOnly.Windows.cs
@@ -22,7 +22,7 @@ public class TestAccountImpersonator : IDisposable
         public TestAccountImpersonator()
         {
             string testAccountPassword;
-            var randomBytes = RandomNumberGenerator.GetBytes(33);
+            byte[] randomBytes = RandomNumberGenerator.GetBytes(33);
 
             // Add special chars to ensure it satisfies password requirements.
             testAccountPassword = Convert.ToBase64String(randomBytes) + "_-As@!%*(1)4#2";