diff --git a/src/Antiforgery/src/Internal/BinaryBlob.cs b/src/Antiforgery/src/Internal/BinaryBlob.cs index 0e5039295acb..9313175b36e8 100644 --- a/src/Antiforgery/src/Internal/BinaryBlob.cs +++ b/src/Antiforgery/src/Internal/BinaryBlob.cs @@ -15,7 +15,6 @@ namespace Microsoft.AspNetCore.Antiforgery [DebuggerDisplay("{DebuggerString}")] internal sealed class BinaryBlob : IEquatable { - private static readonly RandomNumberGenerator _randomNumberGenerator = RandomNumberGenerator.Create(); private readonly byte[] _data; // Generates a new token using a specified bit length. @@ -92,7 +91,7 @@ public override int GetHashCode() private static byte[] GenerateNewToken(int bitLength) { var data = new byte[bitLength / 8]; - _randomNumberGenerator.GetBytes(data); + RandomNumberGenerator.Fill(data); return data; } diff --git a/src/Antiforgery/test/DefaultAntiforgeryTokenGeneratorTest.cs b/src/Antiforgery/test/DefaultAntiforgeryTokenGeneratorTest.cs index e32fbb85ab09..3df264d48d50 100644 --- a/src/Antiforgery/test/DefaultAntiforgeryTokenGeneratorTest.cs +++ b/src/Antiforgery/test/DefaultAntiforgeryTokenGeneratorTest.cs @@ -149,10 +149,7 @@ public void GenerateRequestToken_ClaimsBasedIdentity() httpContext.User = new ClaimsPrincipal(identity); byte[] data = new byte[256 / 8]; - using (var rng = RandomNumberGenerator.Create()) - { - rng.GetBytes(data); - } + RandomNumberGenerator.Fill(data); var base64ClaimUId = Convert.ToBase64String(data); var expectedClaimUid = new BinaryBlob(256, data); diff --git a/src/Components/Server/src/Circuits/CircuitIdFactory.cs b/src/Components/Server/src/Circuits/CircuitIdFactory.cs index 544a1b791c5e..7250ee811653 100644 --- a/src/Components/Server/src/Circuits/CircuitIdFactory.cs +++ b/src/Components/Server/src/Circuits/CircuitIdFactory.cs @@ -20,7 +20,6 @@ internal class CircuitIdFactory private const int SecretLength = 64; private const int IdLength = 32; - private readonly RandomNumberGenerator _generator = RandomNumberGenerator.Create(); private readonly IDataProtector _protector; public CircuitIdFactory(IDataProtectionProvider provider) @@ -35,7 +34,7 @@ public CircuitIdFactory(IDataProtectionProvider provider) public CircuitId CreateCircuitId() { var buffer = new byte[SecretLength]; - _generator.GetBytes(buffer); + RandomNumberGenerator.Fill(buffer); var id = new byte[IdLength]; Array.Copy( diff --git a/src/Hosting/TestHost/src/WebSocketClient.cs b/src/Hosting/TestHost/src/WebSocketClient.cs index 88fb19a9aa6e..cfb6ceda32b7 100644 --- a/src/Hosting/TestHost/src/WebSocketClient.cs +++ b/src/Hosting/TestHost/src/WebSocketClient.cs @@ -109,8 +109,7 @@ public async Task ConnectAsync(Uri uri, CancellationToken cancellatio private string CreateRequestKey() { byte[] data = new byte[16]; - var rng = RandomNumberGenerator.Create(); - rng.GetBytes(data); + RandomNumberGenerator.Fill(data); return Convert.ToBase64String(data); } diff --git a/src/Middleware/Session/src/DistributedSession.cs b/src/Middleware/Session/src/DistributedSession.cs index 76ab3f3cf558..8c8632fc6d55 100644 --- a/src/Middleware/Session/src/DistributedSession.cs +++ b/src/Middleware/Session/src/DistributedSession.cs @@ -16,7 +16,6 @@ namespace Microsoft.AspNetCore.Session { public class DistributedSession : ISession { - private static readonly RandomNumberGenerator CryptoRandom = RandomNumberGenerator.Create(); private const int IdByteCount = 16; private const byte SerializationRevision = 2; @@ -104,7 +103,7 @@ private byte[] IdBytes if (IsAvailable && _sessionIdBytes == null) { _sessionIdBytes = new byte[IdByteCount]; - CryptoRandom.GetBytes(_sessionIdBytes); + RandomNumberGenerator.Fill(_sessionIdBytes); } return _sessionIdBytes; } diff --git a/src/Middleware/Session/src/SessionMiddleware.cs b/src/Middleware/Session/src/SessionMiddleware.cs index ebd09752ec7a..fd7fd6532407 100644 --- a/src/Middleware/Session/src/SessionMiddleware.cs +++ b/src/Middleware/Session/src/SessionMiddleware.cs @@ -20,7 +20,6 @@ namespace Microsoft.AspNetCore.Session /// public class SessionMiddleware { - private static readonly RandomNumberGenerator CryptoRandom = RandomNumberGenerator.Create(); private const int SessionKeyLength = 36; // "382c74c3-721d-4f34-80e5-57657b6cbc27" private static readonly Func ReturnTrue = () => true; private readonly RequestDelegate _next; @@ -91,7 +90,7 @@ public async Task Invoke(HttpContext context) { // No valid cookie, new session. var guidBytes = new byte[16]; - CryptoRandom.GetBytes(guidBytes); + RandomNumberGenerator.Fill(guidBytes); sessionKey = new Guid(guidBytes).ToString(); cookieValue = CookieProtection.Protect(_dataProtector, sessionKey); var establisher = new SessionEstablisher(context, cookieValue, _options); diff --git a/src/Security/Authentication/Core/src/RemoteAuthenticationHandler.cs b/src/Security/Authentication/Core/src/RemoteAuthenticationHandler.cs index a8975f11a027..b4d4cbef8830 100644 --- a/src/Security/Authentication/Core/src/RemoteAuthenticationHandler.cs +++ b/src/Security/Authentication/Core/src/RemoteAuthenticationHandler.cs @@ -18,8 +18,6 @@ public abstract class RemoteAuthenticationHandler : AuthenticationHand private const string CorrelationMarker = "N"; private const string AuthSchemeKey = ".AuthScheme"; - private static readonly RandomNumberGenerator CryptoRandom = RandomNumberGenerator.Create(); - protected string SignInScheme => Options.SignInScheme; /// @@ -194,7 +192,7 @@ protected virtual void GenerateCorrelationId(AuthenticationProperties properties } var bytes = new byte[32]; - CryptoRandom.GetBytes(bytes); + RandomNumberGenerator.Fill(bytes); var correlationId = Base64UrlTextEncoder.Encode(bytes); var cookieOptions = Options.CorrelationCookie.Build(Context, Clock.UtcNow); diff --git a/src/Security/Authentication/MicrosoftAccount/src/MicrosoftAccountHandler.cs b/src/Security/Authentication/MicrosoftAccount/src/MicrosoftAccountHandler.cs index 6114b15394e8..043900b1aab8 100644 --- a/src/Security/Authentication/MicrosoftAccount/src/MicrosoftAccountHandler.cs +++ b/src/Security/Authentication/MicrosoftAccount/src/MicrosoftAccountHandler.cs @@ -20,8 +20,6 @@ namespace Microsoft.AspNetCore.Authentication.MicrosoftAccount { public class MicrosoftAccountHandler : OAuthHandler { - private static readonly RandomNumberGenerator CryptoRandom = RandomNumberGenerator.Create(); - public MicrosoftAccountHandler(IOptionsMonitor options, ILoggerFactory logger, UrlEncoder encoder, ISystemClock clock) : base(options, logger, encoder, clock) { } @@ -64,7 +62,7 @@ protected override string BuildChallengeUrl(AuthenticationProperties properties, if (Options.UsePkce) { var bytes = new byte[32]; - CryptoRandom.GetBytes(bytes); + RandomNumberGenerator.Fill(bytes); var codeVerifier = Base64UrlTextEncoder.Encode(bytes); // Store this for use during the code redemption. diff --git a/src/Security/Authentication/OAuth/src/OAuthHandler.cs b/src/Security/Authentication/OAuth/src/OAuthHandler.cs index a6bfbbc550b1..29ef3036f8d6 100644 --- a/src/Security/Authentication/OAuth/src/OAuthHandler.cs +++ b/src/Security/Authentication/OAuth/src/OAuthHandler.cs @@ -22,7 +22,6 @@ namespace Microsoft.AspNetCore.Authentication.OAuth { public class OAuthHandler : RemoteAuthenticationHandler where TOptions : OAuthOptions, new() { - private static readonly RandomNumberGenerator CryptoRandom = RandomNumberGenerator.Create(); protected HttpClient Backchannel => Options.Backchannel; /// @@ -274,7 +273,7 @@ protected virtual string BuildChallengeUrl(AuthenticationProperties properties, if (Options.UsePkce) { var bytes = new byte[32]; - CryptoRandom.GetBytes(bytes); + RandomNumberGenerator.Fill(bytes); var codeVerifier = Base64UrlTextEncoder.Encode(bytes); // Store this for use during the code redemption. diff --git a/src/Security/Authentication/OpenIdConnect/src/OpenIdConnectHandler.cs b/src/Security/Authentication/OpenIdConnect/src/OpenIdConnectHandler.cs index 10085f5cea06..e1dc65df6601 100644 --- a/src/Security/Authentication/OpenIdConnect/src/OpenIdConnectHandler.cs +++ b/src/Security/Authentication/OpenIdConnect/src/OpenIdConnectHandler.cs @@ -34,8 +34,6 @@ public class OpenIdConnectHandler : RemoteAuthenticationHandler Options.Backchannel; @@ -371,7 +369,7 @@ private async Task HandleChallengeAsyncInternal(AuthenticationProperties propert if (Options.UsePkce && Options.ResponseType == OpenIdConnectResponseType.Code) { var bytes = new byte[32]; - CryptoRandom.GetBytes(bytes); + RandomNumberGenerator.Fill(bytes); var codeVerifier = Base64UrlTextEncoder.Encode(bytes); // Store this for use during the code redemption. See RunAuthorizationCodeReceivedEventAsync.