diff --git a/samples/snippets/cpp/VS_Snippets_CLR/AssemblyName_CodeBase/CPP/assemblyname_codebase.cpp b/samples/snippets/cpp/VS_Snippets_CLR/AssemblyName_CodeBase/CPP/assemblyname_codebase.cpp index 98b7368095c..ed95a193420 100644 --- a/samples/snippets/cpp/VS_Snippets_CLR/AssemblyName_CodeBase/CPP/assemblyname_codebase.cpp +++ b/samples/snippets/cpp/VS_Snippets_CLR/AssemblyName_CodeBase/CPP/assemblyname_codebase.cpp @@ -71,8 +71,8 @@ int main() // Set the culture information of the assembly to 'English-American'. myAssemblyName->CultureInfo = gcnew CultureInfo( "en-US" ); - // Set the hash algoritm to 'SHA1'. - myAssemblyName->HashAlgorithm = AssemblyHashAlgorithm::SHA1; + // Set the hash algorithm to 'SHA256'. + myAssemblyName->HashAlgorithm = AssemblyHashAlgorithm::SHA256; myAssemblyName->Name = "MyAssembly"; myAssemblyName->Version = gcnew Version( "1.0.0.2001" ); MakeAssembly( myAssemblyName, "MyAssembly.exe" ); diff --git a/samples/snippets/cpp/VS_Snippets_CLR/AssemblyName_KeyPair/CPP/assemblyname_keypair.cpp b/samples/snippets/cpp/VS_Snippets_CLR/AssemblyName_KeyPair/CPP/assemblyname_keypair.cpp index 53568f7ebc0..ff0b5cc6241 100644 --- a/samples/snippets/cpp/VS_Snippets_CLR/AssemblyName_KeyPair/CPP/assemblyname_keypair.cpp +++ b/samples/snippets/cpp/VS_Snippets_CLR/AssemblyName_KeyPair/CPP/assemblyname_keypair.cpp @@ -78,8 +78,8 @@ int main() // Set the culture information of the assembly to 'English-American'. myAssemblyName->CultureInfo = gcnew CultureInfo( "en-US" ); - // Set the hash algoritm to 'SHA1'. - myAssemblyName->HashAlgorithm = AssemblyHashAlgorithm::SHA1; + // Set the hash algorithm to 'SHA256'. + myAssemblyName->HashAlgorithm = AssemblyHashAlgorithm::SHA256; myAssemblyName->VersionCompatibility = AssemblyVersionCompatibility::SameProcess; myAssemblyName->Flags = AssemblyNameFlags::PublicKey; diff --git a/samples/snippets/cpp/VS_Snippets_CLR/AssemblyName_SetPublicKey/CPP/assemblyname_setpublickey.cpp b/samples/snippets/cpp/VS_Snippets_CLR/AssemblyName_SetPublicKey/CPP/assemblyname_setpublickey.cpp index 901f53177ce..976f368361d 100644 --- a/samples/snippets/cpp/VS_Snippets_CLR/AssemblyName_SetPublicKey/CPP/assemblyname_setpublickey.cpp +++ b/samples/snippets/cpp/VS_Snippets_CLR/AssemblyName_SetPublicKey/CPP/assemblyname_setpublickey.cpp @@ -74,8 +74,8 @@ int main() // Set the culture information of the assembly to 'English-American'. myAssemblyName->CultureInfo = gcnew CultureInfo( "en-US" ); - // Set the hash algoritm to 'SHA1'. - myAssemblyName->HashAlgorithm = AssemblyHashAlgorithm::SHA1; + // Set the hash algorithm to 'SHA256'. + myAssemblyName->HashAlgorithm = AssemblyHashAlgorithm::SHA256; myAssemblyName->VersionCompatibility = AssemblyVersionCompatibility::SameProcess; myAssemblyName->Flags = AssemblyNameFlags::PublicKey; diff --git a/samples/snippets/cpp/VS_Snippets_CLR/Cryptography.PasswordDerivedbytes/cpp/sample.cpp b/samples/snippets/cpp/VS_Snippets_CLR/Cryptography.PasswordDerivedbytes/cpp/sample.cpp index 7e074d4f8f7..b48c1070167 100644 --- a/samples/snippets/cpp/VS_Snippets_CLR/Cryptography.PasswordDerivedbytes/cpp/sample.cpp +++ b/samples/snippets/cpp/VS_Snippets_CLR/Cryptography.PasswordDerivedbytes/cpp/sample.cpp @@ -74,6 +74,8 @@ int main(array^ args) // // Create the key and set it to the Key property // of the TripleDESCryptoServiceProvider object. + // This example uses the SHA1 algorithm. + // Due to collision problems with SHA1, Microsoft recommends SHA256 or better. cryptoDESProvider->Key = passwordDeriveBytes->CryptDeriveKey ("TripleDES", "SHA1", 192, cryptoDESProvider->IV); // diff --git a/samples/snippets/cpp/VS_Snippets_CLR/Cryptography.RSACSP.SignData1/CPP/example.cpp b/samples/snippets/cpp/VS_Snippets_CLR/Cryptography.RSACSP.SignData1/CPP/example.cpp index 8cbd6f09a02..64ea93083e6 100644 --- a/samples/snippets/cpp/VS_Snippets_CLR/Cryptography.RSACSP.SignData1/CPP/example.cpp +++ b/samples/snippets/cpp/VS_Snippets_CLR/Cryptography.RSACSP.SignData1/CPP/example.cpp @@ -13,9 +13,9 @@ array^ HashAndSignBytes( array^DataToSign, RSAParameters Key, int In RSACryptoServiceProvider^ RSAalg = gcnew RSACryptoServiceProvider; RSAalg->ImportParameters( Key ); - // Hash and sign the data. Pass a new instance of SHA1CryptoServiceProvider - // to specify the use of SHA1 for hashing. - return RSAalg->SignData( DataToSign, Index, Length, gcnew SHA1CryptoServiceProvider ); + // Hash and sign the data. Pass a new instance of SHA256 + // to specify the hashing algorithm. + return RSAalg->SignData( DataToSign, Index, Length, SHA256::Create() ); } catch ( CryptographicException^ e ) { @@ -35,9 +35,9 @@ bool VerifySignedHash( array^DataToVerify, array^SignedData, RSAPara RSACryptoServiceProvider^ RSAalg = gcnew RSACryptoServiceProvider; RSAalg->ImportParameters( Key ); - // Verify the data using the signature. Pass a new instance of SHA1CryptoServiceProvider - // to specify the use of SHA1 for hashing. - return RSAalg->VerifyData( DataToVerify, gcnew SHA1CryptoServiceProvider, SignedData ); + // Verify the data using the signature. Pass a new instance of SHA256 + // to specify the hashing algorithm. + return RSAalg->VerifyData( DataToVerify, SHA256::Create(), SignedData ); } catch ( CryptographicException^ e ) { diff --git a/samples/snippets/cpp/VS_Snippets_CLR/Cryptography.RSACSP.SignData2/CPP/example.cpp b/samples/snippets/cpp/VS_Snippets_CLR/Cryptography.RSACSP.SignData2/CPP/example.cpp index 3d8dfadba64..ea06a0cb596 100644 --- a/samples/snippets/cpp/VS_Snippets_CLR/Cryptography.RSACSP.SignData2/CPP/example.cpp +++ b/samples/snippets/cpp/VS_Snippets_CLR/Cryptography.RSACSP.SignData2/CPP/example.cpp @@ -13,9 +13,9 @@ array^ HashAndSignBytes( array^DataToSign, RSAParameters Key ) RSACryptoServiceProvider^ RSAalg = gcnew RSACryptoServiceProvider; RSAalg->ImportParameters( Key ); - // Hash and sign the data. Pass a new instance of SHA1CryptoServiceProvider - // to specify the use of SHA1 for hashing. - return RSAalg->SignData( DataToSign, gcnew SHA1CryptoServiceProvider ); + // Hash and sign the data. Pass a new instance of SHA256 + // to specify the hashing algorithm. + return RSAalg->SignData( DataToSign, SHA256::Create() ); } catch ( CryptographicException^ e ) { @@ -35,9 +35,9 @@ bool VerifySignedHash( array^DataToVerify, array^SignedData, RSAPara RSACryptoServiceProvider^ RSAalg = gcnew RSACryptoServiceProvider; RSAalg->ImportParameters( Key ); - // Verify the data using the signature. Pass a new instance of SHA1CryptoServiceProvider - // to specify the use of SHA1 for hashing. - return RSAalg->VerifyData( DataToVerify, gcnew SHA1CryptoServiceProvider, SignedData ); + // Verify the data using the signature. Pass a new instance of SHA256 + // to specify the hashing algorithm. + return RSAalg->VerifyData( DataToVerify, SHA256::Create(), SignedData ); } catch ( CryptographicException^ e ) { diff --git a/samples/snippets/cpp/VS_Snippets_CLR/Cryptography.RSACSP.SignData3/CPP/example.cpp b/samples/snippets/cpp/VS_Snippets_CLR/Cryptography.RSACSP.SignData3/CPP/example.cpp index 51daadd9c78..f6127ea6dd1 100644 --- a/samples/snippets/cpp/VS_Snippets_CLR/Cryptography.RSACSP.SignData3/CPP/example.cpp +++ b/samples/snippets/cpp/VS_Snippets_CLR/Cryptography.RSACSP.SignData3/CPP/example.cpp @@ -20,9 +20,9 @@ array^ HashAndSignBytes( Stream^ DataStream, RSAParameters Key ) RSACryptoServiceProvider^ RSAalg = gcnew RSACryptoServiceProvider; RSAalg->ImportParameters( Key ); - // Hash and sign the data. Pass a new instance of SHA1CryptoServiceProvider - // to specify the use of SHA1 for hashing. - return RSAalg->SignData( DataStream, gcnew SHA1CryptoServiceProvider ); + // Hash and sign the data. Pass a new instance of SHA256 + // to specify the hashing algorithm. + return RSAalg->SignData( DataStream, SHA256::Create() ); } catch ( CryptographicException^ e ) { @@ -42,9 +42,9 @@ bool VerifySignedHash( array^DataToVerify, array^SignedData, RSAPara RSACryptoServiceProvider^ RSAalg = gcnew RSACryptoServiceProvider; RSAalg->ImportParameters( Key ); - // Verify the data using the signature. Pass a new instance of SHA1CryptoServiceProvider - // to specify the use of SHA1 for hashing. - return RSAalg->VerifyData( DataToVerify, gcnew SHA1CryptoServiceProvider, SignedData ); + // Verify the data using the signature. Pass a new instance of SHA256 + // to specify the hashing algorithm. + return RSAalg->VerifyData( DataToVerify, SHA256(), SignedData ); } catch ( CryptographicException^ e ) { diff --git a/samples/snippets/cpp/VS_Snippets_CLR/Cryptography.SmartCardCSP/CPP/Cryptography.SmartCardCSP.cpp b/samples/snippets/cpp/VS_Snippets_CLR/Cryptography.SmartCardCSP/CPP/Cryptography.SmartCardCSP.cpp index 0ca07b17c6d..79e192d5857 100644 --- a/samples/snippets/cpp/VS_Snippets_CLR/Cryptography.SmartCardCSP/CPP/Cryptography.SmartCardCSP.cpp +++ b/samples/snippets/cpp/VS_Snippets_CLR/Cryptography.SmartCardCSP/CPP/Cryptography.SmartCardCSP.cpp @@ -27,11 +27,11 @@ int main() Console::WriteLine( L"Data : {0}", BitConverter::ToString( data ) ); // Sign the data using the Smart Card CryptoGraphic Provider. - array^sig = rsa->SignData( data, L"SHA1" ); + array^sig = rsa->SignData( data, L"SHA256" ); Console::WriteLine( L"Signature : {0}", BitConverter::ToString( sig ) ); // Verify the data using the Smart Card CryptoGraphic Provider. - bool verified = rsa->VerifyData( data, L"SHA1", sig ); + bool verified = rsa->VerifyData( data, L"SHA256", sig ); Console::WriteLine( L"Verified : {0}", verified ); } diff --git a/samples/snippets/cpp/VS_Snippets_CLR_Classic/classic HashAlgorithm Example/CPP/source.cpp b/samples/snippets/cpp/VS_Snippets_CLR_Classic/classic HashAlgorithm Example/CPP/source.cpp index bdad6d9cc5d..6f730f84905 100644 --- a/samples/snippets/cpp/VS_Snippets_CLR_Classic/classic HashAlgorithm Example/CPP/source.cpp +++ b/samples/snippets/cpp/VS_Snippets_CLR_Classic/classic HashAlgorithm Example/CPP/source.cpp @@ -15,7 +15,7 @@ public ref class Form1: public Form void Method() { // - HashAlgorithm^ sha = gcnew SHA1CryptoServiceProvider; + HashAlgorithm^ sha = SHA256::Create(); array^ result = sha->ComputeHash( dataArray ); // } diff --git a/samples/snippets/cpp/VS_Snippets_CLR_System/System.Security.Cryptography.RSACryptoServiceProvider ManualHash Example/CPP/class1.cpp b/samples/snippets/cpp/VS_Snippets_CLR_System/System.Security.Cryptography.RSACryptoServiceProvider ManualHash Example/CPP/class1.cpp index b288d514e92..1915aae483d 100644 --- a/samples/snippets/cpp/VS_Snippets_CLR_System/System.Security.Cryptography.RSACryptoServiceProvider ManualHash Example/CPP/class1.cpp +++ b/samples/snippets/cpp/VS_Snippets_CLR_System/System.Security.Cryptography.RSACryptoServiceProvider ManualHash Example/CPP/class1.cpp @@ -1,6 +1,8 @@ // +// This example uses the SHA1 algorithm. +// Due to collision problems with SHA1, Microsoft recommends SHA256 or better. #using using namespace System; diff --git a/samples/snippets/cpp/VS_Snippets_CLR_System/system.Security.Cryptography.AsymmetricAlgorithm/cpp/customcrypto.cpp b/samples/snippets/cpp/VS_Snippets_CLR_System/system.Security.Cryptography.AsymmetricAlgorithm/cpp/customcrypto.cpp index db1432637d2..e8cdf2da0ee 100644 --- a/samples/snippets/cpp/VS_Snippets_CLR_System/system.Security.Cryptography.AsymmetricAlgorithm/cpp/customcrypto.cpp +++ b/samples/snippets/cpp/VS_Snippets_CLR_System/system.Security.Cryptography.AsymmetricAlgorithm/cpp/customcrypto.cpp @@ -231,6 +231,9 @@ namespace Contoso // Retrieves the name of the signature alogrithm. // + // This example uses the SHA1 algorithm. + // Due to collision problems with SHA1, Microsoft recommends SHA256 or better. + public: property String^ SignatureAlgorithm { diff --git a/samples/snippets/cpp/VS_Snippets_CLR_System/system.Security.Cryptography.MaskGenerationMethod/CPP/maskgenerator.cpp b/samples/snippets/cpp/VS_Snippets_CLR_System/system.Security.Cryptography.MaskGenerationMethod/CPP/maskgenerator.cpp index ee6a2a50967..e51780a1096 100644 --- a/samples/snippets/cpp/VS_Snippets_CLR_System/system.Security.Cryptography.MaskGenerationMethod/CPP/maskgenerator.cpp +++ b/samples/snippets/cpp/VS_Snippets_CLR_System/system.Security.Cryptography.MaskGenerationMethod/CPP/maskgenerator.cpp @@ -15,10 +15,10 @@ namespace Contoso String^ hashNameValue; public: - // Initialize a mask to encrypt using the SHA1 algorithm. + // Initialize a mask to encrypt using the SHA256 algorithm. MaskGenerator() { - hashNameValue = "SHA1"; + hashNameValue = "SHA256"; } // diff --git a/samples/snippets/cpp/VS_Snippets_Remoting/Classic HttpWebRequest.ConnectionGroupName Example/CPP/source.cpp b/samples/snippets/cpp/VS_Snippets_Remoting/Classic HttpWebRequest.ConnectionGroupName Example/CPP/source.cpp index 5520471db5c..8aeb9a02bc4 100644 --- a/samples/snippets/cpp/VS_Snippets_Remoting/Classic HttpWebRequest.ConnectionGroupName Example/CPP/source.cpp +++ b/samples/snippets/cpp/VS_Snippets_Remoting/Classic HttpWebRequest.ConnectionGroupName Example/CPP/source.cpp @@ -13,6 +13,8 @@ int main() { // // Create a secure group name. + // This example uses the SHA1 algorithm. + // Due to collision problems with SHA1, Microsoft recommends SHA256 or better. SHA1Managed^ Sha1 = gcnew SHA1Managed; array^updHash = Sha1->ComputeHash( Encoding::UTF8->GetBytes( "usernamepassworddomain" ) ); String^ secureGroupName = Encoding::Default->GetString( updHash ); diff --git a/samples/snippets/csharp/VS_Snippets_CFX/c_creatests/cs/source.cs b/samples/snippets/csharp/VS_Snippets_CFX/c_creatests/cs/source.cs index 3b0288a24f1..18a854a8795 100644 --- a/samples/snippets/csharp/VS_Snippets_CFX/c_creatests/cs/source.cs +++ b/samples/snippets/csharp/VS_Snippets_CFX/c_creatests/cs/source.cs @@ -21,7 +21,7 @@ public class Test void AddSigningCredentials(SamlAssertion assertion, SecurityKey signingKey) { SigningCredentials sc = new SigningCredentials(signingKey, - SecurityAlgorithms.RsaSha1Signature, SecurityAlgorithms.Sha1Digest); + SecurityAlgorithms.RsaSha256Signature, SecurityAlgorithms.Sha256Digest); assertion.SigningCredentials = sc; } // diff --git a/samples/snippets/csharp/VS_Snippets_CFX/samlattribute/cs/source.cs b/samples/snippets/csharp/VS_Snippets_CFX/samlattribute/cs/source.cs index 6d9ce91c8b1..86f6c8dc75b 100644 --- a/samples/snippets/csharp/VS_Snippets_CFX/samlattribute/cs/source.cs +++ b/samples/snippets/csharp/VS_Snippets_CFX/samlattribute/cs/source.cs @@ -911,6 +911,8 @@ public class Elements public class ComputedKeyAlgorithms { + // This example uses the SHA1 algorithm. + // Due to collision problems with SHA1, Microsoft recommends SHA256 or better. public const string PSHA1 = "http://schemas.xmlsoap.org/ws/2005/02/trust/CK/PSHA1"; } } @@ -1054,6 +1056,8 @@ public bool ComputeKey /// Array of bytes that contain key material. public static byte[] ComputeCombinedKey(byte[] requestorEntropy, byte[] issuerEntropy, int keySize) { + // This example uses the SHA1 algorithm. + // Due to collision problems with SHA1, Microsoft recommends SHA256 or better. KeyedHashAlgorithm kha = new HMACSHA1(requestorEntropy, true); byte[] key = new byte[keySize / 8]; // Final key @@ -1164,7 +1168,8 @@ protected override void OnWriteBodyContents(XmlDictionaryWriter writer) writer.WriteStartElement(Constants.Trust.Elements.RequestedProofToken, Constants.Trust.NamespaceUri); // Write the wst:ComputeKey start tag. writer.WriteStartElement(Constants.Trust.Elements.ComputedKey, Constants.Trust.NamespaceUri); - // Write the PSHA1 algorithm value. + // This example uses the SHA1 algorithm. + // Due to collision problems with SHA1, Microsoft recommends SHA256 or better. writer.WriteValue(Constants.Trust.ComputedKeyAlgorithms.PSHA1); writer.WriteEndElement(); // wst:ComputedKey writer.WriteEndElement(); // wst:RequestedSecurityToken @@ -1295,6 +1300,8 @@ public static SamlSecurityToken CreateSamlToken(string stsName, samlSubjectStatements.Add(samlAttributeStatement); // Create a SigningCredentials instance from the key associated with the issuerToken. + // This example uses the SHA1 algorithm. + // Due to collision problems with SHA1, Microsoft recommends SHA256 or better. SigningCredentials signingCredentials = new SigningCredentials(issuerToken.SecurityKeys[0], SecurityAlgorithms.RsaSha1Signature, SecurityAlgorithms.Sha1Digest, diff --git a/samples/snippets/csharp/VS_Snippets_CLR/AssemblyName_CodeBase/CS/assemblyname_codebase.cs b/samples/snippets/csharp/VS_Snippets_CLR/AssemblyName_CodeBase/CS/assemblyname_codebase.cs index 0ff40d2c5da..7bb9100c7fb 100644 --- a/samples/snippets/csharp/VS_Snippets_CLR/AssemblyName_CodeBase/CS/assemblyname_codebase.cs +++ b/samples/snippets/csharp/VS_Snippets_CLR/AssemblyName_CodeBase/CS/assemblyname_codebase.cs @@ -67,8 +67,8 @@ public static void Main() myAssemblyName.CodeBase = Directory.GetCurrentDirectory(); // Set the culture information of the assembly to 'English-American'. myAssemblyName.CultureInfo = new CultureInfo("en-US"); - // Set the hash algoritm to 'SHA1'. - myAssemblyName.HashAlgorithm = AssemblyHashAlgorithm.SHA1; + // Set the hash algorithm to 'SHA256'. + myAssemblyName.HashAlgorithm = AssemblyHashAlgorithm.SHA256; myAssemblyName.Name = "MyAssembly"; myAssemblyName.Version = new Version("1.0.0.2001"); MakeAssembly(myAssemblyName, "MyAssembly.exe"); diff --git a/samples/snippets/csharp/VS_Snippets_CLR/AssemblyName_KeyPair/CS/assemblyname_keypair.cs b/samples/snippets/csharp/VS_Snippets_CLR/AssemblyName_KeyPair/CS/assemblyname_keypair.cs index 9a65fcad947..6bc72013c11 100644 --- a/samples/snippets/csharp/VS_Snippets_CLR/AssemblyName_KeyPair/CS/assemblyname_keypair.cs +++ b/samples/snippets/csharp/VS_Snippets_CLR/AssemblyName_KeyPair/CS/assemblyname_keypair.cs @@ -72,8 +72,8 @@ public static void Main() myAssemblyName.CodeBase = Directory.GetCurrentDirectory(); // Set the culture information of the assembly to 'English-American'. myAssemblyName.CultureInfo = new CultureInfo("en-US"); - // Set the hash algoritm to 'SHA1'. - myAssemblyName.HashAlgorithm = AssemblyHashAlgorithm.SHA1; + // Set the hash algorithm to 'SHA256'. + myAssemblyName.HashAlgorithm = AssemblyHashAlgorithm.SHA256; myAssemblyName.VersionCompatibility = AssemblyVersionCompatibility.SameProcess; myAssemblyName.Flags = AssemblyNameFlags.PublicKey; // Provide this assembly with a strong name. diff --git a/samples/snippets/csharp/VS_Snippets_CLR/AssemblyName_SetPublicKey/CS/assemblyname_setpublickey.cs b/samples/snippets/csharp/VS_Snippets_CLR/AssemblyName_SetPublicKey/CS/assemblyname_setpublickey.cs index 728006436f9..cc3cd06e7bf 100644 --- a/samples/snippets/csharp/VS_Snippets_CLR/AssemblyName_SetPublicKey/CS/assemblyname_setpublickey.cs +++ b/samples/snippets/csharp/VS_Snippets_CLR/AssemblyName_SetPublicKey/CS/assemblyname_setpublickey.cs @@ -65,8 +65,8 @@ public static void Main() myAssemblyName.CodeBase = Directory.GetCurrentDirectory(); // Set the culture information of the assembly to 'English-American'. myAssemblyName.CultureInfo = new CultureInfo("en-US"); - // Set the hash algoritm to 'SHA1'. - myAssemblyName.HashAlgorithm = AssemblyHashAlgorithm.SHA1; + // Set the hash algorithm to 'SHA256'. + myAssemblyName.HashAlgorithm = AssemblyHashAlgorithm.SHA256; myAssemblyName.VersionCompatibility = AssemblyVersionCompatibility.SameProcess; myAssemblyName.Flags = AssemblyNameFlags.PublicKey; // Get the whole contents of the 'PublicKey.snk' into a byte array. diff --git a/samples/snippets/csharp/VS_Snippets_CLR/Cryptography.PasswordDerivedbytes/CS/sample.cs b/samples/snippets/csharp/VS_Snippets_CLR/Cryptography.PasswordDerivedbytes/CS/sample.cs index 747c2dda08f..f8cfbfd413a 100644 --- a/samples/snippets/csharp/VS_Snippets_CLR/Cryptography.PasswordDerivedbytes/CS/sample.cs +++ b/samples/snippets/csharp/VS_Snippets_CLR/Cryptography.PasswordDerivedbytes/CS/sample.cs @@ -31,6 +31,8 @@ public static void Main(String[] args) // Create the key and set it to the Key property // of the TripleDESCryptoServiceProvider object. + // This example uses the SHA1 algorithm. + // Due to collision problems with SHA1, Microsoft recommends SHA256 or better. tdes.Key = pdb.CryptDeriveKey("TripleDES", "SHA1", 192, tdes.IV); // diff --git a/samples/snippets/csharp/VS_Snippets_CLR/Cryptography.RSACSP.SignData1/CS/example.cs b/samples/snippets/csharp/VS_Snippets_CLR/Cryptography.RSACSP.SignData1/CS/example.cs index 268e63d9957..c3d9ad53da6 100644 --- a/samples/snippets/csharp/VS_Snippets_CLR/Cryptography.RSACSP.SignData1/CS/example.cs +++ b/samples/snippets/csharp/VS_Snippets_CLR/Cryptography.RSACSP.SignData1/CS/example.cs @@ -69,9 +69,9 @@ public static byte[] HashAndSignBytes(byte[] DataToSign, RSAParameters Key, int RSAalg.ImportParameters(Key); - // Hash and sign the data. Pass a new instance of SHA1CryptoServiceProvider - // to specify the use of SHA1 for hashing. - return RSAalg.SignData(DataToSign,Index,Length, new SHA1CryptoServiceProvider()); + // Hash and sign the data. Pass a new instance of SHA256 + // to specify the hashing algorithm. + return RSAalg.SignData(DataToSign,Index,Length, SHA256.Create()); } catch(CryptographicException e) { @@ -91,9 +91,9 @@ public static bool VerifySignedHash(byte[] DataToVerify, byte[] SignedData, RSAP RSAalg.ImportParameters(Key); - // Verify the data using the signature. Pass a new instance of SHA1CryptoServiceProvider - // to specify the use of SHA1 for hashing. - return RSAalg.VerifyData(DataToVerify, new SHA1CryptoServiceProvider(), SignedData); + // Verify the data using the signature. Pass a new instance of SHA256 + // to specify the hashing algorithm. + return RSAalg.VerifyData(DataToVerify, SHA256.Create(), SignedData); } catch(CryptographicException e) { diff --git a/samples/snippets/csharp/VS_Snippets_CLR/Cryptography.RSACSP.SignData2/CS/example.cs b/samples/snippets/csharp/VS_Snippets_CLR/Cryptography.RSACSP.SignData2/CS/example.cs index d8eefda8a17..2ed25a5c15e 100644 --- a/samples/snippets/csharp/VS_Snippets_CLR/Cryptography.RSACSP.SignData2/CS/example.cs +++ b/samples/snippets/csharp/VS_Snippets_CLR/Cryptography.RSACSP.SignData2/CS/example.cs @@ -57,9 +57,9 @@ public static byte[] HashAndSignBytes(byte[] DataToSign, RSAParameters Key) RSAalg.ImportParameters(Key); - // Hash and sign the data. Pass a new instance of SHA1CryptoServiceProvider - // to specify the use of SHA1 for hashing. - return RSAalg.SignData(DataToSign, new SHA1CryptoServiceProvider()); + // Hash and sign the data. Pass a new instance of SHA256 + // to specify the hashing algorithm. + return RSAalg.SignData(DataToSign, SHA256.Create()); } catch(CryptographicException e) { @@ -79,9 +79,9 @@ public static bool VerifySignedHash(byte[] DataToVerify, byte[] SignedData, RSAP RSAalg.ImportParameters(Key); - // Verify the data using the signature. Pass a new instance of SHA1CryptoServiceProvider - // to specify the use of SHA1 for hashing. - return RSAalg.VerifyData(DataToVerify, new SHA1CryptoServiceProvider(), SignedData); + // Verify the data using the signature. Pass a new instance of SHA256 + // to specify the hashing algorithm. + return RSAalg.VerifyData(DataToVerify, SHA256.Create(), SignedData); } catch(CryptographicException e) { diff --git a/samples/snippets/csharp/VS_Snippets_CLR/Cryptography.RSACSP.SignData3/CS/example.cs b/samples/snippets/csharp/VS_Snippets_CLR/Cryptography.RSACSP.SignData3/CS/example.cs index c841f729e2c..988cd414b45 100644 --- a/samples/snippets/csharp/VS_Snippets_CLR/Cryptography.RSACSP.SignData3/CS/example.cs +++ b/samples/snippets/csharp/VS_Snippets_CLR/Cryptography.RSACSP.SignData3/CS/example.cs @@ -74,9 +74,9 @@ public static byte[] HashAndSignBytes(Stream DataStream, RSAParameters Key) RSAalg.ImportParameters(Key); - // Hash and sign the data. Pass a new instance of SHA1CryptoServiceProvider - // to specify the use of SHA1 for hashing. - return RSAalg.SignData(DataStream, new SHA1CryptoServiceProvider()); + // Hash and sign the data. Pass a new instance of SHA256 + // to specify the hashing algorithm. + return RSAalg.SignData(DataStream, SHA256.Create()); } catch(CryptographicException e) { @@ -96,9 +96,9 @@ public static bool VerifySignedHash(byte[] DataToVerify, byte[] SignedData, RSAP RSAalg.ImportParameters(Key); - // Verify the data using the signature. Pass a new instance of SHA1CryptoServiceProvider - // to specify the use of SHA1 for hashing. - return RSAalg.VerifyData(DataToVerify, new SHA1CryptoServiceProvider(), SignedData); + // Verify the data using the signature. Pass a new instance of SHA256 + // to specify the hashing algorithm. + return RSAalg.VerifyData(DataToVerify, SHA256.Create(), SignedData); } catch(CryptographicException e) { diff --git a/samples/snippets/csharp/VS_Snippets_CLR/Cryptography.SmartCardCSP/CS/example.cs b/samples/snippets/csharp/VS_Snippets_CLR/Cryptography.SmartCardCSP/CS/example.cs index d961da37ad2..2a46bf431c9 100644 --- a/samples/snippets/csharp/VS_Snippets_CLR/Cryptography.SmartCardCSP/CS/example.cs +++ b/samples/snippets/csharp/VS_Snippets_CLR/Cryptography.SmartCardCSP/CS/example.cs @@ -30,12 +30,12 @@ static void Main(string[] args) Console.WriteLine("Data : " + BitConverter.ToString(data)); // Sign the data using the Smart Card CryptoGraphic Provider. - byte[] sig = rsa.SignData(data, "SHA1"); + byte[] sig = rsa.SignData(data, "SHA256"); Console.WriteLine("Signature : " + BitConverter.ToString(sig)); // Verify the data using the Smart Card CryptoGraphic Provider. - bool verified = rsa.VerifyData(data, "SHA1", sig); + bool verified = rsa.VerifyData(data, "SHA256", sig); Console.WriteLine("Verified : " + verified); } diff --git a/samples/snippets/csharp/VS_Snippets_CLR_Classic/classic HashAlgorithm Example/CS/source.cs b/samples/snippets/csharp/VS_Snippets_CLR_Classic/classic HashAlgorithm Example/CS/source.cs index c5ad4dd8ce5..e177decc799 100644 --- a/samples/snippets/csharp/VS_Snippets_CLR_Classic/classic HashAlgorithm Example/CS/source.cs +++ b/samples/snippets/csharp/VS_Snippets_CLR_Classic/classic HashAlgorithm Example/CS/source.cs @@ -10,7 +10,7 @@ public class Form1: Form protected void Method() { // - HashAlgorithm sha = new SHA1CryptoServiceProvider(); + HashAlgorithm sha = SHA256.Create(); byte[] result = sha.ComputeHash(dataArray); // } diff --git a/samples/snippets/csharp/VS_Snippets_CLR_System/System.Security.Cryptography.RSACryptoServiceProvider ManualHash Example/CS/class1.cs b/samples/snippets/csharp/VS_Snippets_CLR_System/System.Security.Cryptography.RSACryptoServiceProvider ManualHash Example/CS/class1.cs index 8540e45b4c4..40df1f24c84 100644 --- a/samples/snippets/csharp/VS_Snippets_CLR_System/System.Security.Cryptography.RSACryptoServiceProvider ManualHash Example/CS/class1.cs +++ b/samples/snippets/csharp/VS_Snippets_CLR_System/System.Security.Cryptography.RSACryptoServiceProvider ManualHash Example/CS/class1.cs @@ -1,4 +1,6 @@ // +// This example uses the SHA1 algorithm. +// Due to collision problems with SHA1, Microsoft recommends SHA256 or better. using System; using System.Text; using System.Security.Cryptography; diff --git a/samples/snippets/csharp/VS_Snippets_CLR_System/system.CodeDom.CodeDirectives/CS/codedirective.cs b/samples/snippets/csharp/VS_Snippets_CLR_System/system.CodeDom.CodeDirectives/CS/codedirective.cs index 7b1585a4644..df9d0903b9b 100644 --- a/samples/snippets/csharp/VS_Snippets_CLR_System/system.CodeDom.CodeDirectives/CS/codedirective.cs +++ b/samples/snippets/csharp/VS_Snippets_CLR_System/system.CodeDom.CodeDirectives/CS/codedirective.cs @@ -84,6 +84,8 @@ static void DemonstrateCodeDirectives(string providerName, string sourceFileName File.Delete(sourceFileName); } + // This example uses the SHA1 and MD5 algorithms. + // Due to collision problems with SHA1 and MD5, Microsoft recommends SHA256 or better. private static Guid HashMD5 = new Guid(0x406ea660, 0x64cf, 0x4c82, 0xb6, 0xf0, 0x42, 0xd4, 0x81, 0x72, 0xa7, 0x99); private static Guid HashSHA1 = new Guid(0xff1816ec, 0xaa5e, 0x4d10, 0x87, 0xf7, 0x6f, 0x49, 0x63, 0x83, 0x34, 0x60); diff --git a/samples/snippets/csharp/VS_Snippets_CLR_System/system.Security.Cryptography.AsymmetricAlgorithm/CS/customcrypto.cs b/samples/snippets/csharp/VS_Snippets_CLR_System/system.Security.Cryptography.AsymmetricAlgorithm/CS/customcrypto.cs index e8ea9a4f949..acd9d446bd1 100644 --- a/samples/snippets/csharp/VS_Snippets_CLR_System/system.Security.Cryptography.AsymmetricAlgorithm/CS/customcrypto.cs +++ b/samples/snippets/csharp/VS_Snippets_CLR_System/system.Security.Cryptography.AsymmetricAlgorithm/CS/customcrypto.cs @@ -202,6 +202,8 @@ public override string KeyExchangeAlgorithm // Retrieves the name of the signature alogrithm. // + // This example uses the SHA1 algorithm. + // Due to collision problems with SHA1, Microsoft recommends SHA256 or better. public override string SignatureAlgorithm { get {return "http://www.w3.org/2000/09/xmldsig#rsa-sha1";} diff --git a/samples/snippets/csharp/VS_Snippets_CLR_System/system.Security.Cryptography.CryptoConfig/CS/members.cs b/samples/snippets/csharp/VS_Snippets_CLR_System/system.Security.Cryptography.CryptoConfig/CS/members.cs index 086b5445898..21837371036 100644 --- a/samples/snippets/csharp/VS_Snippets_CLR_System/system.Security.Cryptography.CryptoConfig/CS/members.cs +++ b/samples/snippets/csharp/VS_Snippets_CLR_System/system.Security.Cryptography.CryptoConfig/CS/members.cs @@ -19,6 +19,8 @@ static void Main(string[] args) // Create a new SHA1 provider. // + // This example uses the SHA1 algorithm. + // Due to collision problems with SHA1, Microsoft recommends SHA256 or better. SHA1CryptoServiceProvider SHA1alg = (SHA1CryptoServiceProvider)CryptoConfig.CreateFromName("SHA1"); // @@ -38,11 +40,15 @@ static void Main(string[] args) // Use the MapNameToOID method to get an object identifier // (OID) from the string name of the SHA1 algorithm. // + // This example uses the SHA1 algorithm. + // Due to collision problems with SHA1, Microsoft recommends SHA256 or better. string sha1Oid = CryptoConfig.MapNameToOID("SHA1"); // // Encode the specified object identifier. // + // This example uses the SHA1 algorithm. + // Due to collision problems with SHA1, Microsoft recommends SHA256 or better. byte[] encodedMessage = CryptoConfig.EncodeOID(sha1Oid); // diff --git a/samples/snippets/csharp/VS_Snippets_CLR_System/system.Security.Cryptography.MaskGenerationMethod/CS/maskgenerator.cs b/samples/snippets/csharp/VS_Snippets_CLR_System/system.Security.Cryptography.MaskGenerationMethod/CS/maskgenerator.cs index 79d753e77bc..d31b08d79bb 100644 --- a/samples/snippets/csharp/VS_Snippets_CLR_System/system.Security.Cryptography.MaskGenerationMethod/CS/maskgenerator.cs +++ b/samples/snippets/csharp/VS_Snippets_CLR_System/system.Security.Cryptography.MaskGenerationMethod/CS/maskgenerator.cs @@ -10,10 +10,10 @@ class MaskGenerator : System.Security.Cryptography.MaskGenerationMethod { private String HashNameValue; - // Initialize a mask to encrypt using the SHA1 algorithm. + // Initialize a mask to encrypt using the SHA256 algorithm. public MaskGenerator() { - HashNameValue = "SHA1"; + HashNameValue = "SHA256"; } // diff --git a/samples/snippets/csharp/VS_Snippets_Remoting/Classic HttpWebRequest.ConnectionGroupName Example/CS/source.cs b/samples/snippets/csharp/VS_Snippets_Remoting/Classic HttpWebRequest.ConnectionGroupName Example/CS/source.cs index 84d53fc5650..1d96f25aebd 100644 --- a/samples/snippets/csharp/VS_Snippets_Remoting/Classic HttpWebRequest.ConnectionGroupName Example/CS/source.cs +++ b/samples/snippets/csharp/VS_Snippets_Remoting/Classic HttpWebRequest.ConnectionGroupName Example/CS/source.cs @@ -12,6 +12,8 @@ public static int Main(String[] args) { // // Create a secure group name. + // This example uses the SHA1 algorithm. + // Due to collision problems with SHA1, Microsoft recommends SHA256 or better. SHA1Managed Sha1 = new SHA1Managed(); Byte[] updHash = Sha1.ComputeHash(Encoding.UTF8.GetBytes("username" + "password" + "domain")); String secureGroupName = Encoding.Default.GetString(updHash); diff --git a/samples/snippets/csharp/VS_Snippets_WebNet/System.Web.Configuration.FormsAuthenticationCredentials/CS/formsauthenticationcredentials.cs b/samples/snippets/csharp/VS_Snippets_WebNet/System.Web.Configuration.FormsAuthenticationCredentials/CS/formsauthenticationcredentials.cs index 4348c84231f..5631f5b8637 100644 --- a/samples/snippets/csharp/VS_Snippets_WebNet/System.Web.Configuration.FormsAuthenticationCredentials/CS/formsauthenticationcredentials.cs +++ b/samples/snippets/csharp/VS_Snippets_WebNet/System.Web.Configuration.FormsAuthenticationCredentials/CS/formsauthenticationcredentials.cs @@ -46,6 +46,8 @@ public static void Main() formsAuthenticationCredentials.PasswordFormat; // Set the PasswordFormat property value. + // This example uses the SHA1 algorithm. + // Due to collision problems with SHA1, Microsoft recommends SHA256 or better. formsAuthenticationCredentials.PasswordFormat = FormsAuthPasswordFormat.SHA1; @@ -78,6 +80,8 @@ public static void Main() // Using method Add. // Define the SHA1 encrypted password. + // This example uses the SHA1 algorithm. + // Due to collision problems with SHA1, Microsoft recommends SHA256 or better. string password = "5BAA61E4C9B93F3F0682250B6CF8331B7EE68FD8"; // Define the user name. diff --git a/samples/snippets/csharp/VS_Snippets_WebNet/System.Web.Configuration.FormsAuthenticationUser/CS/formsauthenticationuser.cs b/samples/snippets/csharp/VS_Snippets_WebNet/System.Web.Configuration.FormsAuthenticationUser/CS/formsauthenticationuser.cs index 6364c646bb8..ff3f1f3f046 100644 --- a/samples/snippets/csharp/VS_Snippets_WebNet/System.Web.Configuration.FormsAuthenticationUser/CS/formsauthenticationuser.cs +++ b/samples/snippets/csharp/VS_Snippets_WebNet/System.Web.Configuration.FormsAuthenticationUser/CS/formsauthenticationuser.cs @@ -58,6 +58,8 @@ public static void Main() formsAuthenticationUsers[0].Password; // Set a SHA1 encrypted password. + // This example uses the SHA1 algorithm. + // Due to collision problems with SHA1, Microsoft recommends SHA256 or better. formsAuthenticationUsers[0].Password = "5BAA61E4C9B93F3F0682250B6CF8331B7EE68FD8"; diff --git a/samples/snippets/csharp/VS_Snippets_WebNet/System.Web.Configuration.MachineKeySection/CS/machinekeysection.cs b/samples/snippets/csharp/VS_Snippets_WebNet/System.Web.Configuration.MachineKeySection/CS/machinekeysection.cs index ff1d4f0b382..e283d89ff31 100644 --- a/samples/snippets/csharp/VS_Snippets_WebNet/System.Web.Configuration.MachineKeySection/CS/machinekeysection.cs +++ b/samples/snippets/csharp/VS_Snippets_WebNet/System.Web.Configuration.MachineKeySection/CS/machinekeysection.cs @@ -64,7 +64,7 @@ static void Main(string[] args) // // Set Validation property. - configSection.Validation = MachineKeyValidation.SHA1; + configSection.Validation = MachineKeyValidation.HMACSHA256; // // Update if not locked. diff --git a/samples/snippets/csharp/VS_Snippets_WebNet/System.Web.Configuration.MembershipSection/CS/MembershipSection.cs b/samples/snippets/csharp/VS_Snippets_WebNet/System.Web.Configuration.MembershipSection/CS/MembershipSection.cs index cadd882a4ea..bed632bdcf4 100644 --- a/samples/snippets/csharp/VS_Snippets_WebNet/System.Web.Configuration.MembershipSection/CS/MembershipSection.cs +++ b/samples/snippets/csharp/VS_Snippets_WebNet/System.Web.Configuration.MembershipSection/CS/MembershipSection.cs @@ -56,7 +56,7 @@ static void Main(string[] args) // Set HashAlgorithmType value. configSection.HashAlgorithmType = - MachineKeyValidation.SHA1.ToString(); + MachineKeyValidation.HMACSHA256.ToString(); // // Display UserIsOnlineTimeWindow value. diff --git a/samples/snippets/visualbasic/VS_Snippets_CFX/c_creatests/vb/source.vb b/samples/snippets/visualbasic/VS_Snippets_CFX/c_creatests/vb/source.vb index aca693d9f4c..c6b99e68fe6 100644 --- a/samples/snippets/visualbasic/VS_Snippets_CFX/c_creatests/vb/source.vb +++ b/samples/snippets/visualbasic/VS_Snippets_CFX/c_creatests/vb/source.vb @@ -18,7 +18,7 @@ Namespace CreateSts Sub AddSigningCredentials(ByVal assertion As SamlAssertion, _ ByVal signingKey As SecurityKey) Dim sc As New SigningCredentials(signingKey, _ - SecurityAlgorithms.RsaSha1Signature, SecurityAlgorithms.Sha1Digest) + SecurityAlgorithms.RsaSha256Signature, SecurityAlgorithms.Sha256Digest) assertion.SigningCredentials = sc End Sub diff --git a/samples/snippets/visualbasic/VS_Snippets_CFX/samlattribute/vb/source.vb b/samples/snippets/visualbasic/VS_Snippets_CFX/samlattribute/vb/source.vb index 74e7e92be56..6f0f6ec8a19 100644 --- a/samples/snippets/visualbasic/VS_Snippets_CFX/samlattribute/vb/source.vb +++ b/samples/snippets/visualbasic/VS_Snippets_CFX/samlattribute/vb/source.vb @@ -870,6 +870,8 @@ Namespace Microsoft.ServiceModel.Samples.Federation End Class + ' This example uses the SHA1 algorithm. + ' Due to collision problems with SHA1, Microsoft recommends SHA256 or better. Public Class ComputedKeyAlgorithms Public Const PSHA1 As String = "http://schemas.xmlsoap.org/ws/2005/02/trust/CK/PSHA1" End Class @@ -1027,6 +1029,8 @@ Namespace Microsoft.ServiceModel.Samples.Federation '/ Size of required key, in bits. '/ Array of bytes that contains key material. Public Shared Function ComputeCombinedKey(ByVal requestorEntropy() As Byte, ByVal issuerEntropy() As Byte, ByVal keySize As Integer) As Byte() + ' This example uses the SHA1 algorithm. + ' Due to collision problems with SHA1, Microsoft recommends SHA256 or better. Dim kha As KeyedHashAlgorithm = New HMACSHA1(requestorEntropy, True) Dim key(keySize / 8 - 1) As Byte ' Final key @@ -1132,7 +1136,8 @@ Namespace Microsoft.ServiceModel.Samples.Federation writer.WriteStartElement(Constants.Trust.Elements.RequestedProofToken, Constants.Trust.NamespaceUri) ' Write the wst:ComputeKey start tag. writer.WriteStartElement(Constants.Trust.Elements.ComputedKey, Constants.Trust.NamespaceUri) - ' Write the PSHA1 algorithm value. + ' This example uses the SHA1 algorithm. + ' Due to collision problems with SHA1, Microsoft recommends SHA256 or better. writer.WriteValue(Constants.Trust.ComputedKeyAlgorithms.PSHA1) writer.WriteEndElement() ' wst:ComputedKey writer.WriteEndElement() ' wst:RequestedSecurityToken @@ -1258,6 +1263,8 @@ Namespace Microsoft.ServiceModel.Samples.Federation samlSubjectStatements.Add(samlAttributeStatement) ' Create a SigningCredentials instance from the key associated with the issuerToken. + ' This example uses the SHA1 algorithm. + ' Due to collision problems with SHA1, Microsoft recommends SHA256 or better. Dim signingCredentials As New SigningCredentials(issuerToken.SecurityKeys(0), SecurityAlgorithms.RsaSha1Signature, SecurityAlgorithms.Sha1Digest, issuerKeyIdentifier) ' Create a SamlAssertion from the list of SamlStatements previously created and the passed in diff --git a/samples/snippets/visualbasic/VS_Snippets_CLR/AssemblyName_CodeBase/VB/assemblyname_codebase.vb b/samples/snippets/visualbasic/VS_Snippets_CLR/AssemblyName_CodeBase/VB/assemblyname_codebase.vb index 2cfb2613a1a..17c65af5645 100644 --- a/samples/snippets/visualbasic/VS_Snippets_CLR/AssemblyName_CodeBase/VB/assemblyname_codebase.vb +++ b/samples/snippets/visualbasic/VS_Snippets_CLR/AssemblyName_CodeBase/VB/assemblyname_codebase.vb @@ -55,8 +55,8 @@ Public Class AssemblyName_CodeBase myAssemblyName.CodeBase = Directory.GetCurrentDirectory() ' Set the culture information of the assembly to 'English-American'. myAssemblyName.CultureInfo = New CultureInfo("en-US") - ' Set the hash algoritm to 'SHA1'. - myAssemblyName.HashAlgorithm = AssemblyHashAlgorithm.SHA1 + ' Set the hash algorithm to 'SHA256'. + myAssemblyName.HashAlgorithm = AssemblyHashAlgorithm.SHA256 myAssemblyName.Name = "MyAssembly" myAssemblyName.Version = New Version("1.0.0.2001") MakeAssembly(myAssemblyName, "MyAssembly.exe") diff --git a/samples/snippets/visualbasic/VS_Snippets_CLR/AssemblyName_KeyPair/VB/assemblyname_keypair.vb b/samples/snippets/visualbasic/VS_Snippets_CLR/AssemblyName_KeyPair/VB/assemblyname_keypair.vb index 1cb4a79537c..b1e0b308c0b 100644 --- a/samples/snippets/visualbasic/VS_Snippets_CLR/AssemblyName_KeyPair/VB/assemblyname_keypair.vb +++ b/samples/snippets/visualbasic/VS_Snippets_CLR/AssemblyName_KeyPair/VB/assemblyname_keypair.vb @@ -66,8 +66,8 @@ Public Class AssemblyName_CodeBase myAssemblyName.CodeBase = Directory.GetCurrentDirectory() ' Set the culture information of the assembly to 'English-American'. myAssemblyName.CultureInfo = New CultureInfo("en-US") - ' Set the hash algoritm to 'SHA1'. - myAssemblyName.HashAlgorithm = AssemblyHashAlgorithm.SHA1 + ' Set the hash algorithm to 'SHA256'. + myAssemblyName.HashAlgorithm = AssemblyHashAlgorithm.SHA256 myAssemblyName.VersionCompatibility = AssemblyVersionCompatibility.SameProcess myAssemblyName.Flags = AssemblyNameFlags.PublicKey ' Provide this assembly with a strong name. diff --git a/samples/snippets/visualbasic/VS_Snippets_CLR/AssemblyName_SetPublicKey/VB/assemblyname_setpublickey.vb b/samples/snippets/visualbasic/VS_Snippets_CLR/AssemblyName_SetPublicKey/VB/assemblyname_setpublickey.vb index e41378bacec..ae35ebbc6fc 100644 --- a/samples/snippets/visualbasic/VS_Snippets_CLR/AssemblyName_SetPublicKey/VB/assemblyname_setpublickey.vb +++ b/samples/snippets/visualbasic/VS_Snippets_CLR/AssemblyName_SetPublicKey/VB/assemblyname_setpublickey.vb @@ -57,8 +57,8 @@ Public Class AssemblyName_CodeBase myAssemblyName.CodeBase = Directory.GetCurrentDirectory() ' Set the culture information of the assembly to 'English-American'. myAssemblyName.CultureInfo = New CultureInfo("en-US") - ' Set the hash algoritm to 'SHA1'. - myAssemblyName.HashAlgorithm = AssemblyHashAlgorithm.SHA1 + ' Set the hash algorithm to 'SHA256'. + myAssemblyName.HashAlgorithm = AssemblyHashAlgorithm.SHA256 myAssemblyName.VersionCompatibility = AssemblyVersionCompatibility.SameProcess myAssemblyName.Flags = AssemblyNameFlags.PublicKey ' Get the whole contents of the 'PublicKey.snk' into a byte array. diff --git a/samples/snippets/visualbasic/VS_Snippets_CLR/Cryptography.PasswordDerivedbytes/VB/sample.vb b/samples/snippets/visualbasic/VS_Snippets_CLR/Cryptography.PasswordDerivedbytes/VB/sample.vb index c252562f2c1..989d3bce4a2 100644 --- a/samples/snippets/visualbasic/VS_Snippets_CLR/Cryptography.PasswordDerivedbytes/VB/sample.vb +++ b/samples/snippets/visualbasic/VS_Snippets_CLR/Cryptography.PasswordDerivedbytes/VB/sample.vb @@ -30,6 +30,8 @@ Module PasswordDerivedBytesExample ' Create the key and set it to the Key property ' of the TripleDESCryptoServiceProvider object. + ' This example uses the SHA1 algorithm. + ' Due to collision problems with SHA1, Microsoft recommends SHA256 or better. tdes.Key = pdb.CryptDeriveKey("TripleDES", "SHA1", 192, tdes.IV) ' diff --git a/samples/snippets/visualbasic/VS_Snippets_CLR/Cryptography.RSACSP.SignData1/VB/example.vb b/samples/snippets/visualbasic/VS_Snippets_CLR/Cryptography.RSACSP.SignData1/VB/example.vb index 9ec7fd8d29e..f5820ee748b 100644 --- a/samples/snippets/visualbasic/VS_Snippets_CLR/Cryptography.RSACSP.SignData1/VB/example.vb +++ b/samples/snippets/visualbasic/VS_Snippets_CLR/Cryptography.RSACSP.SignData1/VB/example.vb @@ -61,9 +61,9 @@ Module RSACSPExample RSAalg.ImportParameters(Key) - ' Hash and sign the data. Pass a new instance of SHA1CryptoServiceProvider - ' to specify the use of SHA1 for hashing. - Return RSAalg.SignData(DataToSign, Index, Length, New SHA1CryptoServiceProvider) + ' Hash and sign the data. Pass a new instance of SHA256 + ' to specify the hashing algorithm. + Return RSAalg.SignData(DataToSign, Index, Length, SHA256.Create()) Catch e As CryptographicException Console.WriteLine(e.Message) @@ -80,9 +80,9 @@ Module RSACSPExample RSAalg.ImportParameters(Key) - ' Verify the data using the signature. Pass a new instance of SHA1CryptoServiceProvider - ' to specify the use of SHA1 for hashing. - Return RSAalg.VerifyData(DataToVerify, New SHA1CryptoServiceProvider, SignedData) + ' Verify the data using the signature. Pass a new instance of SHA256 + ' to specify the hashing algorithm. + Return RSAalg.VerifyData(DataToVerify, SHA256.Create(), SignedData) Catch e As CryptographicException Console.WriteLine(e.Message) diff --git a/samples/snippets/visualbasic/VS_Snippets_CLR/Cryptography.RSACSP.SignData2/VB/example.vb b/samples/snippets/visualbasic/VS_Snippets_CLR/Cryptography.RSACSP.SignData2/VB/example.vb index 0f8e406cee0..dc6d13a1c91 100644 --- a/samples/snippets/visualbasic/VS_Snippets_CLR/Cryptography.RSACSP.SignData2/VB/example.vb +++ b/samples/snippets/visualbasic/VS_Snippets_CLR/Cryptography.RSACSP.SignData2/VB/example.vb @@ -49,9 +49,9 @@ Module RSACSPExample RSAalg.ImportParameters(Key) - ' Hash and sign the data. Pass a new instance of SHA1CryptoServiceProvider - ' to specify the use of SHA1 for hashing. - Return RSAalg.SignData(DataToSign, New SHA1CryptoServiceProvider) + ' Hash and sign the data. Pass a new instance of SHA256 + ' to specify the hashing algorithm. + Return RSAalg.SignData(DataToSign, SHA256.Create()) Catch e As CryptographicException Console.WriteLine(e.Message) @@ -68,9 +68,9 @@ Module RSACSPExample RSAalg.ImportParameters(Key) - ' Verify the data using the signature. Pass a new instance of SHA1CryptoServiceProvider - ' to specify the use of SHA1 for hashing. - Return RSAalg.VerifyData(DataToVerify, New SHA1CryptoServiceProvider, SignedData) + ' Verify the data using the signature. Pass a new instance of SHA256 + ' to specify the hashing algorithm. + Return RSAalg.VerifyData(DataToVerify, SHA256.Create(), SignedData) Catch e As CryptographicException Console.WriteLine(e.Message) diff --git a/samples/snippets/visualbasic/VS_Snippets_CLR/Cryptography.RSACSP.SignData3/VB/example.vb b/samples/snippets/visualbasic/VS_Snippets_CLR/Cryptography.RSACSP.SignData3/VB/example.vb index 7444d1b6e26..80f94d15054 100644 --- a/samples/snippets/visualbasic/VS_Snippets_CLR/Cryptography.RSACSP.SignData3/VB/example.vb +++ b/samples/snippets/visualbasic/VS_Snippets_CLR/Cryptography.RSACSP.SignData3/VB/example.vb @@ -73,9 +73,9 @@ Module RSACSPExample RSAalg.ImportParameters(Key) - ' Hash and sign the data. Pass a new instance of SHA1CryptoServiceProvider - ' to specify the use of SHA1 for hashing. - Return RSAalg.SignData(DataStream, New SHA1CryptoServiceProvider) + ' Hash and sign the data. Pass a new instance of SHA256 + ' to specify the hashing algorithm. + Return RSAalg.SignData(DataStream, SHA256.Create()) Catch e As CryptographicException Console.WriteLine(e.Message) @@ -92,9 +92,9 @@ Module RSACSPExample RSAalg.ImportParameters(Key) - ' Verify the data using the signature. Pass a new instance of SHA1CryptoServiceProvider - ' to specify the use of SHA1 for hashing. - Return RSAalg.VerifyData(DataToVerify, New SHA1CryptoServiceProvider, SignedData) + ' Verify the data using the signature. Pass a new instance of SHA256 + ' to specify the hashing algorithm. + Return RSAalg.VerifyData(DataToVerify, SHA256.Create(), SignedData) Catch e As CryptographicException Console.WriteLine(e.Message) diff --git a/samples/snippets/visualbasic/VS_Snippets_CLR/Cryptography.SmartCardCSP/VB/example.vb b/samples/snippets/visualbasic/VS_Snippets_CLR/Cryptography.SmartCardCSP/VB/example.vb index 1839f7c432c..e1e685b04c2 100644 --- a/samples/snippets/visualbasic/VS_Snippets_CLR/Cryptography.SmartCardCSP/VB/example.vb +++ b/samples/snippets/visualbasic/VS_Snippets_CLR/Cryptography.SmartCardCSP/VB/example.vb @@ -29,12 +29,12 @@ Module SCSign Console.WriteLine("Data : " + BitConverter.ToString(data)) ' Sign the data using the Smart Card CryptoGraphic Provider. - Dim sig As Byte() = rsa.SignData(data, "SHA1") + Dim sig As Byte() = rsa.SignData(data, "SHA256") Console.WriteLine("Signature : " + BitConverter.ToString(sig)) ' Verify the data using the Smart Card CryptoGraphic Provider. - Dim verified As Boolean = rsa.VerifyData(data, "SHA1", sig) + Dim verified As Boolean = rsa.VerifyData(data, "SHA256", sig) Console.WriteLine("Verified") diff --git a/samples/snippets/visualbasic/VS_Snippets_CLR_Classic/classic HashAlgorithm Example/VB/source.vb b/samples/snippets/visualbasic/VS_Snippets_CLR_Classic/classic HashAlgorithm Example/VB/source.vb index 90f78742c4c..c5150fae203 100644 --- a/samples/snippets/visualbasic/VS_Snippets_CLR_Classic/classic HashAlgorithm Example/VB/source.vb +++ b/samples/snippets/visualbasic/VS_Snippets_CLR_Classic/classic HashAlgorithm Example/VB/source.vb @@ -8,7 +8,7 @@ Public Class Form1 Protected Sub Method() ' - Dim sha As New SHA1CryptoServiceProvider() + Dim sha As SHA256 = SHA256.Create() Dim result As Byte() = sha.ComputeHash(dataArray) ' End Sub diff --git a/samples/snippets/visualbasic/VS_Snippets_CLR_System/System.Security.Cryptography.RSACryptoServiceProvider ManualHash Example/VB/class1.vb b/samples/snippets/visualbasic/VS_Snippets_CLR_System/System.Security.Cryptography.RSACryptoServiceProvider ManualHash Example/VB/class1.vb index 73fd7e897a4..68603123d56 100644 --- a/samples/snippets/visualbasic/VS_Snippets_CLR_System/System.Security.Cryptography.RSACryptoServiceProvider ManualHash Example/VB/class1.vb +++ b/samples/snippets/visualbasic/VS_Snippets_CLR_System/System.Security.Cryptography.RSACryptoServiceProvider ManualHash Example/VB/class1.vb @@ -1,4 +1,6 @@ ' +' This example uses the SHA1 algorithm. +' Due to collision problems with SHA1, Microsoft recommends SHA256 or better. Imports System.Text Imports System.Security.Cryptography diff --git a/samples/snippets/visualbasic/VS_Snippets_CLR_System/system.CodeDom.CodeDirectives/VB/codedirective.vb b/samples/snippets/visualbasic/VS_Snippets_CLR_System/system.CodeDom.CodeDirectives/VB/codedirective.vb index 77561912545..353fe0965e8 100644 --- a/samples/snippets/visualbasic/VS_Snippets_CLR_System/system.CodeDom.CodeDirectives/VB/codedirective.vb +++ b/samples/snippets/visualbasic/VS_Snippets_CLR_System/system.CodeDom.CodeDirectives/VB/codedirective.vb @@ -71,6 +71,8 @@ Class CodeDirectiveDemo End Sub + ' This example uses the SHA1 and MD5 algorithms. + ' Due to collision problems with SHA1 and MD5, Microsoft recommends SHA256 or better. Private Shared HashMD5 As New Guid(&H406EA660, &H64CF, &H4C82, &HB6, &HF0, &H42, &HD4, &H81, &H72, &HA7, &H99) Private Shared HashSHA1 As New Guid(&HFF1816EC, &H65FF, &H4D10, &H87, &HF7, &H6F, &H49, &H63, &H83, &H34, &H60) diff --git a/samples/snippets/visualbasic/VS_Snippets_CLR_System/system.Security.Cryptography.AsymmetricAlgorithm/VB/customcrypto.vb b/samples/snippets/visualbasic/VS_Snippets_CLR_System/system.Security.Cryptography.AsymmetricAlgorithm/VB/customcrypto.vb index c7b0e344096..2215ff5f1f6 100644 --- a/samples/snippets/visualbasic/VS_Snippets_CLR_System/system.Security.Cryptography.AsymmetricAlgorithm/VB/customcrypto.vb +++ b/samples/snippets/visualbasic/VS_Snippets_CLR_System/system.Security.Cryptography.AsymmetricAlgorithm/VB/customcrypto.vb @@ -181,6 +181,8 @@ Namespace Contoso ' Retrieves the name of the signature alogrithm. ' + ' This example uses the SHA1 algorithm. + ' Due to collision problems with SHA1, Microsoft recommends SHA256 or better. Public Overrides ReadOnly Property SignatureAlgorithm() As String Get Return "http://www.w3.org/2000/09/xmldsig#rsa-sha1" diff --git a/samples/snippets/visualbasic/VS_Snippets_CLR_System/system.Security.Cryptography.CryptoConfig/VB/members.vb b/samples/snippets/visualbasic/VS_Snippets_CLR_System/system.Security.Cryptography.CryptoConfig/VB/members.vb index 73129c16e04..5cc5d001666 100644 --- a/samples/snippets/visualbasic/VS_Snippets_CLR_System/system.Security.Cryptography.CryptoConfig/VB/members.vb +++ b/samples/snippets/visualbasic/VS_Snippets_CLR_System/system.Security.Cryptography.CryptoConfig/VB/members.vb @@ -25,6 +25,8 @@ Public Class Form1 ' Create a new SHA1 provider. ' + ' This example uses the SHA1 algorithm. + ' Due to collision problems with SHA1, Microsoft recommends SHA256 or better. Dim SHA1alg As SHA1CryptoServiceProvider SHA1alg = CType( _ cryptoConfig.CreateFromName("SHA1"), SHA1CryptoServiceProvider) @@ -47,11 +49,15 @@ Public Class Form1 ' Use the MapNameToOID method to get an object identifier. ' ' (OID) from the string name of the SHA1 algorithm. + ' This example uses the SHA1 algorithm. + ' Due to collision problems with SHA1, Microsoft recommends SHA256 or better. Dim sha1Oid As String = cryptoConfig.MapNameToOID("SHA1") ' ' Encode the specified object identifier. ' + ' This example uses the SHA1 algorithm. + ' Due to collision problems with SHA1, Microsoft recommends SHA256 or better. Dim encodedMessage() As Byte = cryptoConfig.EncodeOID(sha1Oid) ' diff --git a/samples/snippets/visualbasic/VS_Snippets_CLR_System/system.Security.Cryptography.MaskGenerationMethod/VB/maskgenerator.vb b/samples/snippets/visualbasic/VS_Snippets_CLR_System/system.Security.Cryptography.MaskGenerationMethod/VB/maskgenerator.vb index 2ece3404ba5..172f1bafadd 100644 --- a/samples/snippets/visualbasic/VS_Snippets_CLR_System/system.Security.Cryptography.MaskGenerationMethod/VB/maskgenerator.vb +++ b/samples/snippets/visualbasic/VS_Snippets_CLR_System/system.Security.Cryptography.MaskGenerationMethod/VB/maskgenerator.vb @@ -8,9 +8,9 @@ Public Class MaskGenerator Private HashNameValue As String - ' Initialize a mask to encrypt using the SHA1 algorithm. + ' Initialize a mask to encrypt using the SHA256 algorithm. Public Sub New() - HashNameValue = "SHA1" + HashNameValue = "SHA256" End Sub ' diff --git a/samples/snippets/visualbasic/VS_Snippets_Remoting/Classic HttpWebRequest.ConnectionGroupName Example/VB/source.vb b/samples/snippets/visualbasic/VS_Snippets_Remoting/Classic HttpWebRequest.ConnectionGroupName Example/VB/source.vb index 3d91c3c9e00..2ed3a6ec804 100644 --- a/samples/snippets/visualbasic/VS_Snippets_Remoting/Classic HttpWebRequest.ConnectionGroupName Example/VB/source.vb +++ b/samples/snippets/visualbasic/VS_Snippets_Remoting/Classic HttpWebRequest.ConnectionGroupName Example/VB/source.vb @@ -17,6 +17,8 @@ Public Class TestClass Overloads Public Shared Function Main(args() As [String]) As Integer ' ' Create a secure group name. + ' This example uses the SHA1 algorithm. + ' Due to collision problems with SHA1, Microsoft recommends SHA256 or better. Dim Sha1 As New SHA1Managed() Dim updHash As [Byte]() = Sha1.ComputeHash(Encoding.UTF8.GetBytes(("username" + "password" + "domain"))) Dim secureGroupName As [String] = Encoding.Default.GetString(updHash) diff --git a/samples/snippets/visualbasic/VS_Snippets_VBCSharp/VbVbalrMyUser/VB/SampleIIdentity.vb b/samples/snippets/visualbasic/VS_Snippets_VBCSharp/VbVbalrMyUser/VB/SampleIIdentity.vb index 3a24e668c71..f30eafebf32 100644 --- a/samples/snippets/visualbasic/VS_Snippets_VBCSharp/VbVbalrMyUser/VB/SampleIIdentity.vb +++ b/samples/snippets/visualbasic/VS_Snippets_VBCSharp/VbVbalrMyUser/VB/SampleIIdentity.vb @@ -70,9 +70,9 @@ Public Class SampleIIdentity Dim rawSalted As String = salt & Trim(password) Dim saltedPwBytes() As Byte = System.Text.Encoding.Unicode.GetBytes(rawSalted) - Dim sha1 As New System.Security.Cryptography. - SHA1CryptoServiceProvider - Dim hashedPwBytes() As Byte = sha1.ComputeHash(saltedPwBytes) + Dim sha256 As System.Security.Cryptography.SHA256 = + System.Security.Cryptography.SHA256.Create() + Dim hashedPwBytes() As Byte = sha256.ComputeHash(saltedPwBytes) Dim hashedPw As String = Convert.ToBase64String(hashedPwBytes) ' Compare the hashed password with the stored password. diff --git a/samples/snippets/visualbasic/VS_Snippets_VBCSharp/VbVbalrStrings/VB/Class3.vb b/samples/snippets/visualbasic/VS_Snippets_VBCSharp/VbVbalrStrings/VB/Class3.vb index 74adb3a3a3f..53366a8824b 100644 --- a/samples/snippets/visualbasic/VS_Snippets_VBCSharp/VbVbalrStrings/VB/Class3.vb +++ b/samples/snippets/visualbasic/VS_Snippets_VBCSharp/VbVbalrStrings/VB/Class3.vb @@ -80,12 +80,12 @@ Class Class1f51e40a2f8843e2a83e28a0b5c0d6fd ByVal key As String, ByVal length As Integer) As Byte() - Dim sha1 As New SHA1CryptoServiceProvider + Dim sha256 As SHA256 = SHA256.Create() ' Hash the key. - Dim keyBytes() As Byte = + Dim keyBytes() As Byte = System.Text.Encoding.Unicode.GetBytes(key) - Dim hash() As Byte = sha1.ComputeHash(keyBytes) + Dim hash() As Byte = sha256.ComputeHash(keyBytes) ' Truncate or pad the hash. ReDim Preserve hash(length - 1) diff --git a/samples/snippets/visualbasic/VS_Snippets_WebNet/System.Web.Configuration.FormsAuthenticationCredentials/VB/formsauthenticationcredentials.vb b/samples/snippets/visualbasic/VS_Snippets_WebNet/System.Web.Configuration.FormsAuthenticationCredentials/VB/formsauthenticationcredentials.vb index 6e0319f6edf..2afbaf130bf 100644 --- a/samples/snippets/visualbasic/VS_Snippets_WebNet/System.Web.Configuration.FormsAuthenticationCredentials/VB/formsauthenticationcredentials.vb +++ b/samples/snippets/visualbasic/VS_Snippets_WebNet/System.Web.Configuration.FormsAuthenticationCredentials/VB/formsauthenticationcredentials.vb @@ -50,6 +50,8 @@ Class UsingFormsAuthenticationCredentials ' Set the PasswordFormat property value. + ' This example uses the SHA1 algorithm. + ' Due to collision problems with SHA1, Microsoft recommends SHA256 or better. formsAuthenticationCredentials.PasswordFormat = _ FormsAuthPasswordFormat.SHA1 @@ -76,6 +78,8 @@ Class UsingFormsAuthenticationCredentials ' ' Using method Add. ' Define the SHA1 encrypted password. + ' This example uses the SHA1 algorithm. + ' Due to collision problems with SHA1, Microsoft recommends SHA256 or better. Dim password As String = _ "5BAA61E4C9B93F3F0682250B6CF8331B7EE68FD8" ' Define the user name. diff --git a/samples/snippets/visualbasic/VS_Snippets_WebNet/System.Web.Configuration.FormsAuthenticationUser/VB/formsauthenticationuser.vb b/samples/snippets/visualbasic/VS_Snippets_WebNet/System.Web.Configuration.FormsAuthenticationUser/VB/formsauthenticationuser.vb index e73c66a4dfe..e454cfa5f11 100644 --- a/samples/snippets/visualbasic/VS_Snippets_WebNet/System.Web.Configuration.FormsAuthenticationUser/VB/formsauthenticationuser.vb +++ b/samples/snippets/visualbasic/VS_Snippets_WebNet/System.Web.Configuration.FormsAuthenticationUser/VB/formsauthenticationuser.vb @@ -51,6 +51,8 @@ Class UsingFormsAuthenticationUser formsAuthenticationUsers(0).Password ' Set a SHA1 encrypted password. + ' This example uses the SHA1 algorithm. + ' Due to collision problems with SHA1, Microsoft recommends SHA256 or better. formsAuthenticationUsers(0).Password = _ "5BAA61E4C9B93F3F0682250B6CF8331B7EE68FD8" diff --git a/samples/snippets/visualbasic/VS_Snippets_WebNet/System.Web.Configuration.MachineKeySection/VB/machinekeysection.vb b/samples/snippets/visualbasic/VS_Snippets_WebNet/System.Web.Configuration.MachineKeySection/VB/machinekeysection.vb index 71ddd4f4c05..9c4ff511d1e 100644 --- a/samples/snippets/visualbasic/VS_Snippets_WebNet/System.Web.Configuration.MachineKeySection/VB/machinekeysection.vb +++ b/samples/snippets/visualbasic/VS_Snippets_WebNet/System.Web.Configuration.MachineKeySection/VB/machinekeysection.vb @@ -53,7 +53,7 @@ Namespace Samples.Aspnet.SystemWebConfiguration ' ' Set Validation value. - configSection.Validation = MachineKeyValidation.SHA1 + configSection.Validation = MachineKeyValidation.HMACSHA256 ' ' Update if not locked. diff --git a/samples/snippets/visualbasic/VS_Snippets_WebNet/System.Web.Configuration.MembershipSection/VB/MembershipSection.vb b/samples/snippets/visualbasic/VS_Snippets_WebNet/System.Web.Configuration.MembershipSection/VB/MembershipSection.vb index 77aaea635c1..82d2ec4aa3f 100644 --- a/samples/snippets/visualbasic/VS_Snippets_WebNet/System.Web.Configuration.MembershipSection/VB/MembershipSection.vb +++ b/samples/snippets/visualbasic/VS_Snippets_WebNet/System.Web.Configuration.MembershipSection/VB/MembershipSection.vb @@ -49,7 +49,7 @@ Namespace Samples.Aspnet.SystemWebConfiguration ' Set HashAlgorithmType value. configSection.HashAlgorithmType = _ - MachineKeyValidation.SHA1.ToString() + MachineKeyValidation.HMACSHA256.ToString() ' ' Display UserIsOnlineTimeWindow value.