dotnet · danmoseley · Mar 26, 2021 · Mar 23, 2021 · Mar 23, 2021 · Mar 24, 2021
diff --git a/.config/CredScanSuppressions.json b/.config/CredScanSuppressions.json
@@ -1,12 +1,6 @@
 {
     "tool": "Credential Scanner",
     "suppressions": [
-        {
-            "_justification": "Unit test containing connection strings under the test.",
-            "file": [
-                "src/libraries/System.Data.Common/tests/System/Data/Common/DbConnectionStringBuilderTest.cs"
-            ]
-        },
         {
             "_justification": "Private key for testing purpose.",
             "file": [
@@ -19,58 +13,6 @@
                 "-----BEGIN PRIVATE KEY-----",
                 "-----BEGIN * PRIVATE KEY-----"
             ]
-        },
-        {
-            "_justification": "Test credential for Uri testing",
-            "file": [
-                "src/libraries/System.Net.Http/tests/UnitTests/HttpEnvironmentProxyTest.cs",
-                "src/libraries/System.Private.Uri/tests/ExtendedFunctionalTests/UriRelativeResolutionTest.cs",
-                "src/libraries/System.Private.Uri/tests/FunctionalTests/UriBuilderRefreshTest.cs",
-                "src/libraries/System.Private.Uri/tests/FunctionalTests/UriBuilderTests.cs",
-                "src/libraries/System.Private.Uri/tests/FunctionalTests/UriRelativeResolutionTest.cs",
-                "src/libraries/System.Runtime/tests/System/Uri.CreateStringTests.cs"
-            ],
-            "placeholder": [
-                "//*:;&$=123USERINFO@",
-                "//*:bar@",
-                "//*:bar1@",
-                "//*:password1@",
-                "//*:psw@",
-                "//*:userinfo2@"
-            ]
-        },
-        {
-            "_justification": "Generic test password.",
-            "file": [
-                "src/libraries/Common/tests/System/Net/Configuration.Certificates.cs",
-                "src/libraries/Common/tests/System/Net/Http/HttpClientHandlerTest.Authentication.cs",
-                "src/libraries/Common/tests/System/Net/Http/HttpClientHandlerTest.cs",
-                "src/libraries/Common/tests/System/Net/Http/HttpClientHandlerTest.DefaultProxyCredentials.cs",
-                "src/libraries/Common/tests/System/Net/Http/PostScenarioTest.cs",
-                "src/libraries/Common/tests/System/Net/Prerequisites/Deployment/setup_certificates.ps1",
-                "src/libraries/System.Net.Http/tests/FunctionalTests/SocketsHttpHandlerTest.cs",
-                "src/libraries/System.Net.Http/tests/UnitTests/DigestAuthenticationTests.cs",
-                "src/libraries/System.Net.Http/tests/UnitTests/HttpEnvironmentProxyTest.cs",
-                "src/libraries/System.Net.Mail/tests/Functional/SmtpClientTest.cs",
-                "src/libraries/System.Security.Cryptography.Xml/tests/SignedXmlTest.cs",
-                "src/libraries/System.Security.Cryptography.Xml/tests/TestHelpers.cs",
-                "src/libraries/System.Security.Cryptography.Csp/tests/PasswordDeriveBytesTests.cs",
-                "src/libraries/System.Security.Cryptography.Csp/tests/TrimmingTests/PasswordDeriveBytesTest.cs",
-                "src/libraries/System.Security.Cryptography.Algorithms/tests/Rfc2898OneShotTests.cs"
-            ],
-            "placeholder": [
-                "\"anotherpassword\"",
-                "\"bar\"",
-                "\"mono\"",
-                "\"password1\"",
-                "\"rightpassword\"",
-                "\"testcertificate\"",
-                "\"unused\"",
-                "\"wrongpassword\"",
-                "\"PasswordGoesHere\"",
-                "\"FakePasswordsAreHard\"",
-                "\"tired\""
-            ]
         }
     ]
 }
diff --git a/eng/Versions.props b/eng/Versions.props
@@ -111,7 +111,7 @@
     <SystemDrawingCommonTestDataVersion>6.0.0-beta.21162.1</SystemDrawingCommonTestDataVersion>
     <SystemIOCompressionTestDataVersion>6.0.0-beta.21162.1</SystemIOCompressionTestDataVersion>
     <SystemIOPackagingTestDataVersion>6.0.0-beta.21162.1</SystemIOPackagingTestDataVersion>
-    <SystemNetTestDataVersion>6.0.0-beta.21162.1</SystemNetTestDataVersion>
+    <SystemNetTestDataVersion>6.0.0-beta.21174.2</SystemNetTestDataVersion>
     <SystemPrivateRuntimeUnicodeDataVersion>6.0.0-beta.21162.1</SystemPrivateRuntimeUnicodeDataVersion>
     <SystemRuntimeTimeZoneDataVersion>6.0.0-beta.21162.1</SystemRuntimeTimeZoneDataVersion>
     <SystemSecurityCryptographyX509CertificatesTestDataVersion>6.0.0-beta.21162.1</SystemSecurityCryptographyX509CertificatesTestDataVersion>

diff --git a/src/libraries/Common/tests/System/Net/Configuration.Certificates.cs b/src/libraries/Common/tests/System/Net/Configuration.Certificates.cs
@@ -16,8 +16,8 @@ public static partial class Configuration
     {
         public static partial class Certificates
         {
-            private const string CertificatePassword = "testcertificate";
-            private const string TestDataFolder = "TestData";
+            private const string CertificatePassword = "PLACEHOLDER";
+            private const string TestDataFolder = "TestDataCertificates";
             private const int MutexTimeoutMs = 120_000;
 
             private static readonly X509Certificate2 s_serverCertificate;

diff --git a/src/libraries/Common/tests/System/Net/Http/HttpClientHandlerTest.cs b/src/libraries/Common/tests/System/Net/Http/HttpClientHandlerTest.cs
@@ -306,7 +306,7 @@ public async Task GetAsync_ServerNeedsNonStandardAuthAndSetCredential_StatusCode
             await LoopbackServerFactory.CreateServerAsync(async (server, url) =>
             {
                 HttpClientHandler handler = CreateHttpClientHandler();
-                handler.Credentials = new NetworkCredential("unused", "unused");
+                handler.Credentials = new NetworkCredential("unused", "PLACEHOLDER");
                 using (HttpClient client = CreateHttpClient(handler))
                 {
                     Task<HttpResponseMessage> getResponseTask = client.GetAsync(url);

diff --git a/src/libraries/Common/tests/System/Net/Http/PostScenarioTest.cs b/src/libraries/Common/tests/System/Net/Http/PostScenarioTest.cs
@@ -23,7 +23,7 @@ public abstract class PostScenarioTest : HttpClientHandlerTestBase
     {
         private const string ExpectedContent = "Test contest";
         private const string UserName = "user1";
-        private const string Password = "password1";
+        private const string Password = "PLACEHOLDER";
 
         public PostScenarioTest(ITestOutputHelper output) : base(output) { }
 

diff --git a/src/libraries/Common/tests/System/Net/Prerequisites/Deployment/setup_certificates.ps1 b/src/libraries/Common/tests/System/Net/Prerequisites/Deployment/setup_certificates.ps1
@@ -5,15 +5,15 @@
 
 # Certificate configuration
 
-$script:testDataUri = "https://github.com/dotnet/runtime-assets/archive/master.zip" 
+$script:testDataUri = "https://github.com/dotnet/runtime-assets/archive/main.zip" 
 $script:testData = "runtime-assets"
-$script:certificatePath = "$($script:testData)\runtime-assets-master\System.Net.TestData"
+$script:certificatePath = "$($script:testData)\src\System.Net.TestData\TestDataCertificates"
 
 $script:clientPrivateKeyPath = Join-Path $script:certificatePath "testclient1_at_contoso.com.pfx"
-$script:clientPrivateKeyPassword = "testcertificate"
+$script:clientPrivateKeyPassword = "PLACEHOLDER"
 
 $script:serverPrivateKeyPath = Join-Path $script:certificatePath "contoso.com.pfx"
-$script:serverPrivateKeyPassword = "testcertificate"
+$script:serverPrivateKeyPassword = "PLACEHOLDER"
 
 Function GetFullPath($relativePath)
 {

diff --git a/src/libraries/System.Data.Common/tests/System/Data/Common/DbConnectionStringBuilderTest.cs b/src/libraries/System.Data.Common/tests/System/Data/Common/DbConnectionStringBuilderTest.cs
@@ -1691,17 +1691,17 @@ public void EmbeddedCharTest1()
 
             sb["Data Source"] = "testdb";
             sb["User ID"] = "someuser";
-            sb["Password"] = "abcdef";
-            Assert.Equal("Data Source=testdb;User ID=someuser;Password=abcdef",
+            sb["Password"] = "PLACEHOLDER";
+            Assert.Equal("Data Source=testdb;User ID=someuser;Password=PLACEHOLDER",
                 sb.ConnectionString);
 
-            sb["Password"] = "abcdef#";
-            Assert.Equal("Data Source=testdb;User ID=someuser;Password=abcdef#",
+            sb["Password"] = "PLACEHOLDER#";
+            Assert.Equal("Data Source=testdb;User ID=someuser;Password=PLACEHOLDER#",
                 sb.ConnectionString);
 
             // an embedded single-quote value will result in the value being delimieted with double quotes
-            sb["Password"] = "abc\'def";
-            Assert.Equal("Data Source=testdb;User ID=someuser;Password=\"abc\'def\"",
+            sb["Password"] = "PLACEHOLDER\'def";
+            Assert.Equal("Data Source=testdb;User ID=someuser;Password=\"PLACEHOLDER\'def\"",
                 sb.ConnectionString);
 
             // an embedded double-quote value will result in the value being delimieted with single quotes
@@ -1717,39 +1717,39 @@ public void EmbeddedCharTest1()
                 sb.ConnectionString);
 
             sb = new DbConnectionStringBuilder();
-            sb["PASSWORD"] = "abcdef1";
+            sb["PASSWORD"] = "PLACEHOLDERabcdef1";
             sb["user id"] = "someuser";
             sb["Data Source"] = "testdb";
-            Assert.Equal("PASSWORD=abcdef1;user id=someuser;Data Source=testdb",
+            Assert.Equal("PASSWORD=PLACEHOLDERabcdef1;user id=someuser;Data Source=testdb",
                 sb.ConnectionString);
 
             // case is preserved for a keyword that was added the first time
             sb = new DbConnectionStringBuilder();
-            sb["PassWord"] = "abcdef2";
+            sb["PassWord"] = "PLACEHOLDERabcdef2";
             sb["uSER iD"] = "someuser";
             sb["DaTa SoUrCe"] = "testdb";
-            Assert.Equal("PassWord=abcdef2;uSER iD=someuser;DaTa SoUrCe=testdb",
+            Assert.Equal("PassWord=PLACEHOLDERabcdef2;uSER iD=someuser;DaTa SoUrCe=testdb",
                 sb.ConnectionString);
-            sb["passWORD"] = "abc123";
-            Assert.Equal("PassWord=abc123;uSER iD=someuser;DaTa SoUrCe=testdb",
+            sb["passWORD"] = "PLACEHOLDERabc123";
+            Assert.Equal("PassWord=PLACEHOLDERabc123;uSER iD=someuser;DaTa SoUrCe=testdb",
                 sb.ConnectionString);
 
             // embedded equal sign in the value will cause the value to be
             // delimited with double-quotes
             sb = new DbConnectionStringBuilder();
-            sb["Password"] = "abc=def";
+            sb["Password"] = "PLACEHOLDER=def";
             sb["Data Source"] = "testdb";
             sb["User ID"] = "someuser";
-            Assert.Equal("Password=\"abc=def\";Data Source=testdb;User ID=someuser",
+            Assert.Equal("Password=\"PLACEHOLDER=def\";Data Source=testdb;User ID=someuser",
                 sb.ConnectionString);
 
             // embedded semicolon in the value will cause the value to be
             // delimited with double-quotes
             sb = new DbConnectionStringBuilder();
-            sb["Password"] = "abc;def";
+            sb["Password"] = "PLACEHOLDER;def";
             sb["Data Source"] = "testdb";
             sb["User ID"] = "someuser";
-            Assert.Equal("Password=\"abc;def\";Data Source=testdb;User ID=someuser",
+            Assert.Equal("Password=\"PLACEHOLDER;def\";Data Source=testdb;User ID=someuser",
                 sb.ConnectionString);
 
             // more right parentheses then left parentheses - happily takes it
@@ -1866,32 +1866,32 @@ public void EmbeddedCharTest3()
             DbConnectionStringBuilder sb;
 
             sb = new DbConnectionStringBuilder();
-            sb.ConnectionString = "User ID=SCOTT;Password=TiGeR;Data Source=" + dataSource;
+            sb.ConnectionString = "User ID=SCOTT;Password=PLACEHOLDER;Data Source=" + dataSource;
             Assert.Equal(dataSource, sb["Data Source"]);
             Assert.Equal("SCOTT", sb["User ID"]);
-            Assert.Equal("TiGeR", sb["Password"]);
+            Assert.Equal("PLACEHOLDER", sb["Password"]);
             Assert.Equal(
-                "user id=SCOTT;password=TiGeR;data source=\"(DESCRIPTION=(ADDRESS=(PROTOCOL=" +
+                "user id=SCOTT;password=PLACEHOLDER;data source=\"(DESCRIPTION=(ADDRESS=(PROTOCOL=" +
                 "TCP)(HOST=192.168.1.101)(PORT=1521))(CONNECT_DATA=(SERVER=DEDICATED)" +
                 "(SERVICE_NAME=TESTDB)))\"", sb.ConnectionString);
 
             sb = new DbConnectionStringBuilder(false);
-            sb.ConnectionString = "User ID=SCOTT;Password=TiGeR;Data Source=" + dataSource;
+            sb.ConnectionString = "User ID=SCOTT;Password=PLACEHOLDER;Data Source=" + dataSource;
             Assert.Equal(dataSource, sb["Data Source"]);
             Assert.Equal("SCOTT", sb["User ID"]);
-            Assert.Equal("TiGeR", sb["Password"]);
+            Assert.Equal("PLACEHOLDER", sb["Password"]);
             Assert.Equal(
-                "user id=SCOTT;password=TiGeR;data source=\"(DESCRIPTION=(ADDRESS=(PROTOCOL=" +
+                "user id=SCOTT;password=PLACEHOLDER;data source=\"(DESCRIPTION=(ADDRESS=(PROTOCOL=" +
                 "TCP)(HOST=192.168.1.101)(PORT=1521))(CONNECT_DATA=(SERVER=DEDICATED)" +
                 "(SERVICE_NAME=TESTDB)))\"", sb.ConnectionString);
 
             sb = new DbConnectionStringBuilder(true);
-            sb.ConnectionString = "User ID=SCOTT;Password=TiGeR;Data Source=" + dataSource;
+            sb.ConnectionString = "User ID=SCOTT;Password=PLACEHOLDER;Data Source=" + dataSource;
             Assert.Equal(dataSource, sb["Data Source"]);
             Assert.Equal("SCOTT", sb["User ID"]);
-            Assert.Equal("TiGeR", sb["Password"]);
+            Assert.Equal("PLACEHOLDER", sb["Password"]);
             Assert.Equal(
-                "user id=SCOTT;password=TiGeR;data source=(DESCRIPTION=(ADDRESS=(PROTOCOL=" +
+                "user id=SCOTT;password=PLACEHOLDER;data source=(DESCRIPTION=(ADDRESS=(PROTOCOL=" +
                 "TCP)(HOST=192.168.1.101)(PORT=1521))(CONNECT_DATA=(SERVER=DEDICATED)" +
                 "(SERVICE_NAME=TESTDB)))", sb.ConnectionString);
         }
@@ -1902,24 +1902,24 @@ public void EmbeddedCharTest4()
             DbConnectionStringBuilder sb;
 
             sb = new DbConnectionStringBuilder();
-            sb.ConnectionString = "PassWord=abcdef2;uSER iD=someuser;DaTa SoUrCe=testdb";
+            sb.ConnectionString = "PassWord=PLACEHOLDER;uSER iD=someuser;DaTa SoUrCe=testdb";
             sb["Integrated Security"] = "False";
             Assert.Equal(
-                "password=abcdef2;user id=someuser;data source=testdb;Integrated Security=False",
+                "password=PLACEHOLDER;uSER id=someuser;data source=testdb;Integrated Security=False",
                 sb.ConnectionString);
 
             sb = new DbConnectionStringBuilder(false);
-            sb.ConnectionString = "PassWord=abcdef2;uSER iD=someuser;DaTa SoUrCe=testdb";
+            sb.ConnectionString = "PassWord=PLACEHOLDER;uSER iD=someuser;DaTa SoUrCe=testdb";
             sb["Integrated Security"] = "False";
             Assert.Equal(
-                "password=abcdef2;user id=someuser;data source=testdb;Integrated Security=False",
+                "password=PLACEHOLDER;uSER id=someuser;data source=testdb;Integrated Security=False",
                 sb.ConnectionString);
 
             sb = new DbConnectionStringBuilder(true);
-            sb.ConnectionString = "PassWord=abcdef2;uSER iD=someuser;DaTa SoUrCe=testdb";
+            sb.ConnectionString = "PassWord=PLACEHOLDER;uSER iD=someuser;DaTa SoUrCe=testdb";
             sb["Integrated Security"] = "False";
             Assert.Equal(
-                "password=abcdef2;user id=someuser;data source=testdb;Integrated Security=False",
+                "password=PLACEHOLDER;uSER id=someuser;data source=testdb;Integrated Security=False",
                 sb.ConnectionString);
         }
 

diff --git a/src/libraries/System.Net.Http/tests/UnitTests/Headers/CacheControlHeaderValueTest.cs b/src/libraries/System.Net.Http/tests/UnitTests/Headers/CacheControlHeaderValueTest.cs
@@ -457,12 +457,12 @@ public void GetCacheControlLength_DifferentValidScenariosAndNoExistingCacheContr
             expected = new CacheControlHeaderValue();
             expected.Public = true;
             expected.Private = true;
-            expected.PrivateHeaders.Add("token1");
+            expected.PrivateHeaders.Add("PLACEHOLDER");
             expected.MustRevalidate = true;
             expected.ProxyRevalidate = true;
             expected.Extensions.Add(new NameValueHeaderValue("c", "d"));
             expected.Extensions.Add(new NameValueHeaderValue("a", "b"));
-            CheckGetCacheControlLength(",public, , private=\"token1\", must-revalidate, c=d, proxy-revalidate, a=b", 0,
+            CheckGetCacheControlLength(",public, , private=\"PLACEHOLDER\", must-revalidate, c=d, proxy-revalidate, a=b", 0,
                 null, 72, expected);
 
             expected = new CacheControlHeaderValue();
@@ -491,11 +491,11 @@ public void GetCacheControlLength_DifferentValidScenariosAndExistingCacheControl
             expected = new CacheControlHeaderValue();
             expected.Private = true;
             expected.PrivateHeaders.Add("token1");
-            expected.PrivateHeaders.Add("token2");
+            expected.PrivateHeaders.Add("PLACEHOLDER");
             expected.NoCache = true;
             expected.NoCacheHeaders.Add("token1");
             expected.NoCacheHeaders.Add("token2");
-            CheckGetCacheControlLength("private=\"token2\", no-cache=\"token1, , token2,\"", 0, storeValue, 46,
+            CheckGetCacheControlLength("private=\"PLACEHOLDER\", no-cache=\"token1, , token2,\"", 0, storeValue, 46,
                 expected);
 
             storeValue = new CacheControlHeaderValue();
@@ -505,15 +505,15 @@ public void GetCacheControlLength_DifferentValidScenariosAndExistingCacheControl
             expected = new CacheControlHeaderValue();
             expected.Public = true;
             expected.Private = true;
-            expected.PrivateHeaders.Add("token1");
+            expected.PrivateHeaders.Add("PLACEHOLDER");
             expected.MustRevalidate = true;
             expected.ProxyRevalidate = true;
             expected.NoTransform = true;
             expected.OnlyIfCached = true;
             expected.Extensions.Add(new NameValueHeaderValue("a", "\"b\""));
             expected.Extensions.Add(new NameValueHeaderValue("c", "d"));
             expected.Extensions.Add(new NameValueHeaderValue("x", "y")); // from store result
-            CheckGetCacheControlLength(",public, , private=\"token1\", must-revalidate, c=d, proxy-revalidate, a=\"b\"",
+            CheckGetCacheControlLength(",public, , private=\"PLACEHOLDER\", must-revalidate, c=d, proxy-revalidate, a=\"b\"",
                 0, storeValue, 74, expected);
 
             storeValue = new CacheControlHeaderValue();