Check type name for known value before getting type

Author: JamesNK

src/DataProtection/DataProtection/src/Internal/DefaultTypeNameResolver.cs

@@ -0,0 +1,34 @@
+// Licensed to the .NET Foundation under one or more agreements.
+// The .NET Foundation licenses this file to you under the MIT license.
+
+using System;
+using System.Diagnostics.CodeAnalysis;
+
+namespace Microsoft.AspNetCore.DataProtection.Internal;
+
+internal sealed class DefaultTypeNameResolver : ITypeNameResolver
+{
+    public static readonly DefaultTypeNameResolver Instance = new();
+
+    private DefaultTypeNameResolver()
+    {
+    }
+
+    [UnconditionalSuppressMessage("Trimmer", "IL2057", Justification = "Type.GetType is only used to resolve statically known types that are referenced by DataProtection assembly.")]
+    public bool TryResolveType(string typeName, [NotNullWhen(true)] out Type? type)
+    {
+        try
+        {
+            // Some exceptions are thrown regardless of the value of throwOnError.
+            // For example, if the type is found but cannot be loaded,
+            // a System.TypeLoadException is thrown even if throwOnError is false.
+            type = Type.GetType(typeName, throwOnError: false);
+            return type != null;
+        }
+        catch
+        {
+            type = null;
+            return false;
+        }
+    }
+}

src/DataProtection/DataProtection/src/Internal/ITypeNameResolver.cs

@@ -0,0 +1,12 @@
+// Licensed to the .NET Foundation under one or more agreements.
+// The .NET Foundation licenses this file to you under the MIT license.
+
+using System;
+using System.Diagnostics.CodeAnalysis;
+
+namespace Microsoft.AspNetCore.DataProtection.Internal;
+
+internal interface ITypeNameResolver
+{
+    bool TryResolveType(string typeName, [NotNullWhen(true)] out Type? type);
+}

src/DataProtection/DataProtection/src/KeyManagement/XmlKeyManager.cs

@@ -49,6 +49,7 @@ public sealed class XmlKeyManager : IKeyManager, IInternalXmlKeyManager
     private const string RevokeAllKeysValue = "*";
 
     private readonly IActivator _activator;
+    private readonly ITypeNameResolver _typeNameResolver;
     private readonly AlgorithmConfiguration _authenticatedEncryptorConfiguration;
     private readonly IKeyEscrowSink? _keyEscrowSink;
     private readonly IInternalXmlKeyManager _internalKeyManager;
@@ -112,6 +113,7 @@ internal XmlKeyManager(
         var escrowSinks = keyManagementOptions.Value.KeyEscrowSinks;
         _keyEscrowSink = escrowSinks.Count > 0 ? new AggregateKeyEscrowSink(escrowSinks) : null;
         _activator = activator;
+        _typeNameResolver = activator as ITypeNameResolver ?? DefaultTypeNameResolver.Instance;
         TriggerAndResetCacheExpirationToken(suppressLogging: true);
         _internalKeyManager = _internalKeyManager ?? this;
         _encryptorFactories = keyManagementOptions.Value.AuthenticatedEncryptorFactories;
@@ -466,24 +468,25 @@ IAuthenticatedEncryptorDescriptor IInternalXmlKeyManager.DeserializeDescriptorFr
     [UnconditionalSuppressMessage("Trimmer", "IL2057", Justification = "Type.GetType result is only useful with types that are referenced by DataProtection assembly.")]
     private IAuthenticatedEncryptorDescriptorDeserializer CreateDeserializer(string descriptorDeserializerTypeName)
     {
-        if (_activator is ITypeForwardingActivator forwardingActivator && forwardingActivator.TryForwardType(descriptorDeserializerTypeName, out var type))
+        var resolvedTypeName = TypeForwardingActivator.TryForwardTypeName(descriptorDeserializerTypeName, out var forwardedTypeName)
+            ? forwardedTypeName
+            : descriptorDeserializerTypeName;
+
+        if (TypeExtensions.MatchType(resolvedTypeName, _typeNameResolver, typeof(AuthenticatedEncryptorDescriptorDeserializer)))
         {
-            if (type == typeof(AuthenticatedEncryptorDescriptorDeserializer))
-            {
-                return _activator.CreateInstance<AuthenticatedEncryptorDescriptorDeserializer>(descriptorDeserializerTypeName);
-            }
-            else if (type == typeof(CngCbcAuthenticatedEncryptorDescriptorDeserializer) && RuntimeInformation.IsOSPlatform(OSPlatform.Windows))
-            {
-                return _activator.CreateInstance<CngCbcAuthenticatedEncryptorDescriptorDeserializer>(descriptorDeserializerTypeName);
-            }
-            else if (type == typeof(CngGcmAuthenticatedEncryptorDescriptorDeserializer) && RuntimeInformation.IsOSPlatform(OSPlatform.Windows))
-            {
-                return _activator.CreateInstance<CngGcmAuthenticatedEncryptorDescriptorDeserializer>(descriptorDeserializerTypeName);
-            }
-            else if (type == typeof(ManagedAuthenticatedEncryptorDescriptorDeserializer))
-            {
-                return _activator.CreateInstance<ManagedAuthenticatedEncryptorDescriptorDeserializer>(descriptorDeserializerTypeName);
-            }
+            return _activator.CreateInstance<AuthenticatedEncryptorDescriptorDeserializer>(descriptorDeserializerTypeName);
+        }
+        else if (RuntimeInformation.IsOSPlatform(OSPlatform.Windows) && TypeExtensions.MatchType(resolvedTypeName, _typeNameResolver, typeof(CngCbcAuthenticatedEncryptorDescriptorDeserializer)))
+        {
+            return _activator.CreateInstance<CngCbcAuthenticatedEncryptorDescriptorDeserializer>(descriptorDeserializerTypeName);
+        }
+        else if (RuntimeInformation.IsOSPlatform(OSPlatform.Windows) && TypeExtensions.MatchType(resolvedTypeName, _typeNameResolver, typeof(CngGcmAuthenticatedEncryptorDescriptorDeserializer)))
+        {
+            return _activator.CreateInstance<CngGcmAuthenticatedEncryptorDescriptorDeserializer>(descriptorDeserializerTypeName);
+        }
+        else if (TypeExtensions.MatchType(resolvedTypeName, _typeNameResolver, typeof(ManagedAuthenticatedEncryptorDescriptorDeserializer)))
+        {
+            return _activator.CreateInstance<ManagedAuthenticatedEncryptorDescriptorDeserializer>(descriptorDeserializerTypeName);
         }
 
         return _activator.CreateInstance<IAuthenticatedEncryptorDescriptorDeserializer>(descriptorDeserializerTypeName);

src/DataProtection/DataProtection/src/TypeExtensions.cs

@@ -3,6 +3,7 @@
 
 using System;
 using System.Diagnostics.CodeAnalysis;
+using Microsoft.AspNetCore.DataProtection.Internal;
 
 namespace Microsoft.AspNetCore.DataProtection;
 
@@ -39,4 +40,15 @@ public static Type GetTypeWithTrimFriendlyErrorMessage(string typeName)
             throw new InvalidOperationException($"Unable to load type '{typeName}'. If the app is published with trimming then this type may have been trimmed. Ensure the type's assembly is excluded from trimming.", ex);
         }
     }
+
+    public static bool MatchType(string resolvedTypeName, ITypeNameResolver typeNameResolver, Type matchType)
+    {
+        // Before attempting to resolve the name to a type, check if it starts with the full name of the type.
+        if (matchType.FullName != null && resolvedTypeName.StartsWith(matchType.FullName, StringComparison.Ordinal))
+        {
+            return typeNameResolver.TryResolveType(resolvedTypeName, out var resolvedType) && resolvedType == matchType;
+        }
+
+        return false;
+    }
 }

src/DataProtection/DataProtection/src/XmlEncryption/XmlEncryptionExtensions.cs

@@ -69,24 +69,26 @@ public static XElement DecryptElement(this XElement element, IActivator activato
 
     private static IXmlDecryptor CreateDecryptor(IActivator activator, string decryptorTypeName)
     {
-        if (activator is ITypeForwardingActivator typeForwarder && typeForwarder.TryForwardType(decryptorTypeName, out var type))
+        var resolvedTypeName = TypeForwardingActivator.TryForwardTypeName(decryptorTypeName, out var forwardedTypeName)
+            ? forwardedTypeName
+            : decryptorTypeName;
+        var typeNameResolver = activator as ITypeNameResolver ?? DefaultTypeNameResolver.Instance;
+
+        if (TypeExtensions.MatchType(resolvedTypeName, typeNameResolver, typeof(DpapiNGXmlDecryptor)))
         {
-            if (type == typeof(DpapiNGXmlDecryptor))
-            {
-                return activator.CreateInstance<DpapiNGXmlDecryptor>(decryptorTypeName);
-            }
-            else if (type == typeof(DpapiXmlDecryptor))
-            {
-                return activator.CreateInstance<DpapiXmlDecryptor>(decryptorTypeName);
-            }
-            else if (type == typeof(EncryptedXmlDecryptor))
-            {
-                return activator.CreateInstance<EncryptedXmlDecryptor>(decryptorTypeName);
-            }
-            else if (type == typeof(NullXmlDecryptor))
-            {
-                return activator.CreateInstance<NullXmlDecryptor>(decryptorTypeName);
-            }
+            return activator.CreateInstance<DpapiNGXmlDecryptor>(decryptorTypeName);
+        }
+        else if (TypeExtensions.MatchType(resolvedTypeName, typeNameResolver, typeof(DpapiXmlDecryptor)))
+        {
+            return activator.CreateInstance<DpapiXmlDecryptor>(decryptorTypeName);
+        }
+        else if (TypeExtensions.MatchType(resolvedTypeName, typeNameResolver, typeof(EncryptedXmlDecryptor)))
+        {
+            return activator.CreateInstance<EncryptedXmlDecryptor>(decryptorTypeName);
+        }
+        else if (TypeExtensions.MatchType(resolvedTypeName, typeNameResolver, typeof(NullXmlDecryptor)))
+        {
+            return activator.CreateInstance<NullXmlDecryptor>(decryptorTypeName);
         }
 
         return activator.CreateInstance<IXmlDecryptor>(decryptorTypeName);

src/DataProtection/DataProtection/test/Microsoft.AspNetCore.DataProtection.Tests/XmlEncryption/XmlEncryptionExtensionsTests.cs

@@ -50,7 +50,7 @@ public void DecryptElement_RootNodeRequiresDecryption_Success()
     }
 
     [Fact]
-    public void DecryptElement_MissingDecryptorType_Success()
+    public void DecryptElement_CustomType_TypeNameResolverNotCalled()
     {
         // Arrange
         var decryptorTypeName = typeof(MyXmlDecryptor).AssemblyQualifiedName;
@@ -62,6 +62,7 @@ public void DecryptElement_MissingDecryptorType_Success()
 
         var mockActivator = new Mock<ITypeForwardingActivator>();
         mockActivator.ReturnDecryptedElementGivenDecryptorTypeNameAndInput(decryptorTypeName, "<node />", "<newNode />");
+        var mockTypeNameResolver = mockActivator.As<ITypeNameResolver>();
 
         // We want to simulate an error loading the specified decryptor type, i.e.
         // Could not load file or assembly 'Azure.Extensions.AspNetCore.DataProtection.Keys,
@@ -79,6 +80,72 @@ public void DecryptElement_MissingDecryptorType_Success()
 
         // Assert
         XmlAssert.Equal("<newNode />", retVal);
+        Type resolvedType;
+        mockTypeNameResolver.Verify(o => o.TryResolveType(It.IsAny<string>(), out resolvedType), Times.Never());
+    }
+
+    [Fact]
+    public void DecryptElement_KnownType_TypeNameResolverCalled()
+    {
+        // Arrange
+        var decryptorTypeName = typeof(NullXmlDecryptor).AssemblyQualifiedName;
+
+        var original = XElement.Parse(@$"
+                <x:encryptedSecret decryptorType='{decryptorTypeName}' xmlns:x='http://schemas.asp.net/2015/03/dataProtection'>
+                  <node>
+                    <value />
+                  </node>
+                </x:encryptedSecret>");
+
+        var mockActivator = new Mock<IActivator>();
+        mockActivator.Setup(o => o.CreateInstance(typeof(NullXmlDecryptor), decryptorTypeName)).Returns(new NullXmlDecryptor());
+        var mockTypeNameResolver = mockActivator.As<ITypeNameResolver>();
+        var resolvedType = typeof(NullXmlDecryptor);
+        mockTypeNameResolver.Setup(mockTypeNameResolver => mockTypeNameResolver.TryResolveType(It.IsAny<string>(), out resolvedType)).Returns(true);
+
+        var serviceCollection = new ServiceCollection();
+        serviceCollection.AddSingleton<IActivator>(mockActivator.Object);
+        var services = serviceCollection.BuildServiceProvider();
+        var activator = services.GetActivator();
+
+        // Act
+        var retVal = original.DecryptElement(activator);
+
+        // Assert
+        XmlAssert.Equal("<value />", retVal);
+        mockTypeNameResolver.Verify(o => o.TryResolveType(It.IsAny<string>(), out resolvedType), Times.Once());
+    }
+
+    [Fact]
+    public void DecryptElement_KnownType_UnableToResolveType_Success()
+    {
+        // Arrange
+        var decryptorTypeName = typeof(NullXmlDecryptor).AssemblyQualifiedName;
+
+        var original = XElement.Parse(@$"
+                <x:encryptedSecret decryptorType='{decryptorTypeName}' xmlns:x='http://schemas.asp.net/2015/03/dataProtection'>
+                  <node>
+                    <value />
+                  </node>
+                </x:encryptedSecret>");
+
+        var mockActivator = new Mock<IActivator>();
+        mockActivator.Setup(o => o.CreateInstance(typeof(IXmlDecryptor), decryptorTypeName)).Returns(new NullXmlDecryptor());
+        var mockTypeNameResolver = mockActivator.As<ITypeNameResolver>();
+        var resolvedType = typeof(NullXmlDecryptor);
+        mockTypeNameResolver.Setup(mockTypeNameResolver => mockTypeNameResolver.TryResolveType(It.IsAny<string>(), out resolvedType)).Returns(false);
+
+        var serviceCollection = new ServiceCollection();
+        serviceCollection.AddSingleton<IActivator>(mockActivator.Object);
+        var services = serviceCollection.BuildServiceProvider();
+        var activator = services.GetActivator();
+
+        // Act
+        var retVal = original.DecryptElement(activator);
+
+        // Assert
+        XmlAssert.Equal("<value />", retVal);
+        mockTypeNameResolver.Verify(o => o.TryResolveType(It.IsAny<string>(), out resolvedType), Times.Once());
     }
 
     [Fact]