AzureAD
diff --git a/‎buildpackLocal.bat
Lines changed: 3 additions & 0 deletions b/‎buildpackLocal.bat
Lines changed: 3 additions & 0 deletions
diff --git a/‎src/Microsoft.IdentityModel.Tokens/AsymmetricSignatureProvider.cs
Lines changed: 6 additions & 12 deletions b/‎src/Microsoft.IdentityModel.Tokens/AsymmetricSignatureProvider.cs
Lines changed: 6 additions & 12 deletions
diff --git a/‎src/Microsoft.IdentityModel.Tokens/CryptoProviderFactory.cs
Lines changed: 26 additions & 10 deletions b/‎src/Microsoft.IdentityModel.Tokens/CryptoProviderFactory.cs
Lines changed: 26 additions & 10 deletions
@@ -0,0 +1,3 @@
+dotnet clean Product.proj > clean.log
+dotnet build /r Product.proj
+dotnet pack --no-restore -o c:\localpackages --no-build Product.proj
@@ -208,15 +208,13 @@ public override bool Sign(ReadOnlySpan<byte> input, Span<byte> signature, out in
             catch
             {
                 CryptoProviderCache?.TryRemove(this);
-                Dispose(true);
                 throw;
             }
             finally
             {
-                if (!_disposed)
+                if (asym != null)
                     _asymmetricAdapterObjectPool.Free(asym);
             }
-
         }
 #endif
 
@@ -248,12 +246,11 @@ public override byte[] Sign(byte[] input)
             catch
             {
                 CryptoProviderCache?.TryRemove(this);
-                Dispose(true);
                 throw;
             }
             finally
             {
-                if (!_disposed)
+                if (asym != null)
                     _asymmetricAdapterObjectPool.Free(asym);
             }
         }
@@ -279,12 +276,11 @@ public override byte[] Sign(byte[] input, int offset, int count)
             catch
             {
                 CryptoProviderCache?.TryRemove(this);
-                Dispose(true);
                 throw;
             }
             finally
             {
-                if (!_disposed)
+                if (asym != null)
                     _asymmetricAdapterObjectPool.Free(asym);
             }
         }
@@ -380,12 +376,11 @@ public override bool Verify(byte[] input, byte[] signature)
             catch
             {
                 CryptoProviderCache?.TryRemove(this);
-                Dispose(true);
                 throw;
             }
             finally
             {
-                if (!_disposed)
+                if (asym != null)
                     _asymmetricAdapterObjectPool.Free(asym);
             }
         }
@@ -474,15 +469,14 @@ public override bool Verify(byte[] input, int inputOffset, int inputLength, byte
             }
             catch
             {
-                Dispose(true);
+                CryptoProviderCache?.TryRemove(this);
                 throw;
             }
             finally
             {
-                if (!_disposed)
+                if (asym != null)
                     _asymmetricAdapterObjectPool.Free(asym);
             }
-
         }
 
         /// <summary>
 
@@ -18,6 +18,8 @@ public class CryptoProviderFactory
         private static readonly ConcurrentDictionary<string, string> _typeToAlgorithmMap = new ConcurrentDictionary<string, string>();
         private static readonly object _cacheLock = new object();
         private static int _defaultSignatureProviderObjectPoolCacheSize = Environment.ProcessorCount * 4;
+        private static string _typeofAsymmetricSignatureProvider = typeof(AsymmetricSignatureProvider).ToString();
+        private static string _typeofSymmetricSignatureProvider = typeof(SymmetricSignatureProvider).ToString();
         private int _signatureProviderObjectPoolCacheSize = _defaultSignatureProviderObjectPoolCacheSize;
 
         /// <summary>
@@ -513,7 +515,13 @@ private SignatureProvider CreateSignatureProvider(SecurityKey key, string algori
             {
                 signatureProvider = CustomCryptoProvider.Create(algorithm, key, willCreateSignatures) as SignatureProvider;
                 if (signatureProvider == null)
-                    throw LogHelper.LogExceptionMessage(new InvalidOperationException(LogHelper.FormatInvariant(LogMessages.IDX10646, LogHelper.MarkAsNonPII(algorithm), key, LogHelper.MarkAsNonPII(typeof(SignatureProvider)))));
+                    throw LogHelper.LogExceptionMessage(
+                        new InvalidOperationException(
+                            LogHelper.FormatInvariant(
+                                LogMessages.IDX10646,
+                                LogHelper.MarkAsNonPII(algorithm),
+                                key,
+                                LogHelper.MarkAsNonPII(typeof(SignatureProvider)))));
 
                 return signatureProvider;
             }
@@ -523,7 +531,7 @@ private SignatureProvider CreateSignatureProvider(SecurityKey key, string algori
             bool createAsymmetric = true;
             if (key is AsymmetricSecurityKey)
             {
-                typeofSignatureProvider = typeof(AsymmetricSignatureProvider).ToString();
+                typeofSignatureProvider = _typeofAsymmetricSignatureProvider;
             }
             else if (key is JsonWebKey jsonWebKey)
             {
@@ -533,22 +541,22 @@ private SignatureProvider CreateSignatureProvider(SecurityKey key, string algori
                     {
                         if (convertedSecurityKey is AsymmetricSecurityKey)
                         {
-                            typeofSignatureProvider = typeof(AsymmetricSignatureProvider).ToString();
+                            typeofSignatureProvider = _typeofAsymmetricSignatureProvider;
                         }
                         else if (convertedSecurityKey is SymmetricSecurityKey)
                         {
-                            typeofSignatureProvider = typeof(SymmetricSignatureProvider).ToString();
+                            typeofSignatureProvider = _typeofSymmetricSignatureProvider;
                             createAsymmetric = false;
                         }
                     }
                     // this code is simply to maintain the same exception thrown
                     else
                     {
                         if (jsonWebKey.Kty == JsonWebAlgorithmsKeyTypes.RSA || jsonWebKey.Kty == JsonWebAlgorithmsKeyTypes.EllipticCurve)
-                            typeofSignatureProvider = typeof(AsymmetricSignatureProvider).ToString();
+                            typeofSignatureProvider = _typeofAsymmetricSignatureProvider;
                         else if (jsonWebKey.Kty == JsonWebAlgorithmsKeyTypes.Octet)
                         {
-                            typeofSignatureProvider = typeof(SymmetricSignatureProvider).ToString();
+                            typeofSignatureProvider = _typeofSymmetricSignatureProvider;
                             createAsymmetric = false;
                         }
                     }
@@ -560,12 +568,20 @@ private SignatureProvider CreateSignatureProvider(SecurityKey key, string algori
             }
             else if (key is SymmetricSecurityKey)
             {
-                typeofSignatureProvider = typeof(SymmetricSignatureProvider).ToString();
+                typeofSignatureProvider = _typeofSymmetricSignatureProvider;
                 createAsymmetric = false;
             }
 
             if (typeofSignatureProvider == null)
-                throw LogHelper.LogExceptionMessage(new NotSupportedException(LogHelper.FormatInvariant(LogMessages.IDX10621, LogHelper.MarkAsNonPII(typeof(SymmetricSignatureProvider)), LogHelper.MarkAsNonPII(typeof(SecurityKey)), LogHelper.MarkAsNonPII(typeof(AsymmetricSecurityKey)), LogHelper.MarkAsNonPII(typeof(SymmetricSecurityKey)), LogHelper.MarkAsNonPII(key.GetType()))));
+                throw LogHelper.LogExceptionMessage(
+                    new NotSupportedException(
+                        LogHelper.FormatInvariant(
+                            LogMessages.IDX10621,
+                            LogHelper.MarkAsNonPII(typeof(SymmetricSignatureProvider)),
+                            LogHelper.MarkAsNonPII(typeof(SecurityKey)),
+                            LogHelper.MarkAsNonPII(typeof(AsymmetricSecurityKey)),
+                            LogHelper.MarkAsNonPII(typeof(SymmetricSecurityKey)),
+                            LogHelper.MarkAsNonPII(key.GetType()))));
 
             if (CacheSignatureProviders && cacheProvider)
             {
@@ -592,7 +608,7 @@ private SignatureProvider CreateSignatureProvider(SecurityKey key, string algori
                         signatureProvider = new SymmetricSignatureProvider(key, algorithm, willCreateSignatures);
 
                     if (ShouldCacheSignatureProvider(signatureProvider))
-                        CryptoProviderCache.TryAdd(signatureProvider);
+                        signatureProvider.IsCached = CryptoProviderCache.TryAdd(signatureProvider);
                 }
             }
             else
@@ -737,7 +753,7 @@ public virtual void ReleaseSignatureProvider(SignatureProvider signatureProvider
             signatureProvider.Release();
             if (CustomCryptoProvider != null && CustomCryptoProvider.IsSupportedAlgorithm(signatureProvider.Algorithm))
                 CustomCryptoProvider.Release(signatureProvider);
-            else if (signatureProvider.CryptoProviderCache == null && signatureProvider.RefCount == 0)
+            else if (signatureProvider.CryptoProviderCache == null && signatureProvider.RefCount == 0 && !signatureProvider.IsCached)
                 signatureProvider.Dispose();
         }
     }
Original file line number	Diff line number	Diff line change
`@@ -0,0 +1,3 @@`
	`1`	`+dotnet clean Product.proj > clean.log`
	`2`	`+dotnet build /r Product.proj`
	`3`	`+dotnet pack --no-restore -o c:\localpackages --no-build Product.proj`
Original file line number	Diff line number	Diff line change
`@@ -208,15 +208,13 @@ public override bool Sign(ReadOnlySpan<byte> input, Span<byte> signature, out in`
`208`	`208`	`catch`
`209`	`209`	`{`
`210`	`210`	`CryptoProviderCache?.TryRemove(this);`
`211`		`- Dispose(true);`
`212`	`211`	`throw;`
`213`	`212`	`}`
`214`	`213`	`finally`
`215`	`214`	`{`
`216`		`- if (!_disposed)`
	`215`	`+ if (asym != null)`
`217`	`216`	`_asymmetricAdapterObjectPool.Free(asym);`
`218`	`217`	`}`
`219`		`-`
`220`	`218`	`}`
`221`	`219`	`#endif`
`222`	`220`
`@@ -248,12 +246,11 @@ public override byte[] Sign(byte[] input)`
`248`	`246`	`catch`
`249`	`247`	`{`
`250`	`248`	`CryptoProviderCache?.TryRemove(this);`
`251`		`- Dispose(true);`
`252`	`249`	`throw;`
`253`	`250`	`}`
`254`	`251`	`finally`
`255`	`252`	`{`
`256`		`- if (!_disposed)`
	`253`	`+ if (asym != null)`
`257`	`254`	`_asymmetricAdapterObjectPool.Free(asym);`
`258`	`255`	`}`
`259`	`256`	`}`
`@@ -279,12 +276,11 @@ public override byte[] Sign(byte[] input, int offset, int count)`
`279`	`276`	`catch`
`280`	`277`	`{`
`281`	`278`	`CryptoProviderCache?.TryRemove(this);`
`282`		`- Dispose(true);`
`283`	`279`	`throw;`
`284`	`280`	`}`
`285`	`281`	`finally`
`286`	`282`	`{`
`287`		`- if (!_disposed)`
	`283`	`+ if (asym != null)`
`288`	`284`	`_asymmetricAdapterObjectPool.Free(asym);`
`289`	`285`	`}`
`290`	`286`	`}`
`@@ -380,12 +376,11 @@ public override bool Verify(byte[] input, byte[] signature)`
`380`	`376`	`catch`
`381`	`377`	`{`
`382`	`378`	`CryptoProviderCache?.TryRemove(this);`
`383`		`- Dispose(true);`
`384`	`379`	`throw;`
`385`	`380`	`}`
`386`	`381`	`finally`
`387`	`382`	`{`
`388`		`- if (!_disposed)`
	`383`	`+ if (asym != null)`
`389`	`384`	`_asymmetricAdapterObjectPool.Free(asym);`
`390`	`385`	`}`
`391`	`386`	`}`
`@@ -474,15 +469,14 @@ public override bool Verify(byte[] input, int inputOffset, int inputLength, byte`
`474`	`469`	`}`
`475`	`470`	`catch`
`476`	`471`	`{`
`477`		`- Dispose(true);`
	`472`	`+ CryptoProviderCache?.TryRemove(this);`
`478`	`473`	`throw;`
`479`	`474`	`}`
`480`	`475`	`finally`
`481`	`476`	`{`
`482`		`- if (!_disposed)`
	`477`	`+ if (asym != null)`
`483`	`478`	`_asymmetricAdapterObjectPool.Free(asym);`
`484`	`479`	`}`
`485`		`-`
`486`	`480`	`}`
`487`	`481`
`488`	`482`	`/// <summary>`
Original file line number	Diff line number	Diff line change
`@@ -18,6 +18,8 @@ public class CryptoProviderFactory`
`18`	`18`	`private static readonly ConcurrentDictionary<string, string> _typeToAlgorithmMap = new ConcurrentDictionary<string, string>();`
`19`	`19`	`private static readonly object _cacheLock = new object();`
`20`	`20`	`private static int _defaultSignatureProviderObjectPoolCacheSize = Environment.ProcessorCount * 4;`
	`21`	`+ private static string _typeofAsymmetricSignatureProvider = typeof(AsymmetricSignatureProvider).ToString();`
	`22`	`+ private static string _typeofSymmetricSignatureProvider = typeof(SymmetricSignatureProvider).ToString();`
`21`	`23`	`private int _signatureProviderObjectPoolCacheSize = _defaultSignatureProviderObjectPoolCacheSize;`
`22`	`24`
`23`	`25`	`/// <summary>`
`@@ -513,7 +515,13 @@ private SignatureProvider CreateSignatureProvider(SecurityKey key, string algori`
`513`	`515`	`{`
`514`	`516`	`signatureProvider = CustomCryptoProvider.Create(algorithm, key, willCreateSignatures) as SignatureProvider;`
`515`	`517`	`if (signatureProvider == null)`
`516`		`- throw LogHelper.LogExceptionMessage(new InvalidOperationException(LogHelper.FormatInvariant(LogMessages.IDX10646, LogHelper.MarkAsNonPII(algorithm), key, LogHelper.MarkAsNonPII(typeof(SignatureProvider)))));`
	`518`	`+ throw LogHelper.LogExceptionMessage(`
	`519`	`+ new InvalidOperationException(`
	`520`	`+ LogHelper.FormatInvariant(`
	`521`	`+ LogMessages.IDX10646,`
	`522`	`+ LogHelper.MarkAsNonPII(algorithm),`
	`523`	`+ key,`
	`524`	`+ LogHelper.MarkAsNonPII(typeof(SignatureProvider)))));`
`517`	`525`
`518`	`526`	`return signatureProvider;`
`519`	`527`	`}`
`@@ -523,7 +531,7 @@ private SignatureProvider CreateSignatureProvider(SecurityKey key, string algori`
`523`	`531`	`bool createAsymmetric = true;`
`524`	`532`	`if (key is AsymmetricSecurityKey)`
`525`	`533`	`{`
`526`		`- typeofSignatureProvider = typeof(AsymmetricSignatureProvider).ToString();`
	`534`	`+ typeofSignatureProvider = _typeofAsymmetricSignatureProvider;`
`527`	`535`	`}`
`528`	`536`	`else if (key is JsonWebKey jsonWebKey)`
`529`	`537`	`{`
`@@ -533,22 +541,22 @@ private SignatureProvider CreateSignatureProvider(SecurityKey key, string algori`
`533`	`541`	`{`
`534`	`542`	`if (convertedSecurityKey is AsymmetricSecurityKey)`
`535`	`543`	`{`
`536`		`- typeofSignatureProvider = typeof(AsymmetricSignatureProvider).ToString();`
	`544`	`+ typeofSignatureProvider = _typeofAsymmetricSignatureProvider;`
`537`	`545`	`}`
`538`	`546`	`else if (convertedSecurityKey is SymmetricSecurityKey)`
`539`	`547`	`{`
`540`		`- typeofSignatureProvider = typeof(SymmetricSignatureProvider).ToString();`
	`548`	`+ typeofSignatureProvider = _typeofSymmetricSignatureProvider;`
`541`	`549`	`createAsymmetric = false;`
`542`	`550`	`}`
`543`	`551`	`}`
`544`	`552`	`// this code is simply to maintain the same exception thrown`
`545`	`553`	`else`
`546`	`554`	`{`
`547`	`555`	`if (jsonWebKey.Kty == JsonWebAlgorithmsKeyTypes.RSA \|\| jsonWebKey.Kty == JsonWebAlgorithmsKeyTypes.EllipticCurve)`
`548`		`- typeofSignatureProvider = typeof(AsymmetricSignatureProvider).ToString();`
	`556`	`+ typeofSignatureProvider = _typeofAsymmetricSignatureProvider;`
`549`	`557`	`else if (jsonWebKey.Kty == JsonWebAlgorithmsKeyTypes.Octet)`
`550`	`558`	`{`
`551`		`- typeofSignatureProvider = typeof(SymmetricSignatureProvider).ToString();`
	`559`	`+ typeofSignatureProvider = _typeofSymmetricSignatureProvider;`
`552`	`560`	`createAsymmetric = false;`
`553`	`561`	`}`
`554`	`562`	`}`
`@@ -560,12 +568,20 @@ private SignatureProvider CreateSignatureProvider(SecurityKey key, string algori`
`560`	`568`	`}`
`561`	`569`	`else if (key is SymmetricSecurityKey)`
`562`	`570`	`{`
`563`		`- typeofSignatureProvider = typeof(SymmetricSignatureProvider).ToString();`
	`571`	`+ typeofSignatureProvider = _typeofSymmetricSignatureProvider;`
`564`	`572`	`createAsymmetric = false;`
`565`	`573`	`}`
`566`	`574`
`567`	`575`	`if (typeofSignatureProvider == null)`
`568`		`- throw LogHelper.LogExceptionMessage(new NotSupportedException(LogHelper.FormatInvariant(LogMessages.IDX10621, LogHelper.MarkAsNonPII(typeof(SymmetricSignatureProvider)), LogHelper.MarkAsNonPII(typeof(SecurityKey)), LogHelper.MarkAsNonPII(typeof(AsymmetricSecurityKey)), LogHelper.MarkAsNonPII(typeof(SymmetricSecurityKey)), LogHelper.MarkAsNonPII(key.GetType()))));`
	`576`	`+ throw LogHelper.LogExceptionMessage(`
	`577`	`+ new NotSupportedException(`
	`578`	`+ LogHelper.FormatInvariant(`
	`579`	`+ LogMessages.IDX10621,`
	`580`	`+ LogHelper.MarkAsNonPII(typeof(SymmetricSignatureProvider)),`
	`581`	`+ LogHelper.MarkAsNonPII(typeof(SecurityKey)),`
	`582`	`+ LogHelper.MarkAsNonPII(typeof(AsymmetricSecurityKey)),`
	`583`	`+ LogHelper.MarkAsNonPII(typeof(SymmetricSecurityKey)),`
	`584`	`+ LogHelper.MarkAsNonPII(key.GetType()))));`
`569`	`585`
`570`	`586`	`if (CacheSignatureProviders && cacheProvider)`
`571`	`587`	`{`
`@@ -592,7 +608,7 @@ private SignatureProvider CreateSignatureProvider(SecurityKey key, string algori`
`592`	`608`	`signatureProvider = new SymmetricSignatureProvider(key, algorithm, willCreateSignatures);`
`593`	`609`
`594`	`610`	`if (ShouldCacheSignatureProvider(signatureProvider))`
`595`		`- CryptoProviderCache.TryAdd(signatureProvider);`
	`611`	`+ signatureProvider.IsCached = CryptoProviderCache.TryAdd(signatureProvider);`
`596`	`612`	`}`
`597`	`613`	`}`
`598`	`614`	`else`
`@@ -737,7 +753,7 @@ public virtual void ReleaseSignatureProvider(SignatureProvider signatureProvider`
`737`	`753`	`signatureProvider.Release();`
`738`	`754`	`if (CustomCryptoProvider != null && CustomCryptoProvider.IsSupportedAlgorithm(signatureProvider.Algorithm))`
`739`	`755`	`CustomCryptoProvider.Release(signatureProvider);`
`740`		`- else if (signatureProvider.CryptoProviderCache == null && signatureProvider.RefCount == 0)`
	`756`	`+ else if (signatureProvider.CryptoProviderCache == null && signatureProvider.RefCount == 0 && !signatureProvider.IsCached)`
`741`	`757`	`signatureProvider.Dispose();`
`742`	`758`	`}`
`743`	`759`	`}`