Closed RufusJWB closed 10 months ago
When decrypting a CMS object, the method DecryptContent(RecipientInfoCollection recipientInfos, X509Certificate2Collection? extraStore) iterates through all recipients of this CMS object: https://github.com/CryptoPro/corefx/blob/c44c962a8bb08c651042391797e0a84b62df71e3/src/System.Security.Cryptography.Pkcs/src/System/Security/Cryptography/Pkcs/EnvelopedCms.cs#L226 If working down the recipients results in more than one exception, only the last exception is thrown but the other exceptions are overwritten.
Here https://github.com/CryptoPro/corefx/blob/c44c962a8bb08c651042391797e0a84b62df71e3/src/System.Security.Cryptography.Pkcs/src/System/Security/Cryptography/Pkcs/EnvelopedCms.cs#L231
and
https://github.com/CryptoPro/corefx/blob/c44c962a8bb08c651042391797e0a84b62df71e3/src/System.Security.Cryptography.Pkcs/src/System/Security/Cryptography/Pkcs/EnvelopedCms.cs#L241
I'd like to propose that this behavior should be changed to throw an AggregateException with all collected exceptions.
When decrypting a CMS object, the method DecryptContent(RecipientInfoCollection recipientInfos, X509Certificate2Collection? extraStore) iterates through all recipients of this CMS object: https://github.com/CryptoPro/corefx/blob/c44c962a8bb08c651042391797e0a84b62df71e3/src/System.Security.Cryptography.Pkcs/src/System/Security/Cryptography/Pkcs/EnvelopedCms.cs#L226 If working down the recipients results in more than one exception, only the last exception is thrown but the other exceptions are overwritten.
Here https://github.com/CryptoPro/corefx/blob/c44c962a8bb08c651042391797e0a84b62df71e3/src/System.Security.Cryptography.Pkcs/src/System/Security/Cryptography/Pkcs/EnvelopedCms.cs#L231
and
https://github.com/CryptoPro/corefx/blob/c44c962a8bb08c651042391797e0a84b62df71e3/src/System.Security.Cryptography.Pkcs/src/System/Security/Cryptography/Pkcs/EnvelopedCms.cs#L241
I'd like to propose that this behavior should be changed to throw an AggregateException with all collected exceptions.