search

microsoft / service-fabric

Service Fabric is a distributed systems platform for packaging, deploying, and managing stateless and stateful distributed applications and containers at large scale.
https://docs.microsoft.com/en-us/azure/service-fabric/
MIT License
3.01k stars 399 forks source link

Generating a ServicePartitionKey using MD5 Hashing Algorithm seldomly return WindowsCryptographicException #1408

Open srkCodes1307 opened 1 year ago

srkCodes1307 commented 1 year ago

Describe the bug We are using MD5 Hashing Algorithm for generating PartitionKey to route to a stateful Service. For quite sometime we haven't seen any concerning issues in this approach. But, upgrading to .NET 6 we are seldomly seeing WindowsCryptographicException in the logs while trying to route to Stateful Service.

Area/Component: Stateful Services, PartitionKey generator

To Reproduce

private readonly MD5 _md5 = MD5.Create();

    public long GetPartitionKey(string Id)
    {
        var bytesToHash = Encoding.ASCII.GetBytes($"{Id}");

        var hash = _md5.ComputeHash(bytesToHash);
        var key = BitConverter.ToInt64(hash, 0);
        return key;
    }

Expected behavior Shouldn't be returning any error. Observed behavior: {"Type":"WindowsCryptographicException","Message":"Unknown error (0xc1000008)","StackTrace":" at Internal.Cryptography.HashProviderCng.AppendHashData(ReadOnlySpan`1 source) at Internal.Cryptography.HashProvider.AppendHashData(Byte[] data, Int32 offset, Int32 count) at System.Security.Cryptography.HashAlgorithm.ComputeHash(Byte[] buffer) Screenshots If applicable, add screenshots to help explain your problem.

Service Fabric Runtime Version: 8.0

Environment:

If this is a regression, which version did it regress from? After upgrading to .NET6 Additional context Add any other context about the problem here.

Assignees: /cc @microsoft/service-fabric-triage @dotnet @dotnet/core

tuhland commented 1 year ago

This should not be a Service Fabric issue.

As far as I remember it's a mix of .NET6 and underlying OS that considers MD5 to be very unsafe and results in this exception.

We worked around this issue, by calculating the MD5 hash with custom code (short term) and phasing out using it at all (long term).

srkCodes1307 commented 1 year ago

@tuhland, would you mind sharing a bit more on the short term custom code you used. In long term, once you change to another algorithm any specific changes you faced.