.NET Framework 4.7.2 Developer Pack Early Access build 3056 is available!
Today, we are happy to share an Early Access build with the .NET Framework 4.7.2 Developer Pack. The .NET Framework 4.7.2 Developer Pack lets developers build applications that target the .NET Framework 4.7.2 by using Visual Studio 2017, Visual Studio 2015 or other IDEs. This is a single package that bundles the .NET Framework 4.7.2, the .NET 4.7.2 Targeting Pack, and the .NET Framework 4.7.2 SDK. We would love your help to ensure this is a high quality and compatible release.
- Download Developer Pack build 3056
- Provide your feedback by reporting an issue at the .NET Framework Early Access GitHub repository.
The main difference between the build 3052 we shared few weeks back and this build is the Developer Pack. This pre-release build enables you to try out the new features available in .NET Framework 4.7.2. You can refer to the Early Access build 3052 blogpost for supported platforms and release notes.
Note: this release is currently feature-complete and in the testing phase, but is not supported for production use.
ASP.NET – Dependency Injection in WebForms
- Support setter-based, interface-based and constructor-based injection in web application project in Handler, Module, Page, User control and Custom control.
- Support setter-based and interface-based injection in web site project in Handler, Module, Page, User controls and Custom controls.
- Be able to plug in different dependency injection frameworks.
ASP.NET – SameSite Cookie
You can set SameSite for a HttpCookie object as follows.
You can configure HttpCookie SameSite at application level through web.config as follows.
SQL – Azure AD Universal and Multi-factor Authentication Support
Growing compliance and security demand requires many customers to use Multi-Factor authentication (MFA). In addition, current best practices directs developers from not including any user password directly to the connection string. We have extended SqlClient Connection String by introducing a new Azure AD Interactive authentication keyword to support MFA. This also enables support of Azure AD Authentication.
This feature introduces a new value for the existing “Authentication” keyword, specifying a new authentication method called “Active Directory Interactive”. The new interactive method supports native and federated Azure AD users as well as Azure AD guest users. When this method is being used, the MFA authentication imposed by Azure AD is supported for SQL DB. In addition, a user password is requested as part of an interactive dialog enabling us to adhere to security best practices.
Originally SQL connectivity in .NET Framework supported only ActiveDirectoryPassword and ActiveDirectoryIntegrated. Both of these are part of the non-interactive ADAL protocol which do not support MFA. With the new ActiveDirectoryInteractive keyword, the SQL connectivity supports MFA as well as existing authentication methods (password and integrated authentication) allowing users to enter user password interactively without the need to persist passwords in the SQL connection string.
This feature can be configured with tools like SQL Server Data Tools (SSDT), as illustrated below. In the latest Visual Studio preview, a new authentication option called “Active Directory Interactive Authentication” can be used to support MFA authentication to SQL database.
The following sample shows how to instantiate the communication provider that is required to register it to a specific authentication method. It also shows creating connections to SQL database using the different authentication methods, of which two are existing ones: ActiveDirectoryPassword, ActiveDirectoryIntegrated and the latest ActiveDirectoryInteractive.
BCL – Cryptographic Improvements
New overloads to RSA.Create and DSA.Create
Rfc2898DeriveBytes accepts a hash algorithm name
New constructor overloads have been added to Rfc2898DeriveBytes that accepts a HashAlgorithmName to identify which HMAC algorithm should be used when deriving keys. Developers are encouraged to move new key generations to a SHA-2-based HMAC as follows instead of using HMAC_SHA1.
Support for EphemeralKeySet
- Since the keys are not persisted to disk, certificates loaded with this flag are not good candidates for being added to an X509Store.
- Since the legacy PrivateKey property will not work with certificates, developers are advised to perform rigorous testing before switching to EphemeralKeySet.
Programmatic creation of PKCS#10 certification signing requests and X.509 public key certificates
The .NET Framework now enables workloads to generate certificate signing requests (CSRs), allowing certificate request generation to be staged into existing tooling.
The following example creates a CSR to be valid as a TLS Server Authentication certificate for www.adatum.com. Furthermore, adatum.com is signed with an existing RSA key using RSA-PSS with SHA-2-256.
The .NET Framework now enables workloads to generate self-signed certificates in a programmatic manner. This is frequently useful in test scenarios.
The following example creates a self-signed version of a TLS Server Authentication certificate for www.adatum.com, using an existing ECDSA key with an ECDSA-SHA-2-256 signature.
- The SignerInfo class for SignedCms exposes more information about the signature. SignerInfo.SignatureAlgorithm can be queried to determine the signature algorithm used by the signer. SignerInfo.GetSignature() can be called to get a copy of the cryptographic signature for this signer.
- CryptoStream now has an additional constructor that allows Dispose to not close the wrapped stream. To continue with the current behavior, no changes are necessary. To leave the wrapped stream open after the CryptoStream is disposed, use `new CryptoStream(stream, transform, mode, leaveOpen: true)`.
BCL – ZLib decompression support to DeflateStream
This feature improves the throughput of decompressing ZIP archives by using native implementation of ZIP. This enables up-to 3x increase in the throughput of ZIP archives during decompression. There are minor differences between the existing and native implementation, hence this feature is enabled by default only for applications targeting .NET Framework 4.7.2.
Older applications can opt-into this behavior by using the following AppContext switch:
BCL – Additional Collection APIs
- ‘TryGetValue’ is added to SortedSet and HashSet to match the Try pattern used in other collection types.
- The `Enumerable.To*` extension methods are added to SortedSet and HashSet.
- New HashSet constructors allow HashSets to be constructed with a capacity, offering a performance benefit when you know ahead of time what the size of the HashSet will be.
WorkflowDesigner High Contrast Improvements
Before and after experiences with these changes for various workflow features are illustrated below.
WPF – Finding ResourceDictionaries by Source
WPF – Finding ResourceDictionary owners
WPF – Finding StaticResource references
This feature allows a diagnostic assistant to receive a notification whenever a StaticResource reference is resolved. A diagnostic assistant such as Visual Studio’s “Edit-and-Continue” facility may want to update all uses of a resource when it changes or replaces a value in a ResourceDictionary. WPF does this automatically for DynamicResource references, but intentionally does not do so for StaticResource references. The diagnostic assistant is faced with the challenge of locating those uses. This feature helps meet the challenge.
Try out these new features in .NET Framework 4.7.2 Early Access build and please provide your feedback by reporting an issue at the .NET Framework Early Access GitHub repository.