-
Notifications
You must be signed in to change notification settings - Fork 4.9k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Handle zero value modulus for OpenSSL 1.1 #78339
Conversation
Tagging subscribers to this area: @dotnet/area-system-security, @vcsjones Issue DetailsFixes #78293 This PR introduces a check when importing an RSA public key that the modulus is not zero. For OpenSSL 1.1, the import succeeded and later fails at key usage time with a less-than-helpful error. This check brings consistency with other platforms, where a zero modulus fails at key import time.
|
@bartonjs this is what I ended up with as a fix for this for OpenSSL 1.x and would like your feedback on the overall approach.
|
Nope. Haha. |
src/native/libs/System.Security.Cryptography.Native/opensslshim.h
Outdated
Show resolved
Hide resolved
@bartonjs Seems like Windows 7 CSP doesn't fail at import, it fails at key usage. Given that
I opted to skip the test for Windows 7 instead of fixing RSACryptoServiceProvider. I'm not strongly opposed to fix it, but it would be adding Windows 7 specific code for an OS that is going to be EOL by the time .NET 8 is released. |
@vcsjones this seems to cause an error on the Linux x86 build:
I guess we have an older OpenSSL in that image? it uses |
@akoeplinger Looking. |
This is... confusing. And it was definitely present in OpenSSL 1.1.1: https://github.com/openssl/openssl/blob/OpenSSL_1_1_1a/include/openssl/evperr.h#L153 @bartonjs Any thoughts? It might be a while before I can really dig in to this. I suppose we can revert if this is blocking the build while I try to figure this out. |
It's present in 1.1.0: https://github.com/openssl/openssl/blob/OpenSSL_1_1_0-stable/include/openssl/evp.h#L1559 (# define EVP_R_INVALID_KEY 163) And 1.1.1: https://github.com/openssl/openssl/blob/OpenSSL_1_1_1-stable/include/openssl/evperr.h#L162 (still 163) And 3.0: https://github.com/openssl/openssl/blob/openssl-3.0/include/openssl/evperr.h#L66 It's also present in 1.0.2: https://github.com/openssl/openssl/blob/OpenSSL_1_0_2-stable/crypto/evp/evp.h#L1587, though back then it was 171. So... I'm fairly well confused. Unless somehow we're building against 1.0.1 headers somewhere... |
Fixes #78293
This PR introduces a check when importing an RSA public key that the modulus is not zero. For OpenSSL 1.1, the import succeeded and later fails at key usage time with a less-than-helpful error. This check brings consistency with other platforms, where a zero modulus fails at key import time.