Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

System.Security.Cryptography.Pkcs test Decrypt_512_CekDoesNotDecrypt_FixedValue fails on Fedora 38 #95115

Closed
akoeplinger opened this issue Nov 22, 2023 · 10 comments · Fixed by #95157
Closed

System.Security.Cryptography.Pkcs test Decrypt_512_CekDoesNotDecrypt_FixedValue fails on Fedora 38 #95115

akoeplinger opened this issue Nov 22, 2023 · 10 comments · Fixed by #95157
Assignees
@vcsjones
Labels
area-System.Security in-pr There is an active PR which will close this issue when it is merged os-linux Linux OS (any supported distro)
Milestone
9.0.0

Comments

@akoeplinger
Copy link
Member

akoeplinger commented Nov 22, 2023
edited
Loading

Outerloop runs fail on Fedora 38:

https://helix.dot.net/api/2019-06-17/jobs/037f28b7-637f-4634-8ab1-3b4527ffc077/workitems/System.Security.Cryptography.Pkcs.Tests/console

  Discovering: System.Security.Cryptography.Tests (method display = ClassAndMethod, method display options = None)
  Discovered:  System.Security.Cryptography.Tests (found 56 of 4203 test cases)
  Starting:    System.Security.Cryptography.Pkcs.Tests (parallel test collections = on, max threads = 2)
    System.Security.Cryptography.Pkcs.EnvelopedCmsTests.Tests.DecryptTestsUsingCertWithPrivateKey.Decrypt_512_CekDoesNotDecrypt_FixedValue [FAIL]
      Assert.ThrowsAny() Failure: No exception was thrown
      Expected: typeof(System.Security.Cryptography.CryptographicException)
      Stack Trace:
        /_/src/libraries/System.Security.Cryptography.Pkcs/tests/EnvelopedCms/DecryptTests.cs(148,0): at System.Security.Cryptography.Pkcs.EnvelopedCmsTests.Tests.DecryptTests.Decrypt_512_CekDoesNotDecrypt_FixedValue()
           at System.RuntimeMethodHandle.InvokeMethod(Object target, Void** arguments, Signature sig, Boolean isConstructor)
        /_/src/libraries/System.Private.CoreLib/src/System/Reflection/MethodBaseInvoker.cs(57,0): at System.Reflection.MethodBaseInvoker.InvokeWithNoArgs(Object obj, BindingFlags invokeAttr)
@akoeplinger akoeplinger added area-System.Security os-linux Linux OS (any supported distro) labels Nov 22, 2023
@ghost
Copy link

ghost commented Nov 22, 2023

Tagging subscribers to this area: @dotnet/area-system-security, @bartonjs, @vcsjones
See info in area-owners.md if you want to be subscribed.

Issue Details

Outerloop runs fail on Fedora 38:

https://helix.dot.net/api/2019-06-17/jobs/037f28b7-637f-4634-8ab1-3b4527ffc077/workitems/System.Security.Cryptography.Tests/console

  Discovering: System.Security.Cryptography.Tests (method display = ClassAndMethod, method display options = None)
  Discovered:  System.Security.Cryptography.Tests (found 56 of 4203 test cases)
  Starting:    System.Security.Cryptography.Pkcs.Tests (parallel test collections = on, max threads = 2)
    System.Security.Cryptography.Pkcs.EnvelopedCmsTests.Tests.DecryptTestsUsingCertWithPrivateKey.Decrypt_512_CekDoesNotDecrypt_FixedValue [FAIL]
      Assert.ThrowsAny() Failure: No exception was thrown
      Expected: typeof(System.Security.Cryptography.CryptographicException)
      Stack Trace:
        /_/src/libraries/System.Security.Cryptography.Pkcs/tests/EnvelopedCms/DecryptTests.cs(148,0): at System.Security.Cryptography.Pkcs.EnvelopedCmsTests.Tests.DecryptTests.Decrypt_512_CekDoesNotDecrypt_FixedValue()
           at System.RuntimeMethodHandle.InvokeMethod(Object target, Void** arguments, Signature sig, Boolean isConstructor)
        /_/src/libraries/System.Private.CoreLib/src/System/Reflection/MethodBaseInvoker.cs(57,0): at System.Reflection.MethodBaseInvoker.InvokeWithNoArgs(Object obj, BindingFlags invokeAttr)
Author: akoeplinger
Assignees: -
Labels:

area-System.Security, os-linux
Milestone: -

@ghost ghost added the untriaged New issue has not been triaged by the area owner label Nov 22, 2023
@akoeplinger akoeplinger changed the title System.Security.Cryptography.Pkcs.EnvelopedCmsTests.Tests.Decrypt_512_CekDoesNotDecrypt_FixedValue fails on Fedora 38 System.Security.Cryptography.Pkcs test Decrypt_512_CekDoesNotDecrypt_FixedValue fails on Fedora 38 Nov 22, 2023
@bartonjs
Copy link
Member

Weird. This is about as deterministic as a crypto test gets (it uses a known key to decrypt a known value), and it clearly succeeded on retry since the log linked above shows success.

This feels like one of those "the computer said 2 + 2 = 5" never-reproducible bugs... but let's see if we get some more hits to try and force a repro.

@bartonjs bartonjs added this to the Future milestone Nov 22, 2023
@ghost ghost removed the untriaged New issue has not been triaged by the area owner label Nov 22, 2023
@akoeplinger
Copy link
Member Author

akoeplinger commented Nov 22, 2023
edited
Loading

@bartonjs where are you seeing this succeed? It fails on every outerloop run on Fedora 38 across both mono and coreclr.

@bartonjs
Copy link
Member

where are you seeing this succeed?

The log you linked to says no failures...

@bartonjs
Copy link
Member

Ah. The log you originally linked to, which is what I got in the email notification. I see the current link has a failure.

@bartonjs bartonjs modified the milestones: Future, 9.0.0 Nov 22, 2023
@akoeplinger
Copy link
Member Author

Yeah sorry, that was a copy-paste mistake :D

@vcsjones
Copy link
Member

I can reproduce it on Fedora 39 but not Ubuntu 23.04. Odd.

@vcsjones
Copy link
Member

vcsjones commented Nov 22, 2023
edited
Loading

Okay. @bartonjs and I tracked it down to openssl/openssl#13817. This is a change in OpenSSL 3.2 that Fedora / Red Hat back ported.

We are going to disable the implicit rejection so the APIs work as they have always worked.

@vcsjones vcsjones self-assigned this Nov 22, 2023
@vcsjones vcsjones mentioned this issue Nov 23, 2023
Merged
@ghost ghost added the in-pr There is an active PR which will close this issue when it is merged label Nov 23, 2023
@ghost ghost removed the in-pr There is an active PR which will close this issue when it is merged label Nov 24, 2023
@vcsjones vcsjones reopened this Nov 24, 2023
@vcsjones
Copy link
Member

Re-opening because we probably need to backport this.

This was referenced Nov 24, 2023
Merged
Merged
Merged
@tomato42
Copy link

tomato42 commented Dec 6, 2023

@vcsjones We have implemented it in OpenSSL specifically to protect users of such broken API as the one provided by C# and VB.NET.

By disabling implicit rejection you are MAKING them vulnerable

Please, see https://people.redhat.com/~hkario/marvin/ and read it whole, including both of the papers.

@bartonjs bartonjs closed this as completed Mar 5, 2024
@github-actions github-actions bot locked and limited conversation to collaborators Apr 4, 2024
@dotnet-policy-service dotnet-policy-service bot added the in-pr There is an active PR which will close this issue when it is merged label Aug 15, 2024
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees

@vcsjones vcsjones

Labels
area-System.Security in-pr There is an active PR which will close this issue when it is merged os-linux Linux OS (any supported distro)
Projects
None yet
Milestone
9.0.0
Development

Successfully merging a pull request may close this issue.

Disable implicit rejection for RSA PKCS#1 v1.5 vcsjones/runtime
4 participants
@vcsjones @tomato42 @akoeplinger @bartonjs