From 7bc30ea83cc1649526d9b5ad1bcd2c393417b6ae Mon Sep 17 00:00:00 2001 From: Kevin Jones Date: Mon, 14 Nov 2022 15:36:05 -0500 Subject: [PATCH 01/13] Handle zero value modulus for OpenSSL 1.1 --- .../RSA/ImportExport.cs | 33 +++++++++++++++++++ .../apibridge.c | 7 +++- .../apibridge.h | 1 + .../openssl_1_0_structs.h | 8 +++++ .../opensslshim.h | 3 ++ .../pal_evp_pkey.c | 20 +++++++++++ 6 files changed, 71 insertions(+), 1 deletion(-) diff --git a/src/libraries/Common/tests/System/Security/Cryptography/AlgorithmImplementations/RSA/ImportExport.cs b/src/libraries/Common/tests/System/Security/Cryptography/AlgorithmImplementations/RSA/ImportExport.cs index ee608a62a30750..98e2e53c8ea814 100644 --- a/src/libraries/Common/tests/System/Security/Cryptography/AlgorithmImplementations/RSA/ImportExport.cs +++ b/src/libraries/Common/tests/System/Security/Cryptography/AlgorithmImplementations/RSA/ImportExport.cs @@ -311,6 +311,22 @@ public static void ExportAfterDispose(bool importKey) } } + [Theory] + [InlineData(true)] + [InlineData(false)] + public static void ImportZeroModulus(bool includePrivateParameters) + { + RSAParameters zeroModulus = CopyRSAParameters(TestData.RSA2048Params); + zeroModulus.Modulus.AsSpan().Clear(); + + if (!includePrivateParameters) + { + zeroModulus = MakePublic(zeroModulus); + } + + Assert.ThrowsAny(() => RSAFactory.Create(zeroModulus)); + } + internal static void AssertKeyEquals(in RSAParameters expected, in RSAParameters actual) { Assert.Equal(expected.Modulus, actual.Modulus); @@ -444,5 +460,22 @@ private static bool TestRsa16384() return false; } } + + private static RSAParameters CopyRSAParameters(in RSAParameters rsaParams) + { + static byte[] CopyBytes(byte[] data) => data is null ? null : data.AsSpan().ToArray(); + + return new RSAParameters + { + Modulus = CopyBytes(rsaParams.Modulus), + Exponent = CopyBytes(rsaParams.Exponent), + D = CopyBytes(rsaParams.D), + P = CopyBytes(rsaParams.P), + Q = CopyBytes(rsaParams.Q), + DP = CopyBytes(rsaParams.DP), + DQ = CopyBytes(rsaParams.DQ), + InverseQ = CopyBytes(rsaParams.InverseQ), + }; + } } } diff --git a/src/native/libs/System.Security.Cryptography.Native/apibridge.c b/src/native/libs/System.Security.Cryptography.Native/apibridge.c index 8077a1e2bb6dbc..b130edf3574e01 100644 --- a/src/native/libs/System.Security.Cryptography.Native/apibridge.c +++ b/src/native/libs/System.Security.Cryptography.Native/apibridge.c @@ -890,7 +890,6 @@ int local_EVP_PKEY_public_check(EVP_PKEY_CTX* ctx) } } - int local_ASN1_TIME_to_tm(const ASN1_TIME* s, struct tm* tm) { (void)s; @@ -898,4 +897,10 @@ int local_ASN1_TIME_to_tm(const ASN1_TIME* s, struct tm* tm) return 0; } + +int local_BN_is_zero(const BIGNUM* a) +{ + return a->top == 0; +} + #endif diff --git a/src/native/libs/System.Security.Cryptography.Native/apibridge.h b/src/native/libs/System.Security.Cryptography.Native/apibridge.h index 92f4c592ad893e..397159da810bec 100644 --- a/src/native/libs/System.Security.Cryptography.Native/apibridge.h +++ b/src/native/libs/System.Security.Cryptography.Native/apibridge.h @@ -7,6 +7,7 @@ #include "pal_types.h" int local_ASN1_TIME_to_tm(const ASN1_TIME* s, struct tm* tm); +int local_BN_is_zero(const BIGNUM* a); int local_BIO_up_ref(BIO *a); const BIGNUM* local_DSA_get0_key(const DSA* dsa, const BIGNUM** pubKey, const BIGNUM** privKey); void local_DSA_get0_pqg(const DSA* dsa, const BIGNUM** p, const BIGNUM** q, const BIGNUM** g); diff --git a/src/native/libs/System.Security.Cryptography.Native/openssl_1_0_structs.h b/src/native/libs/System.Security.Cryptography.Native/openssl_1_0_structs.h index 83942449bb3af6..486dbb902de3b3 100644 --- a/src/native/libs/System.Security.Cryptography.Native/openssl_1_0_structs.h +++ b/src/native/libs/System.Security.Cryptography.Native/openssl_1_0_structs.h @@ -184,3 +184,11 @@ struct bio_st const void*_ignored11; int references; }; + +struct bignum_st { + const void* _ignored1; + int top; + int _ignored2; + int _ignored3; + int _ignored4; +}; diff --git a/src/native/libs/System.Security.Cryptography.Native/opensslshim.h b/src/native/libs/System.Security.Cryptography.Native/opensslshim.h index c56303c2b48cc8..bf4baebd7fcdae 100644 --- a/src/native/libs/System.Security.Cryptography.Native/opensslshim.h +++ b/src/native/libs/System.Security.Cryptography.Native/opensslshim.h @@ -192,6 +192,7 @@ const EVP_CIPHER* EVP_chacha20_poly1305(void); REQUIRED_FUNCTION(BN_clear_free) \ REQUIRED_FUNCTION(BN_dup) \ REQUIRED_FUNCTION(BN_free) \ + REQUIRED_FUNCTION(BN_is_zero) \ REQUIRED_FUNCTION(BN_new) \ REQUIRED_FUNCTION(BN_num_bits) \ REQUIRED_FUNCTION(BN_set_word) \ @@ -673,6 +674,7 @@ FOR_ALL_OPENSSL_FUNCTIONS #define BN_clear_free BN_clear_free_ptr #define BN_dup BN_dup_ptr #define BN_free BN_free_ptr +#define BN_is_zero BN_is_zero_ptr #define BN_new BN_new_ptr #define BN_num_bits BN_num_bits_ptr #define BN_set_word BN_set_word_ptr @@ -1185,6 +1187,7 @@ FOR_ALL_OPENSSL_FUNCTIONS // Alias "future" API to the local_ version. #define ASN1_TIME_to_tm local_ASN1_TIME_to_tm +#define BN_is_zero local_BN_is_zero #define BIO_up_ref local_BIO_up_ref #define DSA_get0_key local_DSA_get0_key #define DSA_get0_pqg local_DSA_get0_pqg diff --git a/src/native/libs/System.Security.Cryptography.Native/pal_evp_pkey.c b/src/native/libs/System.Security.Cryptography.Native/pal_evp_pkey.c index 402903b8781a6d..1452ea2cb96cbe 100644 --- a/src/native/libs/System.Security.Cryptography.Native/pal_evp_pkey.c +++ b/src/native/libs/System.Security.Cryptography.Native/pal_evp_pkey.c @@ -97,6 +97,26 @@ static bool CheckKey(EVP_PKEY* key, int32_t algId, int32_t (*check_func)(EVP_PKE return false; } + // OpenSSL 1.x does not fail when importing a key with a zero modulus. It fails at key-usage time with an + // out-of-memory error. For RSA keys, check the modulus for zero and report an invalid key. + // OpenSSL 3 correctly fails with with an invalid modulus error. + if (algId == NID_rsaEncryption) + { + const RSA* rsa = EVP_PKEY_get0_RSA(key); + + if (rsa != NULL) + { + const BIGNUM* modulus = NULL; + RSA_get0_key(rsa, &modulus, NULL, NULL); + + if (modulus != NULL && BN_is_zero(modulus)) + { + ERR_put_error(ERR_LIB_EVP, 0, EVP_R_INVALID_KEY, __FILE__, __LINE__); + return false; + } + } + } + EVP_PKEY_CTX* ctx = EVP_PKEY_CTX_new(key, NULL); if (ctx == NULL) From 846510d6ce3e1f2acad8e08f6ef9ff357c097956 Mon Sep 17 00:00:00 2001 From: Kevin Jones Date: Mon, 14 Nov 2022 18:12:56 -0500 Subject: [PATCH 02/13] Fix build for OpenSSL 1.0 --- .../libs/System.Security.Cryptography.Native/opensslshim.h | 2 +- .../libs/System.Security.Cryptography.Native/osslcompat_111.h | 1 + 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/src/native/libs/System.Security.Cryptography.Native/opensslshim.h b/src/native/libs/System.Security.Cryptography.Native/opensslshim.h index bf4baebd7fcdae..e1fbe91205ceb3 100644 --- a/src/native/libs/System.Security.Cryptography.Native/opensslshim.h +++ b/src/native/libs/System.Security.Cryptography.Native/opensslshim.h @@ -192,7 +192,7 @@ const EVP_CIPHER* EVP_chacha20_poly1305(void); REQUIRED_FUNCTION(BN_clear_free) \ REQUIRED_FUNCTION(BN_dup) \ REQUIRED_FUNCTION(BN_free) \ - REQUIRED_FUNCTION(BN_is_zero) \ + FALLBACK_FUNCTION(BN_is_zero) \ REQUIRED_FUNCTION(BN_new) \ REQUIRED_FUNCTION(BN_num_bits) \ REQUIRED_FUNCTION(BN_set_word) \ diff --git a/src/native/libs/System.Security.Cryptography.Native/osslcompat_111.h b/src/native/libs/System.Security.Cryptography.Native/osslcompat_111.h index 4630276689e3f8..8e38a37db89bbd 100644 --- a/src/native/libs/System.Security.Cryptography.Native/osslcompat_111.h +++ b/src/native/libs/System.Security.Cryptography.Native/osslcompat_111.h @@ -20,6 +20,7 @@ typedef struct stack_st OPENSSL_STACK; #define OPENSSL_INIT_LOAD_SSL_STRINGS 0x00200000L int ASN1_TIME_to_tm(const ASN1_TIME* s, struct tm* tm); +int BN_is_zero(const BIGNUM* a); int BIO_up_ref(BIO* a); const BIGNUM* DSA_get0_key(const DSA* dsa, const BIGNUM** pubKey, const BIGNUM** privKey); void DSA_get0_pqg(const DSA* dsa, const BIGNUM** p, const BIGNUM** q, const BIGNUM** g); From 535601bf6606a250ed3e8556101a140f928e410e Mon Sep 17 00:00:00 2001 From: Kevin Jones Date: Mon, 14 Nov 2022 19:04:16 -0500 Subject: [PATCH 03/13] Undef existing name prior to re-defining --- .../libs/System.Security.Cryptography.Native/osslcompat_111.h | 1 + 1 file changed, 1 insertion(+) diff --git a/src/native/libs/System.Security.Cryptography.Native/osslcompat_111.h b/src/native/libs/System.Security.Cryptography.Native/osslcompat_111.h index 8e38a37db89bbd..ccb8ddfb22368b 100644 --- a/src/native/libs/System.Security.Cryptography.Native/osslcompat_111.h +++ b/src/native/libs/System.Security.Cryptography.Native/osslcompat_111.h @@ -6,6 +6,7 @@ #pragma once #include "pal_types.h" +#undef BN_is_zero #undef SSL_CTX_set_options #undef SSL_set_options #undef SSL_session_reused From 9ecfda03ef04729bc1a6ab41ae176a04847f5c94 Mon Sep 17 00:00:00 2001 From: Kevin Jones Date: Tue, 15 Nov 2022 10:16:58 -0500 Subject: [PATCH 04/13] Skip test on Windows 7 --- .../Cryptography/AlgorithmImplementations/RSA/ImportExport.cs | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/libraries/Common/tests/System/Security/Cryptography/AlgorithmImplementations/RSA/ImportExport.cs b/src/libraries/Common/tests/System/Security/Cryptography/AlgorithmImplementations/RSA/ImportExport.cs index 98e2e53c8ea814..4378f4590f19d2 100644 --- a/src/libraries/Common/tests/System/Security/Cryptography/AlgorithmImplementations/RSA/ImportExport.cs +++ b/src/libraries/Common/tests/System/Security/Cryptography/AlgorithmImplementations/RSA/ImportExport.cs @@ -311,7 +311,7 @@ public static void ExportAfterDispose(bool importKey) } } - [Theory] + [ConditionalTheory(typeof(PlatformDetection), nameof(PlatformDetection.IsNotWindows7))] [InlineData(true)] [InlineData(false)] public static void ImportZeroModulus(bool includePrivateParameters) From ac463aa0de1ffff386abe722b11a9577dde3dfbe Mon Sep 17 00:00:00 2001 From: Kevin Jones Date: Tue, 29 Nov 2022 20:20:03 -0500 Subject: [PATCH 05/13] Make random change to CLR to get Linux x86 to build --- src/coreclr/jit/_typeinfo.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/coreclr/jit/_typeinfo.h b/src/coreclr/jit/_typeinfo.h index e8558ba68b7fee..073dceace9beae 100644 --- a/src/coreclr/jit/_typeinfo.h +++ b/src/coreclr/jit/_typeinfo.h @@ -4,7 +4,7 @@ /*XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX XX XX -XX _typeInfo XX +XX _typeInfo XX XX XX XX XX XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX From 562b1079fdcd51bb49f5b526f4622550465ef780 Mon Sep 17 00:00:00 2001 From: Kevin Jones Date: Tue, 6 Dec 2022 16:05:37 -0500 Subject: [PATCH 06/13] Try getting this job to run --- eng/pipelines/runtime.yml | 5 ----- 1 file changed, 5 deletions(-) diff --git a/eng/pipelines/runtime.yml b/eng/pipelines/runtime.yml index 261f3058a297e3..451e86582af207 100644 --- a/eng/pipelines/runtime.yml +++ b/eng/pipelines/runtime.yml @@ -85,11 +85,6 @@ extends: - windows_arm64 jobParameters: testGroup: innerloop - condition: >- - or( - eq(dependencies.evaluate_paths.outputs['SetPathVars_coreclr.containsChange'], true), - eq(dependencies.evaluate_paths.outputs['SetPathVars_runtimetests.containsChange'], true), - eq(variables['isRollingBuild'], true)) # # Build the whole product using GNU compiler toolchain From 6ebb71d09f08ee77f78679e768df5f252703924a Mon Sep 17 00:00:00 2001 From: Kevin Jones Date: Tue, 6 Dec 2022 18:41:43 -0500 Subject: [PATCH 07/13] Revert "Try getting this job to run" This reverts commit 562b1079fdcd51bb49f5b526f4622550465ef780. --- eng/pipelines/runtime.yml | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/eng/pipelines/runtime.yml b/eng/pipelines/runtime.yml index 451e86582af207..261f3058a297e3 100644 --- a/eng/pipelines/runtime.yml +++ b/eng/pipelines/runtime.yml @@ -85,6 +85,11 @@ extends: - windows_arm64 jobParameters: testGroup: innerloop + condition: >- + or( + eq(dependencies.evaluate_paths.outputs['SetPathVars_coreclr.containsChange'], true), + eq(dependencies.evaluate_paths.outputs['SetPathVars_runtimetests.containsChange'], true), + eq(variables['isRollingBuild'], true)) # # Build the whole product using GNU compiler toolchain From 5f747e606c6c9057308c8e2949b2ec06e44102a4 Mon Sep 17 00:00:00 2001 From: Kevin Jones Date: Tue, 6 Dec 2022 18:42:47 -0500 Subject: [PATCH 08/13] Try getting this job to run --- eng/pipelines/runtime.yml | 9 ++------- 1 file changed, 2 insertions(+), 7 deletions(-) diff --git a/eng/pipelines/runtime.yml b/eng/pipelines/runtime.yml index b420eb3c9f5209..12fa580f7a45b0 100644 --- a/eng/pipelines/runtime.yml +++ b/eng/pipelines/runtime.yml @@ -87,11 +87,6 @@ extends: - windows_arm64 jobParameters: testGroup: innerloop - condition: >- - or( - eq(dependencies.evaluate_paths.outputs['SetPathVars_coreclr.containsChange'], true), - eq(dependencies.evaluate_paths.outputs['SetPathVars_runtimetests.containsChange'], true), - eq(variables['isRollingBuild'], true)) # # Build the whole product using GNU compiler toolchain @@ -1132,7 +1127,7 @@ extends: testGroup: innerloop nameSuffix: AllSubsets_Mono_LLVMAot_RuntimeTests runtimeVariant: llvmaot - buildArgs: -s mono+libs+clr.hosts+clr.iltools -c Release /p:MonoEnableLLVM=true /p:MonoBundleLLVMOptimizer=true /p:MonoLLVMUseCxx11Abi=true + buildArgs: -s mono+libs+clr.hosts+clr.iltools -c Release /p:MonoEnableLLVM=true /p:MonoBundleLLVMOptimizer=true /p:MonoLLVMUseCxx11Abi=true timeoutInMinutes: 180 condition: >- @@ -1167,7 +1162,7 @@ extends: testGroup: innerloop nameSuffix: AllSubsets_Mono_LLVMFullAot_RuntimeTests runtimeVariant: llvmfullaot - buildArgs: -s mono+libs+clr.hosts+clr.iltools -c Release /p:MonoEnableLLVM=true /p:MonoBundleLLVMOptimizer=true /p:MonoLLVMUseCxx11Abi=true + buildArgs: -s mono+libs+clr.hosts+clr.iltools -c Release /p:MonoEnableLLVM=true /p:MonoBundleLLVMOptimizer=true /p:MonoLLVMUseCxx11Abi=true timeoutInMinutes: 300 condition: >- From 15609b46427dd0b39f9d5f48dfb16dea257766fe Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Alexander=20K=C3=B6plinger?= Date: Wed, 7 Dec 2022 16:37:49 +0100 Subject: [PATCH 09/13] Use staging x86 docker image --- eng/pipelines/common/templates/pipeline-with-resources.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/eng/pipelines/common/templates/pipeline-with-resources.yml b/eng/pipelines/common/templates/pipeline-with-resources.yml index 6371f176d872d0..faa26fdc47b427 100644 --- a/eng/pipelines/common/templates/pipeline-with-resources.yml +++ b/eng/pipelines/common/templates/pipeline-with-resources.yml @@ -40,7 +40,7 @@ resources: image: mcr.microsoft.com/dotnet-buildtools/prereqs:centos-7 - container: Linux_x86 - image: mcr.microsoft.com/dotnet-buildtools/prereqs:ubuntu-18.04-cross-x86-linux + image: mcr.microsoft.com/dotnet-buildtools/prereqs:ubuntu-18.04-cross-x86-linux-staging env: ROOTFS_DIR: /crossrootfs/x86 From 4b254ffa3ebc05e7cd8e08fcc56569b41180db32 Mon Sep 17 00:00:00 2001 From: Kevin Jones Date: Wed, 7 Dec 2022 11:11:51 -0500 Subject: [PATCH 10/13] Revert "Use staging x86 docker image" This reverts commit 15609b46427dd0b39f9d5f48dfb16dea257766fe. --- eng/pipelines/common/templates/pipeline-with-resources.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/eng/pipelines/common/templates/pipeline-with-resources.yml b/eng/pipelines/common/templates/pipeline-with-resources.yml index faa26fdc47b427..6371f176d872d0 100644 --- a/eng/pipelines/common/templates/pipeline-with-resources.yml +++ b/eng/pipelines/common/templates/pipeline-with-resources.yml @@ -40,7 +40,7 @@ resources: image: mcr.microsoft.com/dotnet-buildtools/prereqs:centos-7 - container: Linux_x86 - image: mcr.microsoft.com/dotnet-buildtools/prereqs:ubuntu-18.04-cross-x86-linux-staging + image: mcr.microsoft.com/dotnet-buildtools/prereqs:ubuntu-18.04-cross-x86-linux env: ROOTFS_DIR: /crossrootfs/x86 From 400ae4c068026bc2f4cb9f91ece45c98d4d2c9e3 Mon Sep 17 00:00:00 2001 From: Kevin Jones Date: Wed, 7 Dec 2022 11:12:13 -0500 Subject: [PATCH 11/13] Revert "Try getting this job to run" This reverts commit 5f747e606c6c9057308c8e2949b2ec06e44102a4. --- eng/pipelines/runtime.yml | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/eng/pipelines/runtime.yml b/eng/pipelines/runtime.yml index 12fa580f7a45b0..b420eb3c9f5209 100644 --- a/eng/pipelines/runtime.yml +++ b/eng/pipelines/runtime.yml @@ -87,6 +87,11 @@ extends: - windows_arm64 jobParameters: testGroup: innerloop + condition: >- + or( + eq(dependencies.evaluate_paths.outputs['SetPathVars_coreclr.containsChange'], true), + eq(dependencies.evaluate_paths.outputs['SetPathVars_runtimetests.containsChange'], true), + eq(variables['isRollingBuild'], true)) # # Build the whole product using GNU compiler toolchain @@ -1127,7 +1132,7 @@ extends: testGroup: innerloop nameSuffix: AllSubsets_Mono_LLVMAot_RuntimeTests runtimeVariant: llvmaot - buildArgs: -s mono+libs+clr.hosts+clr.iltools -c Release /p:MonoEnableLLVM=true /p:MonoBundleLLVMOptimizer=true /p:MonoLLVMUseCxx11Abi=true + buildArgs: -s mono+libs+clr.hosts+clr.iltools -c Release /p:MonoEnableLLVM=true /p:MonoBundleLLVMOptimizer=true /p:MonoLLVMUseCxx11Abi=true timeoutInMinutes: 180 condition: >- @@ -1162,7 +1167,7 @@ extends: testGroup: innerloop nameSuffix: AllSubsets_Mono_LLVMFullAot_RuntimeTests runtimeVariant: llvmfullaot - buildArgs: -s mono+libs+clr.hosts+clr.iltools -c Release /p:MonoEnableLLVM=true /p:MonoBundleLLVMOptimizer=true /p:MonoLLVMUseCxx11Abi=true + buildArgs: -s mono+libs+clr.hosts+clr.iltools -c Release /p:MonoEnableLLVM=true /p:MonoBundleLLVMOptimizer=true /p:MonoLLVMUseCxx11Abi=true timeoutInMinutes: 300 condition: >- From 4678cab564b863348eb27b4678e500b3e002bbd1 Mon Sep 17 00:00:00 2001 From: Kevin Jones Date: Wed, 7 Dec 2022 11:12:49 -0500 Subject: [PATCH 12/13] Revert "Make random change to CLR to get Linux x86 to build" This reverts commit ac463aa0de1ffff386abe722b11a9577dde3dfbe. --- src/coreclr/jit/_typeinfo.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/coreclr/jit/_typeinfo.h b/src/coreclr/jit/_typeinfo.h index 073dceace9beae..e8558ba68b7fee 100644 --- a/src/coreclr/jit/_typeinfo.h +++ b/src/coreclr/jit/_typeinfo.h @@ -4,7 +4,7 @@ /*XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX XX XX -XX _typeInfo XX +XX _typeInfo XX XX XX XX XX XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX From dea7c6401a2c79573c19dd6470a3274a9abac0b8 Mon Sep 17 00:00:00 2001 From: Kevin Jones Date: Wed, 7 Dec 2022 11:13:33 -0500 Subject: [PATCH 13/13] Use error that is present in OpenSSL 1.0.2 --- .../libs/System.Security.Cryptography.Native/pal_evp_pkey.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/native/libs/System.Security.Cryptography.Native/pal_evp_pkey.c b/src/native/libs/System.Security.Cryptography.Native/pal_evp_pkey.c index 1452ea2cb96cbe..30a4ad3d00a09b 100644 --- a/src/native/libs/System.Security.Cryptography.Native/pal_evp_pkey.c +++ b/src/native/libs/System.Security.Cryptography.Native/pal_evp_pkey.c @@ -111,7 +111,7 @@ static bool CheckKey(EVP_PKEY* key, int32_t algId, int32_t (*check_func)(EVP_PKE if (modulus != NULL && BN_is_zero(modulus)) { - ERR_put_error(ERR_LIB_EVP, 0, EVP_R_INVALID_KEY, __FILE__, __LINE__); + ERR_put_error(ERR_LIB_EVP, 0, EVP_R_DECODE_ERROR, __FILE__, __LINE__); return false; } }