Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Loading a PFX with unsupported algorithms reports bad password over unsupported algorithm. #59615

Open
medo64 opened this issue Sep 26, 2021 · 2 comments
Open

Loading a PFX with unsupported algorithms reports bad password over unsupported algorithm. #59615

medo64 opened this issue Sep 26, 2021 · 2 comments
Labels
area-System.Security
Milestone
Future

Comments

@medo64
Copy link
Contributor

medo64 commented Sep 26, 2021

Description

Reading ED25519 certificate under Linux (Ubuntu 21.04) fails with the following exception:

Unhandled exception. System.Security.Cryptography.CryptographicException: The certificate data cannot be read with the provided password, the password may be incorrect.
---> System.Security.Cryptography.CryptographicException: The algorithm identified by '1.3.101.112' is unknown, not valid for the requested usage, or was not handled.
...

However, the same certificate is loaded under Windows without any issue. If equivalent certificate (i.e. all same parameters) is created using RSA, loading works for both Windows and Linux/Ubuntu.

Example application together with the certificate created is included in CertTest.zip. Essentially just creating X509Certificate2 instance is sufficient

_ = new X509Certificate2("test.pfx");

I would expect the certificate that works under Windows to be readable under Linux too. If there's a technical reason why ED25519 certificate wouldn't work under Linux, inner exception text is actually better information than "the password may be incorrect".

Configuration

Working: .NET 6rc1 (Windows x64)
Issue: .NET 6rc1 (Linux Ubuntu 20.04, 21.04 x64)

Other information

Unhandled exception. System.Security.Cryptography.CryptographicException: The certificate data cannot be read with the provided password, the password may be incorrect.
---> System.Security.Cryptography.CryptographicException: The algorithm identified by '1.3.101.112' is unknown, not valid for the requested usage, or was not handled.
at Internal.Cryptography.Pal.OpenSslPkcs12Reader.LoadKey(ReadOnlyMemory`1 pkcs8)
at Internal.Cryptography.Pal.UnixPkcs12Reader.LoadKey(SafeBagAsn safeBag, ReadOnlySpan`1 password)
at Internal.Cryptography.Pal.UnixPkcs12Reader.BuildCertsWithKeys(ReadOnlySpan`1 password, CertBagAsn[] certBags, AttributeAsn[][] certBagAttrs, CertAndKey[] certs, Int32 certBagIdx, SafeBagAsn[] keyBags, RentedSubjectPublicKeyInfo[] publicKeyInfos, AsymmetricAlgorithm[] keys, Int32 keyBagIdx)
at Internal.Cryptography.Pal.UnixPkcs12Reader.Decrypt(ReadOnlySpan`1 password, ReadOnlyMemory`1 authSafeContents)
at Internal.Cryptography.Pal.UnixPkcs12Reader.VerifyAndDecrypt(ReadOnlySpan`1 password, ReadOnlyMemory`1 authSafeContents)
at Internal.Cryptography.Pal.UnixPkcs12Reader.Decrypt(SafePasswordHandle password, Boolean ephemeralSpecified)
--- End of inner exception stack trace ---
at Internal.Cryptography.Pal.UnixPkcs12Reader.Decrypt(SafePasswordHandle password, Boolean ephemeralSpecified)
at Internal.Cryptography.Pal.PkcsFormatReader.TryReadPkcs12(OpenSslPkcs12Reader pfx, SafePasswordHandle password, Boolean single, Boolean ephemeralSpecified, ICertificatePal& readPal, List`1& readCerts)
at Internal.Cryptography.Pal.PkcsFormatReader.TryReadPkcs12(ReadOnlySpan`1 rawData, SafePasswordHandle password, Boolean single, Boolean ephemeralSpecified, ICertificatePal& readPal, List`1& readCerts, Exception& openSslException)
at Internal.Cryptography.Pal.OpenSslX509CertificateReader.FromFile(String fileName, SafePasswordHandle password, X509KeyStorageFlags keyStorageFlags)
at System.Security.Cryptography.X509Certificates.X509Certificate..ctor(String fileName, String password, X509KeyStorageFlags keyStorageFlags)
at System.Security.Cryptography.X509Certificates.X509Certificate2..ctor(String fileName)
at Program.<Main>$(String[] args) in Program.cs:line 4
@dotnet-issue-labeler dotnet-issue-labeler bot added area-System.Security untriaged New issue has not been triaged by the area owner labels Sep 26, 2021
@ghost
Copy link

ghost commented Sep 26, 2021

Tagging subscribers to this area: @bartonjs, @vcsjones, @krwq, @GrabYourPitchforks
See info in area-owners.md if you want to be subscribed.

Issue Details

Description

Reading ED25519 certificate under Linux (Ubuntu 21.04) fails with the following exception:

Unhandled exception. System.Security.Cryptography.CryptographicException: The certificate data cannot be read with the provided password, the password may be incorrect.
---> System.Security.Cryptography.CryptographicException: The algorithm identified by '1.3.101.112' is unknown, not valid for the requested usage, or was not handled.
...

However, the same certificate is loaded under Windows without any issue. If equivalent certificate (i.e. all same parameters) is created using RSA, loading works for both Windows and Linux/Ubuntu.

Example application together with the certificate created is included in CertTest.zip. Essentially just creating X509Certificate2 instance is sufficient

_ = new X509Certificate2("test.pfx");

I would expect the certificate that works under Windows to be readable under Linux too. If there's a technical reason why ED25519 certificate wouldn't work under Linux, inner exception text is actually better information than "the password may be incorrect".

Configuration

Working: .NET 6rc1 (Windows x64)
Issue: .NET 6rc1 (Linux Ubuntu 20.04, 21.04 x64)

Other information

Unhandled exception. System.Security.Cryptography.CryptographicException: The certificate data cannot be read with the provided password, the password may be incorrect.
---> System.Security.Cryptography.CryptographicException: The algorithm identified by '1.3.101.112' is unknown, not valid for the requested usage, or was not handled.
at Internal.Cryptography.Pal.OpenSslPkcs12Reader.LoadKey(ReadOnlyMemory`1 pkcs8)
at Internal.Cryptography.Pal.UnixPkcs12Reader.LoadKey(SafeBagAsn safeBag, ReadOnlySpan`1 password)
at Internal.Cryptography.Pal.UnixPkcs12Reader.BuildCertsWithKeys(ReadOnlySpan`1 password, CertBagAsn[] certBags, AttributeAsn[][] certBagAttrs, CertAndKey[] certs, Int32 certBagIdx, SafeBagAsn[] keyBags, RentedSubjectPublicKeyInfo[] publicKeyInfos, AsymmetricAlgorithm[] keys, Int32 keyBagIdx)
at Internal.Cryptography.Pal.UnixPkcs12Reader.Decrypt(ReadOnlySpan`1 password, ReadOnlyMemory`1 authSafeContents)
at Internal.Cryptography.Pal.UnixPkcs12Reader.VerifyAndDecrypt(ReadOnlySpan`1 password, ReadOnlyMemory`1 authSafeContents)
at Internal.Cryptography.Pal.UnixPkcs12Reader.Decrypt(SafePasswordHandle password, Boolean ephemeralSpecified)
--- End of inner exception stack trace ---
at Internal.Cryptography.Pal.UnixPkcs12Reader.Decrypt(SafePasswordHandle password, Boolean ephemeralSpecified)
at Internal.Cryptography.Pal.PkcsFormatReader.TryReadPkcs12(OpenSslPkcs12Reader pfx, SafePasswordHandle password, Boolean single, Boolean ephemeralSpecified, ICertificatePal& readPal, List`1& readCerts)
at Internal.Cryptography.Pal.PkcsFormatReader.TryReadPkcs12(ReadOnlySpan`1 rawData, SafePasswordHandle password, Boolean single, Boolean ephemeralSpecified, ICertificatePal& readPal, List`1& readCerts, Exception& openSslException)
at Internal.Cryptography.Pal.OpenSslX509CertificateReader.FromFile(String fileName, SafePasswordHandle password, X509KeyStorageFlags keyStorageFlags)
at System.Security.Cryptography.X509Certificates.X509Certificate..ctor(String fileName, String password, X509KeyStorageFlags keyStorageFlags)
at System.Security.Cryptography.X509Certificates.X509Certificate2..ctor(String fileName)
at Program.<Main>$(String[] args) in Program.cs:line 4
Author: medo64
Assignees: -
Labels:

area-System.Security, untriaged
Milestone: -

@vcsjones
Copy link
Member

Yeah, Ed25519 certificates are not really "supported" in the sense that we have appropriate APIs to deal with Ed25519 keys. Though HasPrivateKey returns true, there is no capacity to get and use the private key in a meaningful way.

#46513 is a similar issue that tracks adding Ed25519 / EdDSA support.

inner exception text is actually better information than "the password may be incorrect".

Yeah, the message tries to be as clear as possible with "may be incorrect" since that is the most common reason for a PKCS12 to fail to load.

Maybe we can improve this specific scenario a bit to make the error more clear, we know the PKCS12 failed to load for a reason other than an MAC issue.

@bartonjs bartonjs removed the untriaged New issue has not been triaged by the area owner label Oct 1, 2021
@bartonjs bartonjs added this to the Future milestone Oct 1, 2021
@bartonjs bartonjs changed the title .NET 6rc1: The certificate data cannot be read with the provided password, the password may be incorrect. Loading a PFX with unsupported algorithms reports bad password over unsupported algorithm. Oct 1, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
area-System.Security
Projects
None yet
Milestone
Future
Development

No branches or pull requests
3 participants
@vcsjones @medo64 @bartonjs