Handle zero value modulus for OpenSSL 1.1

[vcsjones]

This reverts the revert. Original PR.

This PR introduces a check when importing an RSA public key that the modulus is not zero. For OpenSSL 1.1, the import succeeded and later fails at key usage time with a less-than-helpful error. This check brings consistency with other platforms, where a zero modulus fails at key import time.

@akoeplinger can you please point me to a pipeline run that reproduces the failure you observed?

Fixes #78293

[ghost]

Tagging subscribers to this area: @dotnet/area-system-security, @vcsjones
See info in area-owners.md if you want to be subscribed.

Issue Details

---

This reverts the revert. Original PR.

This PR introduces a check when importing an RSA public key that the modulus is not zero. For OpenSSL 1.1, the import succeeded and later fails at key usage time with a less-than-helpful error. This check brings consistency with other platforms, where a zero modulus fails at key import time.

@akoeplinger can you please point me to a pipeline run that reproduces the failure you observed?

Author:	vcsjones
Assignees:	-
Labels:	area-System.Security
Milestone:	-

[vcsjones]

/azp list

[azure-pipelines]

CI/CD Pipelines for this repository:

• runtime-coreclr outerloop
• runtime-coreclr jitstress
• runtime-coreclr jitstressregs
• runtime-coreclr jitstress2-jitstressregs
• runtime-coreclr gcstress0x3-gcstress0xc
• runtime-coreclr gcstress-extra
• runtime-coreclr r2r-extra
• runtime-coreclr jitstress-isas-x86
• runtime-coreclr jitstress-isas-arm
• runtime-coreclr jitstressregs-x86
• runtime-coreclr libraries-jitstressregs
• runtime-coreclr libraries-jitstress2-jitstressregs
• runtime-coreclr r2r
• runtime-coreclr runincontext
• runtime-coreclr crossgen2
• runtime-libraries-coreclr outerloop
• runtime-libraries-coreclr outerloop-windows
• runtime-libraries-coreclr outerloop-linux
• runtime-libraries-coreclr outerloop-osx
• runtime
• runtime-libraries enterprise-linux
• runtime-libraries stress-http
• runtime-libraries stress-ssl
• runtime-dev-innerloop
• runtime-coreclr crossgen2 outerloop
• coreclr-release-outerloop-nightly
• runtime-coreclr crossgen2-composite
• runtime-jit-experimental
• runtime-coreclr libraries-jitstress
• dotnet-linker-tests
• runtime-coreclr ilasm
• runtime-coreclr crossgen2-composite gcstress
• runtime-staging
• runtime-coreclr pgo
• runtime-coreclr libraries-pgo
• Antigen
• runtime-community
• Fuzzlyn
• runtime-coreclr superpmi-replay
• runtime-wasm
• runtime-coreclr superpmi-diffs
• runtime-coreclr superpmi-asmdiffs-checked-release
• runtime-extra-platforms
• jit-cfg
• runtime-wasm-perf
• runtime-llvm
• runtime-coreclr jitstress-random
• runtime-coreclr libraries-jitstress-random
• runtime-android-grpc-client-tests
• runtime-wasm-libtests
• runtime-wasm-non-libtests
• runtime-android
• runtime-androidemulator
• runtime-ioslike
• runtime-ioslikesimulator
• runtime-linuxbionic
• runtime-maccatalyst
• runtime-coreclr pgostress
• runtime-coreclr jitstress-isas-avx512
• runtime-tools-tests

[akoeplinger]

@akoeplinger can you please point me to a pipeline run that reproduces the failure you observed?

Sorry for the late reply, the coreclr change you made should've triggered the job due to the condition in

runtime/eng/pipelines/runtime.yml

Line 75 in 2b1d11d

- Linux_x86

but looks like it didn't? Can you try removing the condition there and see if that triggers it?

[akoeplinger]

The log says

-- Found OpenSSL: /crossrootfs/x86/usr/lib/i386-linux-gnu/libcrypto.so (found version "1.0.2g")  

and from what I can find the additional key was introduced in 1.0.2k so that at least explains why we're not finding it. I think we get the old package somehow for the cross root.

[akoeplinger]

I think I figured it out: in https://github.com/dotnet/dotnet-buildtools-prereqs-docker/blob/a5a8882abc169ebbd30e01ee58c1fbd578affa80/src/ubuntu/18.04/cross/x86-linux/hooks/pre-build#LL5C3-L5C3 we're passing linux to the script which builds the rootfs, but we should be passing bionic (all other architectures do this).

This means that the build-rootfs.sh script defaults to Ubuntu 16.04 xenial, which indeed only got 1.0.2g as the last openssl:

openssl (1.0.2g-1ubuntu4.19) [security]

I'll send a PR to fix the Docker container. This shouldn't have any impact on the actual product since we don't officially support Linux x86: #7335

[akoeplinger]

Btw. do we need to do something about the mismatching value that @bartonjs noticed in #78339 (comment) ?

[vcsjones]

@akoeplinger for what it's worth, I need to fix my PR to work against 1.0.2g (and prior) since 1.0.2 is still supported. I apparently looked at the latest 1.0.2 and not 1.0.2a.

[akoeplinger]

I pushed a change to use the staging Docker image tag which includes my change just to verify the issue is fixed, please feel free to revert it when you push your other changes.

[vcsjones]

@bartonjs okay. I settled on EVP_R_DECODE_ERROR since that one is close (enough IMO) for this particular corner case. It is present and has a value of 114 across all versions of OpenSSL.

[mmitche]

@vcsjones This change appears to have broken non-portable source-build:

https://dev.azure.com/dnceng-public/public/_build/results?buildId=104986&view=logs&j=98fdc254-13b3-5066-1dc8-532bea57cf83&t=c190c1e6-3d1f-5d73-3da0-0491dc0df66b

/cc @MichaelSimons

[vcsjones]

@mmitche @MichaelSimons I have a draft change that I believe will fix this, just working on validating it locally first. Apologies for the trouble.