runtime icon indicating copy to clipboard operation
runtime copied to clipboard
verified publisher icon dotnet

Test failure in DecryptEnvelopedOctetStringWithExtraData (linux x64)

Open sbomer opened this issue 2 years ago • 3 comments

Build Information

Build: https://dev.azure.com/dnceng-public/cbb18261-c48f-4abb-8651-8cdcb5474649/_build/results?buildId=452229 Build error leg or test failing: System.Security.Cryptography.Pkcs.EnvelopedCmsTests.Tests.DecryptTestsRsaPaddingMode.DecryptEnvelopedOctetStringWithExtraData Pull request: https://github.com/dotnet/runtime/pull/94060

Error Message

Fill the error message using step by step known issues guidance.

{
  "ErrorMessage": "",
  "ErrorPattern": "error:03000072:digital envelope routines::decode error",
  "BuildRetry": false,
  "ExcludeConsoleLog": false
}

Interop+Crypto+OpenSslCryptographicException : error:03000072:digital envelope routines::decode error

   at Interop.Crypto.DecodeSubjectPublicKeyInfo(ReadOnlySpan`1 source, EvpAlgorithmId algorithmId) in /_/src/libraries/Common/src/Interop/Unix/System.Security.Cryptography.Native/Interop.EvpPkey.cs:line 76
   at System.Security.Cryptography.RSAOpenSsl.ImportSubjectPublicKeyInfo(ReadOnlySpan`1 source, Boolean checkAlgorithm, Int32& bytesRead) in /_/src/libraries/Common/src/System/Security/Cryptography/RSAOpenSsl.cs:line 544
   at System.Security.Cryptography.RSAOpenSsl.ImportRSAPublicKey(ReadOnlySpan`1 source, Int32& bytesRead) in /_/src/libraries/Common/src/System/Security/Cryptography/RSAOpenSsl.cs:line 509
   at System.Security.Cryptography.X509Certificates.OpenSslX509Encoder.BuildRsaPublicKey(Byte[] encodedData) in /_/src/libraries/System.Security.Cryptography/src/System/Security/Cryptography/X509Certificates/OpenSslX509Encoder.cs:line 269
   at System.Security.Cryptography.X509Certificates.OpenSslX509Encoder.DecodePublicKey(Oid oid, Byte[] encodedKeyValue, Byte[] encodedParameters, ICertificatePal certificatePal) in /_/src/libraries/System.Security.Cryptography/src/System/Security/Cryptography/X509Certificates/OpenSslX509Encoder.cs:line 36
   at System.Security.Cryptography.X509Certificates.CertificateExtensionsCommon.GetPublicKey[T](X509Certificate2 certificate, Predicate`1 matchesConstraints) in /_/src/libraries/System.Security.Cryptography/src/System/Security/Cryptography/X509Certificates/CertificateExtensionsCommon.cs:line 31
   at System.Security.Cryptography.X509Certificates.RSACertificateExtensions.GetRSAPublicKey(X509Certificate2 certificate) in /_/src/libraries/System.Security.Cryptography/src/System/Security/Cryptography/X509Certificates/RSACertificateExtensions.cs:line 19
   at Internal.Cryptography.Pal.AnyOS.ManagedPkcsPal.MakeKtri(Byte[] cek, CmsRecipient recipient, Boolean& v0Recipient) in /_/src/libraries/System.Security.Cryptography.Pkcs/src/Internal/Cryptography/Pal/AnyOS/ManagedPal.KeyTrans.cs:line 171
   at Internal.Cryptography.Pal.AnyOS.ManagedPkcsPal.Encrypt(CmsRecipientCollection recipients, ContentInfo contentInfo, AlgorithmIdentifier contentEncryptionAlgorithm, X509Certificate2Collection originatorCerts, CryptographicAttributeObjectCollection unprotectedAttributes, Byte[] encryptedContent, Byte[] cek, Byte[] parameterBytes) in /_/src/libraries/System.Security.Cryptography.Pkcs/src/Internal/Cryptography/Pal/AnyOS/ManagedPal.Encrypt.cs:line 112
   at Internal.Cryptography.Pal.AnyOS.ManagedPkcsPal.Encrypt(CmsRecipientCollection recipients, ContentInfo contentInfo, AlgorithmIdentifier contentEncryptionAlgorithm, X509Certificate2Collection originatorCerts, CryptographicAttributeObjectCollection unprotectedAttributes) in /_/src/libraries/System.Security.Cryptography.Pkcs/src/Internal/Cryptography/Pal/AnyOS/ManagedPal.Encrypt.cs:line 36
   at System.Security.Cryptography.Pkcs.EnvelopedCms.Encrypt(CmsRecipientCollection recipients) in /_/src/libraries/System.Security.Cryptography.Pkcs/src/System/Security/Cryptography/Pkcs/EnvelopedCms.cs:line 117
   at System.Security.Cryptography.Pkcs.EnvelopedCms.Encrypt(CmsRecipient recipient) in /_/src/libraries/System.Security.Cryptography.Pkcs/src/System/Security/Cryptography/Pkcs/EnvelopedCms.cs:line 98
   at System.Security.Cryptography.Pkcs.EnvelopedCmsTests.Tests.DecryptTests.TestSimpleDecrypt_RoundTrip(CertLoader certLoader, ContentInfo contentInfo, String algorithmOidValue, SubjectIdentifierType type, ContentInfo expectedContentInfo) in /_/src/libraries/System.Security.Cryptography.Pkcs/tests/EnvelopedCms/DecryptTests.cs:line 818
   at System.Security.Cryptography.Pkcs.EnvelopedCmsTests.Tests.DecryptTests.DecryptEnvelopedOctetStringWithExtraData() in /_/src/libraries/System.Security.Cryptography.Pkcs/tests/EnvelopedCms/DecryptTests.cs:line 765
   at System.RuntimeMethodHandle.InvokeMethod(Object target, Void** arguments, Signature sig, Boolean isConstructor)
   at System.Reflection.MethodBaseInvoker.InterpretedInvoke_Method(Object obj, IntPtr* args) in /_/src/c

Known issue validation

Build: :mag_right: https://dev.azure.com/dnceng-public/public/_build/results?buildId=452229 Error message validated: error:03000072:digital envelope routines::decode error Result validation: :white_check_mark: Known issue matched with the provided build. Validation performed at: 10/26/2023 8:33:34 PM UTC

Report

Build Definition Test Pull Request
528309 dotnet/runtime System.Security.Cryptography.Pkcs.EnvelopedCmsTests.Tests.UnprotectedAttributeTests.TestUnprotectedAttributes_AlwaysReturnsPkcs9AttributeObject dotnet/runtime#96995

Summary

24-Hour Hit Count 7-Day Hit Count 1-Month Count
0 0 1

sbomer avatar Oct 26 '23 20:10 sbomer

Tagging subscribers to this area: @dotnet/area-system-security, @bartonjs, @vcsjones See info in area-owners.md if you want to be subscribed.

Issue Details

Build Information

Build: https://dev.azure.com/dnceng-public/cbb18261-c48f-4abb-8651-8cdcb5474649/_build/results?buildId=452229 Build error leg or test failing: System.Security.Cryptography.Pkcs.EnvelopedCmsTests.Tests.DecryptTestsRsaPaddingMode.DecryptEnvelopedOctetStringWithExtraData Pull request: https://github.com/dotnet/runtime/pull/94060

Error Message

Fill the error message using step by step known issues guidance.

{
  "ErrorMessage": "",
  "ErrorPattern": "error:03000072:digital envelope routines::decode error",
  "BuildRetry": false,
  "ExcludeConsoleLog": false
}

Interop+Crypto+OpenSslCryptographicException : error:03000072:digital envelope routines::decode error

   at Interop.Crypto.DecodeSubjectPublicKeyInfo(ReadOnlySpan`1 source, EvpAlgorithmId algorithmId) in /_/src/libraries/Common/src/Interop/Unix/System.Security.Cryptography.Native/Interop.EvpPkey.cs:line 76
   at System.Security.Cryptography.RSAOpenSsl.ImportSubjectPublicKeyInfo(ReadOnlySpan`1 source, Boolean checkAlgorithm, Int32& bytesRead) in /_/src/libraries/Common/src/System/Security/Cryptography/RSAOpenSsl.cs:line 544
   at System.Security.Cryptography.RSAOpenSsl.ImportRSAPublicKey(ReadOnlySpan`1 source, Int32& bytesRead) in /_/src/libraries/Common/src/System/Security/Cryptography/RSAOpenSsl.cs:line 509
   at System.Security.Cryptography.X509Certificates.OpenSslX509Encoder.BuildRsaPublicKey(Byte[] encodedData) in /_/src/libraries/System.Security.Cryptography/src/System/Security/Cryptography/X509Certificates/OpenSslX509Encoder.cs:line 269
   at System.Security.Cryptography.X509Certificates.OpenSslX509Encoder.DecodePublicKey(Oid oid, Byte[] encodedKeyValue, Byte[] encodedParameters, ICertificatePal certificatePal) in /_/src/libraries/System.Security.Cryptography/src/System/Security/Cryptography/X509Certificates/OpenSslX509Encoder.cs:line 36
   at System.Security.Cryptography.X509Certificates.CertificateExtensionsCommon.GetPublicKey[T](X509Certificate2 certificate, Predicate`1 matchesConstraints) in /_/src/libraries/System.Security.Cryptography/src/System/Security/Cryptography/X509Certificates/CertificateExtensionsCommon.cs:line 31
   at System.Security.Cryptography.X509Certificates.RSACertificateExtensions.GetRSAPublicKey(X509Certificate2 certificate) in /_/src/libraries/System.Security.Cryptography/src/System/Security/Cryptography/X509Certificates/RSACertificateExtensions.cs:line 19
   at Internal.Cryptography.Pal.AnyOS.ManagedPkcsPal.MakeKtri(Byte[] cek, CmsRecipient recipient, Boolean& v0Recipient) in /_/src/libraries/System.Security.Cryptography.Pkcs/src/Internal/Cryptography/Pal/AnyOS/ManagedPal.KeyTrans.cs:line 171
   at Internal.Cryptography.Pal.AnyOS.ManagedPkcsPal.Encrypt(CmsRecipientCollection recipients, ContentInfo contentInfo, AlgorithmIdentifier contentEncryptionAlgorithm, X509Certificate2Collection originatorCerts, CryptographicAttributeObjectCollection unprotectedAttributes, Byte[] encryptedContent, Byte[] cek, Byte[] parameterBytes) in /_/src/libraries/System.Security.Cryptography.Pkcs/src/Internal/Cryptography/Pal/AnyOS/ManagedPal.Encrypt.cs:line 112
   at Internal.Cryptography.Pal.AnyOS.ManagedPkcsPal.Encrypt(CmsRecipientCollection recipients, ContentInfo contentInfo, AlgorithmIdentifier contentEncryptionAlgorithm, X509Certificate2Collection originatorCerts, CryptographicAttributeObjectCollection unprotectedAttributes) in /_/src/libraries/System.Security.Cryptography.Pkcs/src/Internal/Cryptography/Pal/AnyOS/ManagedPal.Encrypt.cs:line 36
   at System.Security.Cryptography.Pkcs.EnvelopedCms.Encrypt(CmsRecipientCollection recipients) in /_/src/libraries/System.Security.Cryptography.Pkcs/src/System/Security/Cryptography/Pkcs/EnvelopedCms.cs:line 117
   at System.Security.Cryptography.Pkcs.EnvelopedCms.Encrypt(CmsRecipient recipient) in /_/src/libraries/System.Security.Cryptography.Pkcs/src/System/Security/Cryptography/Pkcs/EnvelopedCms.cs:line 98
   at System.Security.Cryptography.Pkcs.EnvelopedCmsTests.Tests.DecryptTests.TestSimpleDecrypt_RoundTrip(CertLoader certLoader, ContentInfo contentInfo, String algorithmOidValue, SubjectIdentifierType type, ContentInfo expectedContentInfo) in /_/src/libraries/System.Security.Cryptography.Pkcs/tests/EnvelopedCms/DecryptTests.cs:line 818
   at System.Security.Cryptography.Pkcs.EnvelopedCmsTests.Tests.DecryptTests.DecryptEnvelopedOctetStringWithExtraData() in /_/src/libraries/System.Security.Cryptography.Pkcs/tests/EnvelopedCms/DecryptTests.cs:line 765
   at System.RuntimeMethodHandle.InvokeMethod(Object target, Void** arguments, Signature sig, Boolean isConstructor)
   at System.Reflection.MethodBaseInvoker.InterpretedInvoke_Method(Object obj, IntPtr* args) in /_/src/c
Author: sbomer
Assignees: -
Labels:

area-System.Security, blocking-clean-ci, Known Build Error
Milestone: -

ghost avatar Oct 26 '23 20:10 ghost

Same as https://github.com/dotnet/runtime/issues/64816, seems to be intermittent and coming from d2i_PUBKEY.

jozkee avatar Nov 01 '23 19:11 jozkee

Added this to the 9.0.0 milestone because of the frequency

jeffhandley avatar Nov 17 '23 01:11 jeffhandley

removing blocking-clean-ci as it has not been hit in 30 days

24-Hour Hit Count 7-Day Hit Count 1-Month Count
0 0 0

jeffschwMSFT avatar Feb 16 '24 18:02 jeffschwMSFT

I am going to close this out. I cannot reproduce it, and it does not look like this has failed in CI a few months.

vcsjones avatar Jul 03 '24 14:07 vcsjones