Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[release/6.0-staging] Manually depad RSAES-PKCS1 on Apple OSes #98465

Merged
merged 2 commits into from
Feb 15, 2024
Merged

[release/6.0-staging] Manually depad RSAES-PKCS1 on Apple OSes #98465

merged 2 commits into from
Feb 15, 2024

Conversation

bartonjs
Copy link
Member

Manual backport of #97738 to release/6.0-staging

Customer Impact

  • Customer reported
  • Found internally

Apple macOS 14.3 and Apple iOS/iPadOS 17.3 have applied a variant of the OpenSSL 3.2 "implicit rejection" feature where rather than reporting a decryption failure for RSAEncryptionPadding.Pkcs1 they report success and return random data. As with the similar change on Linux, this change breaks routines which depend on the failure for correctness.

Regression

  • Yes
  • No
  • OS Behavior Change

Apple macOS 14.3 and Apple iOS/iPadOS 17.3 have made this change intentionally, but this manifests as a functional regression in .NET applications depending on the current behavior.

Testing

This OS regression was caught by existing tests. New tests have also been added to verify the full reliability of the fix.

Risk

Low. The fix is in an area that we already have test coverage.

@bartonjs bartonjs added Servicing-approved Approved for servicing release area-System.Security labels Feb 14, 2024
@bartonjs bartonjs added this to the 6.0.x milestone Feb 14, 2024
@bartonjs bartonjs self-assigned this Feb 14, 2024
@ghost
Copy link

ghost commented Feb 14, 2024

Tagging subscribers to this area: @dotnet/area-system-security, @bartonjs, @vcsjones
See info in area-owners.md if you want to be subscribed.

Issue Details

Manual backport of #97738 to release/6.0-staging

Customer Impact

  • Customer reported
  • Found internally

Apple macOS 14.3 and Apple iOS/iPadOS 17.3 have applied a variant of the OpenSSL 3.2 "implicit rejection" feature where rather than reporting a decryption failure for RSAEncryptionPadding.Pkcs1 they report success and return random data. As with the similar change on Linux, this change breaks routines which depend on the failure for correctness.

Regression

  • Yes
  • No
  • OS Behavior Change

Apple macOS 14.3 and Apple iOS/iPadOS 17.3 have made this change intentionally, but this manifests as a functional regression in .NET applications depending on the current behavior.

Testing

This OS regression was caught by existing tests. New tests have also been added to verify the full reliability of the fix.

Risk

Low. The fix is in an area that we already have test coverage.

Author: bartonjs
Assignees: bartonjs
Labels:

Servicing-approved, area-System.Security
Milestone: 6.0.x

@bartonjs bartonjs merged commit f25b769 into dotnet:release/6.0-staging Feb 15, 2024
125 checks passed
@bartonjs bartonjs deleted the apple_pkcs1_rel6 branch February 15, 2024 21:31
@vcsjones vcsjones mentioned this pull request Mar 13, 2024
Merged
@github-actions github-actions bot locked and limited conversation to collaborators Mar 17, 2024
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@vcsjones vcsjones vcsjones approved these changes

Assignees

@bartonjs bartonjs

Labels
area-System.Security Servicing-approved Approved for servicing release
Projects
None yet
Milestone
6.0.x
Development

Successfully merging this pull request may close these issues.
2 participants
@bartonjs @vcsjones