Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[release/9.0] Permit unencrypted key exports from CNG #109134

Merged
merged 6 commits into from
Oct 23, 2024
Merged

[release/9.0] Permit unencrypted key exports from CNG #109134

merged 6 commits into from
Oct 23, 2024
+471 −66

Conversation

github-actions[bot]
Copy link
Contributor

@github-actions github-actions bot commented Oct 22, 2024
edited by bartonjs
Loading

Backport of #109119 to release/9.0

/cc @vcsjones

Customer Impact

  • Customer reported
  • Found internally

Reported by a customer at #109059.

Customers that upgrade to .NET 9 may receive a CryptographicException: The requested operation is not supported. exception when exporting a private key from a certificate on Windows.

This is because certificate loading on .NET 9 changed to prefer using CNG instead of CSP for the private key storage when no storage engine is specified in the PKCS#12/PFX. When a PKCS#12 is imported into the CNG provider, it is set to only permit encrypted exports. Most of the .NET APIs that expose the private key are not encrypted, so the private key is effectively not exportable.

Regression

  • Yes
  • No

Yes. This regression was introduced by #107005.

Testing

  • How was the fix verified?

Customer provided steps to reproduce which allowed us to add thorough unit tests. The tests are added in this pull request to prevent future regressions. Existing tests cover existing scenarios, and this is a generally well-tested area.

Risk

Process: Medium

CredScan or other release validation tooling might get angry at the particulars of how we're doing it. We have tried to run the tools on this change already, and they passed; but that doesn't mean we won't get "surprised" post-merge.

Functional: Low

Tests say that existing scenarios where the export routines work (as of 9 RC2) still work, and the new tests say that the PFX-based ones work, too. So functional regression risk is low.

The worst abstract risk is that the if is wrong and we run all exports through the complicated path when the simple one would work. That makes the routines slower, but they still function.

Sorry, something went wrong.

@vcsjones
Permit unencrypted key exports from CNG.
Loading
Loading status checks…
88d93da 
CNG, by default, loads PKCS#12 certificate private keys as "AllowExport", not "AllowsPlaintextExport". When users attempt to export the private key from a loaded PKCS#12, they will receive an error that the operation is not permitted because they are expected to perform an encrypted export.

This is counter-intuitive to some people, as the general expectation is that they can export private keys they just loaded. Starting in .NET 9, we are loading more PKCS#12 private keys in CNG instead of the legacy CSP, meaning users will hit this problem more. This is also a regression from .NET 8. The default provider changed, meaning keys that were once exportable no longer are.

This pull request makes a change similar to what we do for macOS. If a user asks for an unencrypted export of the private key, and the key does not permit that, we will ask CNG for an encrypted export of the private key and decrypt it for them. This makes the unencrypted exports "just work", as they do on other platforms.
@vcsjones
Skip explicit curve tests on platforms that do not support explicit c…
Loading
Loading status checks…
bc363c4 
…urves
@vcsjones
Fix property name to make sense to people other than me
69323ec
@vcsjones
Apply fix to ECDH and DSA
dbe65a7
@vcsjones
Fix tests
ae0da8c
@vcsjones
Code review feedback
bbb711d
@dotnet-policy-service Dotnet Policy Service
Copy link
Contributor

Tagging subscribers to this area: @dotnet/area-system-security, @bartonjs, @vcsjones
See info in area-owners.md if you want to be subscribed.

@bartonjs bartonjs added the cryptographic-docs-impact Issues impacting cryptographic docs. Cleared and reused after documentation is updated each release. label Oct 22, 2024
@vcsjones vcsjones added this to the 9.0.0 milestone Oct 22, 2024
@vcsjones vcsjones requested a review from bartonjs October 22, 2024 23:53
@bartonjs bartonjs added the Servicing-consider Issue for next servicing release review label Oct 23, 2024
@jeffhandley jeffhandley added Servicing-approved Approved for servicing release and removed Servicing-consider Issue for next servicing release review labels Oct 23, 2024
@jeffhandley jeffhandley merged commit 2b46f3a into release/9.0 Oct 23, 2024
85 of 92 checks passed
@jeffhandley jeffhandley deleted the backport/pr-109119-to-release/9.0 branch October 23, 2024 01:52
@vcsjones vcsjones mentioned this pull request Oct 23, 2024
Closed
@bartonjs bartonjs added the tracking This issue is tracking the completion of other related issues. label Oct 29, 2024
@github-actions github-actions bot locked and limited conversation to collaborators Nov 29, 2024
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@jeffhandley jeffhandley

@bartonjs bartonjs

Assignees
No one assigned
Labels
area-System.Security cryptographic-docs-impact Issues impacting cryptographic docs. Cleared and reused after documentation is updated each release. Servicing-approved Approved for servicing release tracking This issue is tracking the completion of other related issues.
Projects
None yet
Milestone
9.0.0
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@jeffhandley @bartonjs @vcsjones