Skip to content

Investigate if RSA issue can happen with ECDSA/ECDH on OpenSSL < 3.0 #105175

New issue
New issue
Closed
#106397
Closed
Investigate if RSA issue can happen with ECDSA/ECDH on OpenSSL < 3.0#105175
#106397
Assignees
krwq
Labels
area-System.Securityblocking-releasein-prThere is an active PR which will close this issue when it is merged
Milestone
9.0.0
@krwq

Description

@krwq
krwq
opened on Jul 20, 2024

In #104961 we've changed OpenSSL implementation of ECDsa and ECDH to be similar to RSA. RSA implementation had a workaround for OpenSSL issue which occurs only on some low versions of OpenSSL and it requires us checking if key is a private key explicitly rather than relying on OpenSSL API. See: #53345 (comment) - we've added HasNoPrivateKey check in the Sign/Decrypt operations.

We need to verify if:

  • is that code still needed (i.e. has OpenSSL fixed the bug)
  • do we need similar check in ECDSA/ECDH? (the most likely answer is "no" but we need to confirm)

As part of this it would be good to add provider test cases as suggested per #104961 (review)

Metadata

Metadata

Assignees

Labels

area-System.Securityblocking-releasein-prThere is an active PR which will close this issue when it is merged

Type

No type

Projects

No projects

Milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions