Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

System.Security.Cryptography.Pkcs.Tests.Pkcs12.ShroudedKeyBagTests.BuildWithBytesFactoryReadDirect failing in CI #32228

Closed
ViktorHofer opened this issue Feb 13, 2020 · 4 comments
Labels
area-System.Security untriaged New issue has not been triaged by the area owner

Comments

@ViktorHofer
Copy link
Member

Configuration: netcoreapp5.0-Windows_NT-Debug-x64-CoreCLR_release-(Windows.Nano.1809.Amd64.Open)[email protected]/dotnet-buildtools/prereqs:nanoserver-1809-helix-amd64-08e8e40-20200107182504

Internal.Cryptography.CryptoThrowHelper+WindowsCryptographicException : Unknown error (0xc0000001)
  at Internal.Cryptography.CngCommon.TrySignHash(SafeNCryptKeyHandle keyHandle, ReadOnlySpan`1 hash, Span`1 signature, AsymmetricPaddingMode paddingMode, Void* pPaddingInfo, Int32& bytesWritten) in /_/src/libraries/Common/src/Internal/Cryptography/CngCommon.SignVerify.cs:line 81
   at System.Security.Cryptography.RSAImplementation.RSACng.TrySignHash(ReadOnlySpan`1 hash, Span`1 destination, HashAlgorithmName hashAlgorithm, RSASignaturePadding padding, Int32& bytesWritten) in /_/src/libraries/Common/src/System/Security/Cryptography/RSACng.SignVerify.cs:line 127
   at System.Security.Cryptography.RSA.TrySignData(ReadOnlySpan`1 data, Span`1 destination, HashAlgorithmName hashAlgorithm, RSASignaturePadding padding, Int32& bytesWritten) in /_/src/libraries/System.Security.Cryptography.Algorithms/src/System/Security/Cryptography/RSA.cs:line 202
   at System.Security.Cryptography.Pkcs.Tests.Pkcs12.ShroudedKeyBagTests.BuildWithBytesFactoryReadDirect() in /_/src/libraries/System.Security.Cryptography.Pkcs/tests/Pkcs12/ShroudedKeyBagTests.cs:line 78

cc @bartonjs

@AriNuer
Copy link

AriNuer commented Mar 6, 2020

Test System.Security.Cryptography.X509Certificates.Tests.RevocationTests.DynamicRevocationTests.RevokeEndEntity(pkiOptions: IssuerRevocationViaCrl | AllEndEntityRevocation) failed with same Unknown error (0xc0000001)
Job:
runtime-libraries outerloop:20200305.1

Error message:
Internal.Cryptography.CryptoThrowHelper+WindowsCryptographicException : Unknown error (0xc0000001)

Stack trace:

 at Internal.Cryptography.CngCommon.SignHash(SafeNCryptKeyHandle keyHandle, ReadOnlySpan`1 hash, AsymmetricPaddingMode paddingMode, Void* pPaddingInfo, Int32 estimatedSize) in /_/src/libraries/Common/src/Internal/Cryptography/CngCommon.SignVerify.cs:line 45
   at System.Security.Cryptography.RSACng.SignHash(Byte[] hash, HashAlgorithmName hashAlgorithm, RSASignaturePadding padding) in /_/src/libraries/Common/src/System/Security/Cryptography/RSACng.SignVerify.cs:line 68
   at System.Security.Cryptography.RSA.SignData(Byte[] data, Int32 offset, Int32 count, HashAlgorithmName hashAlgorithm, RSASignaturePadding padding) in /_/src/libraries/System.Security.Cryptography.Algorithms/src/System/Security/Cryptography/RSA.cs:line 170
   at System.Security.Cryptography.RSA.SignData(Byte[] data, HashAlgorithmName hashAlgorithm, RSASignaturePadding padding) in /_/src/libraries/System.Security.Cryptography.Algorithms/src/System/Security/Cryptography/RSA.cs:line 150
   at System.Security.Cryptography.X509Certificates.RSAPkcs1X509SignatureGenerator.SignData(Byte[] data, HashAlgorithmName hashAlgorithm) in /_/src/libraries/System.Security.Cryptography.X509Certificates/src/System/Security/Cryptography/X509Certificates/RSAPkcs1X509SignatureGenerator.cs:line 24
   at System.Security.Cryptography.X509Certificates.CertificateRequest.Create(X500DistinguishedName issuerName, X509SignatureGenerator generator, DateTimeOffset notBefore, DateTimeOffset notAfter, Byte[] serialNumber) in /_/src/libraries/System.Security.Cryptography.X509Certificates/src/System/Security/Cryptography/X509Certificates/CertificateRequest.cs:line 595
   at System.Security.Cryptography.X509Certificates.CertificateRequest.Create(X509Certificate2 issuerCertificate, DateTimeOffset notBefore, DateTimeOffset notAfter, Byte[] serialNumber) in /_/src/libraries/System.Security.Cryptography.X509Certificates/src/System/Security/Cryptography/X509Certificates/CertificateRequest.cs:line 449
   at System.Security.Cryptography.X509Certificates.Tests.RevocationTests.CertificateAuthority.CreateCertificate(String subject, RSA publicKey, TimeSpan nestingBuffer, X509BasicConstraintsExtension basicConstraints, X509KeyUsageExtension keyUsage, X509EnhancedKeyUsageExtension ekuExtension, Boolean ocspResponder) in /_/src/libraries/System.Security.Cryptography.X509Certificates/tests/RevocationTests/CertificateAuthority.cs:line 261
   at System.Security.Cryptography.X509Certificates.Tests.RevocationTests.CertificateAuthority.CreateEndEntity(String subject, RSA publicKey) in /_/src/libraries/System.Security.Cryptography.X509Certificates/tests/RevocationTests/CertificateAuthority.cs:line 135
   at System.Security.Cryptography.X509Certificates.Tests.RevocationTests.DynamicRevocationTests.BuildPrivatePki(PkiOptions pkiOptions, RevocationResponder& responder, CertificateAuthority& rootAuthority, CertificateAuthority& intermediateAuthority, X509Certificate2& endEntityCert, String testName, Boolean registerAuthorities, Boolean pkiOptionsInSubject) in /_/src/libraries/System.Security.Cryptography.X509Certificates/tests/RevocationTests/DynamicRevocationTests.cs:line 1356
   at System.Security.Cryptography.X509Certificates.Tests.RevocationTests.DynamicRevocationTests.SimpleTest(PkiOptions pkiOptions, RunSimpleTest callback, String callerName, Boolean pkiOptionsInTestName) in /_/src/libraries/System.Security.Cryptography.X509Certificates/tests/RevocationTests/DynamicRevocationTests.cs:line 1234
   at System.Security.Cryptography.X509Certificates.Tests.RevocationTests.DynamicRevocationTests.RevokeEndEntity(PkiOptions pkiOptions) in /_/src/libraries/System.Security.Cryptography.X509Certificates/tests/RevocationTests/DynamicRevocationTests.cs:line 132

Details
https://dev.azure.com/dnceng/public/_build/results?buildId=547557&view=ms.vss-test-web.build-test-results-tab&runId=17311614&resultId=104246&paneView=debug

@v-haren
Copy link

v-haren commented Apr 22, 2020

failed again in job: runtime-libraries outerloop 20200421.3

failed test: System.Security.Cryptography.X509Certificates.Tests.RevocationTests.DynamicRevocationTests.RevokeEndEntityWithInvalidRevocationSignature(pkiOptions: IssuerRevocationViaCrl | OcspEverywhere | IssuerAuthorityHasDesignatedOcspResponder | RootAuthorityHasDesignatedOcspResponder)

Error message

Internal.Cryptography.CryptoThrowHelper+WindowsCryptographicException : Unknown error (0xc0000001)


Stack trace
   at Internal.Cryptography.CngCommon.SignHash(SafeNCryptKeyHandle keyHandle, ReadOnlySpan`1 hash, AsymmetricPaddingMode paddingMode, Void* pPaddingInfo, Int32 estimatedSize) in /_/src/libraries/Common/src/Internal/Cryptography/CngCommon.SignVerify.cs:line 45
   at System.Security.Cryptography.RSAImplementation.RSACng.SignHash(Byte[] hash, HashAlgorithmName hashAlgorithm, RSASignaturePadding padding) in /_/src/libraries/Common/src/System/Security/Cryptography/RSACng.SignVerify.cs:line 99
   at System.Security.Cryptography.RSA.SignData(Byte[] data, Int32 offset, Int32 count, HashAlgorithmName hashAlgorithm, RSASignaturePadding padding) in /_/src/libraries/System.Security.Cryptography.Algorithms/src/System/Security/Cryptography/RSA.cs:line 170
   at System.Security.Cryptography.RSA.SignData(Byte[] data, HashAlgorithmName hashAlgorithm, RSASignaturePadding padding) in /_/src/libraries/System.Security.Cryptography.Algorithms/src/System/Security/Cryptography/RSA.cs:line 150
   at System.Security.Cryptography.X509Certificates.RSAPkcs1X509SignatureGenerator.SignData(Byte[] data, HashAlgorithmName hashAlgorithm) in /_/src/libraries/System.Security.Cryptography.X509Certificates/src/System/Security/Cryptography/X509Certificates/RSAPkcs1X509SignatureGenerator.cs:line 24
   at System.Security.Cryptography.X509Certificates.CertificateRequest.Create(X500DistinguishedName issuerName, X509SignatureGenerator generator, DateTimeOffset notBefore, DateTimeOffset notAfter, Byte[] serialNumber) in /_/src/libraries/System.Security.Cryptography.X509Certificates/src/System/Security/Cryptography/X509Certificates/CertificateRequest.cs:line 595
   at System.Security.Cryptography.X509Certificates.CertificateRequest.CreateSelfSigned(DateTimeOffset notBefore, DateTimeOffset notAfter) in /_/src/libraries/System.Security.Cryptography.X509Certificates/src/System/Security/Cryptography/X509Certificates/CertificateRequest.cs:line 338
   at System.Security.Cryptography.X509Certificates.Tests.RevocationTests.DynamicRevocationTests.BuildPrivatePki(PkiOptions pkiOptions, RevocationResponder& responder, CertificateAuthority& rootAuthority, CertificateAuthority& intermediateAuthority, X509Certificate2& endEntityCert, String testName, Boolean registerAuthorities, Boolean pkiOptionsInSubject) in /_/src/libraries/System.Security.Cryptography.X509Certificates/tests/RevocationTests/DynamicRevocationTests.cs:line 1356
   at System.Security.Cryptography.X509Certificates.Tests.RevocationTests.DynamicRevocationTests.SimpleTest(PkiOptions pkiOptions, RunSimpleTest callback, String callerName, Boolean pkiOptionsInTestName) in /_/src/libraries/System.Security.Cryptography.X509Certificates/tests/RevocationTests/DynamicRevocationTests.cs:line 1234
   at System.Security.Cryptography.X509Certificates.Tests.RevocationTests.DynamicRevocationTests.RevokeEndEntityWithInvalidRevocationSignature(PkiOptions pkiOptions) in /_/src/libraries/System.Security.Cryptography.X509Certificates/tests/RevocationTests/DynamicRevocationTests.cs:line 806

@v-haren
Copy link

v-haren commented May 11, 2020

failed again in job: runtime-libraries outerloop 20200510.1

failed test: System.Security.Cryptography.X509Certificates.Tests.RevocationTests.DynamicRevocationTests.RevokeEndEntityWithInvalidRevocationName(pkiOptions: IssuerRevocationViaCrl | EndEntityRevocationViaOcsp | IssuerAuthorityHasDesignatedOcspResponder)

Error message

Internal.Cryptography.CryptoThrowHelper+WindowsCryptographicException : Unknown error (0xc0000001)


Stack trace
   at Internal.Cryptography.CngCommon.SignHash(SafeNCryptKeyHandle keyHandle, ReadOnlySpan`1 hash, AsymmetricPaddingMode paddingMode, Void* pPaddingInfo, Int32 estimatedSize) in /_/src/libraries/Common/src/Internal/Cryptography/CngCommon.SignVerify.cs:line 45
   at System.Security.Cryptography.RSAImplementation.RSACng.SignHash(Byte[] hash, HashAlgorithmName hashAlgorithm, RSASignaturePadding padding) in /_/src/libraries/Common/src/System/Security/Cryptography/RSACng.SignVerify.cs:line 99
   at System.Security.Cryptography.RSA.SignData(Byte[] data, Int32 offset, Int32 count, HashAlgorithmName hashAlgorithm, RSASignaturePadding padding) in /_/src/libraries/System.Security.Cryptography.Algorithms/src/System/Security/Cryptography/RSA.cs:line 170
   at System.Security.Cryptography.RSA.SignData(Byte[] data, HashAlgorithmName hashAlgorithm, RSASignaturePadding padding) in /_/src/libraries/System.Security.Cryptography.Algorithms/src/System/Security/Cryptography/RSA.cs:line 150
   at System.Security.Cryptography.X509Certificates.RSAPkcs1X509SignatureGenerator.SignData(Byte[] data, HashAlgorithmName hashAlgorithm) in /_/src/libraries/System.Security.Cryptography.X509Certificates/src/System/Security/Cryptography/X509Certificates/RSAPkcs1X509SignatureGenerator.cs:line 24
   at System.Security.Cryptography.X509Certificates.CertificateRequest.Create(X500DistinguishedName issuerName, X509SignatureGenerator generator, DateTimeOffset notBefore, DateTimeOffset notAfter, Byte[] serialNumber) in /_/src/libraries/System.Security.Cryptography.X509Certificates/src/System/Security/Cryptography/X509Certificates/CertificateRequest.cs:line 595
   at System.Security.Cryptography.X509Certificates.CertificateRequest.CreateSelfSigned(DateTimeOffset notBefore, DateTimeOffset notAfter) in /_/src/libraries/System.Security.Cryptography.X509Certificates/src/System/Security/Cryptography/X509Certificates/CertificateRequest.cs:line 338
   at System.Security.Cryptography.X509Certificates.Tests.RevocationTests.DynamicRevocationTests.BuildPrivatePki(PkiOptions pkiOptions, RevocationResponder& responder, CertificateAuthority& rootAuthority, CertificateAuthority& intermediateAuthority, X509Certificate2& endEntityCert, String testName, Boolean registerAuthorities, Boolean pkiOptionsInSubject) in /_/src/libraries/System.Security.Cryptography.X509Certificates/tests/RevocationTests/DynamicRevocationTests.cs:line 1356
   at System.Security.Cryptography.X509Certificates.Tests.RevocationTests.DynamicRevocationTests.SimpleTest(PkiOptions pkiOptions, RunSimpleTest callback, String callerName, Boolean pkiOptionsInTestName) in /_/src/libraries/System.Security.Cryptography.X509Certificates/tests/RevocationTests/DynamicRevocationTests.cs:line 1234
   at System.Security.Cryptography.X509Certificates.Tests.RevocationTests.DynamicRevocationTests.RevokeEndEntityWithInvalidRevocationName(PkiOptions pkiOptions) in /_/src/libraries/System.Security.Cryptography.X509Certificates/tests/RevocationTests/DynamicRevocationTests.cs:line 834

@bartonjs
Copy link
Member

Closing as duplicate of #29683 (Windows reports STATUS_UNSUCCESSFUL on NCryptSignHash)

@ghost ghost locked as resolved and limited conversation to collaborators Dec 10, 2020
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
area-System.Security untriaged New issue has not been triaged by the area owner
Projects
None yet
Development

No branches or pull requests

5 participants