Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

signatureHeaders sees OpenSSL error when FIPS enabled #928

Open
aronatkins opened this issue Jul 24, 2023 · 13 comments
Open

signatureHeaders sees OpenSSL error when FIPS enabled #928

aronatkins opened this issue Jul 24, 2023 · 13 comments
Labels
bug an unexpected problem or unintended behavior FIPS

Comments

@aronatkins
Copy link
Contributor

When using FIPS in a Rocky Linux 9 container, calling openssl::signature_create can err like:

16.63 > rawsig <- openssl::signature_create(charToRaw(canonicalRequest), key = private_key)
16.63 Error in hash_sign(md, sk) :
16.63   OpenSSL error: 807014FC877F0000:error:03000098:digital envelope routines:evp_pkey_ctx_set_md:invalid digest:crypto/evp/pmeth_lib.c:959:
16.63 Calls: <Anonymous> -> hash_sign
16.63 Execution halted

This can happen when people attempt to configure a Posit Account using the RStudio IDE or using rsconnect::connectUser.

Folks encountering this problem can use rsconnect::connectApiUser as a workaround.

Here is the Dockerfile:

FROM rstudio/r-base:4.3-rockylinux9

RUN dnf update -y && dnf install -y openssl-devel
RUN fips-mode-setup --enable

COPY debugging.R /content/

RUN R -f /content/debugging.R

Here is debugging.R:

options(repos = c(CRAN = "https://cran.rstudio.com/"))

install.packages("digest")
install.packages("openssl")

# equivalent to rsconnect:::generateToken
generateToken <- function() {
  key <- openssl::rsa_keygen(2048L)
  priv.der <- openssl::write_der(key)
  pub.der <- openssl::write_der(key$pubkey)
  tokenId <- paste(c("T", openssl::rand_bytes(16)), collapse = "")

  list(
    token = tokenId,
    public_key = openssl::base64_encode(pub.der),
    private_key = openssl::base64_encode(priv.der)
  )
}

# equivalent to rsconnect:::rfc2616Date
rfc2616Date <- function(time = Sys.time()) {
  # set locale to POSIX/C to ensure ASCII date
  old <- Sys.setlocale("LC_TIME", "C")
  on.exit(Sys.setlocale("LC_TIME", old))

  strftime(Sys.time(), "%a, %d %b %Y %H:%M:%S GMT", tz = "GMT")
}

token <- generateToken()
path <- "/users/current"
method <- "GET"
date <- rfc2616Date()
md5 <- openssl::base64_encode(digest::digest("", algo = "md5", serialize = FALSE, raw = TRUE))
canonicalRequest <- paste(method, path, date, md5, sep = "\n")
private_key <- openssl::read_key(
     openssl::base64_decode(token$private_key),
     der = TRUE
)
# the signature_create line errs
rawsig <- openssl::signature_create(charToRaw(canonicalRequest), key = private_key)
signature <- openssl::base64_encode(rawsig)

With the Dockerfile and debugging.R files written into a directory, recreate the error with:

docker build .
@aronatkins
Copy link
Contributor Author

aronatkins commented Jul 24, 2023
edited
Loading

A more minimal debugging.R that presents the same error:

options(repos = c(CRAN = "https://cran.rstudio.com/"))

install.packages("openssl")

key <- openssl::rsa_keygen(2048L)
rawsig <- openssl::signature_create(charToRaw("some data"), key = key)
signature <- openssl::base64_encode(rawsig)

@aronatkins
Copy link
Contributor Author

Another variation on debugging.R..

key <- openssl::rsa_keygen(2048L)
priv_der <- openssl::write_der(key)
pub_der <- openssl::write_der(key$pubkey)
token <- list(
  public_key = openssl::base64_encode(pub_der),
  private_key = openssl::base64_encode(priv_der)
)
private_key <- openssl::read_key(
  openssl::base64_decode(token$private_key),
  der = TRUE
)
rawsig <- openssl::signature_create(charToRaw("some data"), key = key)
signature <- openssl::base64_encode(rawsig)

@hadley

This comment was marked as resolved.

Sign in to view
@aronatkins
Copy link
Contributor Author

The error can be avoided if we tell OpenSSL to allow SHA1 signatures:

ENV OPENSSL_ENABLE_SHA1_SIGNATURES=yes
RUN R -f /content/debugging.R

@aronatkins
Copy link
Contributor Author

RHEL9 OpenSSL disables SHA1 signatures: https://gitlab.com/redhat/centos-stream/rpms/openssl/-/commit/78fb78d30755ae18fdaef28ef392f4e67c662ff6 (linked from VirusTotal/yara#1864 (comment))

@aronatkins

This comment was marked as outdated.

Sign in to view
@hadley
Copy link
Member

hadley commented Jul 24, 2023

Oh sorry, I meant #768

@aronatkins
Copy link
Contributor Author

Oh sorry, I meant #768

Oh! I totally didn't find that issue. Yes, it looks to be the same error.

@aronatkins
Copy link
Contributor Author

Support ticket reference: 91795

@rstub
Copy link
Member

rstub commented Oct 20, 2023

Support ticket reference: 96540

According to dotnet/runtime#65874 (comment) another workaround would be to set rh-allow-sha1-signatures in openssl.cnf.

@hadley
Copy link
Member

hadley commented Oct 26, 2023

Is the problem being tracked on the connect side too? Obviously it will need a change before we can use a different client side strategy.

@hadley hadley added the bug an unexpected problem or unintended behavior label Oct 26, 2023
@aronatkins
Copy link
Contributor Author

Connect issue #14353 tracks shifting away from MD5; I did not find anything tracking this piece.

@mmarchetti - are you tracking a change to API keys in all workflows?

@christierney
Copy link

https://rstudioide.zendesk.com/agent/tickets/101890

@jonkeane jonkeane mentioned this issue Mar 18, 2024
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug an unexpected problem or unintended behavior FIPS
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@hadley @aronatkins @christierney @rstub