In https://github.com/dotnet/runtime/pull/104961 we've changed OpenSSL implementation of ECDsa and ECDH to be similar to RSA. RSA implementation had a workaround for OpenSSL issue which occurs only on some low versions of OpenSSL and it requires us checking if key is a private key explicitly rather than relying on OpenSSL API. See: https://github.com/dotnet/runtime/issues/53345#issuecomment-852264901 - we've added HasNoPrivateKey check in the Sign/Decrypt operations.
We need to verify if:
is that code still needed (i.e. has OpenSSL fixed the bug)
do we need similar check in ECDSA/ECDH? (the most likely answer is "no" but we need to confirm)
In https://github.com/dotnet/runtime/pull/104961 we've changed OpenSSL implementation of ECDsa and ECDH to be similar to RSA. RSA implementation had a workaround for OpenSSL issue which occurs only on some low versions of OpenSSL and it requires us checking if key is a private key explicitly rather than relying on OpenSSL API. See: https://github.com/dotnet/runtime/issues/53345#issuecomment-852264901 - we've added
HasNoPrivateKey
check in the Sign/Decrypt operations.We need to verify if:
As part of this it would be good to add provider test cases as suggested per https://github.com/dotnet/runtime/pull/104961#pullrequestreview-2189457438