Rebex HTTPS Legacy exception: Unsupported key size (4096)

0 votes
asked Jan 22 by mobile653 (500 points)
edited Jan 22 by mobile653

Using Regex HTTPS Legacy 2019R3.3 on a Windows Embedded Handheld 6.5.3 device we get the exception mentioned. We are connecting to api.reservix.de, here is the Rebex log file:

2020-01-22 12:30:57 INFO HttpRequest(5)[841718926] TLS: Negotiating TLS 1.2, RSA with ephemeral Diffie-Hellman, AES with 128-bit key in GCM mode, AEAD.
2020-01-22 12:30:57 DEBUG HttpRequest(5)[841718926] TLS: The server supports secure renegotiation.
2020-01-22 12:30:57 DEBUG HttpRequest(5)[841718926] TLS: HandshakeMessage:Certificate was received.
2020-01-22 12:30:57 DEBUG HttpRequest(5)[841718926] TLS: HandshakeMessage:ServerKeyExchange was received.
2020-01-22 12:30:57 DEBUG HttpRequest(5)[841718926] TLS: HandshakeMessage:ServerHelloDone was received.
2020-01-22 12:30:57 DEBUG HttpRequest(5)[841718926] TLS: Verifying server certificate ('CN=*.reservix.de').
2020-01-22 12:30:57 DEBUG HttpRequest(5)[841718926] TLS: Certificate verification result: Accept
2020-01-22 12:30:57 DEBUG HttpRequest(5)[841718926] TLS: Verifying server key exchange signature.
2020-01-22 12:30:58 DEBUG HttpRequest(5)[841718926] TLS: Received ephemeral Diffie-Hellman prime.
2020-01-22 12:30:58 DEBUG HttpRequest(5)[841718926] TLS: Error while processing TLS packet: System.Security.Cryptography.CryptographicException: Unsupported key size (4096).
at Rebex.Security.Cryptography.DiffieHellmanManaged.ImportParameters(DiffieHellmanParameters parameters)
at Rebex.Security.Cryptography.CryptoHelper.jacf(DiffieHellmanParameters coj)
at Rebex.Security.Cryptography.AsymmetricKeyAlgorithm.ImportKey(DiffieHellmanParameters key)
at xube.ybwt(Byte[] azb, Int32 azc, Int32 azd, xuam aze)
at xube.ybxf(Byte[] bjj, Int32 bjk, Int32 bjl)
at xubb.krpi(Byte[] atg, Int32 ath, Int32 ati)
at xubb.krpn()
at xubb.krpu()
at Rebex.Net.TlsSocket.Negotiate()
at xtvj.lxrx(String bke, Int32 bkf, Boolean bkg)
at qhio.lxre()
at qhio.lxri(Boolean aj)
at qhio.lxrk()
at Rebex.Net.HttpRequest.mxyh()
at Rebex.Net.HttpRequest.bjwi.pwjx()
at qhvi.rnjr(Object ejo)
at qhyj.aucr.xyrn()
at qhwo.wuib()

Is this a restriction of Rebex or Windows?
Is there a list of key supported sizes?

1 Answer

0 votes
answered Jan 22 by Lukas Pokorny (108,710 points)

This issue is caused by a bug in a routine that detects the maximum supported Diffie-Hellman key size on Windows CE family of operating systems, which incorrectly determines the maximum supported size to be 2048 bits instead of 4096 bits. I will send a link to a hotfix to your e-mail.

However, please note that 4096-bit key exchange is known to be very slow on legacy Windows CE devices - asymmetric key operations with long numbers are very CPU-intensive.

commented Jan 28 by mobile653 (500 points)
edited Jan 29 by mobile653
Thank you very much, we received the Hottfix build 7327 via e-mail.
We are testing this now.

Are there any further or untestet changes in the Hotfix build 7327 (compared to 2019R3.3)?
commented Jan 28 by Lukas Pokorny (108,710 points)
The hotfix includes all fixes from 2019 R4.1 and 2019 R4.2 that are relevant for .NET Compact Framework legacy edition (which means changes related to TLS 1.3 are not included). However, as of today, it can now be considered 'tested' and we plan to release a slightly updated version of it as 2019 R3.4 within a week or two.
commented Jan 29 by mobile653 (500 points)
edited Jan 29 by mobile653
We have replaced the three DLL files with the ones from Hotfix build 7327, but we still get the same error message and excecption like before.

I assume we are using the right version, as the log starts with:
2020-01-28 15:48:36 INFO FileLogWriter(1)[-769107902] Info: Assembly: Rebex.Common (Hotfix Build 7327) for .NET Compact Framework 3.5

Any idea?
commented Feb 3 by Lukas Pokorny (108,710 points)
It turned out that the limitation of maximum supported Diffie-Hellman key size on .NET CF was actually not a bug. Apparently, there was a 2048-bit limtation on Windows CE 5.x, which is what Windows Embedded Handheld 6.5.3 is based on as well (despite its name). Windows CE 5.x, "Microsoft Enhanced DSS and Diffie-Hellman Cryptographic Provider" is actually available, but it is apparently limited to Diffie-Hellman key sizes of 2048-bits and lower. Later versions of the OS, such as Windows Embedded Compact 2013 (based on Windows CE 8.0 kernel), do support 4096-bit keys (which we have been limiting to 2048-bits unnecessarilly).
 
Unfortunately, this means that there is no perfect solution for this issue, although there are some possible workarounds:

a) If the server supports Elliptic-Curve Diffie-Hellman, use that instead of classic Diffie-Hellman. To take advantage of it, use [Rebex.Castle.dll eliptic curve plugin](https://www.rebex.net/kb/elliptic-curve-plugins/) (based on open source BouncyCastle project and suitable for all .NET CF 3.x platforms) at the client.

b) We could enable usage of 4096-bit keys in our managed Diffie-Hellman implementation. This might work, but unless your devices are unusually powerful, these calculations might take a very long time.
commented Feb 5 by mobile653 (500 points)
Thank you for examining this issue and the recommendations!

We have added the Elliptic Curve Plugin and can connect to the server now. So we do not need any further assistance here.
commented Feb 6 by Lukas Pokorny (108,710 points)
Thanks for letting us know!
...