2

I have this strange problem, SslStream.AuthenticateAsClient() throws following exception:

System.Security.Authentication.AuthenticationException : A call to SSPI failed, see inner exception.
  ----> System.ComponentModel.Win32Exception : The token supplied to the function is invalid

It happens only when Tls12 is required by the client:

SslStream.AuthenticateAsClient(..., ..., SslProtocols.Tls12);

Code works properly for Ssl3, Tls11 and Tls.

Server certificate is self-signed and 'old'. It uses md5RSA signature and 1024 bits, and innitially I thought that is the problem, as re-generating the certificate makes the exception go away (I tired both SHA1 and SHA512 - both ok).

However, to my surprise FileZilla client is able to connect to this server using this 'old' md5RSA-signed cert and using TLS 1.2:

TLS 1.2 with old cert

Here is the certificate:

-----BEGIN CERTIFICATE-----
MIICejCCAeOgAwIBAgIQzbvZdHHAV49D7R8OE2mEaDANBgkqhkiG9w0BAQQFADBA
MSswKQYJKoZIhvcNAQkBFhxlbWFpbEBpbi10aGUtY2VydGlmaWNhdGUuY29tMREw
DwYDVQQDEwhKb2huIERvZTAeFw0xMTAxMjAyMDAzNDFaFw0zOTEyMzEyMzU5NTla
MEAxKzApBgkqhkiG9w0BCQEWHGVtYWlsQGluLXRoZS1jZXJ0aWZpY2F0ZS5jb20x
ETAPBgNVBAMTCEpvaG4gRG9lMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC0
s5RAKYdw2AYk3t0oH5jDo6RQRRfabkOLfKvR8kOiYbqjtgblx7JhSZJHX/r6KLoc
hGgYkQPOSKnl8TdgEkzPxWHECV/iMdOxTsTv2P//ZM2INjb4H8JjDS16PYFwHP3w
/9RU6PjppK+mPdWP1pezBzebSM0QQwpmXlSmfe2ULQIDAQABo3UwczBxBgNVHQEE
ajBogBA4WNgTvhkmRD8DhHeRvAJcoUIwQDErMCkGCSqGSIb3DQEJARYcZW1haWxA
aW4tdGhlLWNlcnRpZmljYXRlLmNvbTERMA8GA1UEAxMISm9obiBEb2WCEM272XRx
wFePQ+0fDhNphGgwDQYJKoZIhvcNAQEEBQADgYEAFX6MM/E97hC6t1TAFBmM3tWr
fQ2cB0LFCe6J0I8phKQecpSYCkMdvaHdsT+sdzXNW4bgL064r731r8l/47VgfgIR
oRmsQYnwJ55nqZpEW2zL3vioedWiCVto8X9/dVC8jqPpcmMP5NWBHh88o7nkPBxe
C8iucrQvHnjYwaz1o/M=
-----END CERTIFICATE-----

My questions are:

  1. Why SslStream.AuthenticateAsClient throws, whereas Filezilla client is able to connect?

  2. Are there any .NET/Windows 10/CryptoAPI certificate restrictions when TLS 1.2 is used?

  3. If there are restrictions, why FileZilla is not enforcing them?

  4. Why so cryptic error message: 'The token supplied to the function is invalid'?

Pawel Lesnikowski
  • 6,264
  • 4
  • 38
  • 42
  • Check if the certificate can only be used for encryption and disallows signature generation. You can view it in Windows or other certificate viewers, look for "key usage". You need authentication (signature generation) for the ECDHE and DHE cipher suites. – Maarten Bodewes Dec 02 '16 at 22:28
  • @MaartenBodewes I don't see 'key usage' anywhere (certmgr/Open/Details/All). This cert was created using makecert.exe with '-sky exchange' option (which indicates that the key is used for key encryption and key exchange), and as I said FileZilla client has no problems with this server cert. I'll update the question with the cert itself. – Pawel Lesnikowski Dec 04 '16 at 09:41
  • @MaartenBodewes: I hit this same problem and can verify that the controlling variable is TLS 1.2; if I force a downgrade to TLS 1.0 is goes through; obviously I don't actually want to do that. – Joshua Feb 04 '19 at 19:40

1 Answers1

9

I finally figured this out. "The token supplied to the function is invalid" in this context means a "Certificate on the chain is signed with an unsupported or disabled algorithm."

It turns out in practice this almost always means disabled. The list of enabled algorithms is found in HKEY_LOCAL_MACHINE SYSTEM\CurrentControlSet\Control\Cryptography\Configuration\Local\SSL\00010003 Functions. This is a REG_MULTI_SZ with one string per supported algorithm.

I found these values on my Windows 10 machine:

RSA/SHA256
RSA/SHA384
RSA/SHA1
ECDSA/SHA256
ECDSA/SHA384
ECDSA/SHA1
DSA/SHA1

And I added

RSA/SHA512
ECDSA/SHA512

Your key would start working if you added RSA/MD5 however it cannot be emphasized enough this is a bad idea and will open your system up to accepting forged certificates because MD5 has been broken.

Filezilla is working because Mozilla distrusts the host cipher suite.

Joshua
  • 40,822
  • 8
  • 72
  • 132
  • This also helps w/ MS SQL 2017 server. SQL 2017 is configured to Force Encryption, using a self signed certificate. My Win 10 PC could connect with SSMS, but two colleagues receive this error `A connection was successfully established with the server, but then an error occurred during the login process. (provider: SSL Provider, error: 0 - The token supplied to the function is invalid) (Microsoft SQL Server, Error: -2146893048)` It took a lot of updates and failed searches before I found this article. Adding the same two algorithms to registry and rebooting the PC got us working. Thanks! – Sᴀᴍ Onᴇᴌᴀ Oct 14 '19 at 21:48
  • If you capture an ETL trace with Netsh, and view this in NetworkMonitor, you will also see: `WEBIO_MicrosoftWindowsWebIO WEBIO_MicrosoftWindowsWebIO:0x07E5D820: InitializeSecurityContext returned - (Unknown value: 1)` The errorvalue will be SEC_E_INVALID_TOKEN and later on in the trace at the WinHTTP level if you're using that: `WEBIO_MicrosoftWindowsWebIO WEBIO_MicrosoftWindowsWebIO:0x07E58A28: Completing WebSendHttpRequest(Entity) (DataChunks 0x036D6FC4) (Error SEC_E_INVALID_TOKEN) (CompletionContext 0x07E58878) (CompletionInformation 0 (0x0))` – HelpingHand May 21 '20 at 13:58