From c7b30b149a42d6a9e30ef3bdb2175dfe96a47c44 Mon Sep 17 00:00:00 2001 From: Radek Zikmund Date: Wed, 10 Jan 2024 18:22:13 +0100 Subject: [PATCH 1/6] Add entire issuer chain to trusted X509_STORE when validating OCSP_Response --- .../Interop.OCSP.cs | 9 ++++++--- .../SslStreamCertificateContext.Linux.cs | 18 +++++++++++++++++- .../pal_x509.c | 17 +++++++++++++---- .../pal_x509.h | 2 +- 4 files changed, 37 insertions(+), 9 deletions(-) diff --git a/src/libraries/Common/src/Interop/Unix/System.Security.Cryptography.Native/Interop.OCSP.cs b/src/libraries/Common/src/Interop/Unix/System.Security.Cryptography.Native/Interop.OCSP.cs index 59736b39f47e82..8b07660a3fb657 100644 --- a/src/libraries/Common/src/Interop/Unix/System.Security.Cryptography.Native/Interop.OCSP.cs +++ b/src/libraries/Common/src/Interop/Unix/System.Security.Cryptography.Native/Interop.OCSP.cs @@ -29,27 +29,30 @@ private static unsafe partial int CryptoNative_X509DecodeOcspToExpiration( int len, SafeOcspRequestHandle req, IntPtr subject, - IntPtr issuer, + IntPtr* issuers, + int issuersLen, ref long expiration); internal static unsafe bool X509DecodeOcspToExpiration( ReadOnlySpan buf, SafeOcspRequestHandle request, IntPtr x509Subject, - IntPtr x509Issuer, + ReadOnlySpan x509Issuers, out DateTimeOffset expiration) { long timeT = 0; int ret; fixed (byte* pBuf = buf) + fixed (IntPtr* pIssuers = x509Issuers) { ret = CryptoNative_X509DecodeOcspToExpiration( pBuf, buf.Length, request, x509Subject, - x509Issuer, + pIssuers, + x509Issuers.Length, ref timeT); } diff --git a/src/libraries/System.Net.Security/src/System/Net/Security/SslStreamCertificateContext.Linux.cs b/src/libraries/System.Net.Security/src/System/Net/Security/SslStreamCertificateContext.Linux.cs index bf8ee151cb75c3..03dea4bf362842 100644 --- a/src/libraries/System.Net.Security/src/System/Net/Security/SslStreamCertificateContext.Linux.cs +++ b/src/libraries/System.Net.Security/src/System/Net/Security/SslStreamCertificateContext.Linux.cs @@ -211,6 +211,20 @@ partial void AddRootCertificate(X509Certificate2? rootCertificate, ref bool tran return null; } + // see logic in AddRootCertificate for why this is necessary + IntPtr[] issuerHandles = ArrayPool.Shared.Rent(IntermediateCertificates.Count == 0 ? 1 : IntermediateCertificates.Count); + if (IntermediateCertificates.Count == 0) + { + issuerHandles[0] = issuer; + } + else + { + for (int i = 0; i < IntermediateCertificates.Count; i++) + { + issuerHandles[i] = IntermediateCertificates[i].Handle; + } + } + using (SafeOcspRequestHandle ocspRequest = Interop.Crypto.X509BuildOcspRequest(subject, issuer)) { byte[] rentedBytes = ArrayPool.Shared.Rent(Interop.Crypto.GetOcspRequestDerSize(ocspRequest)); @@ -227,7 +241,7 @@ partial void AddRootCertificate(X509Certificate2? rootCertificate, ref bool tran if (ret is not null) { - if (!Interop.Crypto.X509DecodeOcspToExpiration(ret, ocspRequest, subject, issuer, out DateTimeOffset expiration)) + if (!Interop.Crypto.X509DecodeOcspToExpiration(ret, ocspRequest, subject, issuerHandles, out DateTimeOffset expiration)) { ret = null; continue; @@ -252,6 +266,8 @@ partial void AddRootCertificate(X509Certificate2? rootCertificate, ref bool tran } } + issuerHandles.AsSpan().Clear(); + ArrayPool.Shared.Return(issuerHandles); ArrayPool.Shared.Return(rentedBytes); ArrayPool.Shared.Return(rentedChars.Array!); GC.KeepAlive(TargetCertificate); diff --git a/src/native/libs/System.Security.Cryptography.Native/pal_x509.c b/src/native/libs/System.Security.Cryptography.Native/pal_x509.c index 40f7c604e8f39d..04c6ba06cd5dce 100644 --- a/src/native/libs/System.Security.Cryptography.Native/pal_x509.c +++ b/src/native/libs/System.Security.Cryptography.Native/pal_x509.c @@ -1302,11 +1302,11 @@ CryptoNative_X509ChainVerifyOcsp(X509_STORE_CTX* storeCtx, OCSP_REQUEST* req, OC return X509ChainVerifyOcsp(storeCtx, subject, issuer, req, resp, cachePath); } -int32_t CryptoNative_X509DecodeOcspToExpiration(const uint8_t* buf, int32_t len, OCSP_REQUEST* req, X509* subject, X509* issuer, int64_t* expiration) +int32_t CryptoNative_X509DecodeOcspToExpiration(const uint8_t* buf, int32_t len, OCSP_REQUEST* req, X509* subject, X509** issuers, int issuersLen, int64_t* expiration) { ERR_clear_error(); - if (buf == NULL || len == 0) + if (buf == NULL || len == 0 || issuersLen == 0) { return 0; } @@ -1329,7 +1329,16 @@ int32_t CryptoNative_X509DecodeOcspToExpiration(const uint8_t* buf, int32_t len, if (bag != NULL) { - if (X509_STORE_add_cert(store, issuer) && sk_X509_push(bag, issuer)) + int i; + for (i = 0; i < issuersLen; i++) + { + if (!X509_STORE_add_cert(store, issuers[i]) || !sk_X509_push(bag, issuers[i])) + { + break; + } + } + + if (i == issuersLen) { ctx = X509_STORE_CTX_new(); } @@ -1343,7 +1352,7 @@ int32_t CryptoNative_X509DecodeOcspToExpiration(const uint8_t* buf, int32_t len, { int canCache = 0; time_t expiration_t = 0; - X509VerifyStatusCode code = CheckOcspGetExpiry(req, resp, subject, issuer, ctx, &canCache, &expiration_t); + X509VerifyStatusCode code = CheckOcspGetExpiry(req, resp, subject, issuers[0], ctx, &canCache, &expiration_t); if (sizeof(time_t) == sizeof(int64_t)) { diff --git a/src/native/libs/System.Security.Cryptography.Native/pal_x509.h b/src/native/libs/System.Security.Cryptography.Native/pal_x509.h index be376882d127f6..bf76a1c2345ffd 100644 --- a/src/native/libs/System.Security.Cryptography.Native/pal_x509.h +++ b/src/native/libs/System.Security.Cryptography.Native/pal_x509.h @@ -412,4 +412,4 @@ PALEXPORT int32_t CryptoNative_X509ChainVerifyOcsp(X509_STORE_CTX* storeCtx, Decode len bytes of buf into an OCSP response, process it against the OCSP request, and return if the bytes were valid. If the bytes were valid, and the OCSP response had a nextUpdate value, assign it to expiration. */ -PALEXPORT int32_t CryptoNative_X509DecodeOcspToExpiration(const uint8_t* buf, int32_t len, OCSP_REQUEST* req, X509* subject, X509* issuer, int64_t* expiration); +PALEXPORT int32_t CryptoNative_X509DecodeOcspToExpiration(const uint8_t* buf, int32_t len, OCSP_REQUEST* req, X509* subject, X509** issuers, int issuersLen, int64_t* expiration); From 13e4bfe6d7d42404b343c35678244e10230a5c77 Mon Sep 17 00:00:00 2001 From: Radek Zikmund Date: Wed, 10 Jan 2024 20:01:37 +0100 Subject: [PATCH 2/6] Code review feedback --- .../SslStreamCertificateContext.Linux.cs | 40 +++++++++---------- 1 file changed, 19 insertions(+), 21 deletions(-) diff --git a/src/libraries/System.Net.Security/src/System/Net/Security/SslStreamCertificateContext.Linux.cs b/src/libraries/System.Net.Security/src/System/Net/Security/SslStreamCertificateContext.Linux.cs index 03dea4bf362842..1a0ec1fb81c13e 100644 --- a/src/libraries/System.Net.Security/src/System/Net/Security/SslStreamCertificateContext.Linux.cs +++ b/src/libraries/System.Net.Security/src/System/Net/Security/SslStreamCertificateContext.Linux.cs @@ -26,13 +26,21 @@ public partial class SslStreamCertificateContext private byte[]? _ocspResponse; private DateTimeOffset _ocspExpiration; private DateTimeOffset _nextDownload; + // Private copy of the intermediate certificates, in case the user decides to dispose the + // instances reachable through IntermediateCertificates property. + private X509Certificate2[] _privateIntermediateCertificates; private Task? _pendingDownload; private List? _ocspUrls; - private X509Certificate2? _ca; private SslStreamCertificateContext(X509Certificate2 target, ReadOnlyCollection intermediates, SslCertificateTrust? trust) { IntermediateCertificates = intermediates; + _privateIntermediateCertificates = new X509Certificate2[intermediates.Count]; + for (int i = 0; i < intermediates.Count; i++) + { + _privateIntermediateCertificates[i] = new X509Certificate2(intermediates[i]); + } + TargetCertificate = target; Trust = trust; SslContexts = new ConcurrentDictionary(); @@ -76,15 +84,11 @@ partial void SetNoOcspFetch(bool noOcspFetch) partial void AddRootCertificate(X509Certificate2? rootCertificate, ref bool transferredOwnership) { - if (IntermediateCertificates.Count == 0) + if (_privateIntermediateCertificates.Length == 0 && rootCertificate != null) { - _ca = rootCertificate; + _privateIntermediateCertificates = new[] { rootCertificate }; transferredOwnership = true; } - else - { - _ca = IntermediateCertificates[0]; - } if (!_staplingForbidden) { @@ -149,7 +153,7 @@ partial void AddRootCertificate(X509Certificate2? rootCertificate, ref bool tran return new ValueTask(pending); } - if (_ocspUrls is null && _ca is not null) + if (_ocspUrls is null && _privateIntermediateCertificates.Length > 0) { foreach (X509Extension ext in TargetCertificate.Extensions) { @@ -192,7 +196,9 @@ partial void AddRootCertificate(X509Certificate2? rootCertificate, ref bool tran private async Task FetchOcspAsync() { - X509Certificate2? caCert = _ca; + Debug.Assert(_privateIntermediateCertificates.Length > 0); + X509Certificate2? caCert = _privateIntermediateCertificates[0]; + Debug.Assert(_ocspUrls is not null); Debug.Assert(_ocspUrls.Count > 0); Debug.Assert(caCert is not null); @@ -211,18 +217,10 @@ partial void AddRootCertificate(X509Certificate2? rootCertificate, ref bool tran return null; } - // see logic in AddRootCertificate for why this is necessary - IntPtr[] issuerHandles = ArrayPool.Shared.Rent(IntermediateCertificates.Count == 0 ? 1 : IntermediateCertificates.Count); - if (IntermediateCertificates.Count == 0) - { - issuerHandles[0] = issuer; - } - else + IntPtr[] issuerHandles = ArrayPool.Shared.Rent(_privateIntermediateCertificates.Length); + for (int i = 0; i < _privateIntermediateCertificates.Length; i++) { - for (int i = 0; i < IntermediateCertificates.Count; i++) - { - issuerHandles[i] = IntermediateCertificates[i].Handle; - } + issuerHandles[i] = _privateIntermediateCertificates[i].Handle; } using (SafeOcspRequestHandle ocspRequest = Interop.Crypto.X509BuildOcspRequest(subject, issuer)) @@ -241,7 +239,7 @@ partial void AddRootCertificate(X509Certificate2? rootCertificate, ref bool tran if (ret is not null) { - if (!Interop.Crypto.X509DecodeOcspToExpiration(ret, ocspRequest, subject, issuerHandles, out DateTimeOffset expiration)) + if (!Interop.Crypto.X509DecodeOcspToExpiration(ret, ocspRequest, subject, issuerHandles.AsSpan(0, _privateIntermediateCertificates.Length), out DateTimeOffset expiration)) { ret = null; continue; From d294f4077234a5f39b91b4b5da5cb64038b5f565 Mon Sep 17 00:00:00 2001 From: Radek Zikmund Date: Wed, 10 Jan 2024 20:02:51 +0100 Subject: [PATCH 3/6] More code review feedback --- .../src/System/Net/Security/SslStreamCertificateContext.Linux.cs | 1 + 1 file changed, 1 insertion(+) diff --git a/src/libraries/System.Net.Security/src/System/Net/Security/SslStreamCertificateContext.Linux.cs b/src/libraries/System.Net.Security/src/System/Net/Security/SslStreamCertificateContext.Linux.cs index 1a0ec1fb81c13e..f15fa1f7c150ae 100644 --- a/src/libraries/System.Net.Security/src/System/Net/Security/SslStreamCertificateContext.Linux.cs +++ b/src/libraries/System.Net.Security/src/System/Net/Security/SslStreamCertificateContext.Linux.cs @@ -269,6 +269,7 @@ partial void AddRootCertificate(X509Certificate2? rootCertificate, ref bool tran ArrayPool.Shared.Return(rentedBytes); ArrayPool.Shared.Return(rentedChars.Array!); GC.KeepAlive(TargetCertificate); + GC.KeepAlive(_privateIntermediateCertificates); GC.KeepAlive(caCert); return ret; } From c300fc3f3953e6dd678f18343a2b5e6412509a9a Mon Sep 17 00:00:00 2001 From: Radek Zikmund <32671551+rzikm@users.noreply.github.com> Date: Wed, 10 Jan 2024 20:24:06 +0100 Subject: [PATCH 4/6] Update src/libraries/System.Net.Security/src/System/Net/Security/SslStreamCertificateContext.Linux.cs Co-authored-by: Jeremy Barton --- .../Security/SslStreamCertificateContext.Linux.cs | 14 +++++++++++--- 1 file changed, 11 insertions(+), 3 deletions(-) diff --git a/src/libraries/System.Net.Security/src/System/Net/Security/SslStreamCertificateContext.Linux.cs b/src/libraries/System.Net.Security/src/System/Net/Security/SslStreamCertificateContext.Linux.cs index f15fa1f7c150ae..e5d302c09d2c0e 100644 --- a/src/libraries/System.Net.Security/src/System/Net/Security/SslStreamCertificateContext.Linux.cs +++ b/src/libraries/System.Net.Security/src/System/Net/Security/SslStreamCertificateContext.Linux.cs @@ -35,10 +35,18 @@ public partial class SslStreamCertificateContext private SslStreamCertificateContext(X509Certificate2 target, ReadOnlyCollection intermediates, SslCertificateTrust? trust) { IntermediateCertificates = intermediates; - _privateIntermediateCertificates = new X509Certificate2[intermediates.Count]; - for (int i = 0; i < intermediates.Count; i++) + if (intermediates.Count > 0) { - _privateIntermediateCertificates[i] = new X509Certificate2(intermediates[i]); + _privateIntermediateCertificates = new X509Certificate2[intermediates.Count]; + + for (int i = 0; i < intermediates.Count; i++) + { + _privateIntermediateCertificates[i] = new X509Certificate2(intermediates[i]); + } + } + else + { + _privateIntermediateCertificates = Array.Empty(); } TargetCertificate = target; From 7526afd101891f8f90a44ea2a2df19b3fc644570 Mon Sep 17 00:00:00 2001 From: Radek Zikmund <32671551+rzikm@users.noreply.github.com> Date: Wed, 10 Jan 2024 20:45:44 +0100 Subject: [PATCH 5/6] Fix compilation --- .../Net/Security/SslStreamCertificateContext.Linux.cs | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/src/libraries/System.Net.Security/src/System/Net/Security/SslStreamCertificateContext.Linux.cs b/src/libraries/System.Net.Security/src/System/Net/Security/SslStreamCertificateContext.Linux.cs index e5d302c09d2c0e..42a2e88b1be948 100644 --- a/src/libraries/System.Net.Security/src/System/Net/Security/SslStreamCertificateContext.Linux.cs +++ b/src/libraries/System.Net.Security/src/System/Net/Security/SslStreamCertificateContext.Linux.cs @@ -35,11 +35,11 @@ public partial class SslStreamCertificateContext private SslStreamCertificateContext(X509Certificate2 target, ReadOnlyCollection intermediates, SslCertificateTrust? trust) { IntermediateCertificates = intermediates; - if (intermediates.Count > 0) + if (intermediates.Length > 0) { - _privateIntermediateCertificates = new X509Certificate2[intermediates.Count]; + _privateIntermediateCertificates = new X509Certificate2[intermediates.Length]; - for (int i = 0; i < intermediates.Count; i++) + for (int i = 0; i < intermediates.Length; i++) { _privateIntermediateCertificates[i] = new X509Certificate2(intermediates[i]); } From 619a4efaae73fd85e9fce77bbc6a444e8d6a6012 Mon Sep 17 00:00:00 2001 From: Radek Zikmund Date: Wed, 10 Jan 2024 21:58:26 +0100 Subject: [PATCH 6/6] Always include root certificate --- .../SslStreamCertificateContext.Linux.cs | 26 +++++++++---------- 1 file changed, 13 insertions(+), 13 deletions(-) diff --git a/src/libraries/System.Net.Security/src/System/Net/Security/SslStreamCertificateContext.Linux.cs b/src/libraries/System.Net.Security/src/System/Net/Security/SslStreamCertificateContext.Linux.cs index 42a2e88b1be948..01881f04cfdd38 100644 --- a/src/libraries/System.Net.Security/src/System/Net/Security/SslStreamCertificateContext.Linux.cs +++ b/src/libraries/System.Net.Security/src/System/Net/Security/SslStreamCertificateContext.Linux.cs @@ -29,17 +29,18 @@ public partial class SslStreamCertificateContext // Private copy of the intermediate certificates, in case the user decides to dispose the // instances reachable through IntermediateCertificates property. private X509Certificate2[] _privateIntermediateCertificates; + private X509Certificate2? _rootCertificate; private Task? _pendingDownload; private List? _ocspUrls; private SslStreamCertificateContext(X509Certificate2 target, ReadOnlyCollection intermediates, SslCertificateTrust? trust) { IntermediateCertificates = intermediates; - if (intermediates.Length > 0) + if (intermediates.Count > 0) { - _privateIntermediateCertificates = new X509Certificate2[intermediates.Length]; + _privateIntermediateCertificates = new X509Certificate2[intermediates.Count]; - for (int i = 0; i < intermediates.Length; i++) + for (int i = 0; i < intermediates.Count; i++) { _privateIntermediateCertificates[i] = new X509Certificate2(intermediates[i]); } @@ -92,11 +93,8 @@ partial void SetNoOcspFetch(bool noOcspFetch) partial void AddRootCertificate(X509Certificate2? rootCertificate, ref bool transferredOwnership) { - if (_privateIntermediateCertificates.Length == 0 && rootCertificate != null) - { - _privateIntermediateCertificates = new[] { rootCertificate }; - transferredOwnership = true; - } + _rootCertificate = rootCertificate; + transferredOwnership = rootCertificate != null; if (!_staplingForbidden) { @@ -161,7 +159,7 @@ partial void AddRootCertificate(X509Certificate2? rootCertificate, ref bool tran return new ValueTask(pending); } - if (_ocspUrls is null && _privateIntermediateCertificates.Length > 0) + if (_ocspUrls is null && _rootCertificate is not null) { foreach (X509Extension ext in TargetCertificate.Extensions) { @@ -204,8 +202,8 @@ partial void AddRootCertificate(X509Certificate2? rootCertificate, ref bool tran private async Task FetchOcspAsync() { - Debug.Assert(_privateIntermediateCertificates.Length > 0); - X509Certificate2? caCert = _privateIntermediateCertificates[0]; + Debug.Assert(_rootCertificate != null); + X509Certificate2? caCert = _privateIntermediateCertificates.Length > 0 ? _privateIntermediateCertificates[0] : _rootCertificate; Debug.Assert(_ocspUrls is not null); Debug.Assert(_ocspUrls.Count > 0); @@ -225,11 +223,12 @@ partial void AddRootCertificate(X509Certificate2? rootCertificate, ref bool tran return null; } - IntPtr[] issuerHandles = ArrayPool.Shared.Rent(_privateIntermediateCertificates.Length); + IntPtr[] issuerHandles = ArrayPool.Shared.Rent(_privateIntermediateCertificates.Length + 1); for (int i = 0; i < _privateIntermediateCertificates.Length; i++) { issuerHandles[i] = _privateIntermediateCertificates[i].Handle; } + issuerHandles[_privateIntermediateCertificates.Length] = _rootCertificate.Handle; using (SafeOcspRequestHandle ocspRequest = Interop.Crypto.X509BuildOcspRequest(subject, issuer)) { @@ -247,7 +246,7 @@ partial void AddRootCertificate(X509Certificate2? rootCertificate, ref bool tran if (ret is not null) { - if (!Interop.Crypto.X509DecodeOcspToExpiration(ret, ocspRequest, subject, issuerHandles.AsSpan(0, _privateIntermediateCertificates.Length), out DateTimeOffset expiration)) + if (!Interop.Crypto.X509DecodeOcspToExpiration(ret, ocspRequest, subject, issuerHandles.AsSpan(0, _privateIntermediateCertificates.Length + 1), out DateTimeOffset expiration)) { ret = null; continue; @@ -278,6 +277,7 @@ partial void AddRootCertificate(X509Certificate2? rootCertificate, ref bool tran ArrayPool.Shared.Return(rentedChars.Array!); GC.KeepAlive(TargetCertificate); GC.KeepAlive(_privateIntermediateCertificates); + GC.KeepAlive(_rootCertificate); GC.KeepAlive(caCert); return ret; }