macOS: subjectKeyIdentifier and authorityKeyIdentifier mismatch crashes chain building

[vcsjones]

This is another "unknown chain status" on macOS chain building. If a leaf and issuing certificate chain to each other but the authority and subject key identifiers do not match, chain building will fail.

A DynamicChainTest to reproduce it:

[Fact]
public static void BadAuthorityId()
{
    X509Extension[] intermediateExtensions = new [] {
        new X509BasicConstraintsExtension(
            certificateAuthority: true,
            hasPathLengthConstraint: false,
            pathLengthConstraint: 0,
            critical: true),
        new X509Extension(
            "2.5.29.14",
            "0414C7AC28EFB300F46F9406ED155628A123633E556F".HexToByteArray(),
            critical: false)
    };

    X509Extension[] endEntityExtensions = new [] {
        new X509BasicConstraintsExtension(
            certificateAuthority: false,
            hasPathLengthConstraint: false,
            pathLengthConstraint: 0,
            critical: true),
        new X509Extension(
            "2.5.29.35",
            "30168014A84A6A63047DDDBAE6D139B7A64565EFF3A8ECA1".HexToByteArray(),
            critical: false)
    };

    TestDataGenerator.MakeTestChain3(
        out X509Certificate2 endEntityCert,
        out X509Certificate2 intermediateCert,
        out X509Certificate2 rootCert,
        intermediateExtensions: intermediateExtensions,
        endEntityExtensions: endEntityExtensions);

    using (endEntityCert)
    using (intermediateCert)
    using (rootCert)
    using (ChainHolder chainHolder = new ChainHolder())
    {
        X509Chain chain = chainHolder.Chain;
        chain.ChainPolicy.RevocationMode = X509RevocationMode.NoCheck;
        chain.ChainPolicy.VerificationTime = endEntityCert.NotBefore.AddSeconds(1);
        chain.ChainPolicy.TrustMode = X509ChainTrustMode.CustomRootTrust;
        chain.ChainPolicy.CustomTrustStore.Add(rootCert);
        chain.ChainPolicy.ExtraStore.Add(intermediateCert);

        Assert.False(chain.Build(endEntityCert));
    }
}

Unfortunately, the debugging output isn't helpful for this one, for some reason.

Unknown Chain Status: (null)

I think the chain status string is "IdLinkage" based on my examination of Apple sources.

[Dotnet-GitSync-Bot]

I couldn't figure out the best area label to add to this issue. If you have write-permissions please help me learn by adding exactly one area label.

[vcsjones]

@bartonjs

[vcsjones]

Changing the debug output to use an allocating version got me the right output:

CFIndex keyStringLength = CFStringGetLength(keyString);
CFIndex maxEncodedLength = CFStringGetMaximumSizeForEncoding(keyStringLength, kCFStringEncodingUTF8) + 1;
char *printBuffer = malloc(maxEncodedLength);
if (CFStringGetCString(keyString, printBuffer, maxEncodedLength, kCFStringEncodingUTF8))
{
    printf("Unknown Chain Status: %s\n", printBuffer);
}
else
{
    printf("Unknown Chain Status. Could not allocate string.");
}
free(printBuffer);

Unknown Chain Status: IdLinkage

[vcsjones]

All three platforms have different behavior.

• macOS: 💥
• openSSL: PartialChain
• Windows: NoError

[ghost]

Tagging subscribers to this area: @bartonjs, @vcsjones, @krwq
See info in area-owners.md if you want to be subscribed.

[bartonjs]

Was this from trawling the string table, or did it come up in reality?

[vcsjones]

Was this from trawling the string table, or did it come up in reality?

Had some spare time during lunch and started looking for more of these in Big Sur. I noticed that IdLinkage was one that applies to 10.15 (and probably 10.14) as well.