X509ChainImplUnityTls reports status now

AndreasReich · AndreasReich · commit 24ce88f8a387 · 2020-07-14T14:28:40.000+02:00
Fixes Fogbugz ticket 1261388.
Impl sticks close to current Mono Btls implementation on _master_ - the implementation on our fork has the same issues as prior to this fix and throws NotImplementedException
diff --git a/mcs/class/System/Mono.UnityTls/UnityTlsConversions.cs b/mcs/class/System/Mono.UnityTls/UnityTlsConversions.cs
@@ -8,6 +8,7 @@
 #endif
 
 using System.Security.Authentication;
+using System.Security.Cryptography.X509Certificates;
 
 namespace Mono.Unity
 {
@@ -102,6 +103,30 @@ public static MonoSslPolicyErrors VerifyResultToPolicyErrror (UnityTls.unitytls_
 				error |= MonoSslPolicyErrors.RemoteCertificateChainErrors;
 			return error;
 		}
+
+		public static X509ChainStatusFlags VerifyResultToChainStatus (UnityTls.unitytls_x509verify_result verifyResult)
+		{
+			// First, check "non-flags"
+			if (verifyResult == UnityTls.unitytls_x509verify_result.UNITYTLS_X509VERIFY_SUCCESS)
+				return X509ChainStatusFlags.NoError;
+			else if (verifyResult == UnityTls.unitytls_x509verify_result.UNITYTLS_X509VERIFY_FATAL_ERROR)
+				return X509ChainStatusFlags.UntrustedRoot; // Inaccurate, throw exception instead?
+
+			// Yes, we ignore user error flags here. They still affect if a chain is accepted, but they are not status flags of the chain!
+			X509ChainStatusFlags error = X509ChainStatusFlags.NoError;
+			if (verifyResult.HasFlag (UnityTls.unitytls_x509verify_result.UNITYTLS_X509VERIFY_FLAG_EXPIRED))
+				error |= X509ChainStatusFlags.NotTimeValid;
+			if (verifyResult.HasFlag (UnityTls.unitytls_x509verify_result.UNITYTLS_X509VERIFY_FLAG_REVOKED))
+				error |= X509ChainStatusFlags.Revoked;
+			if (verifyResult.HasFlag (UnityTls.unitytls_x509verify_result.UNITYTLS_X509VERIFY_FLAG_CN_MISMATCH))
+				// Unclear what to return, behaving like Mono's BTLS impl
+				// https://github.com/mono/mono/blob/1553889bc54f87060158febca7e6b8b9910975f8/mcs/class/System/Mono.Btls/MonoBtlsProvider.cs#L312
+				error |= X509ChainStatusFlags.UntrustedRoot;
+			if (verifyResult.HasFlag (UnityTls.unitytls_x509verify_result.UNITYTLS_X509VERIFY_FLAG_NOT_TRUSTED))
+				error |= X509ChainStatusFlags.UntrustedRoot;
+
+			return error;
+		}
 	}
 }
 #endif
diff --git a/mcs/class/System/Mono.UnityTls/UnityTlsProvider.cs b/mcs/class/System/Mono.UnityTls/UnityTlsProvider.cs
@@ -131,6 +131,12 @@ internal override bool ValidateCertificate (
 			}
 
 			errors = UnityTlsConversions.VerifyResultToPolicyErrror(result);
+			// There should be a status per certificate, but once again we're following closely the BTLS implementation
+			// https://github.com/mono/mono/blob/1553889bc54f87060158febca7e6b8b9910975f8/mcs/class/System/Mono.Btls/MonoBtlsProvider.cs#L180
+			// which also provides only a single status for the entire chain.
+			// It is notoriously tricky to implement in OpenSSL to get a status for all invididual certificates without finishing the handshake in the process.
+			// This is partially the reason why unitytls_x509verify_X doesn't expose it (TODO!) and likely the reason Mono's BTLS impl ignores this.
+			unityTlsChainImpl?.AddStatus(UnityTlsConversions.VerifyResultToChainStatus(result));
 			return result == UnityTls.unitytls_x509verify_result.UNITYTLS_X509VERIFY_SUCCESS && 
 					errorState.code == UnityTls.unitytls_error_code.UNITYTLS_SUCCESS;
 		}
diff --git a/mcs/class/System/Mono.UnityTls/X509ChainImplUnityTls.cs b/mcs/class/System/Mono.UnityTls/X509ChainImplUnityTls.cs
@@ -1,6 +1,7 @@
 #if SECURITY_DEP
 
 using System;
+using System.Collections.Generic;
 using System.Text;
 using System.Security;
 using System.Security.Cryptography;
@@ -12,9 +13,10 @@ namespace Mono.Unity
 	// Follows mostly X509ChainImplBtls
 	class X509ChainImplUnityTls : X509ChainImpl
 	{
-		X509ChainElementCollection elements;
-		UnityTls.unitytls_x509list_ref nativeCertificateChain;
-		X509ChainPolicy policy = new X509ChainPolicy ();
+		private X509ChainElementCollection elements;
+		private UnityTls.unitytls_x509list_ref nativeCertificateChain;
+		private X509ChainPolicy policy = new X509ChainPolicy ();
+		private List<X509ChainStatus> chainStatusList;
 
 		internal X509ChainImplUnityTls (UnityTls.unitytls_x509list_ref nativeCertificateChain)
 		{
@@ -64,8 +66,13 @@ public override X509ChainPolicy ChainPolicy {
 			set { policy = value; }
 		}
 
-		public override X509ChainStatus[] ChainStatus {
-			get { throw new NotImplementedException (); }
+		public override X509ChainStatus[] ChainStatus => chainStatusList?.ToArray() ?? new X509ChainStatus[0];
+
+		public void AddStatus (X509ChainStatusFlags errorCode)
+		{
+			if (chainStatusList == null)
+				chainStatusList = new List<X509ChainStatus>();
+			chainStatusList.Add (new X509ChainStatus(errorCode));
 		}
 
 		public override bool Build (X509Certificate2 certificate)

Original file line number	Diff line number	Diff line change
`@@ -131,6 +131,12 @@ internal override bool ValidateCertificate (`
`131`	`131`	`}`
`132`	`132`
`133`	`133`	`errors = UnityTlsConversions.VerifyResultToPolicyErrror(result);`
	`134`	`+ // There should be a status per certificate, but once again we're following closely the BTLS implementation`
	`135`	`+ // https://github.com/mono/mono/blob/1553889bc54f87060158febca7e6b8b9910975f8/mcs/class/System/Mono.Btls/MonoBtlsProvider.cs#L180`
	`136`	`+ // which also provides only a single status for the entire chain.`
	`137`	`+ // It is notoriously tricky to implement in OpenSSL to get a status for all invididual certificates without finishing the handshake in the process.`
	`138`	`+ // This is partially the reason why unitytls_x509verify_X doesn't expose it (TODO!) and likely the reason Mono's BTLS impl ignores this.`
	`139`	`+ unityTlsChainImpl?.AddStatus(UnityTlsConversions.VerifyResultToChainStatus(result));`
`134`	`140`	`return result == UnityTls.unitytls_x509verify_result.UNITYTLS_X509VERIFY_SUCCESS &&`
`135`	`141`	`errorState.code == UnityTls.unitytls_error_code.UNITYTLS_SUCCESS;`
`136`	`142`	`}`