Handle OSSL 3.4 change to SAN:othername formatting

Co-authored-by: Jeremy Barton <[email protected]>

Author: vcsjones

src/libraries/Common/tests/TestUtilities/System/PlatformDetection.Unix.cs

@@ -57,9 +57,10 @@ public static partial class PlatformDetection
             throw new PlatformNotSupportedException();
 
         private static readonly Version s_openssl3Version = new Version(3, 0, 0);
-        public static bool IsOpenSsl3 => !IsOSXLike && !IsWindows && !IsAndroid && !IsBrowser ?
-            GetOpenSslVersion() >= s_openssl3Version :
-            false;
+        private static readonly Version s_openssl3_4Version = new Version(3, 4, 0);
+
+        public static bool IsOpenSsl3 => IsOpenSslVersionAtLeast(s_openssl3Version);
+        public static bool IsOpenSsl3_4 => IsOpenSslVersionAtLeast(s_openssl3_4Version);
 
         /// <summary>
         /// If gnulibc is available, returns the release, such as "stable".
@@ -146,6 +147,18 @@ private static Version GetOpenSslVersion()
             return s_opensslVersion;
         }
 
+        // The "IsOpenSsl" properties answer false on Apple, even if OpenSSL is present for lightup,
+        // as they are answering the question "is OpenSSL the primary crypto provider".
+        private static bool IsOpenSslVersionAtLeast(Version minVersion)
+        {
+            if (IsOSXLike || IsWindows || IsAndroid || IsBrowser)
+            {
+                return false;
+            }
+
+            return GetOpenSslVersion() >= minVersion;
+        }
+
         private static Version ToVersion(string versionString)
         {
             // In some distros/versions we cannot discover the distro version; return something valid.

src/libraries/System.Security.Cryptography/tests/AsnEncodedDataTests.cs

@@ -112,11 +112,13 @@ public static void TestSubjectAlternativeName_Unix()
 
             string s = asnData.Format(false);
             bool isOpenSsl3 = PlatformDetection.IsOpenSsl3;
+            bool isOpenSsl3_4 = PlatformDetection.IsOpenSsl3_4;
 
             string expected = string.Join(
                 ", ",
                 // Choice[0]: OtherName
-                isOpenSsl3 ? "othername: UPN::[email protected]" : "othername:<unsupported>",
+                isOpenSsl3_4 ? "othername: UPN:[email protected]" :
+                    isOpenSsl3 ? "othername: UPN::[email protected]" : "othername:<unsupported>",
                 // Choice[1]: Rfc822Name (EmailAddress)
                 "email:[email protected]",
                 // Choice[2]: DnsName