Runtime: X509Certificate2 Subject is empty on Linux in netcoreapp3.1

@bartonjs

@bartonjs X500NameEncoder.ManagedDecode is throwing because it is validating that the SetOf is DER sorted, which for the subject of this certificate, it is not. The exception is getting eaten and an empty string is returned in it's place.

Changing rdnReaders.Add(x500NameSequenceReader.ReadSetOf()) to rdnReaders.Add(x500NameSequenceReader.ReadSetOf(skipSortOrderValidation: true)) in the managed X500DistinguishedNameDecode "fixes" it.

Sigh. Sometimes I wonder if standards exist only so that people can _not_ follow them.

If Windows already processes things without validating sort order, I guess we can, too.

@bartonjs I'll take it.

Thanks for the quick response - this isn't exactly my area of expertise, could you point me at the standard in question so that I can relay it to the team/project that is responsible for creating these certificates so that they might fix the issue on their end as well?

@TimHess X.509 certificates are defined to use DER encoding.

Within the rules for DER encoding, ITU-T REC X.690 (2015/08):

11.6 Set-of components
The encodings of the component values of a set-of value shall appear in ascending order, the encodings being compared as octet strings with the shorter components being padded at their trailing end with 0-octets. NOTE – The padding octets are for comparison purposes only and do not appear in the encodings.

(For a homogenous SET-OF it means that the shortest items come first, because everything's length prepended, then "dictionary sort" the contents if the lengths are equal ("a" beats "aa")).

The canonical order for the repro is

• Subject (RDNSequence (SEQUENCE))
  
  
  
  • RelativeDistinguishedName (SET-OF)
  
  
  • AttributeTypeAndValue (SEQUENCE, 47 bytes)
    
    
    
    
    
    • type (OID) : 2.5.4.11
    
    
    
    • value (PrintableString): app:...
    
    
    
  
  
  • AttributeTypeAndValue (SEQUENCE, 49 bytes)
    
    
    
    
    
    • type (OID) : 2.5.4.11
    
    
    
    • value (PrintableString): space:...
    
    
    
  
  
  • AttributeTypeAndValue (SEQUENCE, 56 bytes)
    
    
    
    
    
    • type (OID) : 2.5.4.11
    
    
    
    • value (PrintableString): organization:...
    
    
    
  
  
  • RelativeDistinguishedName (SET-OF)
  
  
  • AttributeTypeAndValue (SEQUENCE, 35 bytes)
    
    
    
    
    
    • type (OID) : 2.5.4.3
    
    
    
    • value (PrintableString): (the CN)
    
    
    
  
  

But the encoded value is backwards in the multi-value OU (it was organization / space / app; which is exactly backwards).

Generally it doesn't come up, because multi-value RDNs aren't very common (I want to say they're discouraged, but I can't find a specific thing to quote for that...)

@bartonjs should this be serviced in to the 3.1 LTS branch? This "broke" in 3.0 because the ASN.1 decoding was using a different implementation. i.e. the subject decoding for this certificate works in 2.x but not 3.1 on Linux.

I'm not sure the subject names _will_ be fixed from the other side in our case, so adding this change in 3.1 would allow the feature I'm working on to work cross-platform nearly a year sooner than having to wait for 5.0, so I would really appreciate it!

If it changed (broke) between 2.1 and 3.1, then yeah, it's probably good to service it. (@danmosemsft FYI).

If you want to open the PR against the release/3.1 branch I'll do the paperwork; or I'll open the PR and paperwork tomorrowish.

If it changed (broke) between 2.1 and 3.1, then yeah, it's probably good to service it.

Correct. It works in 2.1 but not 3.1:

It looks like this is because [2.1] uses DerSequenceReader, and [3.1] uses AsnReader, and the former did not perform sort validation at read time.

If you want to open the PR against the release/3.1 branch I'll do the paperwork

Done.