Bug 43040 - [X509 Feature] X509Chain does not return a chain status
Summary: [X509 Feature] X509Chain does not return a chain status
Status: ASSIGNED
Alias: None
Product: Android
Classification: Xamarin
Component: BCL Class Libraries ()
Version: unspecified
Hardware: PC Windows
: Normal normal
Target Milestone: abi-break-future
Assignee: Martin Baulig
URL:
Depends on:
Blocks:
 
Reported: 2016-08-03 22:26 UTC by Cody Beyer (MSFT)
Modified: 2017-11-21 14:40 UTC (History)
4 users (show)

Tags: XATriaged
Is this bug a regression?: ---
Last known good build:


Attachments
Samples (62.21 KB, application/x-zip-compressed)
2016-08-03 22:26 UTC, Cody Beyer (MSFT)
Details


Notice (2018-05-24): bugzilla.xamarin.com is now in read-only mode.

Please join us on Visual Studio Developer Community and in the Xamarin and Mono organizations on GitHub to continue tracking issues. Bugzilla will remain available for reference in read-only mode. We will continue to work on open Bugzilla bugs, copy them to the new locations as needed for follow-up, and add the new items under Related Links.

Our sincere thanks to everyone who has contributed on this bug tracker over the years. Thanks also for your understanding as we make these adjustments and improvements for the future.


Please create a new report for Bug 43040 on Developer Community or GitHub if you have new information to add and do not yet see a matching new report.

If the latest results still closely match this report, you can use the original description:

  • Export the original title and description: Developer Community HTML or GitHub Markdown
  • Copy the title and description into the new report. Adjust them to be up-to-date if needed.
  • Add your new information.

In special cases on GitHub you might also want the comments: GitHub Markdown with public comments

Related Links:
Status:
ASSIGNED

Description Cody Beyer (MSFT) 2016-08-03 22:26:41 UTC
Created attachment 16885 [details]
Samples

# Description

The following sample demonstrates an issue where chain status is not reflected correctly after a certificate is processed

# Samples

Android (incorrect): ssltest.zip (Attached)

WinForms (correct): sslTestClassic.zip (Attached)

# Screenshots

Android (incorrect): https://db.tt/3svZUKcj

Console app (correct): https://db.tt/L9uXsg9A

# Steps to Reproduce

	1. Configure SSL Server (I used Apache on Mac) with self signed cert
	2. Download samples
	3. Set "host" variable to the IP of destination machine
	4. Run samples

# Expected Results

Chain.ChainStatus should be populated for both, stating that the cert is not trusted

# Actual Results

On Android Chain.ChainStatus is empty

# Versions

Microsoft Visual Studio Professional 2015
Version 14.0.25425.01 Update 3
Microsoft .NET Framework
Version 4.6.01586

Installed Version: Professional

LightSwitch for Visual Studio 2015   00322-40000-00000-AA950
Microsoft LightSwitch for Visual Studio 2015

Visual Basic 2015   00322-40000-00000-AA950
Microsoft Visual Basic 2015

Visual C# 2015   00322-40000-00000-AA950
Microsoft Visual C# 2015

Visual C++ 2015   00322-40000-00000-AA950
Microsoft Visual C++ 2015

Visual F# 2015   00322-40000-00000-AA950
Microsoft Visual F# 2015

Windows Phone SDK 8.0 - ENU   00322-40000-00000-AA950
Windows Phone SDK 8.0 - ENU

Application Insights Tools for Visual Studio Package   7.0.20622.1
Application Insights Tools for Visual Studio

ASP.NET and Web Tools 2015.1 (Beta8)   14.1.11107.0
ASP.NET and Web Tools 2015.1 (Beta8)

ASP.NET Web Frameworks and Tools 2012.2   4.1.41102.0
For additional information, visit http://go.microsoft.com/fwlink/?LinkID=309563

ASP.NET Web Frameworks and Tools 2013   5.2.40314.0
For additional information, visit http://www.asp.net/

Common Azure Tools   1.8
Provides common services for use by Azure Mobile Services and Microsoft Azure Tools.

JavaScript Language Service   2.0
JavaScript Language Service

JavaScript Project System   2.0
JavaScript Project System

Microsoft Azure Mobile Services Tools   1.4
Microsoft Azure Mobile Services Tools

NuGet Package Manager   3.4.4
NuGet Package Manager in Visual Studio. For more information about NuGet, visit http://docs.nuget.org/.

PreEmptive Analytics Visualizer   1.2
Microsoft Visual Studio extension to visualize aggregated summaries from the PreEmptive Analytics product.

SQL Server Data Tools   14.0.60519.0
Microsoft SQL Server Data Tools

TypeScript   1.8.36.0
TypeScript tools for Visual Studio

Visual Studio Tools for Universal Windows Apps   14.0.25527.01
The Visual Studio Tools for Universal Windows apps allow you to build a single universal app experience that can reach every device running Windows 10: phone, tablet, PC, and more. It includes the Microsoft Windows 10 Software Development Kit.

Xamarin   4.1.2.18 (fcbe082)
Visual Studio extension to enable development for Xamarin.iOS and Xamarin.Android.

Xamarin.Android   6.1.2.21 (1cf254d)
Visual Studio extension to enable development for Xamarin.Android.

Xamarin.iOS   9.8.2.22 (f37444a)
Visual Studio extension to enable development for Xamarin.iOS.
Comment 1 Marek Habersack 2016-09-01 11:47:40 UTC
@Martin, can you take a look at this one please?
Comment 2 Martin Baulig 2016-11-09 07:01:26 UTC
X509Chain is not fully supported yet, but I'm working on it for BTLS.

Not that most of X509Chain will not be supported with AppleTls due to OS limitations.  Unfortunately, Apple's native APIs aren't very good in providing detailed chain / error status.

However, it is something that will eventually become fully supported in BTLS.
Comment 4 Scott 2017-11-21 14:40:08 UTC
Has anyone looked further into this?

I'm getting a NotImplementedException from Mono.Btls.X509ChainImplBtls.get_ChainStatus whenever I try to access chain.ChainStatus from within the RemoteCertificateValidationCallback used by SslStream.

Xamarin 4.5.0.486
Windows 10
Android 7.1
MS Visual Studio Pro 2015