How to verify X509 cert without importing root cert?

.net x509certificate verify
RainerM picture RainerM · May 23, 2011 · Viewed 10.5k times · Source

My program contains 2 root certs I know and trust. I have to verify certs of trustcenters and "user" certs issued by the trustcenters which all originate from these 2 root certs.

I use X509Chain class to verify but that only works if the root cert is in the windows certificate store.

I'm looking for a way to verify the certs without importing theeses root certs - somehow tell the X509Chain class that I do trust this root certs and it should check just the certs in the chain and nothing else.

Actual code:

        X509Chain chain = new X509Chain();
        chain.ChainPolicy.RevocationMode = X509RevocationMode.NoCheck;
        chain.ChainPolicy.ExtraStore.Add(root); // i do trust this
        chain.ChainPolicy.ExtraStore.Add(trust);
        chain.Build(cert);

Edit: It's a .NET 2.0 Winforms application.

Answer

David Orbelian picture David Orbelian · Jun 12, 2018

I opened an Issue on dotnet/corefx and they replied as follows:

If AllowUnknownCertificateAuthority is the only flag set then chain.Build() will return true if

  • The chain correctly terminated in a self-signed certificate (via ExtraStore, or searched persisted stores)

  • None of the certificates are invalid per the requested revocation policy

  • All of the certificates are valid under the (optional) ApplicationPolicy or CertificatePolicy values

  • All of the certificates' NotBefore values are at-or-before VerificationTime and all of the certificates' NotAfter values are (at-or-)after VerificationTime.

If that flag is not specified then an additional constraint is added:

The self-signed certificate must be registered as trusted on the system (e.g. in the LM\Root store).

So, Build() returns true, you know that a time-valid non-revoked chain is present. The thing to do at that point is read chain.ChainElements[chain.ChainElements.Count - 1].Certificate and determine if it is a certificate that you trust. I recommend comparing chainRoot.RawData to a byte[] representing a certificate that you trust as a root in context (that is, byte-for-byte compare rather than using a thumbprint value).

(If other flags are set then other constraints are also relaxed)

So you should do it this way:

X509Chain chain = new X509Chain();
chain.ChainPolicy.RevocationMode = X509RevocationMode.NoCheck;
chain.ChainPolicy.ExtraStore.Add(root);
chain.ChainPolicy.VerificationFlags = X509VerificationFlags.AllowUnknownCertificateAuthority;
var isValid = chain.Build(cert);

var chainRoot = chain.ChainElements[chain.ChainElements.Count - 1].Certificate;
isValid = isValid && chainRoot.RawData.SequenceEqual(root.RawData);

Related questions

Authentication failed because remote party has closed the transport stream

I am developing a TCP client to connect OpenSSL server with the certificate authentication. I have using .crt and .key files shared by server team. These certificates are generated by OpenSSL commands. I am using SslStream object to authenticate the …

Read More
Httplistener with HTTPS support

There seems to be a lot of confusing, sometimes conflicting, information with regards to making a .NET HTTPListener HTTPS capable. My understanding is as follows: One's C# code needs an https prefix (for example, https://*:8443) in order for the listener …

Read More
What exactly happens when I set LoadUserProfile of IIS pool?

I faced the following issue. I run the following code var binaryData = File.ReadAllBytes(pathToPfxFile); var cert = new X509Certificate2(binaryData, password); in two processes. One of the processes runs under LOCAL_SYSTEM and there this code succeeds. Another one …

Read More