[ ] Linux certificate verification issue, more details(runtime's line):
error: System.Security.Cryptography.CryptographicException: ASN1 corrupted data. ---> System.ArgumentException: The input to WriteEncodedValue must represent a single encoded value with no trailing data. (Parameter 'value')
at System.Formats.Asn1.AsnWriter.WriteEncodedValue(ReadOnlySpan`1 value)
at System.Security.Cryptography.Asn1.AlgorithmIdentifierAsn.Encode(AsnWriter writer, Asn1Tag tag) --- End of inner exception stack trace ---
at System.Security.Cryptography.Asn1.AlgorithmIdentifierAsn.Encode(AsnWriter writer, Asn1Tag tag)
at System.Security.Cryptography.Asn1.SubjectPublicKeyInfoAsn.Encode(AsnWriter writer, Asn1Tag tag)
at System.Security.Cryptography.X509Certificates.PublicKey.EncodeSubjectPublicKeyInfo()
at System.Security.Cryptography.X509Certificates.PublicKey.ExportSubjectPublicKeyInfo()
at Nethermind.Libp2p.Protocols.Quic.CertificateHelper.ValidateCertificate(X509Certificate2 certificate, String peerId)
at Quic2Protocol.VerifyRemoteCertificate(IPeer remotePeer, X509Certificate certificate) in /app/Program.cs:line 320
at Quic2Protocol.<>c__DisplayClass7_0.<DialAsync>b__1(Object _, X509Certificate c, X509Chain _, SslPolicyErrors _) in /app/Program.cs:line 296
at System.Net.Quic.QuicConnection.SslConnectionOptions.ValidateCertificate(QUIC_BUFFER* certificatePtr, QUIC_BUFFER* chainPtr, X509Certificate2& certificate)
at System.Net.Quic.QuicConnection.HandleEventPeerCertificateReceived(_PEER_CERTIFICATE_RECEIVED_e__Struct& data) --- End of stack trace from previous location ---
at System.Net.Quic.ValueTaskSource.System.Threading.Tasks.Sources.IValueTaskSource.GetResult(Int16 token)
at System.Net.Quic.QuicConnection.FinishConnectAsync(QuicClientConnectionOptions options, CancellationToken cancellationToken)
at System.Net.Quic.QuicConnection.ConnectAsync(QuicClientConnectionOptions options, CancellationToken cancellationToken)
at System.Net.Quic.QuicConnection.ConnectAsync(QuicClientConnectionOptions options, CancellationToken cancellationToken)
at Quic2Protocol.DialAsync(IChannel channel, IChannelFactory channelFactory, IPeerContext context) in /app/Program.cs:line 302
Interoperability related
[ ] Incompatibility with Rust which reports Illegal SNI hostname received "172.28.0.3"
Happens due to known bug in OpenSSL msquic implementation: https://github.com/microsoft/msquic/issues/3493
[ ] Incompatibility with Zig, which uses msquic 2.1.18 under the hood
On Windows certificate verification issue:
Dial error quic via multiaddr-select <> quic: One or more errors occurred. (Error occurred during a cryptographic operation.)
System.AggregateException: One or more errors occurred. (Error occurred during a cryptographic operation.) --->
System.Security.Cryptography.CryptographicException: Error occurred during a cryptographic operation. at System.Net.CertificateValidation.BuildChainAndVerifyProperties(X509Chain chain, X509Certificate2 remoteCertificate, Boolean checkCertName, Boolean isServer, String hostName)
at System.Net.CertificateValidation.BuildChainAndVerifyProperties(X509Chain chain, X509Certificate2 remoteCertificate, Boolean checkCertName, Boolean isServer, String hostName, IntPtr certificateBuffer, Int32 bufferLength)
at System.Net.Quic.QuicConnection.SslConnectionOptions.ValidateCertificate(QUIC_BUFFER* certificatePtr, QUIC_BUFFER* chainPtr, X509Certificate2& certificate)
at System.Net.Quic.QuicConnection.HandleEventPeerCertificateReceived(_PEER_CERTIFICATE_RECEIVED_e__Struct& data)
--- End of stack trace from previous location ---
at System.Net.Quic.ValueTaskSource.System.Threading.Tasks.Sources.IValueTaskSource.GetResult(Int16 token)
at System.Net.Quic.QuicConnection.FinishConnectAsync(QuicClientConnectionOptions options, CancellationToken cancellationToken) at System.Net.Quic.QuicConnection.ConnectAsync(QuicClientConnectionOptions options, CancellationToken cancellationToken)
at System.Net.Quic.QuicConnection.ConnectAsync(QuicClientConnectionOptions options, CancellationToken cancellationToken)
at Nethermind.Libp2p.Protocols.QuicProtocol.DialAsync(IChannel channel, IChannelFactory channelFactory, IPeerContext context) in L:\dotnet-libp2p\src\libp2p\Libp2p.Protocols.Quic\QuicProtocol.cs:line 135
--- End of inner exception stack trace ---
OS related
Interoperability related
Illegal SNI hostname received "172.28.0.3"Happens due to known bug in OpenSSL msquic implementation: https://github.com/microsoft/msquic/issues/3493