Fix OpenSSL X509Chain time validity depending on process time zone

[koen-lee]

Fixes #109039.

Problem

On the OpenSSL chain backend, the chain verification time was passed to native code as broken-down local fields (resolved against .NET's cached time zone) and reconstructed with mktime() (which resolves them against libc's cached zone). These are two independent zone resolutions, so a system time-zone change while the process runs can desync them and the verdict flips:

• eastward shift: a currently-valid certificate is wrongly reported NotTimeValid (Certificate validation routine fails with NotTimeValid when changing time zone on Linux while client app is still running #109039);
• westward shift: an already-expired certificate is no longer reported NotTimeValid.

This is independent of how the caller supplied the verification time (DateTime.Now default, or an explicit VerificationTime of either Kind).

Fix

X509_VERIFY_PARAM_set_time takes a time_t, so the local round-trip is not required (as noted in the issue). Instead, pass the verification time straight through as a UTC Unix timestamp:

• Interop.Crypto.X509StoreSetVerifyTime now takes a DateTimeOffset and passes ToUnixTimeSeconds().
• CryptoNative_X509StoreSetVerifyTime takes an int64_t and forwards it directly to X509_VERIFY_PARAM_set_time; MakeTimeT/mktime are removed. The 32-bit-time_t ARM guard (g_libSslUses32BitTime) is preserved.
• ChainPal.OpenSsl no longer normalizes the verification time to local.

This is an internal + native change only. X509ChainPolicy.VerificationTime remains a public DateTime; no public API changes.

Scope

Windows is unaffected; macOS already normalizes to UTC. This fix is OpenSSL/Linux-only.

OpenSslCrlCache reads cert validity through the same local-time path (ExtractValidityDateTime); that's a separate read path and considered out of scope here. I'm happy to follow up to carry DateTimeOffset through the OpenSSL path / ICertificatePal for consistency.

Tests

Two Linux-only regression test classes (RemoteExecutor + TZ environment var, so the time-zone change is isolated to a child process), each a theory over Kind=Utc/Kind=Local verification instants:

• ChainTimeZoneTests, a valid certificate stays valid across a mid-process time-zone change.
• ChainTimeZoneExpiredTests, an expired certificate stays NotTimeValid across a mid-process time-zone change.

I don't know how a unit test can deterministically change the process's system zone the way the field repro did (libc picks up the change, .NET stays stale), so the tests invert the desync: ClearCachedData() re-syncs .NET to the new TZ and leaves libc stale. Both tests fail before the fix and pass after.

[Copilot]

Pull request overview

Note

Copilot was unable to run its full agentic suite in this review.

This PR fixes X509 chain verification-time handling on Linux/OpenSSL so that certificate time validity doesn’t depend on the process time zone.

Changes:

• Switch native verify-time API from local-time components to a Unix-time (UTC) instant.
• Update OpenSSL chain processor to carry verification time as DateTimeOffset and pass the instant to native.
• Add Linux-only regression tests that toggle TZ in a child process to ensure verdict stability.

Reviewed changes

Copilot reviewed 7 out of 7 changed files in this pull request and generated 1 comment.

Show a summary per file

File	Description
src/native/libs/System.Security.Cryptography.Native/openssl.h	Updates native API signature to accept Unix time.
src/native/libs/System.Security.Cryptography.Native/openssl.c	Implements Unix-time based verify time, removing local-time conversion.
src/libraries/System.Security.Cryptography/src/System/Security/Cryptography/X509Certificates/ChainPal.OpenSsl.cs	Converts DateTime verificationTime into a DateTimeOffset instant for OpenSSL.
src/libraries/System.Security.Cryptography/src/System/Security/Cryptography/X509Certificates/OpenSslX509ChainProcessor.cs	Stores verification time as DateTimeOffset; adjusts revocation call site.
src/libraries/Common/src/Interop/Unix/System.Security.Cryptography.Native/Interop.Crypto.cs	Updates P/Invoke to pass Unix time seconds to native.
src/libraries/System.Security.Cryptography/tests/X509Certificates/ChainTests.TimeZone.Linux.cs	Adds regression tests for time-zone independence on Linux.
src/libraries/System.Security.Cryptography/tests/System.Security.Cryptography.Tests.csproj	Includes the new Linux time-zone test file in the test project.

Comments suppressed due to low confidence (1)

src/native/libs/System.Security.Cryptography.Native/openssl.c:1

• Casting int64_t unixTime directly to time_t can overflow or wrap on platforms with 32-bit time_t (or for out-of-range inputs), potentially setting an incorrect verification instant rather than failing. This function used to reject invalid conversions (via mktime returning -1), but now it always proceeds. Consider validating that the cast is lossless (e.g., round-trip compare unixTime vs (int64_t)(time_t)unixTime) and returning 0 on overflow/out-of-range so callers don’t get silently wrong chain results.

// Licensed to the .NET Foundation under one or more agreements.

[dotnet-policy-service]

Tagging subscribers to this area: @bartonjs, @vcsjones, @dotnet/area-system-security
See info in area-owners.md if you want to be subscribed.

[koen-lee]

@dotnet-policy-service agree company="Logiqs b.v."