Requiring TLS 1.3 results in LSA error on Windows 10 21H1 for SslStream

[vcsjones]

Description

Steps to reproduce:

It seems that if I explicitly use SslProtocols.Tls13 when authenticating as a client, I get "Win32Exception (0x80090304): The Local Security Authority cannot be contacted". If I do not explicitly set the SslProtocols, it will successfully negotiate TLSv1.3.

1. Enable TLSv1.3 on Windows 10 21H1 (Build 19043.985), reboot.

   I did this with:

   [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.3\Client]
   "DisabledByDefault"=dword:00000000
   "Enabled"=dword:00000001
   

2. Run the following snippet:

   using System;
   using System.Net.Security;
   using System.Net.Sockets;
   using System.Security.Authentication;
   
   using TcpClient client = new TcpClient();
   await client.ConnectAsync("github.com", 443);
   
   await using SslStream sslStream = new SslStream(client.GetStream());
   await sslStream.AuthenticateAsClientAsync("github.com", null, SslProtocols.Tls13, true);
   Console.WriteLine(sslStream.SslProtocol);

It will fail for me with:

Unhandled exception. System.Security.Authentication.AuthenticationException: Authentication failed, see inner exception.
 ---> System.ComponentModel.Win32Exception (0x80090304): The Local Security Authority cannot be contacted
   --- End of inner exception stack trace ---
   at System.Net.Security.SslStream.ForceAuthenticationAsync[TIOAdapter](TIOAdapter adapter, Boolean receiveFirst, Byte[] reAuthenticationData, Boolean isApm)
   at <Program>$.<<Main>$>d__0.MoveNext() in D:\code\personal\scratch\Program.cs:line 10
--- End of stack trace from previous location ---
   at <Program>$.<<Main>$>d__0.MoveNext() in D:\code\personal\scratch\Program.cs:line 11
--- End of stack trace from previous location ---
   at <Program>$.<Main>(String[] args)

If I change AuthenticateAsClientAsync to await sslStream.AuthenticateAsClientAsync("github.com"); by removing the explicit protocol configuration, it does not fail and correctly negotiates TLSv1.3.

Configuration

Reproduces on .NET 5 and .NET 6 Preview 4.

Tagging subscribers to this area: @dotnet/ncl, @vcsjones
See info in area-owners.md if you want to be subscribed.

Issue Details

---

Description

Steps to reproduce:

It seems that if I explicitly use SslProtocols.Tls13 when authenticating as a client, I get "Win32Exception (0x80090304): The Local Security Authority cannot be contacted". If I do not explicitly set the SslProtocols, it will successfully negotiate TLSv1.3.

1. Enable TLSv1.3 on Windows 10 21H1 (Build 19043.985), reboot.

   I did this with:

   [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.3\Client]
   "DisabledByDefault"=dword:00000000
   "Enabled"=dword:00000001
   

2. Run the following snippet:

   using System;
   using System.Net.Security;
   using System.Net.Sockets;
   using System.Security.Authentication;
   
   using TcpClient client = new TcpClient();
   await client.ConnectAsync("github.com", 443);
   
   await using SslStream sslStream = new SslStream(client.GetStream());
   await sslStream.AuthenticateAsClientAsync("github.com", null, SslProtocols.Tls13, true);
   Console.WriteLine(sslStream.SslProtocol);

It will fail for me with:

Unhandled exception. System.Security.Authentication.AuthenticationException: Authentication failed, see inner exception.
 ---> System.ComponentModel.Win32Exception (0x80090304): The Local Security Authority cannot be contacted
   --- End of inner exception stack trace ---
   at System.Net.Security.SslStream.ForceAuthenticationAsync[TIOAdapter](TIOAdapter adapter, Boolean receiveFirst, Byte[] reAuthenticationData, Boolean isApm)
   at <Program>$.<<Main>$>d__0.MoveNext() in D:\code\personal\scratch\Program.cs:line 10
--- End of stack trace from previous location ---
   at <Program>$.<<Main>$>d__0.MoveNext() in D:\code\personal\scratch\Program.cs:line 11
--- End of stack trace from previous location ---
   at <Program>$.<Main>(String[] args)

If I change AuthenticateAsClientAsync to await sslStream.AuthenticateAsClientAsync("github.com"); by removing the explicit protocol configuration, it does not fail and correctly negotiates TLSv1.3.

Configuration

Reproduces on .NET 5 and .NET 6 Preview 4.

Author:	vcsjones
Assignees:	-
Labels:	area-System.Net.Security, untriaged
Milestone:	-

[karelz]

Triage: Likely problem in the OS. We should confirm and send it over.

[wfurt]

can you try it on Server2022+ @vcsjones ? I took it to Schannel team and I was told that 21H1 is unsupported platform.

[vcsjones]

I was told that 21H1 is unsupported platform.

Ah. Hmm. I apparently had the wrong impression on that. I thought it was "supported but off by default". Will try and report back.

[wfurt]

I'm trying to clarify. It seems like 21H1 is missing from the table here https://docs.microsoft.com/en-us/windows/win32/secauthn/protocols-in-tls-ssl--schannel-ssp-

[vcsjones]

@wfurt Ohhh. I looked at this doc a long time ago and it used to say 21H1, which is probably why I was given that impression.

It appears to have changed a few months ago. MicrosoftDocs/win32@45fe995#diff-93e62a5793d2a9571e3d97b3d5452653a0d6d9385e1bcee53c28d5cf369206c7

[wfurt]

Thanks. I'm trying to clarify as well. Do you have repro to particular server or is that pretty consistent? I saw something similar while back running .NET test suite so I'll try to collect more insight.

[vcsjones]

Do you have repro to particular server

github.com seems to do it. vcsjones.dev will as well.

[karelz]

@wfurt what is the next step here?

[wfurt]

Can you get Schannel traces @vcsjones and/or try in on 22 server? I see something similar on supported os but for me it is somewhat rare and non-deterministic.

[vcsjones]

@wfurt will do; might take me a day or two to find the time. Sorry and thanks y'all for the patience!

[wfurt]

That is ok. There is some interest from Schannel team and it may help them to improve the product.