[openssl-users] Problem with x509_verify_certificate

Viktor Dukhovni openssl-users at dukhovni.org
Mon Nov 26 19:00:45 UTC 2018


> On Nov 26, 2018, at 1:08 PM, Ken <OpenSSL at k-h.us> wrote:
> 
> Is it "better" to use
> 
> X509_STORE_CTX_set_default(csc, "ssl_server");

This does take care of all the niggly details, but see below...

> or something more like
> 
> purpose = X509_PURPOSE_SSL_SERVER;
> verify_param = X509_STORE_CTX_get0_param(csc);
> X509_VERIFY_PARAM_set_purpose(verify_param, purpose);
> X509_verify_cert(csc)
> 
> When we tried the second option, it did not make any difference.

The comment in check_purpose() in crypto/x509/x509_vfy.c may prove
illuminating:

    /*
     * For trusted certificates we want to see whether any auxiliary trust
     * settings trump the purpose constraints.
     *
     * This is complicated by the fact that the trust ordinals in
     * ctx->param->trust are entirely independent of the purpose ordinals in
     * ctx->param->purpose!
     *
     * What connects them is their mutual initialization via calls from
     * X509_STORE_CTX_set_default() into X509_VERIFY_PARAM_lookup() which sets
     * related values of both param->trust and param->purpose.  It is however
     * typically possible to infer associated trust values from a purpose value
     * via the X509_PURPOSE API.
     * 
     * Therefore, we can only check for trust overrides when the purpose we're
     * checking is the same as ctx->param->purpose and ctx->param->trust is
     * also set.
     */

The solution is to call:

	X509_STORE_CTX_set_purpose(csc, X509_PURPOSE_SSL_SERVER)

which also takes care of all the "trust" bits.  The separation between
purpose values and trust values is rather obscure.  Sorry about that.
Most applications don't have to delve this deep.

> When I added X509_STORE_CTX_set0_param(csc,verify_param);

This is not valid, because you don't own the reference to verify_param,
and so cannot "give it away".  The object ends up freed.  This is why
Rust has a borrow-checker...  Time to start rewriting OpenSSL in Rust.

-- 
	Viktor.



More information about the openssl-users mailing list