[openssl-users] SSL_get_peer_certificate returns NULL in client_cert_cb after upgrade to openssl 1.1.1
Matt Caswell
matt at openssl.org
Thu Oct 11 09:25:22 UTC 2018
On 10/10/18 23:04, Dave Wang wrote:
> Hi there,
>
> I have a client can talk with server, where the client certificate is
> loaded in client_cert_cb based on matching the server side certificate.
>
> it works perfectly in openssl 1.1.0h, however it stops working after I
> upgrade to openssl 1.1.1.
>
> In client_cert_cb , when I call SSL_get_peer_certificate, it returns
> NULL, which is different from openssl 1.1.0h.
>
> I do set SSL_VERIFY_PEER on both sides.
>
>
> any thoughts on this?
I assume this only happens with a TLSv1.3 handshake?
>From the documentation, the client_cert_cb is called: "when a client
certificate is requested by a server". In practice this means when we
have received the CertificateRequest message from the server.
In TLSv1.2 (and below) the server's first flight of messages for a
client-auth full handshake in response to a ClientHello looks like this:
ServerHello
Certificate
ServerKeyExchange
CertificateRequest
ServerHelloDone
In TLSv1.3 it looks like this:
ServerHello
EncryptedExtensions
CertificateRequest
Certificate
CertificateVerify
Finished
Note that in TLSv1.2 the CertificateRequest message comes *after* the
server has sent the Certificate but in TLSv1.3 it comes *before*. That
means of course that in TLSv1.3 the client_cert_cb gets called before we
have processed the server's certificate and hence
SSL_get_peer_certificate() returns NULL.
I'm wondering whether we should delay calling the client_cert_cb in
TLSv1.3 until after the CertificateVerify has been processed.
Matt
More information about the openssl-users
mailing list